Include Buckram as package (fix #278, fix #307) #308

greatislander · 2018-11-06T19:56:53Z

No description provided.

Bump stylelint from 7.13.0 to 8.3.1

…-standard-18.0.0 Bump stylelint-config-standard from 16.0.0 to 18.0.0

Bumps [prettier](https://github.com/prettier/prettier) from 1.8.2 to 1.9.0. - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/master/CHANGELOG.md) - [Commits](prettier/prettier@1.8.2...1.9.0)

* Add h1-h6 top and bottom margin variables. * Add h1-h6 line-height variables.

) Bumps [pressbooks-build-tools](https://github.com/pressbooks/pressbooks-build-tools) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/pressbooks/pressbooks-build-tools/releases?after=0.6.0) - [Commits](pressbooks/pressbooks-build-tools@0.6.0...0.7.0)

…11) Bumps [pressbooks-build-tools](https://github.com/pressbooks/pressbooks-build-tools) from 0.7.0 to 0.8.0. - [Release notes](https://github.com/pressbooks/pressbooks-build-tools/releases) - [Commits](pressbooks/pressbooks-build-tools@0.7.0...0.8.0)

…12) Bumps [pressbooks-build-tools](https://github.com/pressbooks/pressbooks-build-tools) from 0.8.0 to 0.9.0. - [Release notes](https://github.com/pressbooks/pressbooks-build-tools/releases/tag/0.9.0) - [Commits](pressbooks/pressbooks-build-tools@0.8.0...0.9.0)

* Add sassdoc config and headings. * Add support for properly wrapped heading elements (fix #36).

Bumps [pressbooks-build-tools](https://github.com/pressbooks/pressbooks-build-tools) from 0.9.0 to 0.10.0. - [Release notes](https://github.com/pressbooks/pressbooks-build-tools/releases/tag/0.10.0) - [Commits](pressbooks/pressbooks-build-tools@0.9.0...0.10.0)

* Add variable for section license margin bottom * Add 'if-map-get'

Bumps [sassdoc](https://github.com/SassDoc/sassdoc) from 2.5.0 to 2.5.1. <details> <summary>Changelog</summary> *Sourced from [sassdoc's changelog](https://github.com/SassDoc/sassdoc/blob/master/CHANGELOG.md).* > ### 2.5.1 > > * Update `sassdoc-theme-default`. > Fixes an issue with main types pluralization. > ([#101](https://github-redirect.dependabot.com/SassDoc/sassdoc-theme-default/pull/101) </details> <details> <summary>Commits</summary> - [`4a0f4a1`](SassDoc/sassdoc@4a0f4a1) Release 2.5.1 - [`d4984a4`](SassDoc/sassdoc@d4984a4) Upgrade dateformat - [`9e2e6f4`](SassDoc/sassdoc@9e2e6f4) Upgrade coveralls - [`17058f2`](SassDoc/sassdoc@17058f2) Upgrade dependencies - See full diff in [compare view](SassDoc/sassdoc@2.5.0...2.5.1) </details> [![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=sassdoc&package-manager=npm_and_yarn&previous-version=2.5.0&new-version=2.5.1)](https://dependabot.com/compatibility-score.html?dependency-name=sassdoc&package-manager=npm_and_yarn&previous-version=2.5.0&new-version=2.5.1) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

This pull request also adds variables for table-tr and table-th top and bottom border

* Fix alignment and word wrapping issues

…14549) (#256) This PR uses the new `title` attribute of front matter, chapter, and back matter divs to set the `section-title` [CSS Generated Content](https://www.w3.org/TR/css-gcpm-3/#named-strings) string, and removes styling used to hide the short title element. See dependent PR: pressbooks/pressbooks#1441

This PR adds left and right auto margins to centre video embedded from the media library for consistency with #158 (which addressed embeds in iframes).

Bumps [stringstream](https://github.com/mhart/StringStream) from 0.0.5 to 0.0.6. **This update includes security fixes.** <details> <summary>Vulnerabilities fixed</summary> *Sourced from [The Node Security Working Group](https://github.com/nodejs/security-wg/blob/master/vuln/npm/422.json).* > **Out-of-bounds Read** > `stringstream` allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below > > Affected versions: <=0.0.5 *Sourced from [The Node Security Working Group](https://github.com/nodejs/security-wg/blob/master/vuln/npm/422.json).* > **Out-of-bounds Read** > `stringstream` allocates uninitialized Buffers when number is passed in input stream on Node.js 4.x and below > > Affected versions: <=0.0.5 </details> <details> <summary>Commits</summary> - [`fee31c5`](mhart/StringStream@fee31c5) 0.0.6 - [`2f4a9d4`](mhart/StringStream@2f4a9d4) Merge pull request [#9](https://github-redirect.dependabot.com/mhart/StringStream/issues/9) from mhart/fix-buffer-constructor-vuln - [`afbc744`](mhart/StringStream@afbc744) Ensure data is not a number in Buffer constructor - See full diff in [compare view](mhart/StringStream@v0.0.5...v0.0.6) </details> [![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=stringstream&package-manager=npm_and_yarn&previous-version=0.0.5&new-version=0.0.6)](https://dependabot.com/compatibility-score.html?dependency-name=stringstream&package-manager=npm_and_yarn&previous-version=0.0.5&new-version=0.0.6) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

