From abbb6599a2027ff30290fb28c3992cfc2a13b4a9 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Wed, 12 Dec 2018 19:41:41 +0100
Subject: [PATCH 001/207] Add translateableSnackBarService

---
 .../shared/services/snack-bar.service.spec.ts |  8 +-
 .../app/shared/services/snack-bar.service.ts  | 21 +++---
 .../translatable-snack-bar-service.service.ts | 54 ++++++++++++++
 ...lateable-snack-bar-service.service.spec.ts | 73 +++++++++++++++++++
 4 files changed, 139 insertions(+), 17 deletions(-)
 create mode 100644 app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
 create mode 100644 app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts

diff --git a/app/webFrontend/src/app/shared/services/snack-bar.service.spec.ts b/app/webFrontend/src/app/shared/services/snack-bar.service.spec.ts
index ae52a9012..8a16777b0 100644
--- a/app/webFrontend/src/app/shared/services/snack-bar.service.spec.ts
+++ b/app/webFrontend/src/app/shared/services/snack-bar.service.spec.ts
@@ -1,5 +1,3 @@
-/* tslint:disable:no-unused-variable */
-
 import {TestBed} from '@angular/core/testing';
 import {SnackBarService} from './snack-bar.service';
 import {MatSnackBar} from '@angular/material';
@@ -24,7 +22,7 @@ describe('SnackBarService', () => {
     snackBar.open('awesome message');
 
     expect(matSnackBar.open)
-      .toHaveBeenCalledWith('awesome message', snackBar.defaultAction, {duration: SnackBarService.defaultDuration});
+      .toHaveBeenCalledWith('awesome message', 'Dismiss', {duration: SnackBarService.defaultDuration});
   });
 
   it('should have been called with dismiss and short duration', () => {
@@ -34,7 +32,7 @@ describe('SnackBarService', () => {
     snackBar.openShort('awesome short message');
 
     expect(matSnackBar.open)
-      .toHaveBeenCalledWith('awesome short message', snackBar.defaultAction, {duration: SnackBarService.durationShort});
+      .toHaveBeenCalledWith('awesome short message', 'Dismiss', {duration: SnackBarService.durationShort});
   });
 
   it('should have been called with dismiss and long duration', () => {
@@ -44,7 +42,7 @@ describe('SnackBarService', () => {
     snackBar.openLong('awesome long message');
 
     expect(matSnackBar.open)
-      .toHaveBeenCalledWith('awesome long message', snackBar.defaultAction, {duration: SnackBarService.durationLong});
+      .toHaveBeenCalledWith('awesome long message', 'Dismiss', {duration: SnackBarService.durationLong});
   });
 
 });
diff --git a/app/webFrontend/src/app/shared/services/snack-bar.service.ts b/app/webFrontend/src/app/shared/services/snack-bar.service.ts
index f21a71851..247cf71e1 100644
--- a/app/webFrontend/src/app/shared/services/snack-bar.service.ts
+++ b/app/webFrontend/src/app/shared/services/snack-bar.service.ts
@@ -2,7 +2,6 @@ import {Injectable} from '@angular/core';
 import {MatSnackBar} from '@angular/material';
 import {MatSnackBarRef} from '@angular/material/snack-bar/typings/snack-bar-ref';
 import {SimpleSnackBar} from '@angular/material/snack-bar/typings/simple-snack-bar';
-import {TranslateService} from '@ngx-translate/core';
 
 @Injectable()
 export class SnackBarService {
@@ -10,23 +9,21 @@ export class SnackBarService {
   public static readonly durationShort = 3000;
   public static readonly durationLong = 9000;
   public static readonly defaultDuration = 6000;
-  public defaultAction;
+  private defaultAction = 'Dismiss';
 
   /**
    * @param {MatSnackBar} matSnackBar
    */
-  constructor(private matSnackBar: MatSnackBar,
-              private translate: TranslateService) {
-    this.translate.onLangChange.subscribe(() => {
-      this.setButtonLabel();
-    });
-    this.setButtonLabel();
+  constructor(private matSnackBar: MatSnackBar) {
   }
 
-  setButtonLabel(): void {
-    this.translate.get(['snackbarMessages.dismiss']).subscribe((t: string) => {
-      this.defaultAction = t['snackbarMessages.dismiss'];
-    });
+  /**
+   * Set default action label. "Dismiss" by default.
+   *
+   * @param defaultAction
+   */
+  setDefaultAction(defaultAction: string): void {
+    this.defaultAction = defaultAction;
   }
 
   /**
diff --git a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
new file mode 100644
index 000000000..4d1768ea0
--- /dev/null
+++ b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
@@ -0,0 +1,54 @@
+import {Injectable} from '@angular/core';
+import {SnackBarService} from './snack-bar.service';
+import {LangChangeEvent, TranslateService} from '@ngx-translate/core';
+
+@Injectable({
+  providedIn: 'root'
+})
+export class TranslatableSnackBarServiceService {
+
+  /**
+   * @param snackBarService
+   * @param translateService
+   */
+  constructor(private snackBarService: SnackBarService, private translateService: TranslateService) {
+    this.translateService.onLangChange.subscribe((event: LangChangeEvent) => {
+      this.translateService.get('snackbarMessages.dismiss').subscribe((res: string) => {
+        this.snackBarService.setDefaultAction(res);
+      });
+    });
+  }
+
+  /**
+   * Emit snackbar with given duration
+   * @param {string} message
+   * @param {number} duration
+   */
+  open(message: string, duration: number = SnackBarService.defaultDuration): void {
+    this.translateService.get(message).subscribe((res: string) => {
+      console.log(message);
+      console.log(res);
+      this.snackBarService.open(res, duration);
+    });
+  }
+
+  /**
+   * Emit snackbar with duration short
+   * @param {string} message
+   */
+  openShort(message: string): void {
+    this.translateService.get(message).subscribe((res: string) => {
+      this.snackBarService.openShort(res);
+    });
+  }
+
+  /**
+   * Emit snackbar with duration long
+   * @param {string} message
+   */
+  openLong(message: string): void {
+    this.translateService.get(message).subscribe((res: string) => {
+      this.snackBarService.openLong(res);
+    });
+  }
+}
diff --git a/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts b/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
new file mode 100644
index 000000000..fa153b622
--- /dev/null
+++ b/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
@@ -0,0 +1,73 @@
+import {TestBed} from '@angular/core/testing';
+
+import {TranslatableSnackBarServiceService} from './translatable-snack-bar-service.service';
+import {TranslateModule, TranslateService} from '@ngx-translate/core';
+import {SnackBarService} from './snack-bar.service';
+
+describe('TranslatableSnackBarServiceService', () => {
+
+  beforeEach(() => {
+    const snackBarServiceSpy = jasmine.createSpyObj('SnackBarService', ['open', 'openShort', 'openLong']);
+
+    TestBed.configureTestingModule({
+      imports: [
+        TranslateModule.forRoot(),
+      ],
+      providers: [
+        TranslatableSnackBarServiceService,
+        {provide: SnackBarService, useValue: snackBarServiceSpy},
+        TranslateService,
+      ]
+    });
+  });
+
+  it('should have been called with dismiss and default duration', () => {
+    const snackBar: SnackBarService = TestBed.get(SnackBarService);
+    const translate: TranslateService = TestBed.get(TranslateService);
+
+    translate.use('en');
+    translate.setTranslation('en', {
+      'awesome message': 'translated awesome message',
+    });
+
+    const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
+    translatableSnackBar.open('awesome message');
+
+    expect(snackBar.open)
+      .toHaveBeenCalledWith('translated awesome message', SnackBarService.defaultDuration);
+  });
+
+  it('should have been called with dismiss and short duration', () => {
+    const snackBar: SnackBarService = TestBed.get(SnackBarService);
+    const translate: TranslateService = TestBed.get(TranslateService);
+
+    translate.use('en');
+    translate.setTranslation('en', {
+      'awesome short message': 'translated awesome short message',
+    });
+
+    const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
+    translatableSnackBar.openShort('awesome short message');
+
+    expect(snackBar.openShort)
+      .toHaveBeenCalledWith('translated awesome short message');
+  });
+
+  it('should have been called with dismiss and long duration', () => {
+    const snackBar: SnackBarService = TestBed.get(SnackBarService);
+    const translate: TranslateService = TestBed.get(TranslateService);
+
+    translate.use('en');
+    translate.setTranslation('en', {
+      'awesome long message': 'translated awesome long message',
+    });
+
+
+    const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
+    translatableSnackBar.openLong('awesome long message');
+
+    expect(snackBar.openLong)
+      .toHaveBeenCalledWith('translated awesome long message');
+  });
+
+});

From 546b9e5f655edc25217c1614177e3a9463def8f4 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 13 Dec 2018 12:15:02 +0100
Subject: [PATCH 002/207] Remove `console.log`

---
 .../shared/services/translatable-snack-bar-service.service.ts   | 2 --
 1 file changed, 2 deletions(-)

diff --git a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
index 4d1768ea0..7631b74d2 100644
--- a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
+++ b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
@@ -26,8 +26,6 @@ export class TranslatableSnackBarServiceService {
    */
   open(message: string, duration: number = SnackBarService.defaultDuration): void {
     this.translateService.get(message).subscribe((res: string) => {
-      console.log(message);
-      console.log(res);
       this.snackBarService.open(res, duration);
     });
   }

From 7a9332408b9315a4651d17dbe3a3615eb01260e8 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 13 Dec 2018 12:16:42 +0100
Subject: [PATCH 003/207] Disable login button when no input

---
 app/webFrontend/src/app/auth/login/login.component.html | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/app/webFrontend/src/app/auth/login/login.component.html b/app/webFrontend/src/app/auth/login/login.component.html
index 7ecf5b33f..1ebd39ac9 100644
--- a/app/webFrontend/src/app/auth/login/login.component.html
+++ b/app/webFrontend/src/app/auth/login/login.component.html
@@ -9,15 +9,13 @@
         <input matInput formControlName="email" [placeholder]="'common.email'|translate">
       </mat-form-field>
       <mat-form-field>
-        <input matInput type="password" formControlName="password"
-               [placeholder]="'common.password'|translate">
+^        <input matInput type="password" formControlName="password" [placeholder]="'common.password'|translate">
       </mat-form-field>
 
-      <button mat-raised-button color="primary" class="mat-button" type="submit"
-              [disabled]="loading">
+      <button mat-raised-button [disabled]="loginForm.invalid || loading" color="primary" class="mat-button" type="submit">
         {{'common.login'|translate}}
       </button>
-      <button mat-raised-button [matTooltip]="'auth.tooltip.ForgotPassword' | translate" type="button" routerLink="/reset" routerLinkActive="active">
+      <button mat-raised-button [matTooltip]="'auth.tooltip.ForgotPassword'|translate" type="button" routerLink="/reset" routerLinkActive="active">
         {{'auth.forgotPassword'|translate}}
       </button>
     </form>

From a2d9418ef5ca572e68eadf00a5f154601f64d550 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 13 Dec 2018 12:45:45 +0100
Subject: [PATCH 004/207] Drop circumflex

---
 app/webFrontend/src/app/auth/login/login.component.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/webFrontend/src/app/auth/login/login.component.html b/app/webFrontend/src/app/auth/login/login.component.html
index 1ebd39ac9..16b5a7846 100644
--- a/app/webFrontend/src/app/auth/login/login.component.html
+++ b/app/webFrontend/src/app/auth/login/login.component.html
@@ -9,7 +9,7 @@
         <input matInput formControlName="email" [placeholder]="'common.email'|translate">
       </mat-form-field>
       <mat-form-field>
-^        <input matInput type="password" formControlName="password" [placeholder]="'common.password'|translate">
+        <input matInput type="password" formControlName="password" [placeholder]="'common.password'|translate">
       </mat-form-field>
 
       <button mat-raised-button [disabled]="loginForm.invalid || loading" color="primary" class="mat-button" type="submit">

From c237b4bcdad1675631232f2aa8825ad3a1606538 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 13 Dec 2018 13:31:45 +0100
Subject: [PATCH 005/207] Dont report missing translations for keys with length
 <3

---
 .../src/app/shared/services/translation-error.service.ts   | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/app/webFrontend/src/app/shared/services/translation-error.service.ts b/app/webFrontend/src/app/shared/services/translation-error.service.ts
index 73b607f8c..b05cf5be0 100644
--- a/app/webFrontend/src/app/shared/services/translation-error.service.ts
+++ b/app/webFrontend/src/app/shared/services/translation-error.service.ts
@@ -9,9 +9,8 @@ export class TranslationErrorService implements MissingTranslationHandler {
   }
 
   handle(params: MissingTranslationHandlerParams) {
-    this.errorHandler.handleError(`Missing Translation: ${params.key}`);
+    if (params.key.length > 3) {
+      this.errorHandler.handleError(`Missing Translation: ${params.key}`);
+    }
   }
-
-
 }
-

From a45b5024500132f821cac84d73cd622063c80c1e Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 13 Dec 2018 13:32:11 +0100
Subject: [PATCH 006/207] Accept array of keys as message

---
 .../src/app/auth/login/login.component.ts     | 15 +++-------
 .../translatable-snack-bar-service.service.ts | 28 +++++++++----------
 2 files changed, 18 insertions(+), 25 deletions(-)

diff --git a/app/webFrontend/src/app/auth/login/login.component.ts b/app/webFrontend/src/app/auth/login/login.component.ts
index 71ea5650d..8a6ca3b07 100644
--- a/app/webFrontend/src/app/auth/login/login.component.ts
+++ b/app/webFrontend/src/app/auth/login/login.component.ts
@@ -5,9 +5,9 @@ import {AuthenticationService} from '../../shared/services/authentication.servic
 import {AuthGuardService} from '../../shared/services/auth-guard.service';
 import {FormBuilder, FormGroup, Validators} from '@angular/forms';
 import {ShowProgressService} from '../../shared/services/show-progress.service';
-import {SnackBarService} from '../../shared/services/snack-bar.service';
 import {TitleService} from '../../shared/services/title.service';
 import {TranslateService} from '@ngx-translate/core';
+import {TranslatableSnackBarServiceService} from "../../shared/services/translatable-snack-bar-service.service";
 
 @Component({
   templateUrl: './login.component.html',
@@ -23,7 +23,7 @@ export class LoginComponent implements OnInit {
               private authGuard: AuthGuardService,
               private authenticationService: AuthenticationService,
               private showProgress: ShowProgressService,
-              private snackBar: SnackBarService,
+              private snackBar: TranslatableSnackBarServiceService,
               private formBuilder: FormBuilder,
               private titleService: TitleService,
               private translate: TranslateService) {
@@ -53,20 +53,13 @@ export class LoginComponent implements OnInit {
         this.showProgress.toggleLoadingGlobal(false);
         this.loading = false;
 
-        this.translate.get(['auth.loginSuccess', 'common.dismiss']).subscribe((t: string) => {
-          this.snackBar.open(t['auth.loginSuccess']);
-        });
+        this.snackBar.open(['auth.loginSuccess']);
       })
       .catch(error => {
         this.showProgress.toggleLoadingGlobal(false);
         this.loading = false;
 
-        this.translate.get([
-          'auth.loginFailed',
-          `auth.loginFailedError.${error.error.message}`
-        ]).subscribe((t: string) => {
-          this.snackBar.open(t['auth.loginFailed'] + ': ' + t[`auth.loginFailedError.${error.error.message}`]);
-        });
+        this.snackBar.open(['auth.loginFailed', ': ', 'auth.loginFailedError.' + error.error.message]);
       });
   }
 
diff --git a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
index 7631b74d2..9fb56be2f 100644
--- a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
+++ b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
@@ -21,32 +21,32 @@ export class TranslatableSnackBarServiceService {
 
   /**
    * Emit snackbar with given duration
-   * @param {string} message
+   * @param {String[]} keys
    * @param {number} duration
    */
-  open(message: string, duration: number = SnackBarService.defaultDuration): void {
-    this.translateService.get(message).subscribe((res: string) => {
-      this.snackBarService.open(res, duration);
+  open(keys: Array<string>, duration: number = SnackBarService.defaultDuration): void {
+    this.translateService.get(keys).subscribe((translations: {}) => {
+      let message = '';
+      for (let key of keys) {
+        message += translations[key];
+      }
+      this.snackBarService.open(message, duration);
     });
   }
 
   /**
    * Emit snackbar with duration short
-   * @param {string} message
+   * @param {String[]} keys
    */
-  openShort(message: string): void {
-    this.translateService.get(message).subscribe((res: string) => {
-      this.snackBarService.openShort(res);
-    });
+  openShort(keys: Array<string>): void {
+    this.open(keys, SnackBarService.durationShort);
   }
 
   /**
    * Emit snackbar with duration long
-   * @param {string} message
+   * @param {String[]} keys
    */
-  openLong(message: string): void {
-    this.translateService.get(message).subscribe((res: string) => {
-      this.snackBarService.openLong(res);
-    });
+  openLong(keys: Array<string>): void {
+    this.open(keys, SnackBarService.durationLong);
   }
 }

From 8c7386c7ac6c06f812d9cbf669e4ec8a15261fea Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 13 Dec 2018 16:46:57 +0100
Subject: [PATCH 007/207] Accept additional params for translate

---
 .../translatable-snack-bar-service.service.ts     | 15 +++++++++------
 1 file changed, 9 insertions(+), 6 deletions(-)

diff --git a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
index 9fb56be2f..1be04a774 100644
--- a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
+++ b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
@@ -22,10 +22,11 @@ export class TranslatableSnackBarServiceService {
   /**
    * Emit snackbar with given duration
    * @param {String[]} keys
+   * @param {Object} interpolateParams
    * @param {number} duration
    */
-  open(keys: Array<string>, duration: number = SnackBarService.defaultDuration): void {
-    this.translateService.get(keys).subscribe((translations: {}) => {
+  open(keys: Array<string>, interpolateParams: Object = {}, duration: number = SnackBarService.defaultDuration): void {
+    this.translateService.get(keys, interpolateParams).subscribe((translations: {}) => {
       let message = '';
       for (let key of keys) {
         message += translations[key];
@@ -37,16 +38,18 @@ export class TranslatableSnackBarServiceService {
   /**
    * Emit snackbar with duration short
    * @param {String[]} keys
+   * @param {Object} interpolateParams
    */
-  openShort(keys: Array<string>): void {
-    this.open(keys, SnackBarService.durationShort);
+  openShort(keys: Array<string>, interpolateParams: Object = {}): void {
+    this.open(keys, interpolateParams, SnackBarService.durationShort);
   }
 
   /**
    * Emit snackbar with duration long
    * @param {String[]} keys
+   * @param {Object} interpolateParams
    */
-  openLong(keys: Array<string>): void {
-    this.open(keys, SnackBarService.durationLong);
+  openLong(keys: Array<string>, interpolateParams: Object = {}): void {
+    this.open(keys, interpolateParams, SnackBarService.durationLong);
   }
 }

From d01c79dae19bb79d40205eea4d740871bb3d338d Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 13 Dec 2018 17:40:35 +0100
Subject: [PATCH 008/207] Add test for translate params

---
 .../shared/services/snack-bar.service.spec.ts | 12 ++++----
 ...lateable-snack-bar-service.service.spec.ts | 30 +++++++++++--------
 2 files changed, 24 insertions(+), 18 deletions(-)

diff --git a/app/webFrontend/src/app/shared/services/snack-bar.service.spec.ts b/app/webFrontend/src/app/shared/services/snack-bar.service.spec.ts
index 8a16777b0..13d60e5e6 100644
--- a/app/webFrontend/src/app/shared/services/snack-bar.service.spec.ts
+++ b/app/webFrontend/src/app/shared/services/snack-bar.service.spec.ts
@@ -15,33 +15,33 @@ describe('SnackBarService', () => {
     });
   });
 
-  it('should have been called with dismiss and default duration', () => {
+  it('should have been called with dismiss and default duration', async () => {
     const matSnackBar: MatSnackBar = TestBed.get(MatSnackBar);
 
     const snackBar: SnackBarService = TestBed.get(SnackBarService);
     snackBar.open('awesome message');
 
-    expect(matSnackBar.open)
+    await expect(matSnackBar.open)
       .toHaveBeenCalledWith('awesome message', 'Dismiss', {duration: SnackBarService.defaultDuration});
   });
 
-  it('should have been called with dismiss and short duration', () => {
+  it('should have been called with dismiss and short duration', async () => {
     const matSnackBar: MatSnackBar = TestBed.get(MatSnackBar);
 
     const snackBar: SnackBarService = TestBed.get(SnackBarService);
     snackBar.openShort('awesome short message');
 
-    expect(matSnackBar.open)
+    await expect(matSnackBar.open)
       .toHaveBeenCalledWith('awesome short message', 'Dismiss', {duration: SnackBarService.durationShort});
   });
 
-  it('should have been called with dismiss and long duration', () => {
+  it('should have been called with dismiss and long duration', async () => {
     const matSnackBar: MatSnackBar = TestBed.get(MatSnackBar);
 
     const snackBar: SnackBarService = TestBed.get(SnackBarService);
     snackBar.openLong('awesome long message');
 
-    expect(matSnackBar.open)
+    await expect(matSnackBar.open)
       .toHaveBeenCalledWith('awesome long message', 'Dismiss', {duration: SnackBarService.durationLong});
   });
 
diff --git a/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts b/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
index fa153b622..6f7728d49 100644
--- a/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
+++ b/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
@@ -7,7 +7,7 @@ import {SnackBarService} from './snack-bar.service';
 describe('TranslatableSnackBarServiceService', () => {
 
   beforeEach(() => {
-    const snackBarServiceSpy = jasmine.createSpyObj('SnackBarService', ['open', 'openShort', 'openLong']);
+    const snackBarServiceSpy = jasmine.createSpyObj('SnackBarService', ['open']);
 
     TestBed.configureTestingModule({
       imports: [
@@ -21,23 +21,28 @@ describe('TranslatableSnackBarServiceService', () => {
     });
   });
 
-  it('should have been called with dismiss and default duration', () => {
+  it('should have been called with dismiss and default duration', async () => {
     const snackBar: SnackBarService = TestBed.get(SnackBarService);
     const translate: TranslateService = TestBed.get(TranslateService);
 
     translate.use('en');
     translate.setTranslation('en', {
       'awesome message': 'translated awesome message',
+      'awesome message from {{user}}': 'translated awesome message from {{user}}',
     });
 
     const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
-    translatableSnackBar.open('awesome message');
 
-    expect(snackBar.open)
+    translatableSnackBar.open(['awesome message']);
+    await expect(snackBar.open)
       .toHaveBeenCalledWith('translated awesome message', SnackBarService.defaultDuration);
+
+    translatableSnackBar.open(['awesome message from {{user}}'], {user: 'max'});
+    await expect(snackBar.open)
+      .toHaveBeenCalledWith('translated awesome message from max', SnackBarService.defaultDuration);
   });
 
-  it('should have been called with dismiss and short duration', () => {
+  it('should have been called with dismiss and short duration', async () => {
     const snackBar: SnackBarService = TestBed.get(SnackBarService);
     const translate: TranslateService = TestBed.get(TranslateService);
 
@@ -47,13 +52,13 @@ describe('TranslatableSnackBarServiceService', () => {
     });
 
     const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
-    translatableSnackBar.openShort('awesome short message');
+    translatableSnackBar.openShort(['awesome short message']);
 
-    expect(snackBar.openShort)
-      .toHaveBeenCalledWith('translated awesome short message');
+    await expect(snackBar.open)
+      .toHaveBeenCalledWith('translated awesome short message', SnackBarService.durationShort);
   });
 
-  it('should have been called with dismiss and long duration', () => {
+  it('should have been called with dismiss and long duration', async () => {
     const snackBar: SnackBarService = TestBed.get(SnackBarService);
     const translate: TranslateService = TestBed.get(TranslateService);
 
@@ -64,10 +69,11 @@ describe('TranslatableSnackBarServiceService', () => {
 
 
     const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
-    translatableSnackBar.openLong('awesome long message');
+    translatableSnackBar.openLong(['awesome long message']);
+
+    await expect(snackBar.open)
+      .toHaveBeenCalledWith('translated awesome long message', SnackBarService.durationLong);
 
-    expect(snackBar.openLong)
-      .toHaveBeenCalledWith('translated awesome long message');
   });
 
 });

From d7fa3a912a037f3b6f123c8b1bff34e7862f1f09 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 13 Dec 2018 18:41:24 +0100
Subject: [PATCH 009/207] Use translatable snackbar

---
 app/webFrontend/src/app/app.component.ts | 15 +++++++--------
 app/webFrontend/src/assets/i18n/de.json  |  3 ++-
 app/webFrontend/src/assets/i18n/en.json  |  3 ++-
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/app/webFrontend/src/app/app.component.ts b/app/webFrontend/src/app/app.component.ts
index 56fdc7463..3775188a8 100644
--- a/app/webFrontend/src/app/app.component.ts
+++ b/app/webFrontend/src/app/app.component.ts
@@ -7,10 +7,10 @@ import {APIInfoService} from './shared/services/data.service';
 import {APIInfo} from './models/APIInfo';
 import {isNullOrUndefined} from 'util';
 import {RavenErrorHandler} from './shared/services/raven-error-handler.service';
-import {SnackBarService} from './shared/services/snack-bar.service';
 import {ThemeService} from './shared/services/theme.service';
 import {TranslateService} from '@ngx-translate/core';
 import {DomSanitizer, SafeStyle} from '@angular/platform-browser';
+import {TranslatableSnackBarServiceService} from './shared/services/translatable-snack-bar-service.service';
 
 @Component({
   selector: 'app-root',
@@ -30,17 +30,15 @@ export class AppComponent implements OnInit {
               private showProgress: ShowProgressService,
               private apiInfoService: APIInfoService,
               private ravenErrorHandler: RavenErrorHandler,
-              private snackBar: SnackBarService,
+              private snackBar: TranslatableSnackBarServiceService,
               private themeService: ThemeService,
               public translate: TranslateService,
               private domSanitizer: DomSanitizer) {
     translate.setDefaultLang('en');
 
-    showProgress.toggleSidenav$.subscribe(
-      toggle => {
-        this.toggleProgressBar();
-      }
-    );
+    showProgress.toggleSidenav$.subscribe(toggle => {
+      this.toggleProgressBar();
+    });
   }
 
   ngOnInit(): void {
@@ -55,7 +53,8 @@ export class AppComponent implements OnInit {
         this.apiInfo = info;
       })
       .catch((err) => {
-        this.snackBar.open('Could not connect to backend', null);
+        console.dir(err.error);
+        this.snackBar.open(['home.backendError'], {err: err.error}, null);
       });
 
     this.updateCurrentUser();
diff --git a/app/webFrontend/src/assets/i18n/de.json b/app/webFrontend/src/assets/i18n/de.json
index 1890ac2ec..bcc3f8a63 100644
--- a/app/webFrontend/src/assets/i18n/de.json
+++ b/app/webFrontend/src/assets/i18n/de.json
@@ -280,7 +280,8 @@
     }
   },
   "home": {
-    "welcomeTo": "Willkommen auf"
+    "welcomeTo": "Willkommen auf",
+    "backendError": "Verbindung zum Backend nicht möglich: {{err}}"
   },
   "lecture": {
     "noUnits": "Keine Unterkapitel angelegt!",
diff --git a/app/webFrontend/src/assets/i18n/en.json b/app/webFrontend/src/assets/i18n/en.json
index 7e0c7f73d..c8a8a7d6f 100644
--- a/app/webFrontend/src/assets/i18n/en.json
+++ b/app/webFrontend/src/assets/i18n/en.json
@@ -280,7 +280,8 @@
     }
   },
   "home": {
-    "welcomeTo": "Welcome to"
+    "welcomeTo": "Welcome to",
+    "backendError": "Could not connect to backend: {{err}}"
   },
   "lecture": {
     "noUnits": "No units added yet.",

From 5cca590f42ac860758c2ac8a27b5349a57a75e6b Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 13 Dec 2018 18:42:38 +0100
Subject: [PATCH 010/207] Changelog

---
 CHANGELOG.md                             | 1 +
 app/webFrontend/src/app/app.component.ts | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 22a605f0e..21f3ad515 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,6 +20,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `TestHelper` request methods for `PUT` & `DELETE`. [#1041](https://github.com/geli-lms/geli/issues/1041)
 - CodeKata validation service. [#844](https://github.com/geli-lms/geli/issues/844)
 - Course: Added switch for file <-> video unit. [#912](https://github.com/geli-lms/geli/issues/912)
+- Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
 
 ### Fixed
 - `bundle.scss` not available in api container. [#1052](https://github.com/geli-lms/geli/issues/1052)
diff --git a/app/webFrontend/src/app/app.component.ts b/app/webFrontend/src/app/app.component.ts
index 3775188a8..689ee5029 100644
--- a/app/webFrontend/src/app/app.component.ts
+++ b/app/webFrontend/src/app/app.component.ts
@@ -53,7 +53,6 @@ export class AppComponent implements OnInit {
         this.apiInfo = info;
       })
       .catch((err) => {
-        console.dir(err.error);
         this.snackBar.open(['home.backendError'], {err: err.error}, null);
       });
 

From 4120c176a00d897c87d688c907aee04ca79d239e Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Tue, 18 Dec 2018 15:01:30 +0100
Subject: [PATCH 011/207] Dont accept array as param for open

---
 .../translatable-snack-bar-service.service.ts | 22 ++++++++-----------
 ...lateable-snack-bar-service.service.spec.ts |  8 +++----
 2 files changed, 13 insertions(+), 17 deletions(-)

diff --git a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
index 1be04a774..f6be576b9 100644
--- a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
+++ b/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
@@ -21,35 +21,31 @@ export class TranslatableSnackBarServiceService {
 
   /**
    * Emit snackbar with given duration
-   * @param {String[]} keys
+   * @param {string} key
    * @param {Object} interpolateParams
    * @param {number} duration
    */
-  open(keys: Array<string>, interpolateParams: Object = {}, duration: number = SnackBarService.defaultDuration): void {
-    this.translateService.get(keys, interpolateParams).subscribe((translations: {}) => {
-      let message = '';
-      for (let key of keys) {
-        message += translations[key];
-      }
+  open(key: string, interpolateParams: Object = {}, duration: number = SnackBarService.defaultDuration): void {
+    this.translateService.get(key, interpolateParams).subscribe((message: string) => {
       this.snackBarService.open(message, duration);
     });
   }
 
   /**
    * Emit snackbar with duration short
-   * @param {String[]} keys
+   * @param {string} key
    * @param {Object} interpolateParams
    */
-  openShort(keys: Array<string>, interpolateParams: Object = {}): void {
-    this.open(keys, interpolateParams, SnackBarService.durationShort);
+  openShort(key: string, interpolateParams: Object = {}): void {
+    this.open(key, interpolateParams, SnackBarService.durationShort);
   }
 
   /**
    * Emit snackbar with duration long
-   * @param {String[]} keys
+   * @param {string} key
    * @param {Object} interpolateParams
    */
-  openLong(keys: Array<string>, interpolateParams: Object = {}): void {
-    this.open(keys, interpolateParams, SnackBarService.durationLong);
+  openLong(key: string, interpolateParams: Object = {}): void {
+    this.open(key, interpolateParams, SnackBarService.durationLong);
   }
 }
diff --git a/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts b/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
index 6f7728d49..fc90d351f 100644
--- a/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
+++ b/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
@@ -33,11 +33,11 @@ describe('TranslatableSnackBarServiceService', () => {
 
     const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
 
-    translatableSnackBar.open(['awesome message']);
+    translatableSnackBar.open('awesome message');
     await expect(snackBar.open)
       .toHaveBeenCalledWith('translated awesome message', SnackBarService.defaultDuration);
 
-    translatableSnackBar.open(['awesome message from {{user}}'], {user: 'max'});
+    translatableSnackBar.open('awesome message from {{user}}', {user: 'max'});
     await expect(snackBar.open)
       .toHaveBeenCalledWith('translated awesome message from max', SnackBarService.defaultDuration);
   });
@@ -52,7 +52,7 @@ describe('TranslatableSnackBarServiceService', () => {
     });
 
     const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
-    translatableSnackBar.openShort(['awesome short message']);
+    translatableSnackBar.openShort('awesome short message');
 
     await expect(snackBar.open)
       .toHaveBeenCalledWith('translated awesome short message', SnackBarService.durationShort);
@@ -69,7 +69,7 @@ describe('TranslatableSnackBarServiceService', () => {
 
 
     const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
-    translatableSnackBar.openLong(['awesome long message']);
+    translatableSnackBar.openLong('awesome long message');
 
     await expect(snackBar.open)
       .toHaveBeenCalledWith('translated awesome long message', SnackBarService.durationLong);

