Kevin Ansfield 64ed246d03 Merge pull request from GHSA-4m2q-w26j-h268 ... no issue - added an `externalRequest` lib - uses same underlying `got` module as our `request` lib - uses `got`'s `beforeRequest` and `beforeRedirect` hooks to perform it's own dns resolution for each url that's encountered and aborts with an error if it resolves to a private IP address block - includes a bypass for Ghost's configured url so that requests to it's own hostname+port are not blocked - updated v2 and canary oembed controllers to use the `externalRequest` lib		2020-06-02 14:30:10 +01:00
..
adapters	Moved core/server/lib/url-utils to core/shared/url-utils (#11856)	2020-05-28 11:57:02 +01:00
api	Moved core/server/lib/url-utils to core/shared/url-utils (#11856)	2020-05-28 11:57:02 +01:00
apps	🐛 Fixed iframe script for AMP not injected	2020-06-01 16:06:13 +12:00
data	Added permission for auth:members_stripe_connect	2020-06-02 15:28:42 +02:00
helpers	Moved core/server/lib/common/logging to core/shared/logging (#11857)	2020-05-28 19:30:23 +01:00
lib	Merge pull request from GHSA-4m2q-w26j-h268	2020-06-02 14:30:10 +01:00
models	Added stripe_connect_integration default setting	2020-06-02 15:28:42 +02:00
services	Updated members config to respect stripeDirect	2020-06-02 15:28:42 +02:00
shared/config	Updated tests locations and added linting of core/shared (#11872)	2020-06-01 22:06:50 +01:00
web	Moved core/server/lib/common/logging to core/shared/logging (#11857)	2020-05-28 19:30:23 +01:00