Bumps [ssri](https://github.com/zkat/ssri) from 5.0.0 to 5.3.0. **This update includes security fixes.** - [Release notes](https://github.com/zkat/ssri/releases) - [Changelog](https://github.com/zkat/ssri/blob/latest/CHANGELOG.md) - [Commits](zkat/ssri@v5.0.0...v5.3.0) Signed-off-by: dependabot[bot] <support@dependabot.com>

Bumps [mixin-deep](https://github.com/jonschlinkert/mixin-deep) from 1.3.0 to 1.3.1. **This update includes security fixes.** <details> <summary>Vulnerabilities fixed</summary> *Sourced from [The Node Security Working Group](https://github.com/nodejs/security-wg/blob/master/vuln/npm/369.json).* > **mixin-deep prototype pollution** > mixin-deep node module before 1.3.1 suffers from a prototype pollution vulnerability via merging functions, which allows a malicious user to modify the prototype of 'Object' via __proto__, causing the addition or modification of an existing property that will exist on all objects. > > Affected versions: <1.3.1 </details> <details> <summary>Commits</summary> - [`a4bcf3e`](jonschlinkert/mixin-deep@a4bcf3e) 1.3.1 - [`578b0bc`](jonschlinkert/mixin-deep@578b0bc) exclude __proto__ - See full diff in [compare view](jonschlinkert/mixin-deep@1.3.0...1.3.1) </details> [![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=mixin-deep&package-manager=npm_and_yarn&previous-version=1.3.0&new-version=1.3.1)](https://dependabot.com/compatibility-score.html?dependency-name=mixin-deep&package-manager=npm_and_yarn&previous-version=1.3.0&new-version=1.3.1) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

Bumps [sshpk](https://github.com/joyent/node-sshpk) from 1.13.1 to 1.15.2. **This update includes security fixes.** <details> <summary>Vulnerabilities fixed</summary> *Sourced from The GitHub Security Advisory Database.* > **Moderate severity vulnerability that affects sshpk** > The sshpk NPM package is vulnerable to ReDoS when parsing crafted invalid public keys. > > Affected versions: < 1.13.2 *Sourced from [The Sonatype OSS Index](https://ossindex.sonatype.org/vuln/fc393f9f-282f-4bc9-953b-d7e4b48352e9).* > **CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')** > The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended. > > Affected versions: <1.14.1 *Sourced from [The Node Security Working Group](https://github.com/nodejs/security-wg/blob/master/vuln/npm/401.json).* > **Denial of Service** > `sshpk` is vulnerable to ReDoS when parsing crafted invalid public keys > > Affected versions: <=1.13.1 </details> <details> <summary>Release notes</summary> *Sourced from [sshpk's releases](https://github.com/joyent/node-sshpk/releases).* > ## v1.14.1 > * Remove all remaining usage of jodid25519 (abandoned dep) > * Add support for DNSSEC key format > * Add support for Ed25519 keys in PEM format (according to draft-curdle-pkix) > * Fixes for X.509 encoding issues (asn.1 NULLs in RSA certs, cert string type mangling) > * Performance issues parsing long SSH public keys </details> <details> <summary>Commits</summary> - [`c7a6c68`](TritonDataCenter/node-sshpk@c7a6c68) TritonDataCenter/node-sshpk#58 des-ede3-cbc encrypted keys broken - [`2ab4f2a`](TritonDataCenter/node-sshpk@2ab4f2a) TritonDataCenter/node-sshpk#56 md5 fingerprints not quite right - [`026ef47`](TritonDataCenter/node-sshpk@026ef47) TritonDataCenter/node-sshpk#53 stop using optional deps to fix webpack - [`53e23fe`](TritonDataCenter/node-sshpk@53e23fe) TritonDataCenter/node-sshpk#50 Support PKCS#5 AES-256-CBC encrypted private keys - [`6b68d49`](TritonDataCenter/node-sshpk@6b68d49) TritonDataCenter/node-sshpk#54 want API for accessing x509 extensions - [`1088992`](TritonDataCenter/node-sshpk@1088992) TritonDataCenter/node-sshpk#52 Buffer no longer performs length check for hex strings i... - [`6ec6f9d`](TritonDataCenter/node-sshpk@6ec6f9d) TritonDataCenter/node-sshpk#38 want support for more obscure DN OIDs - [`1cc4c99`](TritonDataCenter/node-sshpk@1cc4c99) TritonDataCenter/node-sshpk#51 package.json repository does not point to Joyent - [`175758a`](TritonDataCenter/node-sshpk@175758a) TritonDataCenter/node-sshpk#46 Use Buffer.(from|alloc) instead of deprecated Buffer API - [`6edb37c`](TritonDataCenter/node-sshpk@6edb37c) Release 1.14.0 - Additional commits viewable in [compare view](TritonDataCenter/node-sshpk@v1.13.1...v1.15.2) </details> [![Dependabot compatibility score](https://api.dependabot.com/badges/compatibility_score?dependency-name=sshpk&package-manager=npm_and_yarn&previous-version=1.13.1&new-version=1.15.2)](https://dependabot.com/compatibility-score.html?dependency-name=sshpk&package-manager=npm_and_yarn&previous-version=1.13.1&new-version=1.15.2) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