From 55010d0fd51c94c86abfadccb173e7cceac003eb Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Tue, 18 Dec 2018 15:19:11 +0100
Subject: [PATCH 012/207] Migrate array => string

---
 app/webFrontend/src/app/app.component.ts                 | 2 +-
 app/webFrontend/src/app/auth/login/login.component.ts    | 4 ++--
 .../src/app/shared/services/translation-error.service.ts | 4 +---
 app/webFrontend/src/assets/i18n/de.json                  | 9 ++++-----
 app/webFrontend/src/assets/i18n/en.json                  | 9 ++++-----
 5 files changed, 12 insertions(+), 16 deletions(-)

diff --git a/app/webFrontend/src/app/app.component.ts b/app/webFrontend/src/app/app.component.ts
index 689ee5029..1aab3733d 100644
--- a/app/webFrontend/src/app/app.component.ts
+++ b/app/webFrontend/src/app/app.component.ts
@@ -53,7 +53,7 @@ export class AppComponent implements OnInit {
         this.apiInfo = info;
       })
       .catch((err) => {
-        this.snackBar.open(['home.backendError'], {err: err.error}, null);
+        this.snackBar.open('home.backendError', {err: err.error}, null);
       });
 
     this.updateCurrentUser();
diff --git a/app/webFrontend/src/app/auth/login/login.component.ts b/app/webFrontend/src/app/auth/login/login.component.ts
index 8a6ca3b07..352973cd2 100644
--- a/app/webFrontend/src/app/auth/login/login.component.ts
+++ b/app/webFrontend/src/app/auth/login/login.component.ts
@@ -53,13 +53,13 @@ export class LoginComponent implements OnInit {
         this.showProgress.toggleLoadingGlobal(false);
         this.loading = false;
 
-        this.snackBar.open(['auth.loginSuccess']);
+        this.snackBar.open('auth.loginSuccess');
       })
       .catch(error => {
         this.showProgress.toggleLoadingGlobal(false);
         this.loading = false;
 
-        this.snackBar.open(['auth.loginFailed', ': ', 'auth.loginFailedError.' + error.error.message]);
+        this.snackBar.open('auth.loginFailed.' + error.message);
       });
   }
 
diff --git a/app/webFrontend/src/app/shared/services/translation-error.service.ts b/app/webFrontend/src/app/shared/services/translation-error.service.ts
index b05cf5be0..64a83164c 100644
--- a/app/webFrontend/src/app/shared/services/translation-error.service.ts
+++ b/app/webFrontend/src/app/shared/services/translation-error.service.ts
@@ -9,8 +9,6 @@ export class TranslationErrorService implements MissingTranslationHandler {
   }
 
   handle(params: MissingTranslationHandlerParams) {
-    if (params.key.length > 3) {
-      this.errorHandler.handleError(`Missing Translation: ${params.key}`);
-    }
+    this.errorHandler.handleError(`Missing Translation: ${params.key}`);
   }
 }
diff --git a/app/webFrontend/src/assets/i18n/de.json b/app/webFrontend/src/assets/i18n/de.json
index 61663b3da..f18360af2 100644
--- a/app/webFrontend/src/assets/i18n/de.json
+++ b/app/webFrontend/src/assets/i18n/de.json
@@ -21,11 +21,10 @@
     "confirmPassword": "Passwort bestätigen",
     "forgotPassword": "Passwort vergessen",
     "generatePassword": "Neues Passwort generieren",
-    "loginFailed": "Login fehlgeschlagen",
-    "loginFailedError": {
-      "couldNotBeVerified": "Ihre Logindaten konnten nicht verifiziert werden. Bitte versuchen Sie es noch ein mal.",
-      "notActiveYet": "Ihr Account wurde noch nicht aktiviert.",
-      "unknown": "Es ist ein unbekannter Fehler aufgetreten."
+    "loginFailed": {
+      "couldNotBeVerified": "Login fehlgeschlagen: Ihre Logindaten konnten nicht verifiziert werden.",
+      "notActiveYet": "Login fehlgeschlagen: Ihr Account wurde noch nicht aktiviert.",
+      "unknown": "Login fehlgeschlagen: Es ist ein unbekannter Fehler aufgetreten."
     },
     "loginSuccess": "Login erfolgreich",
     "registration": {
diff --git a/app/webFrontend/src/assets/i18n/en.json b/app/webFrontend/src/assets/i18n/en.json
index 00c77c83e..c2770defc 100644
--- a/app/webFrontend/src/assets/i18n/en.json
+++ b/app/webFrontend/src/assets/i18n/en.json
@@ -21,11 +21,10 @@
     "confirmPassword": "Confirm password",
     "forgotPassword": "Forgot password",
     "generatePassword": "Generate new password",
-    "loginFailed": "Login failed",
-    "loginFailedError": {
-      "couldNotBeVerified": "Your login details could not be verified. Please try again.",
-      "notActiveYet": "Your account has not been activated yet.",
-      "unknown": "An unknown error occured."
+    "loginFailed": {
+      "couldNotBeVerified": "Login failed: Your login details could not be verified.",
+      "notActiveYet": "Login failed: Your account has not been activated yet.",
+      "unknown": "Login failed: An unknown error occurred."
     },
     "loginSuccess": "Login successful",
     "registration": {

From ddb4e7bd1aa279dd556b08d10a4b9391dd06847c Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Tue, 18 Dec 2018 15:21:53 +0100
Subject: [PATCH 013/207] Migrate array => string

---
 app/webFrontend/src/app/auth/login/login.component.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/app/webFrontend/src/app/auth/login/login.component.ts b/app/webFrontend/src/app/auth/login/login.component.ts
index 352973cd2..96e3ba4f0 100644
--- a/app/webFrontend/src/app/auth/login/login.component.ts
+++ b/app/webFrontend/src/app/auth/login/login.component.ts
@@ -55,11 +55,11 @@ export class LoginComponent implements OnInit {
 
         this.snackBar.open('auth.loginSuccess');
       })
-      .catch(error => {
+      .catch(response => {
         this.showProgress.toggleLoadingGlobal(false);
         this.loading = false;
 
-        this.snackBar.open('auth.loginFailed.' + error.message);
+        this.snackBar.open('auth.loginFailed.' + response.error.message);
       });
   }
 

From d991208f2adc8172ceee3fce10c5e5540a95cdad Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Tue, 18 Dec 2018 15:44:41 +0100
Subject: [PATCH 014/207] Change translation

---
 .../src/app/auth/login/login.component.ts          |  4 ++--
 app/webFrontend/src/assets/i18n/de.json            | 14 ++++++++------
 app/webFrontend/src/assets/i18n/en.json            | 14 ++++++++------
 3 files changed, 18 insertions(+), 14 deletions(-)

diff --git a/app/webFrontend/src/app/auth/login/login.component.ts b/app/webFrontend/src/app/auth/login/login.component.ts
index 96e3ba4f0..81c5f86d2 100644
--- a/app/webFrontend/src/app/auth/login/login.component.ts
+++ b/app/webFrontend/src/app/auth/login/login.component.ts
@@ -53,13 +53,13 @@ export class LoginComponent implements OnInit {
         this.showProgress.toggleLoadingGlobal(false);
         this.loading = false;
 
-        this.snackBar.open('auth.loginSuccess');
+        this.snackBar.open('auth.login.success');
       })
       .catch(response => {
         this.showProgress.toggleLoadingGlobal(false);
         this.loading = false;
 
-        this.snackBar.open('auth.loginFailed.' + response.error.message);
+        this.snackBar.open('auth.login.failed.' + response.error.message);
       });
   }
 
diff --git a/app/webFrontend/src/assets/i18n/de.json b/app/webFrontend/src/assets/i18n/de.json
index f18360af2..9c47f9125 100644
--- a/app/webFrontend/src/assets/i18n/de.json
+++ b/app/webFrontend/src/assets/i18n/de.json
@@ -17,16 +17,18 @@
     }
   },
   "auth": {
+    "login": {
+      "failed": {
+        "couldNotBeVerified": "Login fehlgeschlagen: Ihre Logindaten konnten nicht verifiziert werden.",
+        "notActiveYet": "Login fehlgeschlagen: Ihr Account wurde noch nicht aktiviert.",
+        "unknown": "Login fehlgeschlagen: Es ist ein unbekannter Fehler aufgetreten."
+      },
+      "success": "Login erfolgreich"
+    },
     "changePassword": "Passwort ändern",
     "confirmPassword": "Passwort bestätigen",
     "forgotPassword": "Passwort vergessen",
     "generatePassword": "Neues Passwort generieren",
-    "loginFailed": {
-      "couldNotBeVerified": "Login fehlgeschlagen: Ihre Logindaten konnten nicht verifiziert werden.",
-      "notActiveYet": "Login fehlgeschlagen: Ihr Account wurde noch nicht aktiviert.",
-      "unknown": "Login fehlgeschlagen: Es ist ein unbekannter Fehler aufgetreten."
-    },
-    "loginSuccess": "Login erfolgreich",
     "registration": {
       "acceptCheckboxes": "Ich akzeptiere gelis ",
       "back": "Zurück zur Startseite",
diff --git a/app/webFrontend/src/assets/i18n/en.json b/app/webFrontend/src/assets/i18n/en.json
index c2770defc..8ce56d0ab 100644
--- a/app/webFrontend/src/assets/i18n/en.json
+++ b/app/webFrontend/src/assets/i18n/en.json
@@ -17,16 +17,18 @@
     }
   },
   "auth": {
+    "login": {
+      "failed": {
+        "couldNotBeVerified": "Login failed: Your login details could not be verified.",
+        "notActiveYet": "Login failed: Your account has not been activated yet.",
+        "unknown": "Login failed: An unknown error occurred."
+      },
+      "success": "Login successful"
+    },
     "changePassword": "Change password",
     "confirmPassword": "Confirm password",
     "forgotPassword": "Forgot password",
     "generatePassword": "Generate new password",
-    "loginFailed": {
-      "couldNotBeVerified": "Login failed: Your login details could not be verified.",
-      "notActiveYet": "Login failed: Your account has not been activated yet.",
-      "unknown": "Login failed: An unknown error occurred."
-    },
-    "loginSuccess": "Login successful",
     "registration": {
       "acceptCheckboxes": "I accept gelis ",
       "back": "Back to frontpage",

From ecf542e921e858f819f3493ba97b34d5acf1eaba Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Wed, 19 Dec 2018 17:18:12 +0100
Subject: [PATCH 015/207] Linter

---
 app/webFrontend/src/app/auth/login/login.component.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/webFrontend/src/app/auth/login/login.component.ts b/app/webFrontend/src/app/auth/login/login.component.ts
index 81c5f86d2..627bb2f71 100644
--- a/app/webFrontend/src/app/auth/login/login.component.ts
+++ b/app/webFrontend/src/app/auth/login/login.component.ts
@@ -7,7 +7,7 @@ import {FormBuilder, FormGroup, Validators} from '@angular/forms';
 import {ShowProgressService} from '../../shared/services/show-progress.service';
 import {TitleService} from '../../shared/services/title.service';
 import {TranslateService} from '@ngx-translate/core';
-import {TranslatableSnackBarServiceService} from "../../shared/services/translatable-snack-bar-service.service";
+import {TranslatableSnackBarServiceService} from '../../shared/services/translatable-snack-bar-service.service';
 
 @Component({
   templateUrl: './login.component.html',

From 2fa3958c427818ab7f388d781516e882576b171a Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Wed, 19 Dec 2018 18:20:16 +0100
Subject: [PATCH 016/207] Use new text in e2e test

---
 app/webFrontend/e2e/login.e2e-spec.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/webFrontend/e2e/login.e2e-spec.ts b/app/webFrontend/e2e/login.e2e-spec.ts
index 3f5538305..9d1f5dc2d 100644
--- a/app/webFrontend/e2e/login.e2e-spec.ts
+++ b/app/webFrontend/e2e/login.e2e-spec.ts
@@ -27,7 +27,7 @@ describe('Login-form', () => {
     await page.getLoginButton().click();
     await browser.waitForAngular(); // ensure that there are no running http requests
 
-    expect(page.getSnackBar().getText()).toContain('Login failed: Your login details could not be verified. Please try again');
+    expect(page.getSnackBar().getText()).toContain('Login failed: Your login details could not be verified.');
   });
 
   it('should login with valid credentials', async () => {

From c86d09adb4cebcc34e3411b90cd4496a50618b12 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 20 Dec 2018 11:11:17 +0100
Subject: [PATCH 017/207] :see_no_evil:

---
 app/webFrontend/src/app/app.component.ts             |  4 ++--
 .../src/app/auth/login/login.component.ts            |  4 ++--
 ....service.ts => translatable-snack-bar.service.ts} |  2 +-
 .../translateable-snack-bar-service.service.spec.ts  | 12 ++++++------
 4 files changed, 11 insertions(+), 11 deletions(-)
 rename app/webFrontend/src/app/shared/services/{translatable-snack-bar-service.service.ts => translatable-snack-bar.service.ts} (96%)

diff --git a/app/webFrontend/src/app/app.component.ts b/app/webFrontend/src/app/app.component.ts
index 1aab3733d..587eafa25 100644
--- a/app/webFrontend/src/app/app.component.ts
+++ b/app/webFrontend/src/app/app.component.ts
@@ -10,7 +10,7 @@ import {RavenErrorHandler} from './shared/services/raven-error-handler.service';
 import {ThemeService} from './shared/services/theme.service';
 import {TranslateService} from '@ngx-translate/core';
 import {DomSanitizer, SafeStyle} from '@angular/platform-browser';
-import {TranslatableSnackBarServiceService} from './shared/services/translatable-snack-bar-service.service';
+import {TranslatableSnackBarService} from './shared/services/translatable-snack-bar.service';
 
 @Component({
   selector: 'app-root',
@@ -30,7 +30,7 @@ export class AppComponent implements OnInit {
               private showProgress: ShowProgressService,
               private apiInfoService: APIInfoService,
               private ravenErrorHandler: RavenErrorHandler,
-              private snackBar: TranslatableSnackBarServiceService,
+              private snackBar: TranslatableSnackBarService,
               private themeService: ThemeService,
               public translate: TranslateService,
               private domSanitizer: DomSanitizer) {
diff --git a/app/webFrontend/src/app/auth/login/login.component.ts b/app/webFrontend/src/app/auth/login/login.component.ts
index 627bb2f71..92d5a2c4a 100644
--- a/app/webFrontend/src/app/auth/login/login.component.ts
+++ b/app/webFrontend/src/app/auth/login/login.component.ts
@@ -7,7 +7,7 @@ import {FormBuilder, FormGroup, Validators} from '@angular/forms';
 import {ShowProgressService} from '../../shared/services/show-progress.service';
 import {TitleService} from '../../shared/services/title.service';
 import {TranslateService} from '@ngx-translate/core';
-import {TranslatableSnackBarServiceService} from '../../shared/services/translatable-snack-bar-service.service';
+import {TranslatableSnackBarService} from '../../shared/services/translatable-snack-bar.service';
 
 @Component({
   templateUrl: './login.component.html',
@@ -23,7 +23,7 @@ export class LoginComponent implements OnInit {
               private authGuard: AuthGuardService,
               private authenticationService: AuthenticationService,
               private showProgress: ShowProgressService,
-              private snackBar: TranslatableSnackBarServiceService,
+              private snackBar: TranslatableSnackBarService,
               private formBuilder: FormBuilder,
               private titleService: TitleService,
               private translate: TranslateService) {
diff --git a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts b/app/webFrontend/src/app/shared/services/translatable-snack-bar.service.ts
similarity index 96%
rename from app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
rename to app/webFrontend/src/app/shared/services/translatable-snack-bar.service.ts
index f6be576b9..c8bd05755 100644
--- a/app/webFrontend/src/app/shared/services/translatable-snack-bar-service.service.ts
+++ b/app/webFrontend/src/app/shared/services/translatable-snack-bar.service.ts
@@ -5,7 +5,7 @@ import {LangChangeEvent, TranslateService} from '@ngx-translate/core';
 @Injectable({
   providedIn: 'root'
 })
-export class TranslatableSnackBarServiceService {
+export class TranslatableSnackBarService {
 
   /**
    * @param snackBarService
diff --git a/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts b/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
index fc90d351f..9c703ec7a 100644
--- a/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
+++ b/app/webFrontend/src/app/shared/services/translateable-snack-bar-service.service.spec.ts
@@ -1,10 +1,10 @@
 import {TestBed} from '@angular/core/testing';
 
-import {TranslatableSnackBarServiceService} from './translatable-snack-bar-service.service';
+import {TranslatableSnackBarService} from './translatable-snack-bar.service';
 import {TranslateModule, TranslateService} from '@ngx-translate/core';
 import {SnackBarService} from './snack-bar.service';
 
-describe('TranslatableSnackBarServiceService', () => {
+describe('TranslatableSnackBarService', () => {
 
   beforeEach(() => {
     const snackBarServiceSpy = jasmine.createSpyObj('SnackBarService', ['open']);
@@ -14,7 +14,7 @@ describe('TranslatableSnackBarServiceService', () => {
         TranslateModule.forRoot(),
       ],
       providers: [
-        TranslatableSnackBarServiceService,
+        TranslatableSnackBarService,
         {provide: SnackBarService, useValue: snackBarServiceSpy},
         TranslateService,
       ]
@@ -31,7 +31,7 @@ describe('TranslatableSnackBarServiceService', () => {
       'awesome message from {{user}}': 'translated awesome message from {{user}}',
     });
 
-    const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
+    const translatableSnackBar: TranslatableSnackBarService = TestBed.get(TranslatableSnackBarService);
 
     translatableSnackBar.open('awesome message');
     await expect(snackBar.open)
@@ -51,7 +51,7 @@ describe('TranslatableSnackBarServiceService', () => {
       'awesome short message': 'translated awesome short message',
     });
 
-    const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
+    const translatableSnackBar: TranslatableSnackBarService = TestBed.get(TranslatableSnackBarService);
     translatableSnackBar.openShort('awesome short message');
 
     await expect(snackBar.open)
@@ -68,7 +68,7 @@ describe('TranslatableSnackBarServiceService', () => {
     });
 
 
-    const translatableSnackBar: TranslatableSnackBarServiceService = TestBed.get(TranslatableSnackBarServiceService);
+    const translatableSnackBar: TranslatableSnackBarService = TestBed.get(TranslatableSnackBarService);
     translatableSnackBar.openLong('awesome long message');
 
     await expect(snackBar.open)

From 2c2f054bebf39b7ba78c9fc53f3f451c3b2590a4 Mon Sep 17 00:00:00 2001
From: David Boschmann <david.boschmann@stud.h-da.de>
Date: Thu, 20 Dec 2018 13:10:39 +0100
Subject: [PATCH 018/207] bump version to 0.8.5

---
 CHANGELOG.md                      | 1 +
 api/package-lock.json             | 2 +-
 api/package.json                  | 2 +-
 app/webFrontend/package-lock.json | 2 +-
 app/webFrontend/package.json      | 2 +-
 5 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4fb59a861..36d5dccc5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 -->
 
 ## [Unreleased]
+### Added
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added
diff --git a/api/package-lock.json b/api/package-lock.json
index 8b16030b3..d51de2efc 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "geli-api",
-  "version": "0.8.4",
+  "version": "0.8.5",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/api/package.json b/api/package.json
index 489270d64..12354f496 100644
--- a/api/package.json
+++ b/api/package.json
@@ -1,6 +1,6 @@
 {
   "name": "geli-api",
-  "version": "0.8.4",
+  "version": "0.8.5",
   "license": "Apache-2.0",
   "repository": "geli-lms/geli",
   "description": "This is the API-Package.json for geli.",
diff --git a/app/webFrontend/package-lock.json b/app/webFrontend/package-lock.json
index d12ab9018..a8bf5fc41 100644
--- a/app/webFrontend/package-lock.json
+++ b/app/webFrontend/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "geli-web-frontend",
-  "version": "0.8.4",
+  "version": "0.8.5",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
diff --git a/app/webFrontend/package.json b/app/webFrontend/package.json
index 38deaf099..186b1689a 100644
--- a/app/webFrontend/package.json
+++ b/app/webFrontend/package.json
@@ -2,7 +2,7 @@
   "name": "geli-web-frontend",
   "description": "This is the WebFronted-Package.json for geli.",
   "repository": "geli-lms/geli",
-  "version": "0.8.4",
+  "version": "0.8.5",
   "license": "Apache-2.0",
   "scripts": {
     "ng": "ng",

From 26aba135930d1486610f78b06c4ae37b19ec8a7a Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 20 Dec 2018 14:45:39 +0100
Subject: [PATCH 019/207] Changelog

---
 CHANGELOG.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 36d5dccc5..6c7117f13 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,7 +11,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 -->
 
 ## [Unreleased]
-### Added
+### Changed
+- Bump version number. []()
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From 73fb967ea00cc63201c876d6b5c72cafcdd1e0b2 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 20 Dec 2018 21:45:19 +0100
Subject: [PATCH 020/207] Revert: Changelog

---
 CHANGELOG.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 21f3ad515..22a605f0e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -20,7 +20,6 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `TestHelper` request methods for `PUT` & `DELETE`. [#1041](https://github.com/geli-lms/geli/issues/1041)
 - CodeKata validation service. [#844](https://github.com/geli-lms/geli/issues/844)
 - Course: Added switch for file <-> video unit. [#912](https://github.com/geli-lms/geli/issues/912)
-- Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
 
 ### Fixed
 - `bundle.scss` not available in api container. [#1052](https://github.com/geli-lms/geli/issues/1052)

From e2f85745ccf2cd3de086c6fca64192dca1b20edd Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Thu, 20 Dec 2018 21:46:17 +0100
Subject: [PATCH 021/207] :memo: CHANGELOG

---
 CHANGELOG.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6c7117f13..7748ef536 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,8 +11,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 -->
 
 ## [Unreleased]
-### Changed
-- Bump version number. []()
+### Added
+- Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From ed08323f3d3193fa5b969cebb3d4b256ef7a169f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 24 Dec 2018 06:20:06 +0000
Subject: [PATCH 022/207] Bump bcrypt from 3.0.0 to 3.0.3 in /api

Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js) from 3.0.0 to 3.0.3.
- [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases)
- [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kelektiv/node.bcrypt.js/compare/v3.0.0...v3.0.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 297 ++++++++++++++++++------------------------
 api/package.json      |   2 +-
 2 files changed, 129 insertions(+), 170 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index d51de2efc..7a7b07fc0 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -413,6 +413,7 @@
       "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz",
       "integrity": "sha1-DNkKVhCT810KmSVsIrcGlDP60Rc=",
       "dev": true,
+      "optional": true,
       "requires": {
         "kind-of": "^3.0.2",
         "longest": "^1.0.1",
@@ -1712,33 +1713,29 @@
       }
     },
     "bcrypt": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-3.0.0.tgz",
-      "integrity": "sha512-gjicxsD4e5U3nH0EqiEb5y+fKpsZ7F52wcnmNfu45nxnolWVAYh7NgbdfilY+5x1v6cLspxmzz4hf+ju2pFxhA==",
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-3.0.3.tgz",
+      "integrity": "sha512-4EuzUo6K790QC3uq/ogzy9w2Hc7XDIBoEndU5y7l7YaEAwQF8vyFqv6tC30+gOBZvyxk3F632xzKBQoLNz2pjg==",
       "requires": {
-        "nan": "2.10.0",
-        "node-pre-gyp": "0.10.2"
+        "nan": "2.12.1",
+        "node-pre-gyp": "0.12.0"
       },
       "dependencies": {
         "abbrev": {
           "version": "1.1.1",
-          "resolved": "",
-          "integrity": "sha512-nne9/IiQ/hzIhY6pdDnbBtz7DjPTKrY00P/zvPSm5pOFkl6xuGrGnXn/VtTNNfNtAfZ9/1RtehkszU9qcTii0Q=="
+          "bundled": true
         },
         "ansi-regex": {
           "version": "2.1.1",
-          "resolved": "",
-          "integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8="
+          "bundled": true
         },
         "aproba": {
           "version": "1.2.0",
-          "resolved": "",
-          "integrity": "sha512-Y9J6ZjXtoYh8RnXVCMOU/ttDmk1aBjunq9vO0ta5x85WDQiQfUF9sIPBITdbiiIVcBo03Hi3jMxigBtsddlXRw=="
+          "bundled": true
         },
         "are-we-there-yet": {
           "version": "1.1.5",
-          "resolved": "",
-          "integrity": "sha512-5hYdAkZlcG8tOLujVDTgCT+uPX0VnpAH28gWsLfzpXYm7wP6mp5Q/gYyR7YQ0cKVJcXJnl3j2kpBan13PtQf6w==",
+          "bundled": true,
           "requires": {
             "delegates": "^1.0.0",
             "readable-stream": "^2.0.6"
@@ -1746,83 +1743,69 @@
         },
         "balanced-match": {
           "version": "1.0.0",
-          "resolved": "",
-          "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c="
+          "bundled": true
         },
         "brace-expansion": {
           "version": "1.1.11",
-          "resolved": "",
-          "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==",
+          "bundled": true,
           "requires": {
             "balanced-match": "^1.0.0",
             "concat-map": "0.0.1"
           }
         },
         "chownr": {
-          "version": "1.0.1",
-          "resolved": "",
-          "integrity": "sha1-4qdQQqlVGQi+vSW4Uj1fl2nXkYE="
+          "version": "1.1.1",
+          "bundled": true
         },
         "code-point-at": {
           "version": "1.1.0",
-          "resolved": "",
-          "integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c="
+          "bundled": true
         },
         "concat-map": {
           "version": "0.0.1",
-          "resolved": "",
-          "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s="
+          "bundled": true
         },
         "console-control-strings": {
           "version": "1.1.0",
-          "resolved": "",
-          "integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4="
+          "bundled": true
         },
         "core-util-is": {
           "version": "1.0.2",
-          "resolved": "",
-          "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac="
+          "bundled": true
         },
         "debug": {
           "version": "2.6.9",
-          "resolved": "",
-          "integrity": "sha512-bC7ElrdJaJnPbAP+1EotYvqZsb3ecl5wi6Bfi6BJTUcNowp6cvspg0jXznRTKDjm/E7AdgFBVeAPVMNcKGsHMA==",
+          "bundled": true,
           "requires": {
             "ms": "2.0.0"
           }
         },
         "deep-extend": {
           "version": "0.6.0",
-          "resolved": "",
-          "integrity": "sha512-LOHxIOaPYdHlJRtCQfDIVZtfw/ufM8+rVj649RIHzcm/vGwQRXFt6OPqIFWsm2XEMrNIEtWR64sY1LEKD2vAOA=="
+          "bundled": true
         },
         "delegates": {
           "version": "1.0.0",
-          "resolved": "",
-          "integrity": "sha1-hMbhWbgZBP3KWaDvRM2HDTElD5o="
+          "bundled": true
         },
         "detect-libc": {
           "version": "1.0.3",
-          "resolved": "",
-          "integrity": "sha1-+hN8S9aY7fVc1c0CrFWfkaTEups="
+          "bundled": true
         },
         "fs-minipass": {
           "version": "1.2.5",
-          "resolved": "",
-          "integrity": "sha512-JhBl0skXjUPCFH7x6x61gQxrKyXsxB5gcgePLZCwfyCGGsTISMoIeObbrvVeP6Xmyaudw4TT43qV2Gz+iyd2oQ==",
+          "bundled": true,
           "requires": {
             "minipass": "^2.2.1"
           }
         },
         "fs.realpath": {
           "version": "1.0.0",
-          "resolved": "",
-          "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8="
+          "bundled": true
         },
         "gauge": {
           "version": "2.7.4",
-          "resolved": "",
-          "integrity": "sha1-LANAXHU4w51+s3sxcCLjJfsBi/c=",
+          "bundled": true,
           "requires": {
             "aproba": "^1.0.3",
             "console-control-strings": "^1.0.0",
@@ -1836,8 +1819,7 @@
         },
         "glob": {
           "version": "7.1.2",
-          "resolved": "",
-          "integrity": "sha512-MJTUg1kjuLeQCJ+ccE4Vpa6kKVXkPYJ2mOCQyUuKLcLQsdrMCpBPUi8qVE6+YuaJkozeA9NusTAw3hLr8Xe5EQ==",
+          "bundled": true,
           "requires": {
             "fs.realpath": "^1.0.0",
             "inflight": "^1.0.4",
@@ -1849,29 +1831,25 @@
         },
         "has-unicode": {
           "version": "2.0.1",
-          "resolved": "",
-          "integrity": "sha1-4Ob+aijPUROIVeCG0Wkedx3iqLk="
+          "bundled": true
         },
         "iconv-lite": {
-          "version": "0.4.23",
-          "resolved": "",
-          "integrity": "sha512-neyTUVFtahjf0mB3dZT77u+8O0QB89jFdnBkd5P1JgYPbPaia3gXXOVL2fq8VyU2gMMD7SaN7QukTB/pmXYvDA==",
+          "version": "0.4.24",
+          "bundled": true,
           "requires": {
             "safer-buffer": ">= 2.1.2 < 3"
           }
         },
         "ignore-walk": {
           "version": "3.0.1",
-          "resolved": "",
-          "integrity": "sha512-DTVlMx3IYPe0/JJcYP7Gxg7ttZZu3IInhuEhbchuqneY9wWe5Ojy2mXLBaQFUQmo0AW2r3qG7m1mg86js+gnlQ==",
+          "bundled": true,
           "requires": {
             "minimatch": "^3.0.4"
           }
         },
         "inflight": {
           "version": "1.0.6",
-          "resolved": "",
-          "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=",
+          "bundled": true,
           "requires": {
             "once": "^1.3.0",
             "wrappy": "1"
@@ -1879,44 +1857,37 @@
         },
         "inherits": {
           "version": "2.0.3",
-          "resolved": "",
-          "integrity": "sha1-Yzwsg+PaQqUC9SRmAiSA9CCCYd4="
+          "bundled": true
         },
         "ini": {
           "version": "1.3.5",
-          "resolved": "",
-          "integrity": "sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw=="
+          "bundled": true
         },
         "is-fullwidth-code-point": {
           "version": "1.0.0",
-          "resolved": "",
-          "integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=",
+          "bundled": true,
           "requires": {
             "number-is-nan": "^1.0.0"
           }
         },
         "isarray": {
           "version": "1.0.0",
-          "resolved": "",
-          "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
+          "bundled": true
         },
         "minimatch": {
           "version": "3.0.4",
-          "resolved": "",
-          "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==",
+          "bundled": true,
           "requires": {
             "brace-expansion": "^1.1.7"
           }
         },
         "minimist": {
           "version": "0.0.8",
-          "resolved": "",
-          "integrity": "sha1-hX/Kv8M5fSYluCKCYuhqp6ARsF0="
+          "bundled": true
         },
         "minipass": {
-          "version": "2.3.3",
-          "resolved": "",
-          "integrity": "sha512-/jAn9/tEX4gnpyRATxgHEOV6xbcyxgT7iUnxo9Y3+OB0zX00TgKIv/2FZCf5brBbICcwbLqVv2ImjvWWrQMSYw==",
+          "version": "2.3.4",
+          "bundled": true,
           "requires": {
             "safe-buffer": "^5.1.2",
             "yallist": "^3.0.0"
@@ -1924,41 +1895,40 @@
           "dependencies": {
             "safe-buffer": {
               "version": "5.1.2",
-              "resolved": "",
-              "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
+              "bundled": true
             },
             "yallist": {
               "version": "3.0.2",
-              "resolved": "",
-              "integrity": "sha1-hFK0u36Dx8GI2AQcGoN8dz1ti7k="
+              "bundled": true
             }
           }
         },
         "minizlib": {
-          "version": "1.1.0",
-          "resolved": "",
-          "integrity": "sha512-4T6Ur/GctZ27nHfpt9THOdRZNgyJ9FZchYO1ceg5S8Q3DNLCKYy44nCZzgCJgcvx2UM8czmqak5BCxJMrq37lA==",
+          "version": "1.1.1",
+          "bundled": true,
           "requires": {
             "minipass": "^2.2.1"
           }
         },
         "mkdirp": {
           "version": "0.5.1",
-          "resolved": "",
-          "integrity": "sha1-MAV0OOrGz3+MR2fzhkjWaX11yQM=",
+          "bundled": true,
           "requires": {
             "minimist": "0.0.8"
           }
         },
         "ms": {
           "version": "2.0.0",
-          "resolved": "",
-          "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
+          "bundled": true
+        },
+        "nan": {
+          "version": "2.12.1",
+          "resolved": "https://registry.npmjs.org/nan/-/nan-2.12.1.tgz",
+          "integrity": "sha512-JY7V6lRkStKcKTvHO5NVSQRv+RV+FIL5pvDoLiAtSL9pKlC5x9PKQcZDsq7m4FO4d57mkhC6Z+QhAh3Jdk5JFw=="
         },
         "needle": {
-          "version": "2.2.1",
-          "resolved": "",
-          "integrity": "sha512-t/ZswCM9JTWjAdXS9VpvqhI2Ct2sL2MdY4fUXqGJaGBk13ge99ObqRksRTbBE56K+wxUXwwfZYOuZHifFW9q+Q==",
+          "version": "2.2.4",
+          "bundled": true,
           "requires": {
             "debug": "^2.1.2",
             "iconv-lite": "^0.4.4",
@@ -1966,13 +1936,12 @@
           }
         },
         "node-pre-gyp": {
-          "version": "0.10.2",
-          "resolved": "",
-          "integrity": "sha512-16lql9QTqs6KsB9fl3neWyZm02KxIKdI9FlJjrB0y7eMTP5Nyz+xalwPbOlw3iw7EejllJPmlJSnY711PLD1ug==",
+          "version": "0.12.0",
+          "bundled": true,
           "requires": {
             "detect-libc": "^1.0.2",
             "mkdirp": "^0.5.1",
-            "needle": "^2.2.0",
+            "needle": "^2.2.1",
             "nopt": "^4.0.1",
             "npm-packlist": "^1.1.6",
             "npmlog": "^4.0.2",
@@ -1984,22 +1953,19 @@
         },
         "nopt": {
           "version": "4.0.1",
-          "resolved": "",
-          "integrity": "sha1-0NRoWv1UFRk8jHUFYC0NF81kR00=",
+          "bundled": true,
           "requires": {
             "abbrev": "1",
             "osenv": "^0.1.4"
           }
         },
         "npm-bundled": {
-          "version": "1.0.3",
-          "resolved": "",
-          "integrity": "sha512-ByQ3oJ/5ETLyglU2+8dBObvhfWXX8dtPZDMePCahptliFX2iIuhyEszyFk401PZUNQH20vvdW5MLjJxkwU80Ow=="
+          "version": "1.0.5",
+          "bundled": true
         },
         "npm-packlist": {
-          "version": "1.1.10",
-          "resolved": "",
-          "integrity": "sha512-AQC0Dyhzn4EiYEfIUjCdMl0JJ61I2ER9ukf/sLxJUcZHfo+VyEfz2rMJgLZSS1v30OxPQe1cN0LZA1xbcaVfWA==",
+          "version": "1.1.12",
+          "bundled": true,
           "requires": {
             "ignore-walk": "^3.0.1",
             "npm-bundled": "^1.0.1"
@@ -2007,8 +1973,7 @@
         },
         "npmlog": {
           "version": "4.1.2",
-          "resolved": "",
-          "integrity": "sha512-2uUqazuKlTaSI/dC8AzicUck7+IrEaOnN/e0jd3Xtt1KcGpwx30v50mL7oPyr/h9bL3E4aZccVwpwP+5W9Vjkg==",
+          "bundled": true,
           "requires": {
             "are-we-there-yet": "~1.1.2",
             "console-control-strings": "~1.1.0",
@@ -2018,36 +1983,30 @@
         },
         "number-is-nan": {
           "version": "1.0.1",
-          "resolved": "",
-          "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0="
+          "bundled": true
         },
         "object-assign": {
           "version": "4.1.1",
-          "resolved": "",
-          "integrity": "sha1-IQmtx5ZYh8/AXLvUQsrIv7s2CGM="
+          "bundled": true
         },
         "once": {
           "version": "1.4.0",
-          "resolved": "",
-          "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=",
+          "bundled": true,
           "requires": {
             "wrappy": "1"
           }
         },
         "os-homedir": {
           "version": "1.0.2",
-          "resolved": "",
-          "integrity": "sha1-/7xJiDNuDoM94MFox+8VISGqf7M="
+          "bundled": true
         },
         "os-tmpdir": {
           "version": "1.0.2",
-          "resolved": "",
-          "integrity": "sha1-u+Z0BseaqFxc/sdm/lc0VV36EnQ="
+          "bundled": true
         },
         "osenv": {
           "version": "0.1.5",
-          "resolved": "",
-          "integrity": "sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g==",
+          "bundled": true,
           "requires": {
             "os-homedir": "^1.0.0",
             "os-tmpdir": "^1.0.0"
@@ -2055,18 +2014,15 @@
         },
         "path-is-absolute": {
           "version": "1.0.1",
-          "resolved": "",
-          "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18="
+          "bundled": true
         },
         "process-nextick-args": {
           "version": "2.0.0",
-          "resolved": "",
-          "integrity": "sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw=="
+          "bundled": true
         },
         "rc": {
           "version": "1.2.8",
-          "resolved": "",
-          "integrity": "sha512-y3bGgqKj3QBdxLbLkomlohkvsA8gdAiUQlSBJnBhfn+BPxg4bc62d8TcBW15wavDfgexCgccckhcZvywyQYPOw==",
+          "bundled": true,
           "requires": {
             "deep-extend": "^0.6.0",
             "ini": "~1.3.0",
@@ -2076,15 +2032,13 @@
           "dependencies": {
             "minimist": {
               "version": "1.2.0",
-              "resolved": "",
-              "integrity": "sha1-o1AIsg9BOD7sH7kU9M1d95omQoQ="
+              "bundled": true
             }
           }
         },
         "readable-stream": {
           "version": "2.3.5",
-          "resolved": "",
-          "integrity": "sha512-tK0yDhrkygt/knjowCUiWP9YdV7c5R+8cR0r/kt9ZhBU906Fs6RpQJCEilamRJj1Nx2rWI6LkW9gKqjTkshhEw==",
+          "bundled": true,
           "requires": {
             "core-util-is": "~1.0.0",
             "inherits": "~2.0.3",
@@ -2097,46 +2051,38 @@
         },
         "rimraf": {
           "version": "2.6.2",
-          "resolved": "",
-          "integrity": "sha512-lreewLK/BlghmxtfH36YYVg1i8IAce4TI7oao75I1g245+6BctqTVQiBP3YUJ9C6DQOXJmkYR9X9fCLtCOJc5w==",
+          "bundled": true,
           "requires": {
             "glob": "^7.0.5"
           }
         },
         "safe-buffer": {
           "version": "5.1.1",
-          "resolved": "",
-          "integrity": "sha512-kKvNJn6Mm93gAczWVJg7wH+wGYWNrDHdWvpUmHyEsgCtIwwo3bqPtV4tR5tuPaUhTOo/kvhVwd8XwwOllGYkbg=="
+          "bundled": true
         },
         "safer-buffer": {
           "version": "2.1.2",
-          "resolved": "",
-          "integrity": "sha512-YZo3K82SD7Riyi0E1EQPojLz7kpepnSQI9IyPbHHg1XXXevb5dJI7tpyN2ADxGcQbHG7vcyRHk0cbwqcQriUtg=="
+          "bundled": true
         },
         "sax": {
           "version": "1.2.4",
-          "resolved": "",
-          "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw=="
+          "bundled": true
         },
         "semver": {
-          "version": "5.5.0",
-          "resolved": "",
-          "integrity": "sha512-4SJ3dm0WAwWy/NVeioZh5AntkdJoWKxHxcmyP622fOkgHa4z3R0TdBJICINyaSDE6uNwVc8gZr+ZinwZAH4xIA=="
+          "version": "5.6.0",
+          "bundled": true
         },
         "set-blocking": {
           "version": "2.0.0",
-          "resolved": "",
-          "integrity": "sha1-BF+XgtARrppoA93TgrJDkrPYkPc="
+          "bundled": true
         },
         "signal-exit": {
           "version": "3.0.2",
-          "resolved": "",
-          "integrity": "sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0="
+          "bundled": true
         },
         "string-width": {
           "version": "1.0.2",
-          "resolved": "",
-          "integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=",
+          "bundled": true,
           "requires": {
             "code-point-at": "^1.0.0",
             "is-fullwidth-code-point": "^1.0.0",
@@ -2145,34 +2091,30 @@
         },
         "string_decoder": {
           "version": "1.0.3",
-          "resolved": "",
-          "integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
+          "bundled": true,
           "requires": {
             "safe-buffer": "~5.1.0"
           }
         },
         "strip-ansi": {
           "version": "3.0.1",
-          "resolved": "",
-          "integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=",
+          "bundled": true,
           "requires": {
             "ansi-regex": "^2.0.0"
           }
         },
         "strip-json-comments": {
           "version": "2.0.1",
-          "resolved": "",
-          "integrity": "sha1-PFMZQukIwml8DsNEhYwobHygpgo="
+          "bundled": true
         },
         "tar": {
-          "version": "4.4.4",
-          "resolved": "",
-          "integrity": "sha512-mq9ixIYfNF9SK0IS/h2HKMu8Q2iaCuhDDsZhdEag/FHv8fOaYld4vN7ouMgcSSt5WKZzPs8atclTcJm36OTh4w==",
+          "version": "4.4.8",
+          "bundled": true,
           "requires": {
-            "chownr": "^1.0.1",
+            "chownr": "^1.1.1",
             "fs-minipass": "^1.2.5",
-            "minipass": "^2.3.3",
-            "minizlib": "^1.1.0",
+            "minipass": "^2.3.4",
+            "minizlib": "^1.1.1",
             "mkdirp": "^0.5.0",
             "safe-buffer": "^5.1.2",
             "yallist": "^3.0.2"
@@ -2180,33 +2122,28 @@
           "dependencies": {
             "safe-buffer": {
               "version": "5.1.2",
-              "resolved": "",
-              "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
+              "bundled": true
             },
             "yallist": {
               "version": "3.0.2",
-              "resolved": "",
-              "integrity": "sha1-hFK0u36Dx8GI2AQcGoN8dz1ti7k="
+              "bundled": true
             }
           }
         },
         "util-deprecate": {
           "version": "1.0.2",
-          "resolved": "",
-          "integrity": "sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8="
+          "bundled": true
         },
         "wide-align": {
           "version": "1.1.3",
-          "resolved": "",
-          "integrity": "sha512-QGkOQc8XL6Bt5PwnsExKBPuMKBxnGxWWW3fU55Xt4feHozMUhdUMaBCk290qpm/wG5u/RSKzwdAC4i51YigihA==",
+          "bundled": true,
           "requires": {
             "string-width": "^1.0.2 || 2"
           }
         },
         "wrappy": {
           "version": "1.0.2",
-          "resolved": "",
-          "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
+          "bundled": true
         }
       }
     },
@@ -4420,7 +4357,8 @@
         },
         "ansi-regex": {
           "version": "2.1.1",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "aproba": {
           "version": "1.2.0",
@@ -4438,11 +4376,13 @@
         },
         "balanced-match": {
           "version": "1.0.0",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "brace-expansion": {
           "version": "1.1.11",
           "bundled": true,
+          "optional": true,
           "requires": {
             "balanced-match": "^1.0.0",
             "concat-map": "0.0.1"
@@ -4455,15 +4395,18 @@
         },
         "code-point-at": {
           "version": "1.1.0",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "concat-map": {
           "version": "0.0.1",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "console-control-strings": {
           "version": "1.1.0",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "core-util-is": {
           "version": "1.0.2",
@@ -4566,7 +4509,8 @@
         },
         "inherits": {
           "version": "2.0.3",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "ini": {
           "version": "1.3.5",
@@ -4576,6 +4520,7 @@
         "is-fullwidth-code-point": {
           "version": "1.0.0",
           "bundled": true,
+          "optional": true,
           "requires": {
             "number-is-nan": "^1.0.0"
           }
@@ -4588,17 +4533,20 @@
         "minimatch": {
           "version": "3.0.4",
           "bundled": true,
+          "optional": true,
           "requires": {
             "brace-expansion": "^1.1.7"
           }
         },
         "minimist": {
           "version": "0.0.8",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "minipass": {
           "version": "2.2.4",
           "bundled": true,
+          "optional": true,
           "requires": {
             "safe-buffer": "^5.1.1",
             "yallist": "^3.0.0"
@@ -4615,6 +4563,7 @@
         "mkdirp": {
           "version": "0.5.1",
           "bundled": true,
+          "optional": true,
           "requires": {
             "minimist": "0.0.8"
           }
@@ -4687,7 +4636,8 @@
         },
         "number-is-nan": {
           "version": "1.0.1",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "object-assign": {
           "version": "4.1.1",
@@ -4697,6 +4647,7 @@
         "once": {
           "version": "1.4.0",
           "bundled": true,
+          "optional": true,
           "requires": {
             "wrappy": "1"
           }
@@ -4772,7 +4723,8 @@
         },
         "safe-buffer": {
           "version": "5.1.1",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "safer-buffer": {
           "version": "2.1.2",
@@ -4802,6 +4754,7 @@
         "string-width": {
           "version": "1.0.2",
           "bundled": true,
+          "optional": true,
           "requires": {
             "code-point-at": "^1.0.0",
             "is-fullwidth-code-point": "^1.0.0",
@@ -4819,6 +4772,7 @@
         "strip-ansi": {
           "version": "3.0.1",
           "bundled": true,
+          "optional": true,
           "requires": {
             "ansi-regex": "^2.0.0"
           }
@@ -4857,11 +4811,13 @@
         },
         "wrappy": {
           "version": "1.0.2",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "yallist": {
           "version": "3.0.2",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         }
       }
     },
@@ -4976,6 +4932,7 @@
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz",
       "integrity": "sha1-gTg9ctsFT8zPUzbaqQLxgvbtuyg=",
+      "optional": true,
       "requires": {
         "is-glob": "^2.0.0"
       }
@@ -6489,6 +6446,7 @@
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-2.0.1.tgz",
       "integrity": "sha1-0Jb5JqPe1WAPP9/ZEZjLCIjC2GM=",
+      "optional": true,
       "requires": {
         "is-extglob": "^1.0.0"
       }
@@ -7145,7 +7103,8 @@
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz",
       "integrity": "sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc=",
-      "dev": true
+      "dev": true,
+      "optional": true
     },
     "loose-envify": {
       "version": "1.3.1",
diff --git a/api/package.json b/api/package.json
index 12354f496..2d51a26dd 100644
--- a/api/package.json
+++ b/api/package.json
@@ -37,7 +37,7 @@
     "@types/socket.io": "^2.1.2",
     "app-root-path": "^2.1.0",
     "archiver": "^3.0.0",
-    "bcrypt": "^3.0.0",
+    "bcrypt": "^3.0.3",
     "body-parser": "^1.18.2",
     "cookie": "^0.3.1",
     "express": "^4.16.4",

From 1d51e3a35a377fd68ccb9b0ac5c6f51456e71a56 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 24 Dec 2018 10:42:44 +0000
Subject: [PATCH 023/207] Bump validator from 10.9.0 to 10.10.0 in /api

Bumps [validator](https://github.com/chriso/validator.js) from 10.9.0 to 10.10.0.
- [Release notes](https://github.com/chriso/validator.js/releases)
- [Changelog](https://github.com/chriso/validator.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/chriso/validator.js/compare/10.9.0...10.10.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 9 +++++----
 api/package.json      | 2 +-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 7a7b07fc0..669b6abac 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -6424,7 +6424,8 @@
     "is-extglob": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-1.0.0.tgz",
-      "integrity": "sha1-rEaBd8SUNAWgkvyPKXYMb/xiBsA="
+      "integrity": "sha1-rEaBd8SUNAWgkvyPKXYMb/xiBsA=",
+      "optional": true
     },
     "is-finite": {
       "version": "1.0.2",
@@ -11941,9 +11942,9 @@
       }
     },
     "validator": {
-      "version": "10.9.0",
-      "resolved": "https://registry.npmjs.org/validator/-/validator-10.9.0.tgz",
-      "integrity": "sha512-hZJcZSWz9poXBlAkjjcsNAdrZ6JbjD3kWlNjq/+vE7RLLS/+8PAj3qVVwrwsOz/WL8jPmZ1hYkRvtlUeZAm4ug=="
+      "version": "10.10.0",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-10.10.0.tgz",
+      "integrity": "sha512-DyZyLJlMXM3CGdVaVHE/EDzCagMRoPI3mmGdxxNQbqkGqh56+M3d1i0ZAWd69En8U21DHbPTn12aOdhO+hfm5w=="
     },
     "value-or-function": {
       "version": "3.0.0",
diff --git a/api/package.json b/api/package.json
index 2d51a26dd..85c72adbb 100644
--- a/api/package.json
+++ b/api/package.json
@@ -69,7 +69,7 @@
     "socket.io": "^2.2.0",
     "stream-buffers": "^3.0.1",
     "to-utf-8": "^1.3.0",
-    "validator": "^10.9.0"
+    "validator": "^10.10.0"
   },
   "devDependencies": {
     "@types/bcrypt": "^3.0.0",

From 0c2140a52c4ab3fcbc6021ea04f27c0eaac11b7e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 25 Dec 2018 05:47:02 +0000
Subject: [PATCH 024/207] Bump @types/passport from 0.4.7 to 1.0.0 in /api

Bumps [@types/passport](https://github.com/DefinitelyTyped/DefinitelyTyped) from 0.4.7 to 1.0.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 669b6abac..39d772a39 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -263,9 +263,9 @@
       }
     },
     "@types/passport": {
-      "version": "0.4.7",
-      "resolved": "https://registry.npmjs.org/@types/passport/-/passport-0.4.7.tgz",
-      "integrity": "sha512-EePlxNYx5tf3n0yjdPXX0/zDOv0UCwjMyQo4UkWGlhHteNDItAj7TfDdLttSThVMKQz3uCW7lsGzMuml0f8g9Q==",
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/@types/passport/-/passport-1.0.0.tgz",
+      "integrity": "sha512-R2FXqM+AgsMIym0PuKj08Ybx+GR6d2rU3b1/8OcHolJ+4ga2pRPX105wboV6hq1AJvMo2frQzYKdqXS5+4cyMw==",
       "dev": true,
       "requires": {
         "@types/express": "*"
diff --git a/api/package.json b/api/package.json
index 85c72adbb..de1b6bc4e 100644
--- a/api/package.json
+++ b/api/package.json
@@ -84,7 +84,7 @@
     "@types/mongoose": "~5.3.5",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.5",
-    "@types/passport": "^0.4.7",
+    "@types/passport": "^1.0.0",
     "@types/passport-jwt": "^3.0.1",
     "@types/passport-local": "^1.0.33",
     "@types/raven": "^2.5.1",

From 4dbdc450ab9b8cb2da5316ad7e24c6e56aaa8010 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 27 Dec 2018 05:21:29 +0000
Subject: [PATCH 025/207] Bump mongoose from 5.4.0 to 5.4.1 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.0 to 5.4.1.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.0...5.4.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 12 ++++++------
 api/package.json      |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 39d772a39..96159e5f7 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7604,9 +7604,9 @@
       }
     },
     "memory-pager": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.3.1.tgz",
-      "integrity": "sha512-pUf/sGkym2WqFZYTVmdASnSbNfpGc9rwxEHOePx4lT/fD+NHGL1U16Uy4o6PMiVcDv4mp6MI/vaF0c/Kd1QEUQ==",
+      "version": "1.4.0",
+      "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.4.0.tgz",
+      "integrity": "sha512-ycuyV5gKpZln7HB/A11wCpAxEY9VQ2EhYU1F56pUAxvmj6OyOHtB9tkLLjAyFsPdghSP2S3Ujk3aYJCusgiMZg==",
       "optional": true
     },
     "meow": {
@@ -7914,9 +7914,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.0",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.0.tgz",
-      "integrity": "sha512-pFKa6askJ6xwZT6mWuYBwa2R9ryd1+JrXUhKuAUxEGrUMTi8ADcJC/RgBg4fZ1lL6VPVVChsc9wpVn4X6gcWlg==",
+      "version": "5.4.1",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.1.tgz",
+      "integrity": "sha512-9lST8rek83apkG+gv4exI56kJ8/aJ7nZP+zAL1ezOhgfDqQM/S4U1DcsF1hL0cOTSmcip8BdT1xby9ItCFmbvA==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index de1b6bc4e..36919ca49 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.23.0",
-    "mongoose": "~5.4.0",
+    "mongoose": "~5.4.1",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From def6621029150078e4ab3385139a7d8a09355713 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 4 Jan 2019 06:16:25 +0000
Subject: [PATCH 026/207] Bump @types/mongoose from 5.3.5 to 5.3.7 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped) from 5.3.5 to 5.3.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 12 ++++++------
 api/package.json      |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 96159e5f7..65ea3bf57 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -211,9 +211,9 @@
       "dev": true
     },
     "@types/mongodb": {
-      "version": "3.1.17",
-      "resolved": "https://registry.npmjs.org/@types/mongodb/-/mongodb-3.1.17.tgz",
-      "integrity": "sha512-u6tSIpfdsgK74aE0TuyqZYhHscw+gHs6dQNSsFUTFXubhhxCqovmV3nJRS0YKSw0sfqbzUgGzbG5+yorUPRnFg==",
+      "version": "3.1.18",
+      "resolved": "https://registry.npmjs.org/@types/mongodb/-/mongodb-3.1.18.tgz",
+      "integrity": "sha512-8m8yvrDagesNNJdOIMk+g0b5z/sW48FwNp4GS1tRcHMKfQ/o40WsFXOXSfYY7y4xkutPFGQKGb4/GpzGFhpnqw==",
       "dev": true,
       "requires": {
         "@types/bson": "*",
@@ -221,9 +221,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.5",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.5.tgz",
-      "integrity": "sha512-SLnO5co2keWe1PLuf9mVm3WSZGUH+JNSOjw/szJEWUelTKwRt/+FaTvfgc9j+XIlHs8zZSfRbvFIh/PC+3KJhA==",
+      "version": "5.3.7",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.7.tgz",
+      "integrity": "sha512-VawmiFqxLcyRr04fF8imWrre/soDD0I4LZBYbIPx6MTy9V3shT6dUpt1u8Ia2tUmGbBsYIfwitbcih5NegLARw==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 36919ca49..9907b2cc0 100644
--- a/api/package.json
+++ b/api/package.json
@@ -81,7 +81,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.5",
-    "@types/mongoose": "~5.3.5",
+    "@types/mongoose": "~5.3.7",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.5",
     "@types/passport": "^1.0.0",

From 8ad37cfd572d9f208a36237015f79a1f024fe1d6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 4 Jan 2019 15:28:04 +0000
Subject: [PATCH 027/207] Bump mongoose from 5.4.1 to 5.4.2 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.1 to 5.4.2.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.1...5.4.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 7 +++----
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 65ea3bf57..add1b52ed 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7914,14 +7914,13 @@
       }
     },
     "mongoose": {
-      "version": "5.4.1",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.1.tgz",
-      "integrity": "sha512-9lST8rek83apkG+gv4exI56kJ8/aJ7nZP+zAL1ezOhgfDqQM/S4U1DcsF1hL0cOTSmcip8BdT1xby9ItCFmbvA==",
+      "version": "5.4.2",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.2.tgz",
+      "integrity": "sha512-bZFYe9oikiLZ2npfSbIGNYpJ0MJVQaSQhU09VFxvu6r7nVGixbt031ewZldKbWwHsG/JPJLX2HhUa8are84ryQ==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
         "kareem": "2.3.0",
-        "lodash.get": "4.4.2",
         "mongodb": "3.1.10",
         "mongodb-core": "3.1.9",
         "mongoose-legacy-pluralize": "1.0.2",
diff --git a/api/package.json b/api/package.json
index 9907b2cc0..167697677 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.23.0",
-    "mongoose": "~5.4.1",
+    "mongoose": "~5.4.2",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 08533c35afb9414cc5c691847b15428ef30533a7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 4 Jan 2019 16:42:19 +0000
Subject: [PATCH 028/207] Bump rimraf from 2.6.2 to 2.6.3 in /api

Bumps [rimraf](https://github.com/isaacs/rimraf) from 2.6.2 to 2.6.3.
- [Release notes](https://github.com/isaacs/rimraf/releases)
- [Commits](https://github.com/isaacs/rimraf/compare/v2.6.2...v2.6.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 24 ++++++++++++++++++++----
 api/package.json      |  2 +-
 2 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index add1b52ed..e0a573c54 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -10165,12 +10165,28 @@
       }
     },
     "rimraf": {
-      "version": "2.6.2",
-      "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.2.tgz",
-      "integrity": "sha512-lreewLK/BlghmxtfH36YYVg1i8IAce4TI7oao75I1g245+6BctqTVQiBP3YUJ9C6DQOXJmkYR9X9fCLtCOJc5w==",
+      "version": "2.6.3",
+      "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz",
+      "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==",
       "dev": true,
       "requires": {
-        "glob": "^7.0.5"
+        "glob": "^7.1.3"
+      },
+      "dependencies": {
+        "glob": {
+          "version": "7.1.3",
+          "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz",
+          "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==",
+          "dev": true,
+          "requires": {
+            "fs.realpath": "^1.0.0",
+            "inflight": "^1.0.4",
+            "inherits": "2",
+            "minimatch": "^3.0.4",
+            "once": "^1.3.0",
+            "path-is-absolute": "^1.0.0"
+          }
+        }
       }
     },
     "routing-controllers": {
diff --git a/api/package.json b/api/package.json
index 167697677..9f5e4d386 100644
--- a/api/package.json
+++ b/api/package.json
@@ -106,7 +106,7 @@
     "mocha-lcov-reporter": "^1.3.0",
     "node-sass": "^4.11.0",
     "remap-istanbul": "0.12.0",
-    "rimraf": "2.6.2",
+    "rimraf": "2.6.3",
     "run-sequence": "2.2.1",
     "temp": "^0.9.0",
     "tslint": "5.12.0",

From 8198e05948599ab9ec675e9e3aa77aaa64bc8625 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 4 Jan 2019 22:51:59 +0000
Subject: [PATCH 029/207] Bump nodemailer from 4.7.0 to 5.0.0 in /api

Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 4.7.0 to 5.0.0.
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodemailer/nodemailer/compare/v4.7.0...v5.0.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index e0a573c54..eb85ffacd 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -8342,9 +8342,9 @@
       }
     },
     "nodemailer": {
-      "version": "4.7.0",
-      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-4.7.0.tgz",
-      "integrity": "sha512-IludxDypFpYw4xpzKdMAozBSkzKHmNBvGanUREjJItgJ2NYcK/s8+PggVhj7c2yGFQykKsnnmv1+Aqo0ZfjHmw=="
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-5.0.0.tgz",
+      "integrity": "sha512-XI4PI5L7GYcJyHkPcHlvPyRrYohNYBNRNbt1tU8PXNU3E1ADJC84a13V0vbL9AM431OP+ETacaGXAF8fGn1JvA=="
     },
     "nodemailer-markdown": {
       "version": "1.0.2",
diff --git a/api/package.json b/api/package.json
index 9f5e4d386..f09e0291c 100644
--- a/api/package.json
+++ b/api/package.json
@@ -57,7 +57,7 @@
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",
-    "nodemailer": "^4.7.0",
+    "nodemailer": "^5.0.0",
     "nodemailer-markdown": "^1.0.2",
     "passport": "^0.4.0",
     "passport-jwt": "^4.0.0",

From 4f5f330dd8c2caae09edddbbf337eb932bfda2d8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Sat, 5 Jan 2019 10:06:09 +0000
Subject: [PATCH 030/207] Bump chai-http from 4.2.0 to 4.2.1 in /api

Bumps [chai-http](https://github.com/chaijs/chai-http) from 4.2.0 to 4.2.1.
- [Release notes](https://github.com/chaijs/chai-http/releases)
- [Changelog](https://github.com/chaijs/chai-http/blob/master/History.md)
- [Commits](https://github.com/chaijs/chai-http/compare/4.2.0...4.2.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 18 +++---------------
 api/package.json      |  2 +-
 2 files changed, 4 insertions(+), 16 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index eb85ffacd..78a4e253c 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -2525,9 +2525,9 @@
       }
     },
     "chai-http": {
-      "version": "4.2.0",
-      "resolved": "https://registry.npmjs.org/chai-http/-/chai-http-4.2.0.tgz",
-      "integrity": "sha512-5j9LC1pl9jaPanux+wDm9D/V6R2xLfpixsRQhoJHxCR0E5KaiT0aL4544pVtYXN/wTUVSDTmwye5mCXkO/8b3w==",
+      "version": "4.2.1",
+      "resolved": "https://registry.npmjs.org/chai-http/-/chai-http-4.2.1.tgz",
+      "integrity": "sha512-S2Ezy5uSVuOYleeXppfUKtTU/xbHCZyKkwjheNJ/76SGFTUPDpDkkpVdPNgC3sAO1Ap5J5LJ+/rXdLG8EGhCDA==",
       "dev": true,
       "requires": {
         "@types/chai": "4",
@@ -2537,18 +2537,6 @@
         "methods": "^1.1.2",
         "qs": "^6.5.1",
         "superagent": "^3.7.0"
-      },
-      "dependencies": {
-        "@types/superagent": {
-          "version": "3.8.4",
-          "resolved": "https://registry.npmjs.org/@types/superagent/-/superagent-3.8.4.tgz",
-          "integrity": "sha512-Dnh0Iw6NO55z1beXvlsvUrfk4cd9eL2nuTmUk+rAhSVCk10PGGFbqCCTwbau9D0d2W3DITiXl4z8VCqppGkMPQ==",
-          "dev": true,
-          "requires": {
-            "@types/cookiejar": "*",
-            "@types/node": "*"
-          }
-        }
       }
     },
     "chalk": {
diff --git a/api/package.json b/api/package.json
index f09e0291c..d76948dac 100644
--- a/api/package.json
+++ b/api/package.json
@@ -90,7 +90,7 @@
     "@types/raven": "^2.5.1",
     "@types/validator": "^10.9.0",
     "chai": "4.2.0",
-    "chai-http": "^4.2.0",
+    "chai-http": "^4.2.1",
     "coveralls": "^3.0.2",
     "gulp": "^4.0.0",
     "gulp-apidoc": "^0.2.7",

From 5189f98f8902641c414164c1c3b6454115faacaa Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Sat, 5 Jan 2019 15:28:08 +0100
Subject: [PATCH 031/207] Remove @types/chai-http

