IETF Logo Mail Archive

Re: [Tools-discuss] [irsg] [EXTERNAL] Question about Codimd for w.g. minutes

David Mehren <david@herrmehren.de> Fri, 30 July 2021 11:49 UTC

Return-Path: <david@herrmehren.de>
X-Original-To: tools-discuss@ietfa.amsl.com
Delivered-To: tools-discuss@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B25EF3A2787 for <tools-discuss@ietfa.amsl.com>; Fri, 30 Jul 2021 04:49:01 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.3
X-Spam-Level:
X-Spam-Status: No, score=-1.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_SBL=0.5, URIBL_SBL_A=0.1] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RFxm3zm_en5q for <tools-discuss@ietfa.amsl.com>; Fri, 30 Jul 2021 04:48:57 -0700 (PDT)
Received: from chiron.uberspace.de (chiron.uberspace.de [185.26.156.166]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CDD7F3A2783 for <tools-discuss@ietf.org>; Fri, 30 Jul 2021 04:48:56 -0700 (PDT)
Received: (qmail 5366 invoked from network); 30 Jul 2021 11:48:52 -0000
Received: from localhost (HELO localhost) (127.0.0.1) by chiron.uberspace.de with SMTP; 30 Jul 2021 11:48:52 -0000
To: Carsten Bormann <cabo@tzi.org>
Cc: rfc-markdown@ietf.org, Tools Team Discussion <tools-discuss@ietf.org>, Robert Sparks <rjsparks@nostrum.com>
References: <43AD0E13-4450-4CB1-AC3E-4A73408B613F@tzi.org> <F09E955A-61E8-411A-B1DE-7C9036E352A6@nostrum.com> <BFF67007-67E4-46E3-9A46-2A5E79ED3349@gmail.com> <21540E71-F991-4F26-BC4D-79595A6F6DBB@tzi.org>
From: David Mehren <david@herrmehren.de>
Message-ID: <0c842fa9-b9f9-f668-74d5-4f8e3936cbfb@herrmehren.de>
Date: Fri, 30 Jul 2021 13:48:51 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
MIME-Version: 1.0
In-Reply-To: <21540E71-F991-4F26-BC4D-79595A6F6DBB@tzi.org>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/tools-discuss/Dckrlv7P46mqJUdrCvKWc_8tmk4>
Subject: Re: [Tools-discuss] [irsg] [EXTERNAL] Question about Codimd for w.g. minutes
X-BeenThere: tools-discuss@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IETF Tools Discussion <tools-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tools-discuss>, <mailto:tools-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tools-discuss/>
List-Post: <mailto:tools-discuss@ietf.org>
List-Help: <mailto:tools-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tools-discuss>, <mailto:tools-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Jul 2021 11:50:09 -0000

Hi everyone, another HedgeDoc maintainer here.

Am 30.07.21 um 13:13 schrieb Carsten Bormann:
> I have been informed by a friendly HedgeDoc maintainer (HedgeDoc = independent open-source version of CodiMD) that this is easy to achieve [0].
HedgeDoc is actually the same project that released CodiMD 1.6 (which is 
the version currently deployed at codimd.ietf.org). We renamed to reduce 
confusion with the project that we forked from. More details can be 
found on our history page at [1].
> (This also can be set system-wide, but that might break existing documents written without this.)
There currently is no system-wide setting that would override existing 
notes. An administrator can set the default content for *new* notes, as 
outlined in [2]. This may actually be the solution for your instance?

I would recommend to upgrade the instance at codimd.ietf.org to HedgeDoc 
1.8.2, as previous releases have multiple security vulnerabilities (see 
[3]).

Best regards
David

[1] https://hedgedoc.org/history/
[2] https://github.com/hedgedoc/hedgedoc/issues/59#issuecomment-489188611
[3] https://github.com/hedgedoc/hedgedoc/security/advisories?state=published

v2.23.0 | Report a Bug | By Email