Bumps [marked](https://github.com/markedjs/marked) from 0.3.7 to 0.3.19. **This update includes security fixes.** - [Release notes](https://github.com/markedjs/marked/releases) - [Commits](markedjs/marked@v0.3.7...v0.3.19) Signed-off-by: dependabot[bot] <support@dependabot.com>

Bumps [macaddress](https://github.com/scravy/node-macaddress) from 0.2.8 to 0.2.9. **This update includes security fixes.** - [Release notes](https://github.com/scravy/node-macaddress/releases) - [Commits](scravy/node-macaddress@0.2.8...0.2.9) Signed-off-by: dependabot[bot] <support@dependabot.com>

Bumps [is-my-json-valid](https://github.com/mafintosh/is-my-json-valid) from 2.16.1 to 2.19.0. **This update includes security fixes.** - [Release notes](https://github.com/mafintosh/is-my-json-valid/releases) - [Commits](mafintosh/is-my-json-valid@v2.16.1...v2.19.0) Signed-off-by: dependabot[bot] <support@dependabot.com>

codecov · 2018-11-06T20:07:08Z

Codecov Report

Merging #308 into dev will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##              dev     #308   +/-   ##
=======================================
  Coverage   27.81%   27.81%           
=======================================
  Files           4        4           
  Lines         435      435           
=======================================
  Hits          121      121           
  Misses        314      314

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 24cd02c...6bd90e2. Read the comment docs.

Ned Zimmerman and others added 30 commits November 6, 2018 15:25

Set up Lerna

14e5e2e

Initial commit

88da888

Copy components.

5494199

Update dependencies.

b846e6a

Fixes for Book 2.0 compatibility.

85ccba5

Change package name.

439b18b

Merge pull request #5 from pressbooks/dependabot/npm/stylelint-8.3.1

a812ef5

Bump stylelint from 7.13.0 to 8.3.1

Merge pull request #4 from pressbooks/dependabot/npm/stylelint-config…

4754daa

…-standard-18.0.0 Bump stylelint-config-standard from 16.0.0 to 18.0.0

Add Pressbooks Build Tools.

5e520a2

Add numbered header margins and line heights (#8)

b9f0f3f

* Add h1-h6 top and bottom margin variables. * Add h1-h6 line-height variables.

Use standard rules.

71c7391

Add sassdoc.

cecaf39

Add docs.

815e896

Update docs.

8ee8113

Fix docs.

39b76d4

Add support for wrapped section headers (fix #36) (#37)

ddaddcd

* Add sassdoc config and headings. * Add support for properly wrapped heading elements (fix #36).

Version bump.

60ed799

Add Travis config.

ebe4807

Update Travis branch.

8c3cd94

Update readme. [ci skip]

1cfc2cb

Update readme. [ci skip]

e965ec7

Coding standards fixes.

2005cd0

0.2.1

2d1dcb9

Update SPDX identifier.

6891056

Add many new properties, add test

9138ba0

dannylonglegs and others added 22 commits November 6, 2018 15:27

Add border top styles and padding top for hr break symbols (#247)

040b4c9

Page title line heights (#248)

3a54cfa

Add variable for section license margin bottom (#245)

69de1af

* Add variable for section license margin bottom * Add 'if-map-get'

Add text align to footnote (#246)

abb58b6

Table line color (#252)

0bd1f09

This pull request also adds variables for table-tr and table-th top and bottom border

Fix alignment and word wrapping issues on tables (fix #227) (#253)

e731b4f

* Fix alignment and word wrapping issues

Add copyright margins (top, left, right) (#249)

67b2fee

Make media captions default to center align (fix #210) (#251)

2a5fc71

Centre videos embedded from the media library (#257)

0baef9a

This PR adds left and right auto margins to centre video embedded from the media library for consistency with #158 (which addressed embeds in iframes).

Rebuild Buckram

ea07a6c

Bootstrap, fix test

5587347

Update Travis

461b5f4

greatislander added the enhancement New feature or request label Nov 6, 2018

greatislander added this to the 2.6.0 milestone Nov 6, 2018

greatislander self-assigned this Nov 6, 2018

accesslint bot approved these changes Nov 6, 2018

View reviewed changes

Install lerna on Travis

6bd90e2

greatislander merged commit 46e41fb into dev Nov 6, 2018

greatislander deleted the include-buckram branch November 6, 2018 20:09

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Include Buckram as package (fix #278, fix #307) #308

Include Buckram as package (fix #278, fix #307) #308

greatislander commented Nov 6, 2018

codecov bot commented Nov 6, 2018 •

edited

Include Buckram as package (fix #278, fix #307) #308

Include Buckram as package (fix #278, fix #307) #308

Conversation

greatislander commented Nov 6, 2018

codecov bot commented Nov 6, 2018 • edited

Codecov Report

codecov bot commented Nov 6, 2018 •

edited