---
 api/package-lock.json | 61 +++++++++----------------------------------
 api/package.json      |  1 -
 2 files changed, 13 insertions(+), 49 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 78a4e253c..84f483736 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -58,17 +58,6 @@
       "integrity": "sha512-2Y8uPt0/jwjhQ6EiluT0XCri1Dbplr0ZxfFXUz+ye13gaqE8u5gL5ppao1JrUYr9cIip5S6MvQzBS7Kke7U9VA==",
       "dev": true
     },
-    "@types/chai-http": {
-      "version": "3.0.5",
-      "resolved": "https://registry.npmjs.org/@types/chai-http/-/chai-http-3.0.5.tgz",
-      "integrity": "sha512-nJ/oIvYley9+1Fec8xzDHsWrWSu5VTuhuF8iLabnRTQwRfSbAke6VuI7qBXvBN9Qqo/+gwsSaGyYndofTpiJ9A==",
-      "dev": true,
-      "requires": {
-        "@types/chai": "*",
-        "@types/node": "*",
-        "@types/superagent": "*"
-      }
-    },
     "@types/connect": {
       "version": "3.4.32",
       "resolved": "https://registry.npmjs.org/@types/connect/-/connect-3.4.32.tgz",
@@ -413,7 +402,6 @@
       "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz",
       "integrity": "sha1-DNkKVhCT810KmSVsIrcGlDP60Rc=",
       "dev": true,
-      "optional": true,
       "requires": {
         "kind-of": "^3.0.2",
         "longest": "^1.0.1",
@@ -4345,8 +4333,7 @@
         },
         "ansi-regex": {
           "version": "2.1.1",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "aproba": {
           "version": "1.2.0",
@@ -4364,13 +4351,11 @@
         },
         "balanced-match": {
           "version": "1.0.0",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "brace-expansion": {
           "version": "1.1.11",
           "bundled": true,
-          "optional": true,
           "requires": {
             "balanced-match": "^1.0.0",
             "concat-map": "0.0.1"
@@ -4383,18 +4368,15 @@
         },
         "code-point-at": {
           "version": "1.1.0",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "concat-map": {
           "version": "0.0.1",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "console-control-strings": {
           "version": "1.1.0",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "core-util-is": {
           "version": "1.0.2",
@@ -4497,8 +4479,7 @@
         },
         "inherits": {
           "version": "2.0.3",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "ini": {
           "version": "1.3.5",
@@ -4508,7 +4489,6 @@
         "is-fullwidth-code-point": {
           "version": "1.0.0",
           "bundled": true,
-          "optional": true,
           "requires": {
             "number-is-nan": "^1.0.0"
           }
@@ -4521,20 +4501,17 @@
         "minimatch": {
           "version": "3.0.4",
           "bundled": true,
-          "optional": true,
           "requires": {
             "brace-expansion": "^1.1.7"
           }
         },
         "minimist": {
           "version": "0.0.8",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "minipass": {
           "version": "2.2.4",
           "bundled": true,
-          "optional": true,
           "requires": {
             "safe-buffer": "^5.1.1",
             "yallist": "^3.0.0"
@@ -4551,7 +4528,6 @@
         "mkdirp": {
           "version": "0.5.1",
           "bundled": true,
-          "optional": true,
           "requires": {
             "minimist": "0.0.8"
           }
@@ -4624,8 +4600,7 @@
         },
         "number-is-nan": {
           "version": "1.0.1",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "object-assign": {
           "version": "4.1.1",
@@ -4635,7 +4610,6 @@
         "once": {
           "version": "1.4.0",
           "bundled": true,
-          "optional": true,
           "requires": {
             "wrappy": "1"
           }
@@ -4711,8 +4685,7 @@
         },
         "safe-buffer": {
           "version": "5.1.1",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "safer-buffer": {
           "version": "2.1.2",
@@ -4742,7 +4715,6 @@
         "string-width": {
           "version": "1.0.2",
           "bundled": true,
-          "optional": true,
           "requires": {
             "code-point-at": "^1.0.0",
             "is-fullwidth-code-point": "^1.0.0",
@@ -4760,7 +4732,6 @@
         "strip-ansi": {
           "version": "3.0.1",
           "bundled": true,
-          "optional": true,
           "requires": {
             "ansi-regex": "^2.0.0"
           }
@@ -4799,13 +4770,11 @@
         },
         "wrappy": {
           "version": "1.0.2",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         },
         "yallist": {
           "version": "3.0.2",
-          "bundled": true,
-          "optional": true
+          "bundled": true
         }
       }
     },
@@ -4920,7 +4889,6 @@
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz",
       "integrity": "sha1-gTg9ctsFT8zPUzbaqQLxgvbtuyg=",
-      "optional": true,
       "requires": {
         "is-glob": "^2.0.0"
       }
@@ -6412,8 +6380,7 @@
     "is-extglob": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-1.0.0.tgz",
-      "integrity": "sha1-rEaBd8SUNAWgkvyPKXYMb/xiBsA=",
-      "optional": true
+      "integrity": "sha1-rEaBd8SUNAWgkvyPKXYMb/xiBsA="
     },
     "is-finite": {
       "version": "1.0.2",
@@ -6435,7 +6402,6 @@
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-2.0.1.tgz",
       "integrity": "sha1-0Jb5JqPe1WAPP9/ZEZjLCIjC2GM=",
-      "optional": true,
       "requires": {
         "is-extglob": "^1.0.0"
       }
@@ -7092,8 +7058,7 @@
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz",
       "integrity": "sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc=",
-      "dev": true,
-      "optional": true
+      "dev": true
     },
     "loose-envify": {
       "version": "1.3.1",
diff --git a/api/package.json b/api/package.json
index d76948dac..f29e09e84 100644
--- a/api/package.json
+++ b/api/package.json
@@ -75,7 +75,6 @@
     "@types/bcrypt": "^3.0.0",
     "@types/body-parser": "^1.17.0",
     "@types/chai": "4.1.7",
-    "@types/chai-http": "3.0.5",
     "@types/cookie": "^0.3.2",
     "@types/express": "^4.16.0",
     "@types/jsonwebtoken": "^8.3.0",

From 84204be715933fff28357b73138a7abc73038a22 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Sat, 5 Jan 2019 14:45:13 +0000
Subject: [PATCH 032/207] Bump typedoc from 0.13.0 to 0.14.0 in /api

Bumps [typedoc](https://github.com/TypeStrong/TypeDoc) from 0.13.0 to 0.14.0.
- [Release notes](https://github.com/TypeStrong/TypeDoc/releases)
- [Commits](https://github.com/TypeStrong/TypeDoc/compare/v0.13.0...v0.14.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 105 +++++++++++++++++++++++++-----------------
 api/package.json      |   2 +-
 2 files changed, 65 insertions(+), 42 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 84f483736..4393039ff 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -134,9 +134,9 @@
       }
     },
     "@types/handlebars": {
-      "version": "4.0.39",
-      "resolved": "https://registry.npmjs.org/@types/handlebars/-/handlebars-4.0.39.tgz",
-      "integrity": "sha512-vjaS7Q0dVqFp85QhyPSZqDKnTTCemcSHNHFvDdalO1s0Ifz5KuE64jQD5xoUkfdWwF4WpqdJEl7LsWH8rzhKJA==",
+      "version": "4.0.40",
+      "resolved": "https://registry.npmjs.org/@types/handlebars/-/handlebars-4.0.40.tgz",
+      "integrity": "sha512-sGWNtsjNrLOdKha2RV1UeF8+UbQnPSG7qbe5wwbni0mw4h2gHXyPFUMOC+xwGirIiiydM/HSqjDO4rk6NFB18w==",
       "dev": true
     },
     "@types/highlight.js": {
@@ -161,9 +161,9 @@
       "dev": true
     },
     "@types/lodash": {
-      "version": "4.14.117",
-      "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.117.tgz",
-      "integrity": "sha512-xyf2m6tRbz8qQKcxYZa7PA4SllYcay+eh25DN3jmNYY6gSTL7Htc/bttVdkqj2wfJGbeWlQiX8pIyJpKU+tubw==",
+      "version": "4.14.119",
+      "resolved": "https://registry.npmjs.org/@types/lodash/-/lodash-4.14.119.tgz",
+      "integrity": "sha512-Z3TNyBL8Vd/M9D9Ms2S3LmFq2sSMzahodD6rCS9V2N44HUMINb75jNkSuwAx7eo2ufqTdfOdtGQpNbieUjPQmw==",
       "dev": true
     },
     "@types/markdown-it": {
@@ -327,9 +327,9 @@
       }
     },
     "@types/shelljs": {
-      "version": "0.8.0",
-      "resolved": "https://registry.npmjs.org/@types/shelljs/-/shelljs-0.8.0.tgz",
-      "integrity": "sha512-vs1hCC8RxLHRu2bwumNyYRNrU3o8BtZhLysH5A4I98iYmA2APl6R3uNQb5ihl+WiwH0xdC9LLO+vRrXLs/Kyxg==",
+      "version": "0.8.1",
+      "resolved": "https://registry.npmjs.org/@types/shelljs/-/shelljs-0.8.1.tgz",
+      "integrity": "sha512-1lQw+48BuVgp6c1+z8EMipp18IdnV2dLh6KQGwOm+kJy9nPjEkaqRKmwbDNEYf//EKBvKcwOC6V2cDrNxVoQeQ==",
       "dev": true,
       "requires": {
         "@types/glob": "*",
@@ -402,6 +402,7 @@
       "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz",
       "integrity": "sha1-DNkKVhCT810KmSVsIrcGlDP60Rc=",
       "dev": true,
+      "optional": true,
       "requires": {
         "kind-of": "^3.0.2",
         "longest": "^1.0.1",
@@ -4278,9 +4279,9 @@
       "integrity": "sha512-2QY5eeqVv4m2PfyMiEuy9adxNP+ajf+8AR05cEi+OAzPcOj90hvFImeZhTmKLBgSd9EvG33jsD7ZRxsx9dThkQ=="
     },
     "fs-extra": {
-      "version": "7.0.0",
-      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-7.0.0.tgz",
-      "integrity": "sha512-EglNDLRpmaTWiD/qraZn6HREAEAHJcJOmxNEYwq6xeMKnVMAy3GUcFB+wXt2C6k4CNvB/mP1y/U3dzvKKj5OtQ==",
+      "version": "7.0.1",
+      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-7.0.1.tgz",
+      "integrity": "sha512-YJDaCJZEnBmcbw13fvdAM9AwNOJwOzrE4pqMqBq5nFiEqXUqHwlK4B+3pUw6JNvfSPtX05xFHtYy/1ni01eGCw==",
       "dev": true,
       "requires": {
         "graceful-fs": "^4.1.2",
@@ -4333,7 +4334,8 @@
         },
         "ansi-regex": {
           "version": "2.1.1",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "aproba": {
           "version": "1.2.0",
@@ -4351,11 +4353,13 @@
         },
         "balanced-match": {
           "version": "1.0.0",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "brace-expansion": {
           "version": "1.1.11",
           "bundled": true,
+          "optional": true,
           "requires": {
             "balanced-match": "^1.0.0",
             "concat-map": "0.0.1"
@@ -4368,15 +4372,18 @@
         },
         "code-point-at": {
           "version": "1.1.0",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "concat-map": {
           "version": "0.0.1",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "console-control-strings": {
           "version": "1.1.0",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "core-util-is": {
           "version": "1.0.2",
@@ -4479,7 +4486,8 @@
         },
         "inherits": {
           "version": "2.0.3",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "ini": {
           "version": "1.3.5",
@@ -4489,6 +4497,7 @@
         "is-fullwidth-code-point": {
           "version": "1.0.0",
           "bundled": true,
+          "optional": true,
           "requires": {
             "number-is-nan": "^1.0.0"
           }
@@ -4501,17 +4510,20 @@
         "minimatch": {
           "version": "3.0.4",
           "bundled": true,
+          "optional": true,
           "requires": {
             "brace-expansion": "^1.1.7"
           }
         },
         "minimist": {
           "version": "0.0.8",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "minipass": {
           "version": "2.2.4",
           "bundled": true,
+          "optional": true,
           "requires": {
             "safe-buffer": "^5.1.1",
             "yallist": "^3.0.0"
@@ -4528,6 +4540,7 @@
         "mkdirp": {
           "version": "0.5.1",
           "bundled": true,
+          "optional": true,
           "requires": {
             "minimist": "0.0.8"
           }
@@ -4600,7 +4613,8 @@
         },
         "number-is-nan": {
           "version": "1.0.1",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "object-assign": {
           "version": "4.1.1",
@@ -4610,6 +4624,7 @@
         "once": {
           "version": "1.4.0",
           "bundled": true,
+          "optional": true,
           "requires": {
             "wrappy": "1"
           }
@@ -4685,7 +4700,8 @@
         },
         "safe-buffer": {
           "version": "5.1.1",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "safer-buffer": {
           "version": "2.1.2",
@@ -4715,6 +4731,7 @@
         "string-width": {
           "version": "1.0.2",
           "bundled": true,
+          "optional": true,
           "requires": {
             "code-point-at": "^1.0.0",
             "is-fullwidth-code-point": "^1.0.0",
@@ -4732,6 +4749,7 @@
         "strip-ansi": {
           "version": "3.0.1",
           "bundled": true,
+          "optional": true,
           "requires": {
             "ansi-regex": "^2.0.0"
           }
@@ -4770,11 +4788,13 @@
         },
         "wrappy": {
           "version": "1.0.2",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         },
         "yallist": {
           "version": "3.0.2",
-          "bundled": true
+          "bundled": true,
+          "optional": true
         }
       }
     },
@@ -4889,6 +4909,7 @@
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz",
       "integrity": "sha1-gTg9ctsFT8zPUzbaqQLxgvbtuyg=",
+      "optional": true,
       "requires": {
         "is-glob": "^2.0.0"
       }
@@ -6402,6 +6423,7 @@
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-2.0.1.tgz",
       "integrity": "sha1-0Jb5JqPe1WAPP9/ZEZjLCIjC2GM=",
+      "optional": true,
       "requires": {
         "is-extglob": "^1.0.0"
       }
@@ -7058,7 +7080,8 @@
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz",
       "integrity": "sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc=",
-      "dev": true
+      "dev": true,
+      "optional": true
     },
     "loose-envify": {
       "version": "1.3.1",
@@ -9487,9 +9510,9 @@
       "integrity": "sha512-MtEC1TqN0EU5nephaJ4rAtThHtC86dNN9qCuEhtshvpVBkAW5ZO7BASN9REnF9eoXGcRub+pFuKEpOHE+HbEMw=="
     },
     "progress": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.1.tgz",
-      "integrity": "sha512-OE+a6vzqazc+K6LxJrX5UPyKFvGnL5CYmq2jFGNIBWHpc4QyE49/YOumcrpQFJpfejmvRtbJzgO1zPmMCqlbBg==",
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/progress/-/progress-2.0.3.tgz",
+      "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==",
       "dev": true
     },
     "proxy-addr": {
@@ -10469,9 +10492,9 @@
       "dev": true
     },
     "shelljs": {
-      "version": "0.8.2",
-      "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.8.2.tgz",
-      "integrity": "sha512-pRXeNrCA2Wd9itwhvLp5LZQvPJ0wU6bcjaTMywHHGX5XWhVN2nzSu7WV0q+oUY7mGK3mgSkDDzP3MgjqdyIgbQ==",
+      "version": "0.8.3",
+      "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.8.3.tgz",
+      "integrity": "sha512-fc0BKlAWiLpwZljmOvAOTE/gXawtCoNrP5oaY7KIaQbbyHeQVg01pSEuEGvGh3HEdBU4baCD7wQBwADmM/7f7A==",
       "dev": true,
       "requires": {
         "glob": "^7.0.0",
@@ -11479,9 +11502,9 @@
       "integrity": "sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c="
     },
     "typedoc": {
-      "version": "0.13.0",
-      "resolved": "https://registry.npmjs.org/typedoc/-/typedoc-0.13.0.tgz",
-      "integrity": "sha512-jQWtvPcV+0fiLZAXFEe70v5gqjDO6pJYJz4mlTtmGJeW2KRoIU/BEfktma6Uj8Xii7UakuZjbxFewl3UYOkU/w==",
+      "version": "0.14.0",
+      "resolved": "https://registry.npmjs.org/typedoc/-/typedoc-0.14.0.tgz",
+      "integrity": "sha512-9DOYWO6O02YGZfbNOrELtmpQF4Eba/6AfNQNt46iRuIokoEq1Axdz9Ae/XjgdoXsM2ShGlDZsAO36BwRVz/Nmw==",
       "dev": true,
       "requires": {
         "@types/fs-extra": "^5.0.3",
@@ -11493,27 +11516,27 @@
         "@types/shelljs": "^0.8.0",
         "fs-extra": "^7.0.0",
         "handlebars": "^4.0.6",
-        "highlight.js": "^9.0.0",
+        "highlight.js": "9.12.0",
         "lodash": "^4.17.10",
         "marked": "^0.4.0",
         "minimatch": "^3.0.0",
         "progress": "^2.0.0",
         "shelljs": "^0.8.2",
         "typedoc-default-themes": "^0.5.0",
-        "typescript": "3.1.x"
+        "typescript": "3.2.x"
       },
       "dependencies": {
+        "highlight.js": {
+          "version": "9.12.0",
+          "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.12.0.tgz",
+          "integrity": "sha1-5tnb5Xy+/mB1HwKvM2GVhwyQwB4=",
+          "dev": true
+        },
         "marked": {
           "version": "0.4.0",
           "resolved": "https://registry.npmjs.org/marked/-/marked-0.4.0.tgz",
           "integrity": "sha512-tMsdNBgOsrUophCAFQl0XPe6Zqk/uy9gnue+jIIKhykO51hxyu6uNx7zBPy0+y/WKYVZZMspV9YeXLNdKk+iYw==",
           "dev": true
-        },
-        "typescript": {
-          "version": "3.1.5",
-          "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.1.5.tgz",
-          "integrity": "sha512-muYNWV9j5+3mXoKD6oPONKuGUmYiFX14gfo9lWm9ZXRHOqVDQiB4q1CzFPbF4QLV2E9TZXH6oK55oQ94rn3PpA==",
-          "dev": true
         }
       }
     },
diff --git a/api/package.json b/api/package.json
index f29e09e84..6c924a5aa 100644
--- a/api/package.json
+++ b/api/package.json
@@ -109,7 +109,7 @@
     "run-sequence": "2.2.1",
     "temp": "^0.9.0",
     "tslint": "5.12.0",
-    "typedoc": "^0.13.0",
+    "typedoc": "^0.14.0",
     "typescript": "^3.2.2"
   },
   "engines": {

From 4a618dbb5962f290dfe53e67420bb9803804efb4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 9 Jan 2019 06:43:31 +0000
Subject: [PATCH 033/207] Bump remap-istanbul from 0.12.0 to 0.13.0 in /api

Bumps [remap-istanbul](https://github.com/SitePen/remap-istanbul) from 0.12.0 to 0.13.0.
- [Release notes](https://github.com/SitePen/remap-istanbul/releases)
- [Commits](https://github.com/SitePen/remap-istanbul/compare/0.12.0...0.13.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 104 ++++++------------------------------------
 api/package.json      |   2 +-
 2 files changed, 15 insertions(+), 91 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 4393039ff..d48d07195 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -6401,7 +6401,8 @@
     "is-extglob": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-1.0.0.tgz",
-      "integrity": "sha1-rEaBd8SUNAWgkvyPKXYMb/xiBsA="
+      "integrity": "sha1-rEaBd8SUNAWgkvyPKXYMb/xiBsA=",
+      "optional": true
     },
     "is-finite": {
       "version": "1.0.2",
@@ -9846,109 +9847,32 @@
       }
     },
     "remap-istanbul": {
-      "version": "0.12.0",
-      "resolved": "https://registry.npmjs.org/remap-istanbul/-/remap-istanbul-0.12.0.tgz",
-      "integrity": "sha512-lpA+zkWfT7v81k76asd+w82+dnbBTmBEsyuBVQ28armnOqsZZO23uI4ZCBGd8TtIb9Tq4CauswB+A44cbkuiMA==",
+      "version": "0.13.0",
+      "resolved": "https://registry.npmjs.org/remap-istanbul/-/remap-istanbul-0.13.0.tgz",
+      "integrity": "sha512-rS5ZpVAx3fGtKZkiBe1esXg5mKYbgW9iz8kkADFt3p6lo3NsBBUX1q6SwdhwUtYCGnr7nK6gRlbYK3i8R0jbRA==",
       "dev": true,
       "requires": {
-        "amdefine": "^1.0.0",
         "istanbul": "0.4.5",
-        "minimatch": "^3.0.3",
-        "plugin-error": "^0.1.2",
-        "source-map": "^0.6.1",
-        "through2": "2.0.1"
+        "minimatch": "^3.0.4",
+        "plugin-error": "^1.0.1",
+        "source-map": "0.6.1",
+        "through2": "3.0.0"
       },
       "dependencies": {
-        "arr-diff": {
-          "version": "1.1.0",
-          "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-1.1.0.tgz",
-          "integrity": "sha1-aHwydYFjWI/vfeezb6vklesaOZo=",
-          "dev": true,
-          "requires": {
-            "arr-flatten": "^1.0.1",
-            "array-slice": "^0.2.3"
-          }
-        },
-        "arr-union": {
-          "version": "2.1.0",
-          "resolved": "https://registry.npmjs.org/arr-union/-/arr-union-2.1.0.tgz",
-          "integrity": "sha1-IPnqtexw9cfSFbEHexw5Fh0pLH0=",
-          "dev": true
-        },
-        "array-slice": {
-          "version": "0.2.3",
-          "resolved": "https://registry.npmjs.org/array-slice/-/array-slice-0.2.3.tgz",
-          "integrity": "sha1-3Tz7gO15c6dRF82sabC5nshhhvU=",
-          "dev": true
-        },
-        "extend-shallow": {
-          "version": "1.1.4",
-          "resolved": "https://registry.npmjs.org/extend-shallow/-/extend-shallow-1.1.4.tgz",
-          "integrity": "sha1-Gda/lN/AnXa6cR85uHLSH/TdkHE=",
-          "dev": true,
-          "requires": {
-            "kind-of": "^1.1.0"
-          }
-        },
-        "kind-of": {
-          "version": "1.1.0",
-          "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-1.1.0.tgz",
-          "integrity": "sha1-FAo9LUGjbS78+pN3tiwk+ElaXEQ=",
-          "dev": true
-        },
-        "plugin-error": {
-          "version": "0.1.2",
-          "resolved": "https://registry.npmjs.org/plugin-error/-/plugin-error-0.1.2.tgz",
-          "integrity": "sha1-O5uzM1zPAPQl4HQ34ZJ2ln2kes4=",
-          "dev": true,
-          "requires": {
-            "ansi-cyan": "^0.1.1",
-            "ansi-red": "^0.1.1",
-            "arr-diff": "^1.0.1",
-            "arr-union": "^2.0.1",
-            "extend-shallow": "^1.1.2"
-          }
-        },
-        "process-nextick-args": {
-          "version": "1.0.7",
-          "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-1.0.7.tgz",
-          "integrity": "sha1-FQ4gt1ZZCtP5EJPyWk8q2L/zC6M=",
-          "dev": true
-        },
-        "readable-stream": {
-          "version": "2.0.6",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.0.6.tgz",
-          "integrity": "sha1-j5A0HmilPMySh4jaz80Rs265t44=",
-          "dev": true,
-          "requires": {
-            "core-util-is": "~1.0.0",
-            "inherits": "~2.0.1",
-            "isarray": "~1.0.0",
-            "process-nextick-args": "~1.0.6",
-            "string_decoder": "~0.10.x",
-            "util-deprecate": "~1.0.1"
-          }
-        },
         "source-map": {
           "version": "0.6.1",
           "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
           "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
           "dev": true
         },
-        "string_decoder": {
-          "version": "0.10.31",
-          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz",
-          "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ=",
-          "dev": true
-        },
         "through2": {
-          "version": "2.0.1",
-          "resolved": "https://registry.npmjs.org/through2/-/through2-2.0.1.tgz",
-          "integrity": "sha1-OE51MU1J8y3hLuu4E2uOtrXVnak=",
+          "version": "3.0.0",
+          "resolved": "https://registry.npmjs.org/through2/-/through2-3.0.0.tgz",
+          "integrity": "sha512-8B+sevlqP4OiCjonI1Zw03Sf8PuV1eRsYQgLad5eonILOdyeRsY27A/2Ze8IlvlMvq31OH+3fz/styI7Ya62yQ==",
           "dev": true,
           "requires": {
-            "readable-stream": "~2.0.0",
-            "xtend": "~4.0.0"
+            "readable-stream": "2 || 3",
+            "xtend": "~4.0.1"
           }
         }
       }
diff --git a/api/package.json b/api/package.json
index 6c924a5aa..942876358 100644
--- a/api/package.json
+++ b/api/package.json
@@ -104,7 +104,7 @@
     "gulp-typescript": "5.0.0",
     "mocha-lcov-reporter": "^1.3.0",
     "node-sass": "^4.11.0",
-    "remap-istanbul": "0.12.0",
+    "remap-istanbul": "0.13.0",
     "rimraf": "2.6.3",
     "run-sequence": "2.2.1",
     "temp": "^0.9.0",

From bc7d24e45454dd76d040a9c252576f50efb3612c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 11 Jan 2019 07:10:40 +0000
Subject: [PATCH 034/207] Bump tslint from 5.12.0 to 5.12.1 in /api

Bumps [tslint](https://github.com/palantir/tslint) from 5.12.0 to 5.12.1.
- [Release notes](https://github.com/palantir/tslint/releases)
- [Changelog](https://github.com/palantir/tslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/palantir/tslint/compare/5.12.0...5.12.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 12 ++++++------
 api/package.json      |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index d48d07195..7f26ab3db 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -11317,9 +11317,9 @@
       "dev": true
     },
     "tslint": {
-      "version": "5.12.0",
-      "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.12.0.tgz",
-      "integrity": "sha512-CKEcH1MHUBhoV43SA/Jmy1l24HJJgI0eyLbBNSRyFlsQvb9v6Zdq+Nz2vEOH00nC5SUx4SneJ59PZUS/ARcokQ==",
+      "version": "5.12.1",
+      "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.12.1.tgz",
+      "integrity": "sha512-sfodBHOucFg6egff8d1BvuofoOQ/nOeYNfbp7LDlKBcLNrL3lmS5zoiDGyOMdT7YsEXAwWpTdAHwOGOc8eRZAw==",
       "dev": true,
       "requires": {
         "babel-code-frame": "^6.22.0",
@@ -11346,9 +11346,9 @@
           }
         },
         "chalk": {
-          "version": "2.4.1",
-          "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.1.tgz",
-          "integrity": "sha512-ObN6h1v2fTJSmUXoS3nMQ92LbDK9be4TV+6G+omQlGJFdcUX5heKi1LZ1YnRMIgwTLEj3E24bT6tYni50rlCfQ==",
+          "version": "2.4.2",
+          "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz",
+          "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==",
           "dev": true,
           "requires": {
             "ansi-styles": "^3.2.1",
diff --git a/api/package.json b/api/package.json
index 942876358..1b13be392 100644
--- a/api/package.json
+++ b/api/package.json
@@ -108,7 +108,7 @@
     "rimraf": "2.6.3",
     "run-sequence": "2.2.1",
     "temp": "^0.9.0",
-    "tslint": "5.12.0",
+    "tslint": "5.12.1",
     "typedoc": "^0.14.0",
     "typescript": "^3.2.2"
   },

From 9b55c08f96b404fb911dfb8d33a623f2f0fc8de7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Sun, 13 Jan 2019 13:58:52 +0000
Subject: [PATCH 035/207] Bump typedoc from 0.14.0 to 0.14.1 in /api

Bumps [typedoc](https://github.com/TypeStrong/TypeDoc) from 0.14.0 to 0.14.1.
- [Release notes](https://github.com/TypeStrong/TypeDoc/releases)
- [Commits](https://github.com/TypeStrong/TypeDoc/compare/v0.14.0...v0.14.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 7f26ab3db..fee02184e 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -11426,9 +11426,9 @@
       "integrity": "sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c="
     },
     "typedoc": {
-      "version": "0.14.0",
-      "resolved": "https://registry.npmjs.org/typedoc/-/typedoc-0.14.0.tgz",
-      "integrity": "sha512-9DOYWO6O02YGZfbNOrELtmpQF4Eba/6AfNQNt46iRuIokoEq1Axdz9Ae/XjgdoXsM2ShGlDZsAO36BwRVz/Nmw==",
+      "version": "0.14.1",
+      "resolved": "https://registry.npmjs.org/typedoc/-/typedoc-0.14.1.tgz",
+      "integrity": "sha512-gM8ajT1oPk/EHfwp60SECcW0p2MfdxhLfBE6zl9/P2DV8vDnE+a5XRgdIRym1X2Ffv8FQ7WPbNaOQbHoESh65g==",
       "dev": true,
       "requires": {
         "@types/fs-extra": "^5.0.3",
diff --git a/api/package.json b/api/package.json
index 1b13be392..adf4906be 100644
--- a/api/package.json
+++ b/api/package.json
@@ -109,7 +109,7 @@
     "run-sequence": "2.2.1",
     "temp": "^0.9.0",
     "tslint": "5.12.1",
-    "typedoc": "^0.14.0",
+    "typedoc": "^0.14.1",
     "typescript": "^3.2.2"
   },
   "engines": {

From 46a8a8ee248662d3d46c2f8ec2b3b687a403e606 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Sun, 13 Jan 2019 15:58:04 +0000
Subject: [PATCH 036/207] Bump mongoose from 5.4.2 to 5.4.3 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.2 to 5.4.3.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.2...5.4.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 12 ++++++------
 api/package.json      |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index fee02184e..17c20b5a8 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7581,9 +7581,9 @@
       }
     },
     "memory-pager": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.4.0.tgz",
-      "integrity": "sha512-ycuyV5gKpZln7HB/A11wCpAxEY9VQ2EhYU1F56pUAxvmj6OyOHtB9tkLLjAyFsPdghSP2S3Ujk3aYJCusgiMZg==",
+      "version": "1.5.0",
+      "resolved": "https://registry.npmjs.org/memory-pager/-/memory-pager-1.5.0.tgz",
+      "integrity": "sha512-ZS4Bp4r/Zoeq6+NLJpP+0Zzm0pR8whtGPf1XExKLJBAczGMnSi3It14OiNCStjQjM6NU1okjQGSxgEZN8eBYKg==",
       "optional": true
     },
     "meow": {
@@ -7891,9 +7891,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.2",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.2.tgz",
-      "integrity": "sha512-bZFYe9oikiLZ2npfSbIGNYpJ0MJVQaSQhU09VFxvu6r7nVGixbt031ewZldKbWwHsG/JPJLX2HhUa8are84ryQ==",
+      "version": "5.4.3",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.3.tgz",
+      "integrity": "sha512-zhfypQm63CPYHi43O/3lTcEPVucY3h6CqONbzreMKZIEXtwgkB9HCm4wn441Z9/CpM94G6/NA3wcaRb0N2kPYQ==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index adf4906be..4c8fc7588 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.23.0",
-    "mongoose": "~5.4.2",
+    "mongoose": "~5.4.3",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 5a97006a1281b8b95341fac69618831d7b2fe5e9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 14 Jan 2019 05:58:12 +0000
Subject: [PATCH 037/207] Bump sharp from 0.21.1 to 0.21.2 in /api

Bumps [sharp](https://github.com/lovell/sharp) from 0.21.1 to 0.21.2.
- [Release notes](https://github.com/lovell/sharp/releases)
- [Changelog](https://github.com/lovell/sharp/blob/master/docs/changelog.md)
- [Commits](https://github.com/lovell/sharp/compare/v0.21.1...v0.21.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 20 ++++++++++----------
 api/package.json      |  2 +-
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 17c20b5a8..d46dbef7d 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -8120,9 +8120,9 @@
       "dev": true
     },
     "node-abi": {
-      "version": "2.5.0",
-      "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-2.5.0.tgz",
-      "integrity": "sha512-9g2twBGSP6wIR5PW7tXvAWnEWKJDH/VskdXp168xsw9VVxpEGov8K4jsP4/VeoC7b2ZAyzckvMCuQuQlw44lXg==",
+      "version": "2.5.1",
+      "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-2.5.1.tgz",
+      "integrity": "sha512-oDbFc7vCFx0RWWCweTer3hFm1u+e60N5FtGnmRV6QqvgATGFH/XRR6vqWIeBVosCYCqt6YdIr2L0exLZuEdVcQ==",
       "requires": {
         "semver": "^5.4.1"
       }
@@ -10371,15 +10371,15 @@
       "integrity": "sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ=="
     },
     "sharp": {
-      "version": "0.21.1",
-      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.21.1.tgz",
-      "integrity": "sha512-XPRi/nosSHk2GG6Zl+uquJ8vZ+00TpNjzrSKah4DGBHYXRxw7nixBBBewJtw3jetUJi0Oaw/n6AO3/myDVVqFg==",
+      "version": "0.21.2",
+      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.21.2.tgz",
+      "integrity": "sha512-Gpj8P1eXNHtdMT8XNobkaic5wnienCE46VUNns9umQ9nzATfnIexCofLPPetOdb7JcoRbQc5SjWvXzi7NUoVhA==",
       "requires": {
         "bindings": "^1.3.1",
         "color": "^3.1.0",
         "detect-libc": "^1.0.3",
         "fs-copy-file-sync": "^1.1.1",
-        "nan": "^2.11.1",
+        "nan": "^2.12.1",
         "npmlog": "^4.1.2",
         "prebuild-install": "^5.2.2",
         "semver": "^5.6.0",
@@ -10389,9 +10389,9 @@
       },
       "dependencies": {
         "nan": {
-          "version": "2.11.1",
-          "resolved": "https://registry.npmjs.org/nan/-/nan-2.11.1.tgz",
-          "integrity": "sha512-iji6k87OSXa0CcrLl9z+ZiYSuR2o+c0bGuNmXdrhTQTakxytAFsC56SArGYoiHlJlFoHSnvmhpceZJaXkVuOtA=="
+          "version": "2.12.1",
+          "resolved": "https://registry.npmjs.org/nan/-/nan-2.12.1.tgz",
+          "integrity": "sha512-JY7V6lRkStKcKTvHO5NVSQRv+RV+FIL5pvDoLiAtSL9pKlC5x9PKQcZDsq7m4FO4d57mkhC6Z+QhAh3Jdk5JFw=="
         },
         "semver": {
           "version": "5.6.0",
diff --git a/api/package.json b/api/package.json
index 4c8fc7588..b4e518b79 100644
--- a/api/package.json
+++ b/api/package.json
@@ -65,7 +65,7 @@
     "raven": "^2.6.4",
     "reflect-metadata": "^0.1.12",
     "routing-controllers": "^0.7.7",
-    "sharp": "^0.21.1",
+    "sharp": "^0.21.2",
     "socket.io": "^2.2.0",
     "stream-buffers": "^3.0.1",
     "to-utf-8": "^1.3.0",

From 8fb2c9dcf3cd90a7e1f2224267684d7d11ce9170 Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Tue, 15 Jan 2019 23:10:38 +0100
Subject: [PATCH 038/207] fixed scroll bug

---
 .../course-detail/course-detail.component.ts  |  6 +--
 .../src/app/unit/unit.component.html          |  4 +-
 .../src/app/unit/unit.component.ts            | 49 +++++++++++++++----
 3 files changed, 45 insertions(+), 14 deletions(-)

diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.component.ts b/app/webFrontend/src/app/course/course-detail/course-detail.component.ts
index 4492827cf..6b84f7194 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.component.ts
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.component.ts
@@ -14,7 +14,6 @@ import {TranslateService} from '@ngx-translate/core';
 import {ICourseView} from '../../../../../../shared/models/ICourseView';
 
 
-
 @Component({
   selector: 'app-course-detail',
   templateUrl: './course-detail.component.html',
@@ -36,11 +35,12 @@ export class CourseDetailComponent implements OnInit, OnDestroy {
               private userDataService: UserDataService,
               private dialogService: DialogService,
               private dataSharingService: DataSharingService,
-              private translate: TranslateService) {}
+              private translate: TranslateService) {
+  }
 
   ngOnInit() {
     const data: any = this.route.snapshot.data;
-    this.course = <ICourseView> data.course;
+    this.course = <ICourseView>data.course;
     this.id = this.course._id;
     LastVisitedCourseContainerUpdater.addCourseToLastVisitedCourses(this.id, this.userService, this.userDataService);
     this.titleService.setTitleCut(['Course: ', this.course.name]);
diff --git a/app/webFrontend/src/app/unit/unit.component.html b/app/webFrontend/src/app/unit/unit.component.html
index a50c517e9..f3680ebd7 100644
--- a/app/webFrontend/src/app/unit/unit.component.html
+++ b/app/webFrontend/src/app/unit/unit.component.html
@@ -1,4 +1,4 @@
-<div *ngFor="let unit of units">
+<div #units *ngFor="let unit of units">
   <mat-card class="unit-card">
     <button mat-icon-button *ngIf="unit.visible === false" disabled>
       <mat-icon color="warn">visibility_off</mat-icon>
@@ -16,7 +16,7 @@
       {{unit.description}}
     </mat-card-subtitle>
 
-    <div id={{unit._id}}></div>
+    <div  id={{unit._id}}></div>
     <mat-card-content [ngSwitch]="unit.__t">
       <app-video-unit *ngSwitchCase="'video'" [videoUnit]="unit"></app-video-unit>
       <app-file-unit *ngSwitchCase="'file'" [fileUnit]="unit"></app-file-unit>
diff --git a/app/webFrontend/src/app/unit/unit.component.ts b/app/webFrontend/src/app/unit/unit.component.ts
index 695680cd8..64b637ee1 100644
--- a/app/webFrontend/src/app/unit/unit.component.ts
+++ b/app/webFrontend/src/app/unit/unit.component.ts
@@ -1,8 +1,16 @@
-import {Component, OnInit, Input, AfterViewInit} from '@angular/core';
+import {
+  Component,
+  OnInit,
+  Input,
+  AfterViewInit,
+  ViewChildren,
+  QueryList,
+  ElementRef
+} from '@angular/core';
 import {TranslateService} from '@ngx-translate/core';
 import {IUnit} from '../../../../../shared/models/units/IUnit';
 import * as moment from 'moment';
-import {ActivatedRoute, Router} from '@angular/router';
+import {ActivatedRoute, NavigationEnd, Router} from '@angular/router';
 import {IUser} from '../../../../../shared/models/IUser';
 import {MessageService} from '../shared/services/message.service';
 import {ICourse} from '../../../../../shared/models/ICourse';
@@ -17,7 +25,9 @@ export class UnitComponent implements OnInit, AfterViewInit {
   @Input() units: IUnit[];
   unitId: string;
   users: IUser[] = [];
-  chatMessageCount: {[unitId: string]: number} = {};
+  chatMessageCount: { [unitId: string]: number } = {};
+  @ViewChildren('units') unitElements: QueryList<ElementRef>;
+
 
   private getFormattedDeadline(deadline: string) {
     moment.locale(this.translate.currentLang);
@@ -39,6 +49,14 @@ export class UnitComponent implements OnInit, AfterViewInit {
     this.route.params.subscribe(params => {
       this.unitId = decodeURIComponent(params['unit']);
     });
+
+    this.router.events.subscribe(event => {
+      if (event instanceof NavigationEnd) {
+        this.scrollToUnit(this.unitId);
+
+      }
+    })
+
     Promise.all(this.units.map(async (unit) => {
       const res = await this.msgService.getMessageCount({room: unit.chatRoom});
       this.chatMessageCount[unit._id] = res.count;
@@ -46,12 +64,25 @@ export class UnitComponent implements OnInit, AfterViewInit {
   }
 
   ngAfterViewInit(): void {
-    try {
-      const element = document.getElementById(this.unitId);
-      if (element) {
-        element.scrollIntoView({behavior: 'smooth'});
-      }
-    } catch (err) {}
+    this.scrollToUnit(this.unitId)
+  }
+
+
+  scrollToUnit(unitId: string): void {
+    // find id
+    const index = this.units.findIndex(e => e._id == unitId);
+
+    if (index < 0) {
+      return;
+    }
+
+    const element = this.unitElements.toArray()[index];
+
+    if (element) {
+      setTimeout(() => {
+        element.nativeElement.scrollIntoView({behavior: 'smooth', block: 'start', inline: 'nearest'});
+      }, 100);
+    }
   }
 
 }

From ef40c78da179b6c885611ce95c3b9c740c9f7a51 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 16 Jan 2019 05:18:49 +0000
Subject: [PATCH 039/207] Bump validator from 10.10.0 to 10.11.0 in /api

Bumps [validator](https://github.com/chriso/validator.js) from 10.10.0 to 10.11.0.
- [Release notes](https://github.com/chriso/validator.js/releases)
- [Changelog](https://github.com/chriso/validator.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/chriso/validator.js/compare/10.10.0...10.11.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index d46dbef7d..65348e1fa 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -11857,9 +11857,9 @@
       }
     },
     "validator": {
-      "version": "10.10.0",
-      "resolved": "https://registry.npmjs.org/validator/-/validator-10.10.0.tgz",
-      "integrity": "sha512-DyZyLJlMXM3CGdVaVHE/EDzCagMRoPI3mmGdxxNQbqkGqh56+M3d1i0ZAWd69En8U21DHbPTn12aOdhO+hfm5w=="
+      "version": "10.11.0",
+      "resolved": "https://registry.npmjs.org/validator/-/validator-10.11.0.tgz",
+      "integrity": "sha512-X/p3UZerAIsbBfN/IwahhYaBbY68EN/UQBWHtsbXGT5bfrH/p4NQzUCG1kF/rtKaNpnJ7jAu6NGTdSNtyNIXMw=="
     },
     "value-or-function": {
       "version": "3.0.0",
diff --git a/api/package.json b/api/package.json
index b4e518b79..f552f6f6f 100644
--- a/api/package.json
+++ b/api/package.json
@@ -69,7 +69,7 @@
     "socket.io": "^2.2.0",
     "stream-buffers": "^3.0.1",
     "to-utf-8": "^1.3.0",
-    "validator": "^10.10.0"
+    "validator": "^10.11.0"
   },
   "devDependencies": {
     "@types/bcrypt": "^3.0.0",

From 2a3bdc8e9836a741f665cec29f01f9e07e6e0db0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 16 Jan 2019 15:12:34 +0000
Subject: [PATCH 040/207] Bump reflect-metadata from 0.1.12 to 0.1.13 in /api

Bumps [reflect-metadata](https://github.com/rbuckton/reflect-metadata) from 0.1.12 to 0.1.13.
- [Release notes](https://github.com/rbuckton/reflect-metadata/releases)
- [Changelog](https://github.com/rbuckton/reflect-metadata/blob/master/tsconfig-release.json)
- [Commits](https://github.com/rbuckton/reflect-metadata/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 65348e1fa..26194bea5 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -9749,9 +9749,9 @@
       }
     },
     "reflect-metadata": {
-      "version": "0.1.12",
-      "resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.1.12.tgz",
-      "integrity": "sha512-n+IyV+nGz3+0q3/Yf1ra12KpCyi001bi4XFxSjbiWWjfqb52iTTtpGXmCCAOWWIAn9KEuFZKGqBERHmrtScZ3A=="
+      "version": "0.1.13",
+      "resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.1.13.tgz",
+      "integrity": "sha512-Ts1Y/anZELhSsjMcU605fU9RE4Oi3p5ORujwbIKXfWa+0Zxs510Qrmrce5/Jowq3cHSZSJqBjypxmHarc+vEWg=="
     },
     "regenerate": {
       "version": "1.4.0",
diff --git a/api/package.json b/api/package.json
index f552f6f6f..67008d444 100644
--- a/api/package.json
+++ b/api/package.json
@@ -63,7 +63,7 @@
     "passport-jwt": "^4.0.0",
     "passport-local": "^1.0.0",
     "raven": "^2.6.4",
-    "reflect-metadata": "^0.1.12",
+    "reflect-metadata": "^0.1.13",
     "routing-controllers": "^0.7.7",
     "sharp": "^0.21.2",
     "socket.io": "^2.2.0",

From 1788ab5da55b4bf259a7f1b9d43032f821307a0b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 16 Jan 2019 17:18:20 +0000
Subject: [PATCH 041/207] Bump mongoose from 5.4.3 to 5.4.4 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.3 to 5.4.4.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.3...5.4.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 26194bea5..b7eb04cdd 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7891,9 +7891,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.3",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.3.tgz",
-      "integrity": "sha512-zhfypQm63CPYHi43O/3lTcEPVucY3h6CqONbzreMKZIEXtwgkB9HCm4wn441Z9/CpM94G6/NA3wcaRb0N2kPYQ==",
+      "version": "5.4.4",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.4.tgz",
+      "integrity": "sha512-KoYUFtgrXQ9Sxuf5IEE0Y2LswWGhHiN27bxtObANxMgXbuNLTtLB3xaep8jITUDitG4kkI+FKElUJH4uY8G2Bw==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index 67008d444..6b0d335da 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.23.0",
-    "mongoose": "~5.4.3",
+    "mongoose": "~5.4.4",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 193f3c9f0a58e238da0c73f0b217d637f4c36479 Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Wed, 16 Jan 2019 22:57:42 +0100
Subject: [PATCH 042/207] changelog update

---
 CHANGELOG.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7748ef536..e0500176d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Added
 - Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
 
+### Fixed
+- Notification scroll bug. [#1082](https://github.com/geli-lms/geli/issues/1082)
+
+### Removed
+
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added
 - Export PDF with styled free text units. [#997](https://github.com/geli-lms/geli/issues/997) [#1047](https://github.com/geli-lms/geli/pull/1047)

From c4f4b90c00483fcc588ce141cb2f9eb15ec6101d Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Wed, 16 Jan 2019 23:18:20 +0100
Subject: [PATCH 043/207] lint fix

---
 app/webFrontend/src/app/unit/unit.component.ts | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/app/webFrontend/src/app/unit/unit.component.ts b/app/webFrontend/src/app/unit/unit.component.ts
index 64b637ee1..39caeb2b8 100644
--- a/app/webFrontend/src/app/unit/unit.component.ts
+++ b/app/webFrontend/src/app/unit/unit.component.ts
@@ -53,9 +53,8 @@ export class UnitComponent implements OnInit, AfterViewInit {
     this.router.events.subscribe(event => {
       if (event instanceof NavigationEnd) {
         this.scrollToUnit(this.unitId);
-
       }
-    })
+    });
 
     Promise.all(this.units.map(async (unit) => {
       const res = await this.msgService.getMessageCount({room: unit.chatRoom});
@@ -64,13 +63,13 @@ export class UnitComponent implements OnInit, AfterViewInit {
   }
 
   ngAfterViewInit(): void {
-    this.scrollToUnit(this.unitId)
+    this.scrollToUnit(this.unitId);
   }
 
 
   scrollToUnit(unitId: string): void {
     // find id
-    const index = this.units.findIndex(e => e._id == unitId);
+    const index = this.units.findIndex(e => e._id === unitId);
 
     if (index < 0) {
       return;

From 760c58064214af3ff60229308d7569ba2f535879 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 17 Jan 2019 06:08:59 +0000
Subject: [PATCH 044/207] Bump typedoc from 0.14.1 to 0.14.2 in /api

Bumps [typedoc](https://github.com/TypeStrong/TypeDoc) from 0.14.1 to 0.14.2.
- [Release notes](https://github.com/TypeStrong/TypeDoc/releases)
- [Commits](https://github.com/TypeStrong/TypeDoc/compare/v0.14.1...v0.14.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 14 ++++----------
 api/package.json      |  2 +-
 2 files changed, 5 insertions(+), 11 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index b7eb04cdd..8b58f5a18 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -11426,9 +11426,9 @@
       "integrity": "sha1-hnrHTjhkGHsdPUfZlqeOxciDB3c="
     },
     "typedoc": {
-      "version": "0.14.1",
-      "resolved": "https://registry.npmjs.org/typedoc/-/typedoc-0.14.1.tgz",
-      "integrity": "sha512-gM8ajT1oPk/EHfwp60SECcW0p2MfdxhLfBE6zl9/P2DV8vDnE+a5XRgdIRym1X2Ffv8FQ7WPbNaOQbHoESh65g==",
+      "version": "0.14.2",
+      "resolved": "https://registry.npmjs.org/typedoc/-/typedoc-0.14.2.tgz",
+      "integrity": "sha512-aEbgJXV8/KqaVhcedT7xG6d2r+mOvB5ep3eIz1KuB5sc4fDYXcepEEMdU7XSqLFO5hVPu0nllHi1QxX2h/QlpQ==",
       "dev": true,
       "requires": {
         "@types/fs-extra": "^5.0.3",
@@ -11440,7 +11440,7 @@
         "@types/shelljs": "^0.8.0",
         "fs-extra": "^7.0.0",
         "handlebars": "^4.0.6",
-        "highlight.js": "9.12.0",
+        "highlight.js": "^9.13.1",
         "lodash": "^4.17.10",
         "marked": "^0.4.0",
         "minimatch": "^3.0.0",
@@ -11450,12 +11450,6 @@
         "typescript": "3.2.x"
       },
       "dependencies": {
-        "highlight.js": {
-          "version": "9.12.0",
-          "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.12.0.tgz",
-          "integrity": "sha1-5tnb5Xy+/mB1HwKvM2GVhwyQwB4=",
-          "dev": true
-        },
         "marked": {
           "version": "0.4.0",
           "resolved": "https://registry.npmjs.org/marked/-/marked-0.4.0.tgz",
diff --git a/api/package.json b/api/package.json
index 6b0d335da..8b40cba8c 100644
--- a/api/package.json
+++ b/api/package.json
@@ -109,7 +109,7 @@
     "run-sequence": "2.2.1",
     "temp": "^0.9.0",
     "tslint": "5.12.1",
-    "typedoc": "^0.14.1",
+    "typedoc": "^0.14.2",
     "typescript": "^3.2.2"
   },
   "engines": {

From 81d9683ee16b92a63322ca65eda5ef8a23fc5104 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 17 Jan 2019 10:00:56 +0000
Subject: [PATCH 045/207] Bump nodemailer from 5.0.0 to 5.1.1 in /api

Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 5.0.0 to 5.1.1.
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/nodemailer/nodemailer/compare/v5.0.0...v5.1.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 8b58f5a18..c7762d97b 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -8319,9 +8319,9 @@
       }
     },
     "nodemailer": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-5.0.0.tgz",
-      "integrity": "sha512-XI4PI5L7GYcJyHkPcHlvPyRrYohNYBNRNbt1tU8PXNU3E1ADJC84a13V0vbL9AM431OP+ETacaGXAF8fGn1JvA=="
+      "version": "5.1.1",
+      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-5.1.1.tgz",
+      "integrity": "sha512-hKGCoeNdFL2W7S76J/Oucbw0/qRlfG815tENdhzcqTpSjKgAN91mFOqU2lQUflRRxFM7iZvCyaFcAR9noc/CqQ=="
     },
     "nodemailer-markdown": {
       "version": "1.0.2",
diff --git a/api/package.json b/api/package.json
index 8b40cba8c..f4d1e0f52 100644
--- a/api/package.json
+++ b/api/package.json
@@ -57,7 +57,7 @@
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",
-    "nodemailer": "^5.0.0",
+    "nodemailer": "^5.1.1",
     "nodemailer-markdown": "^1.0.2",
     "passport": "^0.4.0",
     "passport-jwt": "^4.0.0",

From 354fb529567cee9e34ae10d1277d595f9fa95271 Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Thu, 17 Jan 2019 18:48:04 +0100
Subject: [PATCH 046/207] sticky header

---
 .../course-detail.component.html              | 20 +++++--
 .../course-detail.component.scss              | 29 ++++++++-
 .../course-detail/course-detail.module.ts     |  2 +-
 .../directives/sticky-element.directive.ts    | 59 +++++++++++++++++++
 .../src/app/shared/shared.module.ts           | 11 ++--
 5 files changed, 108 insertions(+), 13 deletions(-)
 create mode 100644 app/webFrontend/src/app/shared/directives/sticky-element.directive.ts

diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.component.html b/app/webFrontend/src/app/course/course-detail/course-detail.component.html
index b5dc683df..96d458cb5 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.component.html
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.component.html
@@ -1,13 +1,19 @@
+<div stickyElement="" [anchor]="stickyAnchor" class="stickytoolbar">
+  <mat-toolbar>
+    <small>My Application</small>
+  </mat-toolbar>
+</div>
 <div class="course-header">
   <div class="header-line">
-    <h1>{{course?.name}}</h1>
-
+    <h1 #stickyAnchor>{{course?.name}}</h1>
     <span class="course-admin-actions" *ngIf="course.userCanEditCourse">
-      <button mat-icon-button [routerLink]="['/course', course._id, 'edit']" [matTooltip]="'course.text.editCourse' | translate">
+      <button mat-icon-button [routerLink]="['/course', course._id, 'edit']"
+              [matTooltip]="'course.text.editCourse' | translate">
         <mat-icon>mode_edit</mat-icon>
       </button>
 
-      <button mat-icon-button [routerLink]="['/course', course._id, 'report'] "[matTooltip]="'common.statistics' | translate">
+      <button mat-icon-button [routerLink]="['/course', course._id, 'report'] "
+              [matTooltip]="'common.statistics' | translate">
         <mat-icon>show_chart</mat-icon>
       </button>
 
@@ -16,6 +22,7 @@ <h1>{{course?.name}}</h1>
       </button>
     </span>
   </div>
+
   <mat-chip-list>
     <mat-chip style="cursor:pointer" (click)="showUserProfile(course?.courseAdmin)">
       <div class="img-wrapper">
@@ -46,10 +53,11 @@ <h1>{{course?.name}}</h1>
        #rla="routerLinkActive"
        [routerLinkActiveOptions]="{exact: true}"
        [active]="rla.isActive">
-      <mat-icon class="iconPos">{{tab.img}}</mat-icon>{{tab.label}}
+      <mat-icon class="iconPos">{{tab.img}}</mat-icon>
+      {{tab.label}}
     </a>
   </nav>
-
 </div>
+
 <router-outlet></router-outlet>
 <app-course-forum [chatRoom]="course?.chatRooms[0]"></app-course-forum>
diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.component.scss b/app/webFrontend/src/app/course/course-detail/course-detail.component.scss
index 0f2f2d7b2..8c0d4c283 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.component.scss
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.component.scss
@@ -47,7 +47,7 @@
 
 }
 
-.teacher-name{
+.teacher-name {
   margin-left: 35px;
   text-align: center;
 }
@@ -57,7 +57,7 @@
   vertical-align: middle;
 }
 
-.admin-name{
+.admin-name {
   margin-left: 35px;
   text-align: center;
 }
@@ -78,3 +78,28 @@
   flex-wrap: wrap;
 
 }
+
+.stickytoolbar {
+  overflow: hidden;
+  position: fixed;
+  top: 0;
+  left: 0;
+  right: 0;
+  z-index: 2;
+  display: none;
+  visibility: hidden;
+
+  &.is-sticky {
+    position: fixed;
+    visibility: visible;
+    display: block;
+    /*transition: all 0.4s ease-in-out;
+    -webkit-transition: all 0.4s ease-in-out;
+    -moz-transition: all 0.4s ease-in-out;
+    */
+
+
+    box-shadow: 0 3px 5px -1px rgba(0, 0, 0, .2), 0 6px 10px 0 rgba(0, 0, 0, .14), 0 1px 18px 0 rgba(0, 0, 0, .12);
+  }
+
+}
diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.module.ts b/app/webFrontend/src/app/course/course-detail/course-detail.module.ts
index a125ccf60..44c9ccb92 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.module.ts
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.module.ts
@@ -16,7 +16,7 @@ import {VideoViewComponent} from './video-view/video-view.component';
 import {GridComponent} from './video-view/grid/grid.component';
 import {MessagingModule} from '../../messaging/messaging.module';
 import {PickerModule} from '@ctrl/ngx-emoji-mart';
-import { CourseForumComponent } from './course-forum/course-forum.component';
+import {CourseForumComponent} from './course-forum/course-forum.component';
 
 @NgModule({
   imports: [
diff --git a/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts b/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts
new file mode 100644
index 000000000..3c8e4313c
--- /dev/null
+++ b/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts
@@ -0,0 +1,59 @@
+import {Directive, OnInit, ElementRef, Input, HostListener, HostBinding} from '@angular/core';
+
+@Directive({
+  selector: '[stickyElement]'
+})
+export class StickyElementDirective implements OnInit {
+  @Input('anchor') anchorElement: HTMLElement | undefined;
+
+  private anchorPosition: number;
+
+  @HostBinding('class.is-sticky') sticky = false;
+
+  constructor(private elementRef: ElementRef) {
+  }
+
+  ngOnInit(): void {
+    // set directly so the changeDetector knows it's set to true later
+    //this.elementRef.nativeElement.focus();
+  }
+
+  @HostListener('window:scroll', ['$event'])
+  handleScroll() {
+    const windowScroll = window.pageYOffset;
+
+    if (windowScroll >= this.anchorPosition) {
+      this.sticky = true;
+    } else {
+      this.sticky = false;
+    }
+  }
+
+
+  ngAfterViewInit(): void {
+    console.log(this.elementRef);
+    console.log(this.anchorElement);
+    this.anchorPosition = this.getPosition(this.anchorElement).y;
+    console.log(this.anchorPosition);
+  }
+
+  getPosition(el) {
+    let top = 0;
+    let left = 0;
+    let element = el;
+
+    // Loop through the DOM tree
+    // and add it's parent's offset to get page offset
+    do {
+      top += element.offsetTop || 0;
+      left += element.offsetLeft || 0;
+      element = element.offsetParent;
+    } while (element);
+
+    return {
+      y: top,
+      x: left,
+    };
+  }
+
+}
diff --git a/app/webFrontend/src/app/shared/shared.module.ts b/app/webFrontend/src/app/shared/shared.module.ts
index abbe3e38b..84afb01ee 100644
--- a/app/webFrontend/src/app/shared/shared.module.ts
+++ b/app/webFrontend/src/app/shared/shared.module.ts
@@ -21,10 +21,11 @@ import {TranslateModule} from '@ngx-translate/core';
 import {AdminMarkdownEditComponent} from './components/admin-markdown-edit/admin-markdown-edit.component';
 import {UserProfileDialog} from 'app/shared/components/user-profile-dialog/user-profile-dialog.component';
 import {NotfoundComponent} from './components/notfound/notfound.component';
-import { ShowCommentsDirective } from './directives/show-comments.directive';
+import {ShowCommentsDirective} from './directives/show-comments.directive';
 
 import {ResponsiveImageComponent} from './components/responsive-image/responsive-image.component';
-import { headersToString } from 'selenium-webdriver/http';
+import {headersToString} from 'selenium-webdriver/http';
+import {StickyElementDirective} from "./directives/sticky-element.directive";
 
 @NgModule({
   imports: [
@@ -56,7 +57,8 @@ import { headersToString } from 'selenium-webdriver/http';
     NotfoundComponent,
     UserProfileDialog,
     ShowCommentsDirective,
-    ResponsiveImageComponent
+    ResponsiveImageComponent,
+    StickyElementDirective
   ],
   exports: [
     GravatarDirective,
@@ -77,7 +79,8 @@ import { headersToString } from 'selenium-webdriver/http';
     AdminMarkdownEditComponent,
     UserProfileDialog,
     ShowCommentsDirective,
-    ResponsiveImageComponent
+    ResponsiveImageComponent,
+    StickyElementDirective
   ],
   entryComponents: [
     PickMediaDialog,

From 6304d74e45176d52c54eee888ad282d25b57bf59 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 18 Jan 2019 06:46:14 +0000
Subject: [PATCH 047/207] Bump typescript from 3.2.2 to 3.2.4 in /api

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 3.2.2 to 3.2.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v3.2.2...v3.2.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index c7762d97b..be6ffd8ea 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -11465,9 +11465,9 @@
       "dev": true
     },
     "typescript": {
-      "version": "3.2.2",
-      "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.2.2.tgz",
-      "integrity": "sha512-VCj5UiSyHBjwfYacmDuc/NOk4QQixbE+Wn7MFJuS0nRuPQbof132Pw4u53dm264O8LPc2MVsc7RJNml5szurkg==",
+      "version": "3.2.4",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-3.2.4.tgz",
+      "integrity": "sha512-0RNDbSdEokBeEAkgNbxJ+BLwSManFy9TeXz8uW+48j/xhEXv1ePME60olyzw2XzUqUBNAYFeJadIqAgNqIACwg==",
       "dev": true
     },
     "uc.micro": {
diff --git a/api/package.json b/api/package.json
index f4d1e0f52..da7e734bd 100644
--- a/api/package.json
+++ b/api/package.json
@@ -110,7 +110,7 @@
     "temp": "^0.9.0",
     "tslint": "5.12.1",
     "typedoc": "^0.14.2",
-    "typescript": "^3.2.2"
+    "typescript": "^3.2.4"
   },
   "engines": {
     "node": ">=4.0.0"

From bd77d3b0dad41977ff3392d87e5abf41797a489c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 21 Jan 2019 06:55:50 +0000
Subject: [PATCH 048/207] Bump mongoose from 5.4.4 to 5.4.5 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.4 to 5.4.5.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.4...5.4.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index be6ffd8ea..0f39aebf0 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7891,9 +7891,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.4",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.4.tgz",
-      "integrity": "sha512-KoYUFtgrXQ9Sxuf5IEE0Y2LswWGhHiN27bxtObANxMgXbuNLTtLB3xaep8jITUDitG4kkI+FKElUJH4uY8G2Bw==",
+      "version": "5.4.5",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.5.tgz",
+      "integrity": "sha512-TO1xFVyZHALSaN3EEXY5rhpKNYDF0SQxK2TlYbCOGD/rurv9c9PQiNV6xcDZ09FPIoj/cOy4xDJnt3LnthTv5A==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index da7e734bd..0c0146fe5 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.23.0",
-    "mongoose": "~5.4.4",
+    "mongoose": "~5.4.5",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 8882c7dff8985dfd865f9a226f9d7378b77809a7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 22 Jan 2019 07:00:30 +0000
Subject: [PATCH 049/207] Bump moment from 2.23.0 to 2.24.0 in /api

Bumps [moment](https://github.com/moment/moment) from 2.23.0 to 2.24.0.
- [Release notes](https://github.com/moment/moment/releases)
- [Changelog](https://github.com/moment/moment/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/moment/moment/compare/2.23.0...2.24.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 0f39aebf0..7f87be7a9 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7838,9 +7838,9 @@
       "dev": true
     },
     "moment": {
-      "version": "2.23.0",
-      "resolved": "https://registry.npmjs.org/moment/-/moment-2.23.0.tgz",
-      "integrity": "sha512-3IE39bHVqFbWWaPOMHZF98Q9c3LDKGTmypMiTM2QygGXXElkFWIH7GxfmlwmY2vwa+wmNsoYZmG2iusf1ZjJoA=="
+      "version": "2.24.0",
+      "resolved": "https://registry.npmjs.org/moment/-/moment-2.24.0.tgz",
+      "integrity": "sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg=="
     },
     "mongodb": {
       "version": "2.2.34",
diff --git a/api/package.json b/api/package.json
index 0c0146fe5..4813ba61e 100644
--- a/api/package.json
+++ b/api/package.json
@@ -52,7 +52,7 @@
     "markdown-it-emoji": "^1.4.0",
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
-    "moment": "^2.23.0",
+    "moment": "^2.24.0",
     "mongoose": "~5.4.5",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",

From 72edd744d46e1cce724ae38a28022faacbe3fdb1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 22 Jan 2019 15:03:48 +0000
Subject: [PATCH 050/207] Bump @types/mongoose from 5.3.7 to 5.3.8 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped) from 5.3.7 to 5.3.8.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 12 ++++++------
 api/package.json      |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 7f87be7a9..f4e0d0f8f 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -200,9 +200,9 @@
       "dev": true
     },
     "@types/mongodb": {
-      "version": "3.1.18",
-      "resolved": "https://registry.npmjs.org/@types/mongodb/-/mongodb-3.1.18.tgz",
-      "integrity": "sha512-8m8yvrDagesNNJdOIMk+g0b5z/sW48FwNp4GS1tRcHMKfQ/o40WsFXOXSfYY7y4xkutPFGQKGb4/GpzGFhpnqw==",
+      "version": "3.1.19",
+      "resolved": "https://registry.npmjs.org/@types/mongodb/-/mongodb-3.1.19.tgz",
+      "integrity": "sha512-H54hQEovAhyLrIZOhPNfGyCCDoTqKsjb8GQBy8nptJqfxrYCp5WVcPJf9v0kfTPR72xOhaz9+WcYxOXWwEg1Vg==",
       "dev": true,
       "requires": {
         "@types/bson": "*",
@@ -210,9 +210,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.7",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.7.tgz",
-      "integrity": "sha512-VawmiFqxLcyRr04fF8imWrre/soDD0I4LZBYbIPx6MTy9V3shT6dUpt1u8Ia2tUmGbBsYIfwitbcih5NegLARw==",
+      "version": "5.3.8",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.8.tgz",
+      "integrity": "sha512-JYqTaP15pt03e7z4Hbzn14RiUwQMia3mSJSyrTfR59x+7n7WeX1v2G+k+xO2AOYPbVdq3X9W3nVGTNTO0FYkbg==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 4813ba61e..087f33f7d 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.5",
-    "@types/mongoose": "~5.3.7",
+    "@types/mongoose": "~5.3.8",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.5",
     "@types/passport": "^1.0.0",

From 603decc25bd23623c71b29d39b43fd2d65c32002 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 22 Jan 2019 15:32:12 +0000
Subject: [PATCH 051/207] Bump @types/raven from 2.5.1 to 2.5.2 in /api

Bumps [@types/raven](https://github.com/DefinitelyTyped/DefinitelyTyped) from 2.5.1 to 2.5.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 7 +++----
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index f4e0d0f8f..39d37630b 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -299,12 +299,11 @@
       "dev": true
     },
     "@types/raven": {
-      "version": "2.5.1",
-      "resolved": "https://registry.npmjs.org/@types/raven/-/raven-2.5.1.tgz",
-      "integrity": "sha512-pWEyOzD1VUXqVpDaZGsa1LnhZqXwTjMwVftNVU+nj7QOvRj+HvwUc4aVtljoj3CWGiBPUZyCTOHrtzvx56IQRQ==",
+      "version": "2.5.2",
+      "resolved": "https://registry.npmjs.org/@types/raven/-/raven-2.5.2.tgz",
+      "integrity": "sha512-Ex6Vqx82JCs3SbRPGooeUaIuolJ3WYdMdY+2C8Ko7a66NoLEA3V79FqWlhS7bTieOPs5vrLlu/vxBlJIwobNeQ==",
       "dev": true,
       "requires": {
-        "@types/events": "*",
         "@types/node": "*"
       }
     },
diff --git a/api/package.json b/api/package.json
index 087f33f7d..3bac422cf 100644
--- a/api/package.json
+++ b/api/package.json
@@ -86,7 +86,7 @@
     "@types/passport": "^1.0.0",
     "@types/passport-jwt": "^3.0.1",
     "@types/passport-local": "^1.0.33",
-    "@types/raven": "^2.5.1",
+    "@types/raven": "^2.5.2",
     "@types/validator": "^10.9.0",
     "chai": "4.2.0",
     "chai-http": "^4.2.1",

From af2e6a0ac1ade469035c98cfc7c7eac7b09790d6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 22 Jan 2019 17:27:01 +0000
Subject: [PATCH 052/207] Bump sharp from 0.21.2 to 0.21.3 in /api

Bumps [sharp](https://github.com/lovell/sharp) from 0.21.2 to 0.21.3.
- [Release notes](https://github.com/lovell/sharp/releases)
- [Changelog](https://github.com/lovell/sharp/blob/master/docs/changelog.md)
- [Commits](https://github.com/lovell/sharp/compare/v0.21.2...v0.21.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 39d37630b..335dbe618 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -10370,9 +10370,9 @@
       "integrity": "sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ=="
     },
     "sharp": {
-      "version": "0.21.2",
-      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.21.2.tgz",
-      "integrity": "sha512-Gpj8P1eXNHtdMT8XNobkaic5wnienCE46VUNns9umQ9nzATfnIexCofLPPetOdb7JcoRbQc5SjWvXzi7NUoVhA==",
+      "version": "0.21.3",
+      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.21.3.tgz",
+      "integrity": "sha512-5qZk8r+YgfyztLEKkNez20Wynq/Uh1oNyP5T/3gTYwt2lBYGs9iDs5m0yVsZEPm8eVBbAJhS08J1wp/g+Ai1Qw==",
       "requires": {
         "bindings": "^1.3.1",
         "color": "^3.1.0",
diff --git a/api/package.json b/api/package.json
index 3bac422cf..cb6a23c42 100644
--- a/api/package.json
+++ b/api/package.json
@@ -65,7 +65,7 @@
     "raven": "^2.6.4",
     "reflect-metadata": "^0.1.13",
     "routing-controllers": "^0.7.7",
-    "sharp": "^0.21.2",
+    "sharp": "^0.21.3",
     "socket.io": "^2.2.0",
     "stream-buffers": "^3.0.1",
     "to-utf-8": "^1.3.0",

From 3ca41ad90a51ea3d6e3f305e60ab7073267389b2 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 23 Jan 2019 06:42:34 +0000
Subject: [PATCH 053/207] Bump mongoose from 5.4.5 to 5.4.6 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.5 to 5.4.6.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.5...5.4.6)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 335dbe618..763d25681 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7890,9 +7890,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.5",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.5.tgz",
-      "integrity": "sha512-TO1xFVyZHALSaN3EEXY5rhpKNYDF0SQxK2TlYbCOGD/rurv9c9PQiNV6xcDZ09FPIoj/cOy4xDJnt3LnthTv5A==",
+      "version": "5.4.6",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.6.tgz",
+      "integrity": "sha512-b5LgAWUsT04LbFfwuwUa5hWyuPKQI8m3V+idAMriqU26P7d32Wu5RmtEBJyy2A5VlHIDtPseAqhLmJ1fGWHBGA==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index cb6a23c42..cc0619db7 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.5",
+    "mongoose": "~5.4.6",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 255fd9f4d9a6d618c559f9086fb192f1c56912fb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 23 Jan 2019 10:47:34 +0000
Subject: [PATCH 054/207] Bump @types/sharp from 0.21.0 to 0.21.1 in /api

Bumps [@types/sharp](https://github.com/DefinitelyTyped/DefinitelyTyped) from 0.21.0 to 0.21.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 763d25681..2e709fc37 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -318,9 +318,9 @@
       }
     },
     "@types/sharp": {
-      "version": "0.21.0",
-      "resolved": "https://registry.npmjs.org/@types/sharp/-/sharp-0.21.0.tgz",
-      "integrity": "sha512-BmsCha5/lx2Afz2zwNo9F2txlkZ9HQf49N94lzSFmj5Oc7NfRMZguwVIhytb65qdY2zNF+azovzDNso6JUZpOw==",
+      "version": "0.21.1",
+      "resolved": "https://registry.npmjs.org/@types/sharp/-/sharp-0.21.1.tgz",
+      "integrity": "sha512-gFidYVlLczx1HUlbCun2B43QRJAfgnGP8dC+bVvlU8Ndnn0X6f82MHtxObqfFbG5S/urn9yFFq3hJrTIRWjinQ==",
       "requires": {
         "@types/node": "*"
       }
diff --git a/api/package.json b/api/package.json
index cc0619db7..7248658e2 100644
--- a/api/package.json
+++ b/api/package.json
@@ -33,7 +33,7 @@
   },
   "dependencies": {
     "@types/node-sass": "^3.10.32",
-    "@types/sharp": "^0.21.0",
+    "@types/sharp": "^0.21.1",
     "@types/socket.io": "^2.1.2",
     "app-root-path": "^2.1.0",
     "archiver": "^3.0.0",

From fd6a2afa660225ab3961d55856ea8f496d3d965d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 23 Jan 2019 14:18:17 +0000
Subject: [PATCH 055/207] Bump @types/express from 4.16.0 to 4.16.1 in /api

Bumps [@types/express](https://github.com/DefinitelyTyped/DefinitelyTyped) from 4.16.0 to 4.16.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 19 +++++++++----------
 api/package.json      |  2 +-
 2 files changed, 10 insertions(+), 11 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 2e709fc37..812a89550 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -86,9 +86,9 @@
       "dev": true
     },
     "@types/express": {
-      "version": "4.16.0",
-      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.16.0.tgz",
-      "integrity": "sha512-TtPEYumsmSTtTetAPXlJVf3kEqb6wZK0bZojpJQrnD/djV4q1oB6QQ8aKvKqwNPACoe02GNiy5zDzcYivR5Z2w==",
+      "version": "4.16.1",
+      "resolved": "https://registry.npmjs.org/@types/express/-/express-4.16.1.tgz",
+      "integrity": "sha512-V0clmJow23WeyblmACoxbHBu2JKlE5TiIme6Lem14FnPW9gsttyHtk6wq7njcdIWH1njAaFgR8gW09lgY98gQg==",
       "dev": true,
       "requires": {
         "@types/body-parser": "*",
@@ -97,12 +97,11 @@
       }
     },
     "@types/express-serve-static-core": {
-      "version": "4.16.0",
-      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.16.0.tgz",
-      "integrity": "sha512-lTeoCu5NxJU4OD9moCgm0ESZzweAx0YqsAcab6OB0EB3+As1OaHtKnaGJvcngQxYsi9UNv0abn4/DRavrRxt4w==",
+      "version": "4.16.1",
+      "resolved": "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.16.1.tgz",
+      "integrity": "sha512-QgbIMRU1EVRry5cIu1ORCQP4flSYqLM1lS5LYyGWfKnFT3E58f0gKto7BR13clBFVrVZ0G0rbLZ1hUpSkgQQOA==",
       "dev": true,
       "requires": {
-        "@types/events": "*",
         "@types/node": "*",
         "@types/range-parser": "*"
       }
@@ -293,9 +292,9 @@
       }
     },
     "@types/range-parser": {
-      "version": "1.2.2",
-      "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.2.tgz",
-      "integrity": "sha512-HtKGu+qG1NPvYe1z7ezLsyIaXYyi8SoAVqWDZgDQ8dLrsZvSzUNCwZyfX33uhWxL/SU0ZDQZ3nwZ0nimt507Kw==",
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/@types/range-parser/-/range-parser-1.2.3.tgz",
+      "integrity": "sha512-ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA==",
       "dev": true
     },
     "@types/raven": {
diff --git a/api/package.json b/api/package.json
index 7248658e2..5c3ad1d33 100644
--- a/api/package.json
+++ b/api/package.json
@@ -76,7 +76,7 @@
     "@types/body-parser": "^1.17.0",
     "@types/chai": "4.1.7",
     "@types/cookie": "^0.3.2",
-    "@types/express": "^4.16.0",
+    "@types/express": "^4.16.1",
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.5",

From 2bae8e52e8327e6db44fe3c87deea33b0b89d451 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 23 Jan 2019 23:00:44 +0000
Subject: [PATCH 056/207] Bump @types/mongoose from 5.3.8 to 5.3.9 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped) from 5.3.8 to 5.3.9.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 812a89550..9909ac860 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -209,9 +209,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.8",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.8.tgz",
-      "integrity": "sha512-JYqTaP15pt03e7z4Hbzn14RiUwQMia3mSJSyrTfR59x+7n7WeX1v2G+k+xO2AOYPbVdq3X9W3nVGTNTO0FYkbg==",
+      "version": "5.3.9",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.9.tgz",
+      "integrity": "sha512-QPPbcdr73+Uid4rVeQTmRbXnKWD7OFFvFUeD/8lg0ZjEpQ0XoyH8Kb2489FbUFgUJg5GFhLRekwLPkj1YS4gew==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 5c3ad1d33..a6c6cf887 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.5",
-    "@types/mongoose": "~5.3.8",
+    "@types/mongoose": "~5.3.9",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.5",
     "@types/passport": "^1.0.0",

From 8499f9d5ca72c66ce04baa4b56b3486d05c8038f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 25 Jan 2019 05:48:58 +0000
Subject: [PATCH 057/207] Bump @types/sharp from 0.21.1 to 0.21.2 in /api

Bumps [@types/sharp](https://github.com/DefinitelyTyped/DefinitelyTyped) from 0.21.1 to 0.21.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 9909ac860..517fa02f8 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -317,9 +317,9 @@
       }
     },
     "@types/sharp": {
-      "version": "0.21.1",
-      "resolved": "https://registry.npmjs.org/@types/sharp/-/sharp-0.21.1.tgz",
-      "integrity": "sha512-gFidYVlLczx1HUlbCun2B43QRJAfgnGP8dC+bVvlU8Ndnn0X6f82MHtxObqfFbG5S/urn9yFFq3hJrTIRWjinQ==",
+      "version": "0.21.2",
+      "resolved": "https://registry.npmjs.org/@types/sharp/-/sharp-0.21.2.tgz",
+      "integrity": "sha512-HIeqSPUKbC09YAFCVEmDCM7bU/7vmw8YcssiO9lKoZXPMLyAubgYLcmjGYMz2Re6yVXA204LnUcayRfy5hUcGQ==",
       "requires": {
         "@types/node": "*"
       }
diff --git a/api/package.json b/api/package.json
index a6c6cf887..441cbbc90 100644
--- a/api/package.json
+++ b/api/package.json
@@ -33,7 +33,7 @@
   },
   "dependencies": {
     "@types/node-sass": "^3.10.32",
-    "@types/sharp": "^0.21.1",
+    "@types/sharp": "^0.21.2",
     "@types/socket.io": "^2.1.2",
     "app-root-path": "^2.1.0",
     "archiver": "^3.0.0",

From 7070f67fafabb330a736f9c58f5e797677488e30 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 25 Jan 2019 13:18:21 +0000
Subject: [PATCH 058/207] Bump @types/mongoose from 5.3.9 to 5.3.10 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped) from 5.3.9 to 5.3.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 517fa02f8..2262d67b0 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -209,9 +209,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.9",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.9.tgz",
-      "integrity": "sha512-QPPbcdr73+Uid4rVeQTmRbXnKWD7OFFvFUeD/8lg0ZjEpQ0XoyH8Kb2489FbUFgUJg5GFhLRekwLPkj1YS4gew==",
+      "version": "5.3.10",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.10.tgz",
+      "integrity": "sha512-Sl5zbzBtjBMdEldbfiZEuF6p1FQZ+7R9TaFYROpeQzBKW9ZK/Xf0Y+E2mtWSNVM3mMjM/Hzw+20K+j/WV6TenQ==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 441cbbc90..60c196f4e 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.5",
-    "@types/mongoose": "~5.3.9",
+    "@types/mongoose": "~5.3.10",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.5",
     "@types/passport": "^1.0.0",

From 75512a74e4d5d477582d4484d11365ae0c34d944 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 28 Jan 2019 05:21:19 +0000
Subject: [PATCH 059/207] Bump mongoose from 5.4.6 to 5.4.7 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.6 to 5.4.7.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.6...5.4.7)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 2262d67b0..b6469d2f6 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7889,9 +7889,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.6",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.6.tgz",
-      "integrity": "sha512-b5LgAWUsT04LbFfwuwUa5hWyuPKQI8m3V+idAMriqU26P7d32Wu5RmtEBJyy2A5VlHIDtPseAqhLmJ1fGWHBGA==",
+      "version": "5.4.7",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.7.tgz",
+      "integrity": "sha512-bFB9/VHB1FAY2dgTHIjtUYThcIaYSyS0vG0sCpwjW2GZ3XDTykXKV9dlGSWPqJ9+dnSOevdrhoHBgL3b63Or5w==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index 60c196f4e..c3daa4f87 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.6",
+    "mongoose": "~5.4.7",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From f861cce7520acb6c70a2e617a8e0de4d4fc882cb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 31 Jan 2019 06:23:20 +0000
Subject: [PATCH 060/207] Bump highlight.js from 9.13.1 to 9.14.1 in /api

Bumps [highlight.js](https://github.com/highlightjs/highlight.js) from 9.13.1 to 9.14.1.
- [Release notes](https://github.com/highlightjs/highlight.js/releases)
- [Changelog](https://github.com/highlightjs/highlight.js/blob/master/CHANGES.md)
- [Commits](https://github.com/highlightjs/highlight.js/compare/9.13.1...9.14.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index b6469d2f6..7b257c6f0 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -6105,9 +6105,9 @@
       "dev": true
     },
     "highlight.js": {
-      "version": "9.13.1",
-      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.13.1.tgz",
-      "integrity": "sha512-Sc28JNQNDzaH6PORtRLMvif9RSn1mYuOoX3omVjnb0+HbpPygU2ALBI0R/wsiqCb4/fcp07Gdo8g+fhtFrQl6A=="
+      "version": "9.14.1",
+      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.14.1.tgz",
+      "integrity": "sha512-UpSrdhp5jHPbrf9+/bE1p8kxZlh9QHWD24zp2jMxCP1Po9be7XH7GiK5Q00OvCBlji1FVa+nTYOkZqrBE1pcHw=="
     },
     "home-or-tmp": {
       "version": "2.0.0",
diff --git a/api/package.json b/api/package.json
index c3daa4f87..a5f28a163 100644
--- a/api/package.json
+++ b/api/package.json
@@ -42,7 +42,7 @@
     "cookie": "^0.3.1",
     "express": "^4.16.4",
     "fast-csv": "^2.4.1",
-    "highlight.js": "^9.13.1",
+    "highlight.js": "^9.14.1",
     "html-pdf": "^2.2.0",
     "jsonwebtoken": "^8.4.0",
     "markdown-it": "^8.4.2",

From e7a9d7c892e1c53dc6a665782aac43665c19841b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 4 Feb 2019 06:07:46 +0000
Subject: [PATCH 061/207] Bump gulp-typedoc from 2.2.1 to 2.2.2 in /api

Bumps [gulp-typedoc](https://github.com/rogierschouten/gulp-typedoc) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/rogierschouten/gulp-typedoc/releases)
- [Commits](https://github.com/rogierschouten/gulp-typedoc/compare/v2.2.1...v2.2.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 7b257c6f0..698c68924 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -5824,9 +5824,9 @@
       }
     },
     "gulp-typedoc": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/gulp-typedoc/-/gulp-typedoc-2.2.1.tgz",
-      "integrity": "sha512-8zu1pUTZd0fhNRaJceP4ZU5lqcEtmWLuc14AjJvZGQJ7YoL88+1mjEWfCsj6+ydrWPl9uCpT8IB2sTFsaOOZdw==",
+      "version": "2.2.2",
+      "resolved": "https://registry.npmjs.org/gulp-typedoc/-/gulp-typedoc-2.2.2.tgz",
+      "integrity": "sha512-Yd/WoB+NHRFgWqFxNEHym2aIykO3koJq7n62indzBnHoHAZNHbKO5eX+ljkX4OVLt5bmYQZ50RqJCZzS40IalA==",
       "dev": true,
       "requires": {
         "ansi-colors": "^1.0.1",
diff --git a/api/package.json b/api/package.json
index a5f28a163..272d94c48 100644
--- a/api/package.json
+++ b/api/package.json
@@ -100,7 +100,7 @@
     "gulp-sass": "^4.0.2",
     "gulp-sourcemaps": "2.6.4",
     "gulp-tslint": "8.1.3",
-    "gulp-typedoc": "2.2.1",
+    "gulp-typedoc": "2.2.2",
     "gulp-typescript": "5.0.0",
     "mocha-lcov-reporter": "^1.3.0",
     "node-sass": "^4.11.0",

From 81c0a24fa83e86ca05e38fde307895c535771367 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 4 Feb 2019 13:38:22 +0000
Subject: [PATCH 062/207] Bump highlight.js from 9.14.1 to 9.14.2 in /api

Bumps [highlight.js](https://github.com/highlightjs/highlight.js) from 9.14.1 to 9.14.2.
- [Release notes](https://github.com/highlightjs/highlight.js/releases)
- [Changelog](https://github.com/highlightjs/highlight.js/blob/master/CHANGES.md)
- [Commits](https://github.com/highlightjs/highlight.js/compare/9.14.1...9.14.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 698c68924..dfb13e053 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -6105,9 +6105,9 @@
       "dev": true
     },
     "highlight.js": {
-      "version": "9.14.1",
-      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.14.1.tgz",
-      "integrity": "sha512-UpSrdhp5jHPbrf9+/bE1p8kxZlh9QHWD24zp2jMxCP1Po9be7XH7GiK5Q00OvCBlji1FVa+nTYOkZqrBE1pcHw=="
+      "version": "9.14.2",
+      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.14.2.tgz",
+      "integrity": "sha512-Nc6YNECYpxyJABGYJAyw7dBAYbXEuIzwzkqoJnwbc1nIpCiN+3ioYf0XrBnLiyyG0JLuJhpPtt2iTSbXiKLoyA=="
     },
     "home-or-tmp": {
       "version": "2.0.0",
diff --git a/api/package.json b/api/package.json
index 272d94c48..27889e3e5 100644
--- a/api/package.json
+++ b/api/package.json
@@ -42,7 +42,7 @@
     "cookie": "^0.3.1",
     "express": "^4.16.4",
     "fast-csv": "^2.4.1",
-    "highlight.js": "^9.14.1",
+    "highlight.js": "^9.14.2",
     "html-pdf": "^2.2.0",
     "jsonwebtoken": "^8.4.0",
     "markdown-it": "^8.4.2",

From 3b88a7d021b6a7101ae9adf7dcd44845b8b358d9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 7 Feb 2019 18:57:16 +0000
Subject: [PATCH 063/207] [Security] Bump lodash from 4.17.10 to 4.17.11 in
 /api

Bumps [lodash](https://github.com/lodash/lodash) from 4.17.10 to 4.17.11. **This update includes security fixes.**
- [Release notes](https://github.com/lodash/lodash/releases)
- [Changelog](https://github.com/lodash/lodash/blob/master/CHANGELOG)
- [Commits](https://github.com/lodash/lodash/compare/4.17.10...4.17.11)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index dfb13e053..a8d5197ce 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -6977,9 +6977,9 @@
       }
     },
     "lodash": {
-      "version": "4.17.10",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.10.tgz",
-      "integrity": "sha512-UejweD1pDoXu+AD825lWwp4ZGtSwgnpZxb3JDViD7StjQz+Nb/6l093lx4OQ0foGWNRoc19mWy7BzL+UAK2iVg=="
+      "version": "4.17.11",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.11.tgz",
+      "integrity": "sha512-cQKh8igo5QUhZ7lg38DYWAxMvjSAKG0A8wGSVimP07SIUEK2UO+arSRKbRZWtelMtN5V0Hkwh5ryOto/SshYIg=="
     },
     "lodash.assign": {
       "version": "4.2.0",

From 0ce9e1d497ae6cca71911980a3bfa1584848ebf5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 8 Feb 2019 13:23:11 +0000
Subject: [PATCH 064/207] [Security] Bump extend from 3.0.1 to 3.0.2 in /api

Bumps [extend](https://github.com/justmoon/node-extend) from 3.0.1 to 3.0.2. **This update includes security fixes.**
- [Release notes](https://github.com/justmoon/node-extend/releases)
- [Changelog](https://github.com/justmoon/node-extend/blob/master/CHANGELOG.md)
- [Commits](https://github.com/justmoon/node-extend/compare/v3.0.1...v3.0.2)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index a8d5197ce..1b542a5c2 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -3690,9 +3690,9 @@
       }
     },
     "extend": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.1.tgz",
-      "integrity": "sha1-p1Xqe8Gt/MWjHOfnYtuq3F5jZEQ="
+      "version": "3.0.2",
+      "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz",
+      "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g=="
     },
     "extend-shallow": {
       "version": "3.0.2",
@@ -8227,12 +8227,6 @@
             "which": "^1.2.9"
           }
         },
-        "extend": {
-          "version": "3.0.2",
-          "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz",
-          "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==",
-          "dev": true
-        },
         "fast-deep-equal": {
           "version": "2.0.1",
           "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-2.0.1.tgz",

From 18da6bfa4a13e1e0dd835dedd4248475638e8c20 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 8 Feb 2019 13:38:46 +0000
Subject: [PATCH 065/207] Bump bcrypt from 3.0.3 to 3.0.4 in /api

Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases)
- [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kelektiv/node.bcrypt.js/compare/v3.0.3...v3.0.4)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 1b542a5c2..2752d235b 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -1700,9 +1700,9 @@
       }
     },
     "bcrypt": {
-      "version": "3.0.3",
-      "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-3.0.3.tgz",
-      "integrity": "sha512-4EuzUo6K790QC3uq/ogzy9w2Hc7XDIBoEndU5y7l7YaEAwQF8vyFqv6tC30+gOBZvyxk3F632xzKBQoLNz2pjg==",
+      "version": "3.0.4",
+      "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-3.0.4.tgz",
+      "integrity": "sha512-XqmCym97kT6l+jFEKeFvGuNE9aVEFDGsLMv+tIBTXkJI1sHS0g8s7VQEPJagSMPwWiB5Vpr2kVzVKc/YfwWthA==",
       "requires": {
         "nan": "2.12.1",
         "node-pre-gyp": "0.12.0"
diff --git a/api/package.json b/api/package.json
index 27889e3e5..cc5cca95f 100644
--- a/api/package.json
+++ b/api/package.json
@@ -37,7 +37,7 @@
     "@types/socket.io": "^2.1.2",
     "app-root-path": "^2.1.0",
     "archiver": "^3.0.0",
-    "bcrypt": "^3.0.3",
+    "bcrypt": "^3.0.4",
     "body-parser": "^1.18.2",
     "cookie": "^0.3.1",
     "express": "^4.16.4",

From 82b41f98d9a84e1aaed1fbcc3c10c5d0393a8e91 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 11 Feb 2019 05:18:04 +0000
Subject: [PATCH 066/207] Bump mongoose from 5.4.7 to 5.4.11 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.7 to 5.4.11.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.7...5.4.11)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 24 ++++++++++++------------
 api/package.json      |  2 +-
 2 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 2752d235b..48542b47e 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7889,15 +7889,15 @@
       }
     },
     "mongoose": {
-      "version": "5.4.7",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.7.tgz",
-      "integrity": "sha512-bFB9/VHB1FAY2dgTHIjtUYThcIaYSyS0vG0sCpwjW2GZ3XDTykXKV9dlGSWPqJ9+dnSOevdrhoHBgL3b63Or5w==",
+      "version": "5.4.11",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.11.tgz",
+      "integrity": "sha512-Ah/JaZj4vhYP2CEjIy1ictJguzGJczHMtUQmLrBUpnQ4WhhQl5jOo6JHzKiRJ/PdLV25y22kt8WOdsc0DIojww==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
         "kareem": "2.3.0",
-        "mongodb": "3.1.10",
-        "mongodb-core": "3.1.9",
+        "mongodb": "3.1.13",
+        "mongodb-core": "3.1.11",
         "mongoose-legacy-pluralize": "1.0.2",
         "mpath": "0.5.1",
         "mquery": "3.2.0",
@@ -7926,18 +7926,18 @@
           "integrity": "sha512-6hHxsp9e6zQU8nXsP+02HGWXwTkOEw6IROhF2ZA28cYbUk4eJ6QbtZvdqZOdD9YPKghG3apk5eOCvs+tLl3lRg=="
         },
         "mongodb": {
-          "version": "3.1.10",
-          "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.1.10.tgz",
-          "integrity": "sha512-Uml42GeFxhTGQVml1XQ4cD0o/rp7J2ROy0fdYUcVitoE7vFqEhKH4TYVqRDpQr/bXtCJVxJdNQC1ntRxNREkPQ==",
+          "version": "3.1.13",
+          "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.1.13.tgz",
+          "integrity": "sha512-sz2dhvBZQWf3LRNDhbd30KHVzdjZx9IKC0L+kSZ/gzYquCF5zPOgGqRz6sSCqYZtKP2ekB4nfLxhGtzGHnIKxA==",
           "requires": {
-            "mongodb-core": "3.1.9",
+            "mongodb-core": "3.1.11",
             "safe-buffer": "^5.1.2"
           }
         },
         "mongodb-core": {
-          "version": "3.1.9",
-          "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.1.9.tgz",
-          "integrity": "sha512-MJpciDABXMchrZphh3vMcqu8hkNf/Mi+Gk6btOimVg1XMxLXh87j6FAvRm+KmwD1A9fpu3qRQYcbQe4egj23og==",
+          "version": "3.1.11",
+          "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.1.11.tgz",
+          "integrity": "sha512-rD2US2s5qk/ckbiiGFHeu+yKYDXdJ1G87F6CG3YdaZpzdOm5zpoAZd/EKbPmFO6cQZ+XVXBXBJ660sSI0gc6qg==",
           "requires": {
             "bson": "^1.1.0",
             "require_optional": "^1.0.1",
diff --git a/api/package.json b/api/package.json
index cc5cca95f..293e2cc44 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.7",
+    "mongoose": "~5.4.11",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 414593cf0ad6f198f408d296bdd0d794b88d3840 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 11 Feb 2019 22:19:18 +0000
Subject: [PATCH 067/207] Bump @types/mongoose from 5.3.10 to 5.3.12 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped) from 5.3.10 to 5.3.12.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 48542b47e..27febbf16 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -209,9 +209,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.10",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.10.tgz",
-      "integrity": "sha512-Sl5zbzBtjBMdEldbfiZEuF6p1FQZ+7R9TaFYROpeQzBKW9ZK/Xf0Y+E2mtWSNVM3mMjM/Hzw+20K+j/WV6TenQ==",
+      "version": "5.3.12",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.12.tgz",
+      "integrity": "sha512-dmZv3H9lXWhLY8XrxJNu+pVUecquReR3AtPxVsnPTcTH/T/YTgxE0zeTavNcqaBUD5XXKtlTy+2VhZxDkn/0Jw==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 293e2cc44..d6b2c1bc7 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.5",
-    "@types/mongoose": "~5.3.10",
+    "@types/mongoose": "~5.3.12",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.5",
     "@types/passport": "^1.0.0",

From 62adb7d76b0f9fd0d54aca148f245571bfa4fddd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 13 Feb 2019 06:15:06 +0000
Subject: [PATCH 068/207] Bump @types/mongoose from 5.3.12 to 5.3.15 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped) from 5.3.12 to 5.3.15.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 12 ++++++------
 api/package.json      |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 27febbf16..6a152c3b6 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -44,9 +44,9 @@
       }
     },
     "@types/bson": {
-      "version": "1.0.11",
-      "resolved": "https://registry.npmjs.org/@types/bson/-/bson-1.0.11.tgz",
-      "integrity": "sha512-j+UcCWI+FsbI5/FQP/Kj2CXyplWAz39ktHFkXk84h7dNblKRSoNJs95PZFRd96NQGqsPEPgeclqnznWZr14ZDA==",
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/@types/bson/-/bson-4.0.0.tgz",
+      "integrity": "sha512-pq/rqJwJWkbS10crsG5bgnrisL8pML79KlMKQMoQwLUjlPAkrUHMvHJ3oGwE7WHR61Lv/nadMwXVAD2b+fpD8Q==",
       "dev": true,
       "requires": {
         "@types/node": "*"
@@ -209,9 +209,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.12",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.12.tgz",
-      "integrity": "sha512-dmZv3H9lXWhLY8XrxJNu+pVUecquReR3AtPxVsnPTcTH/T/YTgxE0zeTavNcqaBUD5XXKtlTy+2VhZxDkn/0Jw==",
+      "version": "5.3.15",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.15.tgz",
+      "integrity": "sha512-Pj64zQumjylyhNz4sTYVl4ua2dU/ei/6iwXR3DlTXPO+DcmWDk972sUiI0+jpX3e6bXjO06fpq5ADVzGz4PVmw==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index d6b2c1bc7..c84492be1 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.5",
-    "@types/mongoose": "~5.3.12",
+    "@types/mongoose": "~5.3.15",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.5",
     "@types/passport": "^1.0.0",

From 940d9f58d23331c32c51c3cff0dbc1026ad0ab43 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 14 Feb 2019 04:19:16 +0000
Subject: [PATCH 069/207] [Security] Bump handlebars from 4.0.11 to 4.1.0 in
 /api

Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.0.11 to 4.1.0. **This update includes security fixes.**
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/wycats/handlebars.js/blob/v4.1.0/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.0.11...v4.1.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 153 +++++++-----------------------------------
 1 file changed, 24 insertions(+), 129 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 6a152c3b6..7f95de04d 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -395,18 +395,6 @@
         "json-schema-traverse": "^0.3.0"
       }
     },
-    "align-text": {
-      "version": "0.1.4",
-      "resolved": "https://registry.npmjs.org/align-text/-/align-text-0.1.4.tgz",
-      "integrity": "sha1-DNkKVhCT810KmSVsIrcGlDP60Rc=",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "kind-of": "^3.0.2",
-        "longest": "^1.0.1",
-        "repeat-string": "^1.5.2"
-      }
-    },
     "amdefine": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/amdefine/-/amdefine-1.0.1.tgz",
@@ -2486,17 +2474,6 @@
       "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz",
       "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw="
     },
-    "center-align": {
-      "version": "0.1.3",
-      "resolved": "https://registry.npmjs.org/center-align/-/center-align-0.1.3.tgz",
-      "integrity": "sha1-qg0yYptu6XIgBBHL1EYckHvCt60=",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "align-text": "^0.1.3",
-        "lazy-cache": "^1.0.3"
-      }
-    },
     "chai": {
       "version": "4.2.0",
       "resolved": "https://registry.npmjs.org/chai/-/chai-4.2.0.tgz",
@@ -5935,30 +5912,39 @@
       }
     },
     "handlebars": {
-      "version": "4.0.11",
-      "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.0.11.tgz",
-      "integrity": "sha1-Ywo13+ApS8KB7a5v/F0yn8eYLcw=",
+      "version": "4.1.0",
+      "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-4.1.0.tgz",
+      "integrity": "sha512-l2jRuU1NAWK6AW5qqcTATWQJvNPEwkM7NEKSiv/gqOsoSQbVoWyqVEY5GS+XPQ88zLNmqASRpzfdm8d79hJS+w==",
       "dev": true,
       "requires": {
-        "async": "^1.4.0",
+        "async": "^2.5.0",
         "optimist": "^0.6.1",
-        "source-map": "^0.4.4",
-        "uglify-js": "^2.6"
+        "source-map": "^0.6.1",
+        "uglify-js": "^3.1.4"
       },
       "dependencies": {
-        "async": {
-          "version": "1.5.2",
-          "resolved": "https://registry.npmjs.org/async/-/async-1.5.2.tgz",
-          "integrity": "sha1-7GphrlZIDAw8skHJVhjiCJL5Zyo=",
-          "dev": true
+        "commander": {
+          "version": "2.17.1",
+          "resolved": "https://registry.npmjs.org/commander/-/commander-2.17.1.tgz",
+          "integrity": "sha512-wPMUt6FnH2yzG95SA6mzjQOEKUU3aLaDEmzs1ti+1E9h+CsrZghRlqEM/EJ4KscsQVG8uNN4uVreUeT8+drlgg==",
+          "dev": true,
+          "optional": true
         },
         "source-map": {
-          "version": "0.4.4",
-          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.4.4.tgz",
-          "integrity": "sha1-66T12pwNyZneaAMti092FzZSA2s=",
+          "version": "0.6.1",
+          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+          "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+          "dev": true
+        },
+        "uglify-js": {
+          "version": "3.4.9",
+          "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-3.4.9.tgz",
+          "integrity": "sha512-8CJsbKOtEbnJsTyv6LE6m6ZKniqMiFWmm9sRbopbkGs3gMPPfd3Fh8iIA4Ykv5MgaTbqHr4BaoGLJLZNhsrW1Q==",
           "dev": true,
+          "optional": true,
           "requires": {
-            "amdefine": ">=0.0.4"
+            "commander": "~2.17.1",
+            "source-map": "~0.6.1"
           }
         }
       }
@@ -6892,13 +6878,6 @@
         "package-json": "^4.0.0"
       }
     },
-    "lazy-cache": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/lazy-cache/-/lazy-cache-1.0.4.tgz",
-      "integrity": "sha1-odePw6UEdMuAhF07O24dpJpEbo4=",
-      "dev": true,
-      "optional": true
-    },
     "lazystream": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/lazystream/-/lazystream-1.0.0.tgz",
@@ -7075,13 +7054,6 @@
       "integrity": "sha512-U7KCmLdqsGHBLeWqYlFA0V0Sl6P08EE1ZrmA9cxjUE0WVqT9qnyVDPz1kzpFEP0jdJuFnasWIfSd7fsaNXkpbg==",
       "dev": true
     },
-    "longest": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/longest/-/longest-1.0.1.tgz",
-      "integrity": "sha1-MKCy2jj3N3DoKUoNIuZiXtd9AJc=",
-      "dev": true,
-      "optional": true
-    },
     "loose-envify": {
       "version": "1.3.1",
       "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.3.1.tgz",
@@ -10046,16 +10018,6 @@
       "integrity": "sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg==",
       "dev": true
     },
-    "right-align": {
-      "version": "0.1.3",
-      "resolved": "https://registry.npmjs.org/right-align/-/right-align-0.1.3.tgz",
-      "integrity": "sha1-YTObci/mo1FWiSENJOFMlhSGE+8=",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "align-text": "^0.1.1"
-      }
-    },
     "rimraf": {
       "version": "2.6.3",
       "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz",
@@ -11467,73 +11429,6 @@
       "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.5.tgz",
       "integrity": "sha512-JoLI4g5zv5qNyT09f4YAvEZIIV1oOjqnewYg5D38dkQljIzpPT296dbIGvKro3digYI1bkb7W6EP1y4uDlmzLg=="
     },
-    "uglify-js": {
-      "version": "2.8.29",
-      "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.8.29.tgz",
-      "integrity": "sha1-KcVzMUgFe7Th913zW3qcty5qWd0=",
-      "dev": true,
-      "optional": true,
-      "requires": {
-        "source-map": "~0.5.1",
-        "uglify-to-browserify": "~1.0.0",
-        "yargs": "~3.10.0"
-      },
-      "dependencies": {
-        "camelcase": {
-          "version": "1.2.1",
-          "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-1.2.1.tgz",
-          "integrity": "sha1-m7UwTS4LVmmLLHWLCKPqqdqlijk=",
-          "dev": true,
-          "optional": true
-        },
-        "cliui": {
-          "version": "2.1.0",
-          "resolved": "https://registry.npmjs.org/cliui/-/cliui-2.1.0.tgz",
-          "integrity": "sha1-S0dXYP+AJkx2LDoXGQMukcf+oNE=",
-          "dev": true,
-          "optional": true,
-          "requires": {
-            "center-align": "^0.1.1",
-            "right-align": "^0.1.1",
-            "wordwrap": "0.0.2"
-          }
-        },
-        "window-size": {
-          "version": "0.1.0",
-          "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.1.0.tgz",
-          "integrity": "sha1-VDjNLqk7IC76Ohn+iIeu58lPnJ0=",
-          "dev": true,
-          "optional": true
-        },
-        "wordwrap": {
-          "version": "0.0.2",
-          "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.2.tgz",
-          "integrity": "sha1-t5Zpu0LstAn4PVg8rVLKF+qhZD8=",
-          "dev": true,
-          "optional": true
-        },
-        "yargs": {
-          "version": "3.10.0",
-          "resolved": "https://registry.npmjs.org/yargs/-/yargs-3.10.0.tgz",
-          "integrity": "sha1-9+572FfdfB0tOMDnTvvWgdFDH9E=",
-          "dev": true,
-          "optional": true,
-          "requires": {
-            "camelcase": "^1.0.2",
-            "cliui": "^2.1.0",
-            "decamelize": "^1.0.0",
-            "window-size": "0.1.0"
-          }
-        }
-      }
-    },
-    "uglify-to-browserify": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/uglify-to-browserify/-/uglify-to-browserify-1.0.2.tgz",
-      "integrity": "sha1-bgkk1r2mta/jSeOabWMoUKD4grc=",
-      "dev": true,
-      "optional": true
-    },
     "unc-path-regex": {
       "version": "0.1.2",
       "resolved": "https://registry.npmjs.org/unc-path-regex/-/unc-path-regex-0.1.2.tgz",

From 31d2d8f49ea14a7d84b329daa09a877ccd6b3894 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 14 Feb 2019 14:02:48 +0000
Subject: [PATCH 070/207] Bump @types/mocha from 5.2.5 to 5.2.6 in /api

Bumps [@types/mocha](https://github.com/DefinitelyTyped/DefinitelyTyped) from 5.2.5 to 5.2.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 7f95de04d..2530f835d 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -193,9 +193,9 @@
       "dev": true
     },
     "@types/mocha": {
-      "version": "5.2.5",
-      "resolved": "https://registry.npmjs.org/@types/mocha/-/mocha-5.2.5.tgz",
-      "integrity": "sha512-lAVp+Kj54ui/vLUFxsJTMtWvZraZxum3w3Nwkble2dNuV5VnPA+Mi2oGX9XYJAaIvZi3tn3cbjS/qcJXRb6Bww==",
+      "version": "5.2.6",
+      "resolved": "https://registry.npmjs.org/@types/mocha/-/mocha-5.2.6.tgz",
+      "integrity": "sha512-1axi39YdtBI7z957vdqXI4Ac25e7YihYQtJa+Clnxg1zTJEaIRbndt71O3sP4GAMgiAm0pY26/b9BrY4MR/PMw==",
       "dev": true
     },
     "@types/mongodb": {
diff --git a/api/package.json b/api/package.json
index c84492be1..30bccaa87 100644
--- a/api/package.json
+++ b/api/package.json
@@ -79,7 +79,7 @@
     "@types/express": "^4.16.1",
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
-    "@types/mocha": "^5.2.5",
+    "@types/mocha": "^5.2.6",
     "@types/mongoose": "~5.3.15",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.5",

From 865d429e974b4158ce05631fa519d62943129732 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 15 Feb 2019 05:58:54 +0000
Subject: [PATCH 071/207] Bump @types/mongoose from 5.3.15 to 5.3.17 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped) from 5.3.15 to 5.3.17.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 2530f835d..5b068959a 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -209,9 +209,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.15",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.15.tgz",
-      "integrity": "sha512-Pj64zQumjylyhNz4sTYVl4ua2dU/ei/6iwXR3DlTXPO+DcmWDk972sUiI0+jpX3e6bXjO06fpq5ADVzGz4PVmw==",
+      "version": "5.3.17",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.17.tgz",
+      "integrity": "sha512-LkddA9pB/c2H3en2wFkHLOTUJJ8i/gzCs3R9fh1VkL0vJnZo3av/lJleVoKe6h6puB0S7Uy+NSLDkR5QTNbSfg==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 30bccaa87..ec0e5f9a4 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.6",
-    "@types/mongoose": "~5.3.15",
+    "@types/mongoose": "~5.3.17",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.5",
     "@types/passport": "^1.0.0",

From 90b7d9d032c6148b7faa36865a8e010915f25cb8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 15 Feb 2019 10:04:37 +0000
Subject: [PATCH 072/207] Bump @types/raven from 2.5.2 to 2.5.3 in /api

Bumps [@types/raven](https://github.com/DefinitelyTyped/DefinitelyTyped) from 2.5.2 to 2.5.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 5b068959a..d551e713b 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -298,9 +298,9 @@
       "dev": true
     },
     "@types/raven": {
-      "version": "2.5.2",
-      "resolved": "https://registry.npmjs.org/@types/raven/-/raven-2.5.2.tgz",
-      "integrity": "sha512-Ex6Vqx82JCs3SbRPGooeUaIuolJ3WYdMdY+2C8Ko7a66NoLEA3V79FqWlhS7bTieOPs5vrLlu/vxBlJIwobNeQ==",
+      "version": "2.5.3",
+      "resolved": "https://registry.npmjs.org/@types/raven/-/raven-2.5.3.tgz",
+      "integrity": "sha512-k6vxiX5I6/GEqJS9mMYPVIgMJf/X26n09NfzuqBpdcEp684RIwpdrwCgSyJGuy8EaSG1wc2rFP7xVEAixPzw7Q==",
       "dev": true,
       "requires": {
         "@types/node": "*"
diff --git a/api/package.json b/api/package.json
index ec0e5f9a4..0cac66c84 100644
--- a/api/package.json
+++ b/api/package.json
@@ -86,7 +86,7 @@
     "@types/passport": "^1.0.0",
     "@types/passport-jwt": "^3.0.1",
     "@types/passport-local": "^1.0.33",
-    "@types/raven": "^2.5.2",
+    "@types/raven": "^2.5.3",
     "@types/validator": "^10.9.0",
     "chai": "4.2.0",
     "chai-http": "^4.2.1",

From 3eb911daacb8b368639ca1440760cd67a48ffa65 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 15 Feb 2019 11:39:03 +0000
Subject: [PATCH 073/207] Bump mongoose from 5.4.11 to 5.4.12 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.11 to 5.4.12.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.11...5.4.12)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 20 ++++++++++++++++----
 api/package.json      |  2 +-
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index d551e713b..3197923b8 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7861,9 +7861,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.11",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.11.tgz",
-      "integrity": "sha512-Ah/JaZj4vhYP2CEjIy1ictJguzGJczHMtUQmLrBUpnQ4WhhQl5jOo6JHzKiRJ/PdLV25y22kt8WOdsc0DIojww==",
+      "version": "5.4.12",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.12.tgz",
+      "integrity": "sha512-+Xlw2JhARps/yAtMaWluJnHAidk+v38YhJNu1nX4RYleQIyXYnzFlANoD01vZyZL8X6PjOwkWDjnMFbfyy9Shg==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
@@ -7873,7 +7873,7 @@
         "mongoose-legacy-pluralize": "1.0.2",
         "mpath": "0.5.1",
         "mquery": "3.2.0",
-        "ms": "2.0.0",
+        "ms": "2.1.1",
         "regexp-clone": "0.0.1",
         "safe-buffer": "5.1.2",
         "sliced": "1.0.1"
@@ -7890,6 +7890,13 @@
           "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==",
           "requires": {
             "ms": "2.0.0"
+          },
+          "dependencies": {
+            "ms": {
+              "version": "2.0.0",
+              "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
+              "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
+            }
           }
         },
         "kareem": {
@@ -7933,6 +7940,11 @@
             "safe-buffer": "5.1.2",
             "sliced": "1.0.1"
           }
+        },
+        "ms": {
+          "version": "2.1.1",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz",
+          "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg=="
         }
       }
     },
diff --git a/api/package.json b/api/package.json
index 0cac66c84..ac68dbd49 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.11",
+    "mongoose": "~5.4.12",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From e2894c81a0a29bdf35a421a1adb3c0c84eed25f3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 15 Feb 2019 12:16:50 +0000
Subject: [PATCH 074/207] Bump @types/nodemailer from 4.6.5 to 4.6.6 in /api

Bumps [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped) from 4.6.5 to 4.6.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 7 +++----
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 3197923b8..7749f13bb 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -241,12 +241,11 @@
       }
     },
     "@types/nodemailer": {
-      "version": "4.6.5",
-      "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-4.6.5.tgz",
-      "integrity": "sha512-cbs2HFLj33TBqzcCqTrs+6/mgTX3xl0odbApv3vTdF2+JERLxh5rDZCasXhvy+YqaiUNBr2I1RjNCdbKGs1Bnw==",
+      "version": "4.6.6",
+      "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-4.6.6.tgz",
+      "integrity": "sha512-N2czhXs7fbQhvoquEGzmHAWttnxLfrM3+cWMRFX4hTQq4GE3VyaSE3MOOse4VoNgvtti/H5ow/Hq9KXu/UMWqA==",
       "dev": true,
       "requires": {
-        "@types/events": "*",
         "@types/node": "*"
       }
     },
diff --git a/api/package.json b/api/package.json
index ac68dbd49..0841b1783 100644
--- a/api/package.json
+++ b/api/package.json
@@ -82,7 +82,7 @@
     "@types/mocha": "^5.2.6",
     "@types/mongoose": "~5.3.17",
     "@types/morgan": "1.7.35",
-    "@types/nodemailer": "^4.6.5",
+    "@types/nodemailer": "^4.6.6",
     "@types/passport": "^1.0.0",
     "@types/passport-jwt": "^3.0.1",
     "@types/passport-local": "^1.0.33",

From 5786a24277ad57928752bc4349124d861055e057 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 19 Feb 2019 06:22:16 +0000
Subject: [PATCH 075/207] Bump gulp-sourcemaps from 2.6.4 to 2.6.5 in /api

Bumps [gulp-sourcemaps](https://github.com/gulp-sourcemaps/gulp-sourcemaps) from 2.6.4 to 2.6.5.
- [Release notes](https://github.com/gulp-sourcemaps/gulp-sourcemaps/releases)
- [Commits](https://github.com/gulp-sourcemaps/gulp-sourcemaps/compare/v2.6.4...v2.6.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 96 +++++++++++++++++++++++++++----------------
 api/package.json      |  2 +-
 2 files changed, 61 insertions(+), 37 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 7749f13bb..d855a217c 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -5,16 +5,24 @@
   "requires": true,
   "dependencies": {
     "@gulp-sourcemaps/identity-map": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/@gulp-sourcemaps/identity-map/-/identity-map-1.0.1.tgz",
-      "integrity": "sha1-z6I7xYQPkQTOMqZedNt+epdLvuE=",
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/@gulp-sourcemaps/identity-map/-/identity-map-1.0.2.tgz",
+      "integrity": "sha512-ciiioYMLdo16ShmfHBXJBOFm3xPC4AuwO4xeRpFeHz7WK9PYsWCmigagG2XyzZpubK4a3qNKoUBDhbzHfa50LQ==",
       "dev": true,
       "requires": {
         "acorn": "^5.0.3",
         "css": "^2.2.1",
         "normalize-path": "^2.1.1",
-        "source-map": "^0.5.6",
+        "source-map": "^0.6.0",
         "through2": "^2.0.3"
+      },
+      "dependencies": {
+        "source-map": {
+          "version": "0.6.1",
+          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+          "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+          "dev": true
+        }
       }
     },
     "@gulp-sourcemaps/map-sources": {
@@ -373,9 +381,9 @@
       }
     },
     "acorn": {
-      "version": "5.7.1",
-      "resolved": "https://registry.npmjs.org/acorn/-/acorn-5.7.1.tgz",
-      "integrity": "sha512-d+nbxBUGKg7Arpsvbnlq61mc12ek3EY8EQldM3GPAhWJ1UVxC6TDGbIvUMNU6obBX3i1+ptCIzV4vq0gFPEGVQ==",
+      "version": "5.7.3",
+      "resolved": "https://registry.npmjs.org/acorn/-/acorn-5.7.3.tgz",
+      "integrity": "sha512-T/zvzYRfbVojPWahDsE5evJdHb3oJoQfFbsrKM7w5Zcs++Tr257tia3BmMP8XYVjp1S9RZXQMh7gao96BlqZOw==",
       "dev": true
     },
     "after": {
@@ -2951,25 +2959,22 @@
       "dev": true
     },
     "css": {
-      "version": "2.2.3",
-      "resolved": "https://registry.npmjs.org/css/-/css-2.2.3.tgz",
-      "integrity": "sha512-0W171WccAjQGGTKLhw4m2nnl0zPHUlTO/I8td4XzJgIB8Hg3ZZx71qT4G4eX8OVsSiaAKiUMy73E3nsbPlg2DQ==",
+      "version": "2.2.4",
+      "resolved": "https://registry.npmjs.org/css/-/css-2.2.4.tgz",
+      "integrity": "sha512-oUnjmWpy0niI3x/mPL8dVEI1l7MnG3+HHyRPHf+YFSbK+svOhXpmSOcDURUh2aOCgl2grzrOPt1nHLuCVFULLw==",
       "dev": true,
       "requires": {
-        "inherits": "^2.0.1",
-        "source-map": "^0.1.38",
-        "source-map-resolve": "^0.5.1",
+        "inherits": "^2.0.3",
+        "source-map": "^0.6.1",
+        "source-map-resolve": "^0.5.2",
         "urix": "^0.1.0"
       },
       "dependencies": {
         "source-map": {
-          "version": "0.1.43",
-          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.43.tgz",
-          "integrity": "sha1-wkvBRspRfBRx9drL4lcbK3+eM0Y=",
-          "dev": true,
-          "requires": {
-            "amdefine": ">=0.0.4"
-          }
+          "version": "0.6.1",
+          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.6.1.tgz",
+          "integrity": "sha512-UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g==",
+          "dev": true
         }
       }
     },
@@ -3041,13 +3046,19 @@
       },
       "dependencies": {
         "debug": {
-          "version": "3.1.0",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz",
-          "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==",
+          "version": "3.2.6",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz",
+          "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==",
           "dev": true,
           "requires": {
-            "ms": "2.0.0"
+            "ms": "^2.1.1"
           }
+        },
+        "ms": {
+          "version": "2.1.1",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz",
+          "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg==",
+          "dev": true
         }
       }
     },
@@ -5716,9 +5727,9 @@
       }
     },
     "gulp-sourcemaps": {
-      "version": "2.6.4",
-      "resolved": "https://registry.npmjs.org/gulp-sourcemaps/-/gulp-sourcemaps-2.6.4.tgz",
-      "integrity": "sha1-y7IAhFCxvM5s0jv5gze+dRv24wo=",
+      "version": "2.6.5",
+      "resolved": "https://registry.npmjs.org/gulp-sourcemaps/-/gulp-sourcemaps-2.6.5.tgz",
+      "integrity": "sha512-SYLBRzPTew8T5Suh2U8jCSDKY+4NARua4aqjj8HOysBh2tSgT9u4jc1FYirAdPx1akUxxDeK++fqw6Jg0LkQRg==",
       "dev": true,
       "requires": {
         "@gulp-sourcemaps/identity-map": "1.X",
@@ -7534,19 +7545,19 @@
       "integrity": "sha1-hxDXrwqmJvj/+hzgAWhUUmMlV0g="
     },
     "memoizee": {
-      "version": "0.4.12",
-      "resolved": "https://registry.npmjs.org/memoizee/-/memoizee-0.4.12.tgz",
-      "integrity": "sha512-sprBu6nwxBWBvBOh5v2jcsGqiGLlL2xr2dLub3vR8dnE8YB17omwtm/0NSHl8jjNbcsJd5GMWJAnTSVe/O0Wfg==",
+      "version": "0.4.14",
+      "resolved": "https://registry.npmjs.org/memoizee/-/memoizee-0.4.14.tgz",
+      "integrity": "sha512-/SWFvWegAIYAO4NQMpcX+gcra0yEZu4OntmUdrBaWrJncxOqAziGFlHxc7yjKVK2uu3lpPW27P27wkR82wA8mg==",
       "dev": true,
       "requires": {
         "d": "1",
-        "es5-ext": "^0.10.30",
+        "es5-ext": "^0.10.45",
         "es6-weak-map": "^2.0.2",
         "event-emitter": "^0.3.5",
         "is-promise": "^2.1",
         "lru-queue": "0.1",
         "next-tick": "1",
-        "timers-ext": "^0.1.2"
+        "timers-ext": "^0.1.5"
       }
     },
     "memory-pager": {
@@ -11123,13 +11134,26 @@
       "integrity": "sha1-8y6srFoXW+ol1/q1Zas+2HQe9W8="
     },
     "timers-ext": {
-      "version": "0.1.5",
-      "resolved": "https://registry.npmjs.org/timers-ext/-/timers-ext-0.1.5.tgz",
-      "integrity": "sha512-tsEStd7kmACHENhsUPaxb8Jf8/+GZZxyNFQbZD07HQOyooOa6At1rQqjffgvg7n+dxscQa9cjjMdWhJtsP2sxg==",
+      "version": "0.1.7",
+      "resolved": "https://registry.npmjs.org/timers-ext/-/timers-ext-0.1.7.tgz",
+      "integrity": "sha512-b85NUNzTSdodShTIbky6ZF02e8STtVVfD+fu4aXXShEELpozH+bCpJLYMPZbsABN2wDH7fJpqIoXxJpzbf0NqQ==",
       "dev": true,
       "requires": {
-        "es5-ext": "~0.10.14",
+        "es5-ext": "~0.10.46",
         "next-tick": "1"
+      },
+      "dependencies": {
+        "es5-ext": {
+          "version": "0.10.47",
+          "resolved": "https://registry.npmjs.org/es5-ext/-/es5-ext-0.10.47.tgz",
+          "integrity": "sha512-/1TItLfj+TTfWoeRcDn/0FbGV6SNo4R+On2GGVucPU/j3BWnXE2Co8h8CTo4Tu34gFJtnmwS9xiScKs4EjZhdw==",
+          "dev": true,
+          "requires": {
+            "es6-iterator": "~2.0.3",
+            "es6-symbol": "~3.1.1",
+            "next-tick": "1"
+          }
+        }
       }
     },
     "to-absolute-glob": {
diff --git a/api/package.json b/api/package.json
index 0841b1783..9e6ac4b37 100644
--- a/api/package.json
+++ b/api/package.json
@@ -98,7 +98,7 @@
     "gulp-nodemon": "2.4.2",
     "gulp-plumber": "1.2.1",
     "gulp-sass": "^4.0.2",
-    "gulp-sourcemaps": "2.6.4",
+    "gulp-sourcemaps": "2.6.5",
     "gulp-tslint": "8.1.3",
     "gulp-typedoc": "2.2.2",
     "gulp-typescript": "5.0.0",

From dc79c47e3867b098e67d73ad6254637fb492c245 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 19 Feb 2019 20:38:23 +0000
Subject: [PATCH 076/207] Bump mongoose from 5.4.12 to 5.4.14 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.12 to 5.4.14.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.12...5.4.14)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index d855a217c..e0813f7f4 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7871,9 +7871,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.12",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.12.tgz",
-      "integrity": "sha512-+Xlw2JhARps/yAtMaWluJnHAidk+v38YhJNu1nX4RYleQIyXYnzFlANoD01vZyZL8X6PjOwkWDjnMFbfyy9Shg==",
+      "version": "5.4.14",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.14.tgz",
+      "integrity": "sha512-lAISH4xdx0/o0bVWPB4bxApP3bA1b08oHPEjTBq3/mIr4R494hepDJJowByBgpGYf8tj/oe6VkFCx8wbRcOciA==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index 9e6ac4b37..1ab34d1bc 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.12",
+    "mongoose": "~5.4.14",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 159b4ecf3e9784e97231eaed87cbfde3ba4d558f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 20 Feb 2019 06:10:09 +0000
Subject: [PATCH 077/207] Bump @types/node-sass from 3.10.32 to 4.11.0 in /api

Bumps [@types/node-sass](https://github.com/DefinitelyTyped/DefinitelyTyped) from 3.10.32 to 4.11.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index e0813f7f4..0f7b589da 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -241,9 +241,9 @@
       "integrity": "sha512-YMLlzdeNnAyLrQew39IFRkMacAR5BqKGIEei9ZjdHsIZtv+ZWKYTu1i7QJhetxQ9ReXx8w5f+cixdHZG3zgMQA=="
     },
     "@types/node-sass": {
-      "version": "3.10.32",
-      "resolved": "http://registry.npmjs.org/@types/node-sass/-/node-sass-3.10.32.tgz",
-      "integrity": "sha1-spbM5xRP+rd7hAkMqtTx5Lvqjgk=",
+      "version": "4.11.0",
+      "resolved": "http://registry.npmjs.org/@types/node-sass/-/node-sass-4.11.0.tgz",
+      "integrity": "sha512-uNpVWhwVmbB5luE7b8vxcJwu5np75YkVTBJS0O3ar+hrxqLfyhOKXg9NYBwJ6mMQX/V6/8d6mMZTB7x2r5x9Bw==",
       "requires": {
         "@types/node": "*"
       }
diff --git a/api/package.json b/api/package.json
index 1ab34d1bc..9da687d48 100644
--- a/api/package.json
+++ b/api/package.json
@@ -32,7 +32,7 @@
     "migrate:inspect": "gulp migrate:inspect"
   },
   "dependencies": {
-    "@types/node-sass": "^3.10.32",
+    "@types/node-sass": "^4.11.0",
     "@types/sharp": "^0.21.2",
     "@types/socket.io": "^2.1.2",
     "app-root-path": "^2.1.0",

From b284c05c94f118478cfd78e69ad2850b471f7769 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 20 Feb 2019 15:47:49 +0000
Subject: [PATCH 078/207] Bump @types/mongoose from 5.3.17 to 5.3.18 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped) from 5.3.17 to 5.3.18.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 0f7b589da..6e1d74b75 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -217,9 +217,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.17",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.17.tgz",
-      "integrity": "sha512-LkddA9pB/c2H3en2wFkHLOTUJJ8i/gzCs3R9fh1VkL0vJnZo3av/lJleVoKe6h6puB0S7Uy+NSLDkR5QTNbSfg==",
+      "version": "5.3.18",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.18.tgz",
+      "integrity": "sha512-1kR2A7Uf5iA3HehtzcXqVmr/zn1DFlwkmMcP2mTPkAlXNjZwa+F+2wdEfFOilLHEQkPHQ2dcfmYuBjBDA8YQkQ==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 9da687d48..bf0c511e8 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.6",
-    "@types/mongoose": "~5.3.17",
+    "@types/mongoose": "~5.3.18",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.6",
     "@types/passport": "^1.0.0",

From d00fdfba392b16479cd5d5af171e32aefc63716c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 21 Feb 2019 05:55:30 +0000
Subject: [PATCH 079/207] Bump jsonwebtoken from 8.4.0 to 8.5.0 in /api

Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 8.4.0 to 8.5.0.
- [Release notes](https://github.com/auth0/node-jsonwebtoken/releases)
- [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](https://github.com/auth0/node-jsonwebtoken/compare/v8.4.0...v8.5.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 38 ++++++++++++++++++++++----------------
 api/package.json      |  2 +-
 2 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 6e1d74b75..cd212636e 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -3327,9 +3327,9 @@
       }
     },
     "ecdsa-sig-formatter": {
-      "version": "1.0.10",
-      "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.10.tgz",
-      "integrity": "sha1-HFlQAPBKiJffuFAAiSoPTDOvhsM=",
+      "version": "1.0.11",
+      "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz",
+      "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==",
       "requires": {
         "safe-buffer": "^5.0.1"
       }
@@ -6774,11 +6774,11 @@
       "dev": true
     },
     "jsonwebtoken": {
-      "version": "8.4.0",
-      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.4.0.tgz",
-      "integrity": "sha512-coyXjRTCy0pw5WYBpMvWOMN+Kjaik2MwTUIq9cna/W7NpO9E+iYbumZONAz3hcr+tXFJECoQVrtmIoC3Oz0gvg==",
+      "version": "8.5.0",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.0.tgz",
+      "integrity": "sha512-IqEycp0znWHNA11TpYi77bVgyBO/pGESDh7Ajhas+u0ttkGkKYIIAjniL4Bw5+oVejVF+SYkaI7XKfwCCyeTuA==",
       "requires": {
-        "jws": "^3.1.5",
+        "jws": "^3.2.1",
         "lodash.includes": "^4.3.0",
         "lodash.isboolean": "^3.0.3",
         "lodash.isinteger": "^4.0.4",
@@ -6786,13 +6786,19 @@
         "lodash.isplainobject": "^4.0.6",
         "lodash.isstring": "^4.0.1",
         "lodash.once": "^4.0.0",
-        "ms": "^2.1.1"
+        "ms": "^2.1.1",
+        "semver": "^5.6.0"
       },
       "dependencies": {
         "ms": {
           "version": "2.1.1",
           "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz",
           "integrity": "sha512-tgp+dl5cGk28utYktBsrFqA7HKgrhgPsg6Z/EfhWI4gl1Hwq8B/GmY/0oXZ6nF8hDVesS/FpnYaD/kOWhYQvyg=="
+        },
+        "semver": {
+          "version": "5.6.0",
+          "resolved": "https://registry.npmjs.org/semver/-/semver-5.6.0.tgz",
+          "integrity": "sha512-RS9R6R35NYgQn++fkDWaOmqGoj4Ek9gGs+DPxNUZKuwE183xjJroKvyo1IzVFeXvUrvmALy6FWD5xrdJT25gMg=="
         }
       }
     },
@@ -6814,21 +6820,21 @@
       "dev": true
     },
     "jwa": {
-      "version": "1.1.6",
-      "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.1.6.tgz",
-      "integrity": "sha512-tBO/cf++BUsJkYql/kBbJroKOgHWEigTKBAjjBEmrMGYd1QMBC74Hr4Wo2zCZw6ZrVhlJPvoMrkcOnlWR/DJfw==",
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.3.0.tgz",
+      "integrity": "sha512-SxObIyzv9a6MYuZYaSN6DhSm9j3+qkokwvCB0/OTSV5ylPq1wUQiygZQcHT5Qlux0I5kmISx3J86TxKhuefItg==",
       "requires": {
         "buffer-equal-constant-time": "1.0.1",
-        "ecdsa-sig-formatter": "1.0.10",
+        "ecdsa-sig-formatter": "1.0.11",
         "safe-buffer": "^5.0.1"
       }
     },
     "jws": {
-      "version": "3.1.5",
-      "resolved": "https://registry.npmjs.org/jws/-/jws-3.1.5.tgz",
-      "integrity": "sha512-GsCSexFADNQUr8T5HPJvayTjvPIfoyJPtLQBwn5a4WZQchcrPMPMAWcC1AzJVRDKyD6ZPROPAxgv6rfHViO4uQ==",
+      "version": "3.2.1",
+      "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.1.tgz",
+      "integrity": "sha512-bGA2omSrFUkd72dhh05bIAN832znP4wOU3lfuXtRBuGTbsmNmDXMQg28f0Vsxaxgk4myF5YkKQpz6qeRpMgX9g==",
       "requires": {
-        "jwa": "^1.1.5",
+        "jwa": "^1.2.0",
         "safe-buffer": "^5.0.1"
       }
     },
diff --git a/api/package.json b/api/package.json
index bf0c511e8..19af77103 100644
--- a/api/package.json
+++ b/api/package.json
@@ -44,7 +44,7 @@
     "fast-csv": "^2.4.1",
     "highlight.js": "^9.14.2",
     "html-pdf": "^2.2.0",
-    "jsonwebtoken": "^8.4.0",
+    "jsonwebtoken": "^8.5.0",
     "markdown-it": "^8.4.2",
     "markdown-it-abbr": "^1.0.4",
     "markdown-it-container": "^2.0.0",

From 917222b808f51b372af5d2a5e44f4d7b94a177b4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 22 Feb 2019 05:40:16 +0000
Subject: [PATCH 080/207] Bump @types/mongoose from 5.3.18 to 5.3.19 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mongoose) from 5.3.18 to 5.3.19.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/mongoose)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index cd212636e..c0dd7a532 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -217,9 +217,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.18",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.18.tgz",
-      "integrity": "sha512-1kR2A7Uf5iA3HehtzcXqVmr/zn1DFlwkmMcP2mTPkAlXNjZwa+F+2wdEfFOilLHEQkPHQ2dcfmYuBjBDA8YQkQ==",
+      "version": "5.3.19",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.19.tgz",
+      "integrity": "sha512-CKEDkcGBIXmvPNq/0NCbckVR2xndxpCk8CQHb0Dh1UreWSr6HuegT2WuxllNJZm5lXl2XxWBzCW0kwPtLKmtbQ==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 19af77103..c3695bf31 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.6",
-    "@types/mongoose": "~5.3.18",
+    "@types/mongoose": "~5.3.19",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.6",
     "@types/passport": "^1.0.0",

From d012b3ab40e590be07d0ef6d9919e9ee2317ea3b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 22 Feb 2019 15:54:32 +0000
Subject: [PATCH 081/207] Bump gulp-tslint from 8.1.3 to 8.1.4 in /api

Bumps [gulp-tslint](https://github.com/panuhorsmalahti/gulp-tslint) from 8.1.3 to 8.1.4.
- [Release notes](https://github.com/panuhorsmalahti/gulp-tslint/releases)
- [Changelog](https://github.com/panuhorsmalahti/gulp-tslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/panuhorsmalahti/gulp-tslint/commits)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 55 +++++++++++++++----------------------------
 api/package.json      |  2 +-
 2 files changed, 20 insertions(+), 37 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index c0dd7a532..28b3db4b1 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -5754,59 +5754,36 @@
       }
     },
     "gulp-tslint": {
-      "version": "8.1.3",
-      "resolved": "https://registry.npmjs.org/gulp-tslint/-/gulp-tslint-8.1.3.tgz",
-      "integrity": "sha512-KEP350N5B9Jg6o6jnyCyKVBPemJePYpMsGfIQq0G0ErvY7tw4Lrfb/y3L4WRf7ek0OsaE8nnj86w+lcLXW8ovw==",
+      "version": "8.1.4",
+      "resolved": "https://registry.npmjs.org/gulp-tslint/-/gulp-tslint-8.1.4.tgz",
+      "integrity": "sha512-wBoZIEMJRz9urHwolsvQpngA9l931p6g/Liwz1b/KrsVP6jEBFZv/o0NS1TFCQZi/l8mXxz8+v3twhf4HOXxPQ==",
       "dev": true,
       "requires": {
         "@types/fancy-log": "1.3.0",
-        "chalk": "2.3.1",
-        "fancy-log": "1.3.2",
+        "ansi-colors": "^1.0.1",
+        "fancy-log": "1.3.3",
         "map-stream": "~0.0.7",
         "plugin-error": "1.0.1",
         "through": "~2.3.8"
       },
       "dependencies": {
-        "ansi-styles": {
-          "version": "3.2.1",
-          "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz",
-          "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==",
-          "dev": true,
-          "requires": {
-            "color-convert": "^1.9.0"
-          }
-        },
-        "chalk": {
-          "version": "2.3.1",
-          "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.3.1.tgz",
-          "integrity": "sha512-QUU4ofkDoMIVO7hcx1iPTISs88wsO8jA92RQIm4JAwZvFGGAV2hSAA1NX7oVj2Ej2Q6NDTcRDjPTFrMCRZoJ6g==",
+        "fancy-log": {
+          "version": "1.3.3",
+          "resolved": "https://registry.npmjs.org/fancy-log/-/fancy-log-1.3.3.tgz",
+          "integrity": "sha512-k9oEhlyc0FrVh25qYuSELjr8oxsCoc4/LEZfg2iJJrfEk/tZL9bCoJE47gqAvI2m/AUjluCS4+3I0eTx8n3AEw==",
           "dev": true,
           "requires": {
-            "ansi-styles": "^3.2.0",
-            "escape-string-regexp": "^1.0.5",
-            "supports-color": "^5.2.0"
+            "ansi-gray": "^0.1.1",
+            "color-support": "^1.1.3",
+            "parse-node-version": "^1.0.0",
+            "time-stamp": "^1.0.0"
           }
         },
-        "has-flag": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz",
-          "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=",
-          "dev": true
-        },
         "map-stream": {
           "version": "0.0.7",
           "resolved": "https://registry.npmjs.org/map-stream/-/map-stream-0.0.7.tgz",
           "integrity": "sha1-ih8HiW2CsQkmvTdEokIACfiJdKg=",
           "dev": true
-        },
-        "supports-color": {
-          "version": "5.4.0",
-          "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.4.0.tgz",
-          "integrity": "sha512-zjaXglF5nnWpsq470jSv6P9DwPvgLkuapYmfDm3JWOm0vkNTVF2tI4UrN2r6jH1qM/uc/WtxYY1hYoA2dOKj5w==",
-          "dev": true,
-          "requires": {
-            "has-flag": "^3.0.0"
-          }
         }
       }
     },
@@ -9161,6 +9138,12 @@
         "error-ex": "^1.2.0"
       }
     },
+    "parse-node-version": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/parse-node-version/-/parse-node-version-1.0.1.tgz",
+      "integrity": "sha512-3YHlOa/JgH6Mnpr05jP9eDG254US9ek25LyIxZlDItp2iJtwyaXQb57lBYLdT3MowkUFYEV2XXNAYIPlESvJlA==",
+      "dev": true
+    },
     "parse-passwd": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/parse-passwd/-/parse-passwd-1.0.0.tgz",
diff --git a/api/package.json b/api/package.json
index c3695bf31..58897eacb 100644
--- a/api/package.json
+++ b/api/package.json
@@ -99,7 +99,7 @@
     "gulp-plumber": "1.2.1",
     "gulp-sass": "^4.0.2",
     "gulp-sourcemaps": "2.6.5",
-    "gulp-tslint": "8.1.3",
+    "gulp-tslint": "8.1.4",
     "gulp-typedoc": "2.2.2",
     "gulp-typescript": "5.0.0",
     "mocha-lcov-reporter": "^1.3.0",

From 23f697b3bb2245df924e36fc92f8db2893a96c47 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 25 Feb 2019 05:49:27 +0000
Subject: [PATCH 082/207] Bump coveralls from 3.0.2 to 3.0.3 in /api

Bumps [coveralls](https://github.com/nickmerwin/node-coveralls) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/nickmerwin/node-coveralls/releases)
- [Commits](https://github.com/nickmerwin/node-coveralls/compare/3.0.2...3.0.3)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 14 +++++++-------
 api/package.json      |  2 +-
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 28b3db4b1..55450d6ae 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -2889,9 +2889,9 @@
       "integrity": "sha1-tf1UIgqivFq1eqtxQMlAdUUDwac="
     },
     "coveralls": {
-      "version": "3.0.2",
-      "resolved": "https://registry.npmjs.org/coveralls/-/coveralls-3.0.2.tgz",
-      "integrity": "sha512-Tv0LKe/MkBOilH2v7WBiTBdudg2ChfGbdXafc/s330djpF3zKOmuehTeRwjXWc7pzfj9FrDUTA7tEx6Div8NFw==",
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/coveralls/-/coveralls-3.0.3.tgz",
+      "integrity": "sha512-viNfeGlda2zJr8Gj1zqXpDMRjw9uM54p7wzZdvLRyOgnAfCe974Dq4veZkjJdxQXbmdppu6flEajFYseHYaUhg==",
       "dev": true,
       "requires": {
         "growl": "~> 1.10.0",
@@ -2899,7 +2899,7 @@
         "lcov-parse": "^0.0.10",
         "log-driver": "^1.2.7",
         "minimist": "^1.2.0",
-        "request": "^2.85.0"
+        "request": "^2.86.0"
       },
       "dependencies": {
         "minimist": {
@@ -5382,9 +5382,9 @@
       "integrity": "sha1-Dovf5NHduIVNZOBOp8AOKgJuVlg="
     },
     "growl": {
-      "version": "1.10.3",
-      "resolved": "https://registry.npmjs.org/growl/-/growl-1.10.3.tgz",
-      "integrity": "sha512-hKlsbA5Vu3xsh1Cg3J7jSmX/WaW6A5oBeqzM88oNbCRQFz+zUaXm6yxS4RVytp1scBoJzSYl4YAEOQIt6O8V1Q==",
+      "version": "1.10.5",
+      "resolved": "https://registry.npmjs.org/growl/-/growl-1.10.5.tgz",
+      "integrity": "sha512-qBr4OuELkhPenW6goKVXiv47US3clb3/IbuWF9KNKEijAy9oeHxU9IgzjvJhHkUzhaj7rOUD7+YGWqUjLp5oSA==",
       "dev": true
     },
     "gulp": {
diff --git a/api/package.json b/api/package.json
index 58897eacb..c5dbe42f5 100644
--- a/api/package.json
+++ b/api/package.json
@@ -90,7 +90,7 @@
     "@types/validator": "^10.9.0",
     "chai": "4.2.0",
     "chai-http": "^4.2.1",
-    "coveralls": "^3.0.2",
+    "coveralls": "^3.0.3",
     "gulp": "^4.0.0",
     "gulp-apidoc": "^0.2.7",
     "gulp-istanbul": "1.1.3",

From bb9da0adb1dec18ed017fdf3752bc5ccb3c717a3 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 25 Feb 2019 09:40:06 +0000
Subject: [PATCH 083/207] Bump tslint from 5.12.1 to 5.13.0 in /api

Bumps [tslint](https://github.com/palantir/tslint) from 5.12.1 to 5.13.0.
- [Release notes](https://github.com/palantir/tslint/releases)
- [Changelog](https://github.com/palantir/tslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/palantir/tslint/compare/5.12.1...5.13.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 7 ++++---
 api/package.json      | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 55450d6ae..30766f3c8 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -11295,9 +11295,9 @@
       "dev": true
     },
     "tslint": {
-      "version": "5.12.1",
-      "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.12.1.tgz",
-      "integrity": "sha512-sfodBHOucFg6egff8d1BvuofoOQ/nOeYNfbp7LDlKBcLNrL3lmS5zoiDGyOMdT7YsEXAwWpTdAHwOGOc8eRZAw==",
+      "version": "5.13.0",
+      "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.13.0.tgz",
+      "integrity": "sha512-ECOOQRxXCYnUUePG5h/+Z1Zouobk3KFpIHA9aKBB/nnMxs97S1JJPDGt5J4cGm1y9U9VmVlfboOxA8n1kSNzGw==",
       "dev": true,
       "requires": {
         "babel-code-frame": "^6.22.0",
@@ -11308,6 +11308,7 @@
         "glob": "^7.1.1",
         "js-yaml": "^3.7.0",
         "minimatch": "^3.0.4",
+        "mkdirp": "^0.5.1",
         "resolve": "^1.3.2",
         "semver": "^5.3.0",
         "tslib": "^1.8.0",
diff --git a/api/package.json b/api/package.json
index c5dbe42f5..04e5263d4 100644
--- a/api/package.json
+++ b/api/package.json
@@ -108,7 +108,7 @@
     "rimraf": "2.6.3",
     "run-sequence": "2.2.1",
     "temp": "^0.9.0",
-    "tslint": "5.12.1",
+    "tslint": "5.13.0",
     "typedoc": "^0.14.2",
     "typescript": "^3.2.4"
   },

From 037f87bec4e96df113ca282d087d34b4f41f3549 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 25 Feb 2019 10:51:45 +0000
Subject: [PATCH 084/207] Bump mongoose from 5.4.14 to 5.4.15 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.14 to 5.4.15.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.14...5.4.15)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 30766f3c8..c5bbce36c 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7854,9 +7854,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.14",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.14.tgz",
-      "integrity": "sha512-lAISH4xdx0/o0bVWPB4bxApP3bA1b08oHPEjTBq3/mIr4R494hepDJJowByBgpGYf8tj/oe6VkFCx8wbRcOciA==",
+      "version": "5.4.15",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.15.tgz",
+      "integrity": "sha512-CodfapidWmPlU93ZmdQ8H9UGg5Mc/5MqEy8y5zNQKw+Kp1UwOzSEJY6zXJW76/5MBQER859KHl3rvHijVMsUMg==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index 04e5263d4..d4941b7c1 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.14",
+    "mongoose": "~5.4.15",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 7e1c96de7b5cbb95d55e1fa7bb31041fca30c306 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 26 Feb 2019 05:21:27 +0000
Subject: [PATCH 085/207] Bump highlight.js from 9.14.2 to 9.15.5 in /api

Bumps [highlight.js](https://github.com/highlightjs/highlight.js) from 9.14.2 to 9.15.5.
- [Release notes](https://github.com/highlightjs/highlight.js/releases)
- [Changelog](https://github.com/highlightjs/highlight.js/blob/master/CHANGES.md)
- [Commits](https://github.com/highlightjs/highlight.js/compare/9.14.2...9.15.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 1125 +++++++++++++++++++++++++++++++++++++++--
 api/package.json      |    2 +-
 2 files changed, 1089 insertions(+), 38 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index c5bbce36c..ab7a1ad15 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -313,6 +313,11 @@
         "@types/node": "*"
       }
     },
+    "@types/semver": {
+      "version": "5.5.0",
+      "resolved": "https://registry.npmjs.org/@types/semver/-/semver-5.5.0.tgz",
+      "integrity": "sha512-41qEJgBH/TWgo5NFSvBCJ1qkoi3Q6ONSF2avrHq1LVEZfYpdHmj0y9SuTK+u9ZhG1sYQKBL1AWXKyLWP4RaUoQ=="
+    },
     "@types/serve-static": {
       "version": "1.13.2",
       "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.13.2.tgz",
@@ -365,11 +370,15 @@
       "integrity": "sha512-mf0VpXk+NoTmkUmuJCsdwBYxjYZW41amCSzd4t/fABMKl+qGMViwFP0pR7ukFdZRXWI1LIkca3VIbXVBmWZ4kQ==",
       "dev": true
     },
+    "abab": {
+      "version": "1.0.4",
+      "resolved": "https://registry.npmjs.org/abab/-/abab-1.0.4.tgz",
+      "integrity": "sha1-X6rZwsB/YN12dw9xzwJbYqY8/U4="
+    },
     "abbrev": {
       "version": "1.0.9",
       "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.0.9.tgz",
-      "integrity": "sha1-kbR5JYinc4wl813W9jdSovh3YTU=",
-      "dev": true
+      "integrity": "sha1-kbR5JYinc4wl813W9jdSovh3YTU="
     },
     "accepts": {
       "version": "1.3.5",
@@ -386,6 +395,21 @@
       "integrity": "sha512-T/zvzYRfbVojPWahDsE5evJdHb3oJoQfFbsrKM7w5Zcs++Tr257tia3BmMP8XYVjp1S9RZXQMh7gao96BlqZOw==",
       "dev": true
     },
+    "acorn-globals": {
+      "version": "1.0.9",
+      "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-1.0.9.tgz",
+      "integrity": "sha1-VbtemGkVB7dFedBRNBMhfDgMVM8=",
+      "requires": {
+        "acorn": "^2.1.0"
+      },
+      "dependencies": {
+        "acorn": {
+          "version": "2.7.0",
+          "resolved": "https://registry.npmjs.org/acorn/-/acorn-2.7.0.tgz",
+          "integrity": "sha1-q259nYhqrKiwhbwzEreaGYQz8Oc="
+        }
+      }
+    },
     "after": {
       "version": "0.8.2",
       "resolved": "https://registry.npmjs.org/after/-/after-0.8.2.tgz",
@@ -405,8 +429,7 @@
     "amdefine": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/amdefine/-/amdefine-1.0.1.tgz",
-      "integrity": "sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU=",
-      "dev": true
+      "integrity": "sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU="
     },
     "ansi-align": {
       "version": "2.0.0",
@@ -761,6 +784,11 @@
       "integrity": "sha1-p5SvDAWrF1KEbudTofIRoFugxE8=",
       "dev": true
     },
+    "array-equal": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/array-equal/-/array-equal-1.0.0.tgz",
+      "integrity": "sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM="
+    },
     "array-extended": {
       "version": "0.0.11",
       "resolved": "https://registry.npmjs.org/array-extended/-/array-extended-0.0.11.tgz",
@@ -842,6 +870,19 @@
         }
       }
     },
+    "array-union": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/array-union/-/array-union-1.0.2.tgz",
+      "integrity": "sha1-mjRBDk9OPaI96jdb5b5w8kd47Dk=",
+      "requires": {
+        "array-uniq": "^1.0.1"
+      }
+    },
+    "array-uniq": {
+      "version": "1.0.3",
+      "resolved": "https://registry.npmjs.org/array-uniq/-/array-uniq-1.0.3.tgz",
+      "integrity": "sha1-r2rId6Jcx/dOBYiUdThY39sk/bY="
+    },
     "array-unique": {
       "version": "0.2.1",
       "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.2.1.tgz",
@@ -2201,6 +2242,15 @@
         "type-is": "~1.6.16"
       }
     },
+    "boom": {
+      "version": "0.4.2",
+      "resolved": "https://registry.npmjs.org/boom/-/boom-0.4.2.tgz",
+      "integrity": "sha1-emNune1O/O+xnO9JR6PGffrukRs=",
+      "optional": true,
+      "requires": {
+        "hoek": "0.9.x"
+      }
+    },
     "boxen": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/boxen/-/boxen-1.3.0.tgz",
@@ -2615,6 +2665,57 @@
         }
       }
     },
+    "clean-css": {
+      "version": "2.2.23",
+      "resolved": "https://registry.npmjs.org/clean-css/-/clean-css-2.2.23.tgz",
+      "integrity": "sha1-BZC1R4tRbEkD7cLYm9P9vdKGMow=",
+      "optional": true,
+      "requires": {
+        "commander": "2.2.x"
+      },
+      "dependencies": {
+        "commander": {
+          "version": "2.2.0",
+          "resolved": "https://registry.npmjs.org/commander/-/commander-2.2.0.tgz",
+          "integrity": "sha1-F1rUuTF/P/YV8gHB5XIk9Vo+kd8=",
+          "optional": true
+        }
+      }
+    },
+    "cli": {
+      "version": "0.6.6",
+      "resolved": "https://registry.npmjs.org/cli/-/cli-0.6.6.tgz",
+      "integrity": "sha1-Aq1Eo4Cr8nraxebwzdewQ9dMU+M=",
+      "requires": {
+        "exit": "0.1.2",
+        "glob": "~ 3.2.1"
+      },
+      "dependencies": {
+        "glob": {
+          "version": "3.2.11",
+          "resolved": "https://registry.npmjs.org/glob/-/glob-3.2.11.tgz",
+          "integrity": "sha1-Spc/Y1uRkPcV0QmH1cAP0oFevj0=",
+          "requires": {
+            "inherits": "2",
+            "minimatch": "0.3"
+          }
+        },
+        "lru-cache": {
+          "version": "2.7.3",
+          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-2.7.3.tgz",
+          "integrity": "sha1-bUUk6LlV+V1PW1iFHOId1y+06VI="
+        },
+        "minimatch": {
+          "version": "0.3.0",
+          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.3.0.tgz",
+          "integrity": "sha1-J12O2qxPG7MyZHIInnlJyDlGmd0=",
+          "requires": {
+            "lru-cache": "2",
+            "sigmund": "~1.0.0"
+          }
+        }
+      }
+    },
     "cli-boxes": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/cli-boxes/-/cli-boxes-1.0.0.tgz",
@@ -2812,6 +2913,15 @@
         "typedarray": "^0.0.6"
       }
     },
+    "config-chain": {
+      "version": "1.1.12",
+      "resolved": "https://registry.npmjs.org/config-chain/-/config-chain-1.1.12.tgz",
+      "integrity": "sha512-a1eOIcu8+7lUInge4Rpf/n4Krkf3Dd9lqhljRzII1/Zno/kRtUWnznPO3jOKBmTEktkt3fkxisUcivoj0ebzoA==",
+      "requires": {
+        "ini": "^1.3.4",
+        "proto-list": "~1.2.1"
+      }
+    },
     "configstore": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/configstore/-/configstore-3.1.2.tgz",
@@ -2826,6 +2936,14 @@
         "xdg-basedir": "^3.0.0"
       }
     },
+    "console-browserify": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/console-browserify/-/console-browserify-1.1.0.tgz",
+      "integrity": "sha1-8CQcRXMKn8YyOyBtvzjtx0HQuxA=",
+      "requires": {
+        "date-now": "^0.1.4"
+      }
+    },
     "console-control-strings": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz",
@@ -2952,6 +3070,15 @@
       "resolved": "https://registry.npmjs.org/crypt/-/crypt-0.0.2.tgz",
       "integrity": "sha1-iNf/fsDfuG9xPch7u0LQRNPmxBs="
     },
+    "cryptiles": {
+      "version": "0.2.2",
+      "resolved": "https://registry.npmjs.org/cryptiles/-/cryptiles-0.2.2.tgz",
+      "integrity": "sha1-7ZH/HxetE9N0gohZT4pIoNJvMlw=",
+      "optional": true,
+      "requires": {
+        "boom": "0.4.x"
+      }
+    },
     "crypto-random-string": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/crypto-random-string/-/crypto-random-string-1.0.0.tgz",
@@ -2978,6 +3105,33 @@
         }
       }
     },
+    "csslint": {
+      "version": "0.10.0",
+      "resolved": "https://registry.npmjs.org/csslint/-/csslint-0.10.0.tgz",
+      "integrity": "sha1-OmoE51Zcjp0ZvrSXZ8fslug2WAU=",
+      "requires": {
+        "parserlib": "~0.2.2"
+      }
+    },
+    "cssom": {
+      "version": "0.3.6",
+      "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.6.tgz",
+      "integrity": "sha512-DtUeseGk9/GBW0hl0vVPpU22iHL6YB5BUX7ml1hB+GMpo0NX5G4voX3kdWiMSEguFtcW3Vh3djqNF4aIe6ne0A=="
+    },
+    "cssstyle": {
+      "version": "0.2.37",
+      "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-0.2.37.tgz",
+      "integrity": "sha1-VBCXI0yyUTyDzu06zdwn/yeYfVQ=",
+      "requires": {
+        "cssom": "0.3.x"
+      }
+    },
+    "ctype": {
+      "version": "0.5.3",
+      "resolved": "https://registry.npmjs.org/ctype/-/ctype-0.5.3.tgz",
+      "integrity": "sha1-gsGMJGH3QRTvFsE1IkrQuRRMoS8=",
+      "optional": true
+    },
     "currently-unhandled": {
       "version": "0.4.1",
       "resolved": "https://registry.npmjs.org/currently-unhandled/-/currently-unhandled-0.4.1.tgz",
@@ -3026,6 +3180,11 @@
         "is-extended": "~0.0.3"
       }
     },
+    "date-now": {
+      "version": "0.1.4",
+      "resolved": "https://registry.npmjs.org/date-now/-/date-now-0.1.4.tgz",
+      "integrity": "sha1-6vQ5/U1ISK105cx9vvIAZyueNFs="
+    },
     "debug": {
       "version": "2.6.9",
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@@ -3103,8 +3262,7 @@
     "deep-is": {
       "version": "0.1.3",
       "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz",
-      "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=",
-      "dev": true
+      "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ="
     },
     "default-compare": {
       "version": "1.0.0",
@@ -3192,6 +3350,26 @@
         }
       }
     },
+    "del": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/del/-/del-3.0.0.tgz",
+      "integrity": "sha1-U+z2mf/LyzljdpGrE7rxYIGXZuU=",
+      "requires": {
+        "globby": "^6.1.0",
+        "is-path-cwd": "^1.0.0",
+        "is-path-in-cwd": "^1.0.0",
+        "p-map": "^1.1.1",
+        "pify": "^3.0.0",
+        "rimraf": "^2.2.8"
+      },
+      "dependencies": {
+        "pify": {
+          "version": "3.0.0",
+          "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz",
+          "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY="
+        }
+      }
+    },
     "delayed-stream": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
@@ -3275,6 +3453,37 @@
       "integrity": "sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA==",
       "dev": true
     },
+    "dom-serializer": {
+      "version": "0.1.1",
+      "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-0.1.1.tgz",
+      "integrity": "sha512-l0IU0pPzLWSHBcieZbpOKgkIn3ts3vAh7ZuFyXNwJxJXk/c4Gwj9xaTJwIDVQCXawWD0qb3IzMGH5rglQaO0XA==",
+      "requires": {
+        "domelementtype": "^1.3.0",
+        "entities": "^1.1.1"
+      }
+    },
+    "domelementtype": {
+      "version": "1.3.1",
+      "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-1.3.1.tgz",
+      "integrity": "sha512-BSKB+TSpMpFI/HOxCNr1O8aMOTZ8hT3pM3GQ0w/mWRmkhEDSFJkkyzz4XQsBV44BChwGkrDfMyjVD0eA2aFV3w=="
+    },
+    "domhandler": {
+      "version": "2.3.0",
+      "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-2.3.0.tgz",
+      "integrity": "sha1-LeWaCCLVAn+r/28DLCsloqir5zg=",
+      "requires": {
+        "domelementtype": "1"
+      }
+    },
+    "domutils": {
+      "version": "1.5.1",
+      "resolved": "https://registry.npmjs.org/domutils/-/domutils-1.5.1.tgz",
+      "integrity": "sha1-3NhIiib1Y9YQeeSMn3t+Mjc2gs8=",
+      "requires": {
+        "dom-serializer": "0",
+        "domelementtype": "1"
+      }
+    },
     "dot-prop": {
       "version": "4.2.0",
       "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-4.2.0.tgz",
@@ -3334,6 +3543,36 @@
         "safe-buffer": "^5.0.1"
       }
     },
+    "editorconfig": {
+      "version": "0.15.2",
+      "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-0.15.2.tgz",
+      "integrity": "sha512-GWjSI19PVJAM9IZRGOS+YKI8LN+/sjkSjNyvxL5ucqP9/IqtYNXBaQ/6c/hkPNYQHyOHra2KoXZI/JVpuqwmcQ==",
+      "requires": {
+        "@types/node": "^10.11.7",
+        "@types/semver": "^5.5.0",
+        "commander": "^2.19.0",
+        "lru-cache": "^4.1.3",
+        "semver": "^5.6.0",
+        "sigmund": "^1.0.1"
+      },
+      "dependencies": {
+        "@types/node": {
+          "version": "10.12.27",
+          "resolved": "https://registry.npmjs.org/@types/node/-/node-10.12.27.tgz",
+          "integrity": "sha512-e9wgeY6gaY21on3ve0xAjgBVjGDWq/xUteK0ujsE53bUoxycMkqfnkUgMt6ffZtykZ5X12Mg3T7Pw4TRCObDKg=="
+        },
+        "commander": {
+          "version": "2.19.0",
+          "resolved": "https://registry.npmjs.org/commander/-/commander-2.19.0.tgz",
+          "integrity": "sha512-6tvAOO+D6OENvRAh524Dh9jcfKTYDQAqvqezbCW82xj5X0pSrcpxtvRKHLG0yBY6SD7PSDrJaj+0AiOcKVd1Xg=="
+        },
+        "semver": {
+          "version": "5.6.0",
+          "resolved": "https://registry.npmjs.org/semver/-/semver-5.6.0.tgz",
+          "integrity": "sha512-RS9R6R35NYgQn++fkDWaOmqGoj4Ek9gGs+DPxNUZKuwE183xjJroKvyo1IzVFeXvUrvmALy6FWD5xrdJT25gMg=="
+        }
+      }
+    },
     "ee-first": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz",
@@ -3491,7 +3730,6 @@
       "version": "1.8.1",
       "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.8.1.tgz",
       "integrity": "sha1-WltTr0aTEQvrsIZ6o0MN07cKEBg=",
-      "dev": true,
       "requires": {
         "esprima": "^2.7.1",
         "estraverse": "^1.9.1",
@@ -3503,14 +3741,12 @@
         "esprima": {
           "version": "2.7.3",
           "resolved": "https://registry.npmjs.org/esprima/-/esprima-2.7.3.tgz",
-          "integrity": "sha1-luO3DVd59q1JzQMmc9HDEnZ7pYE=",
-          "dev": true
+          "integrity": "sha1-luO3DVd59q1JzQMmc9HDEnZ7pYE="
         },
         "source-map": {
           "version": "0.2.0",
           "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.2.0.tgz",
           "integrity": "sha1-2rc/vPwrqBm03gO9b26qSBZLP50=",
-          "dev": true,
           "optional": true,
           "requires": {
             "amdefine": ">=0.0.4"
@@ -3527,8 +3763,7 @@
     "estraverse": {
       "version": "1.9.3",
       "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-1.9.3.tgz",
-      "integrity": "sha1-r2fy3JIlgkFZUJJgkaQAXSnJu0Q=",
-      "dev": true
+      "integrity": "sha1-r2fy3JIlgkFZUJJgkaQAXSnJu0Q="
     },
     "esutils": {
       "version": "2.0.2",
@@ -3595,6 +3830,11 @@
         }
       }
     },
+    "exit": {
+      "version": "0.1.2",
+      "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz",
+      "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw="
+    },
     "exit-hook": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/exit-hook/-/exit-hook-1.1.1.tgz",
@@ -3785,8 +4025,7 @@
     "fast-levenshtein": {
       "version": "2.0.6",
       "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz",
-      "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=",
-      "dev": true
+      "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc="
     },
     "fd-slicer": {
       "version": "1.0.1",
@@ -4825,6 +5064,193 @@
         "globule": "^1.0.0"
       }
     },
+    "gear": {
+      "version": "0.9.7",
+      "resolved": "https://registry.npmjs.org/gear/-/gear-0.9.7.tgz",
+      "integrity": "sha1-Hq0Z7uY5MZ2OLmVUlMYb2JVud38=",
+      "requires": {
+        "async": "0.8.x",
+        "liftoff": "2.0.x",
+        "minimist": "0.1.x",
+        "mkdirp": "0.5.x"
+      },
+      "dependencies": {
+        "async": {
+          "version": "0.8.0",
+          "resolved": "https://registry.npmjs.org/async/-/async-0.8.0.tgz",
+          "integrity": "sha1-7mXsdymML/FFa8RBigUtDwZDURI="
+        },
+        "extend": {
+          "version": "2.0.2",
+          "resolved": "https://registry.npmjs.org/extend/-/extend-2.0.2.tgz",
+          "integrity": "sha512-AgFD4VU+lVLP6vjnlNfF7OeInLTyeyckCNPEsuxz1vi786UuK/nk6ynPuhn/h+Ju9++TQyr5EpLRI14fc1QtTQ=="
+        },
+        "findup-sync": {
+          "version": "0.2.1",
+          "resolved": "https://registry.npmjs.org/findup-sync/-/findup-sync-0.2.1.tgz",
+          "integrity": "sha1-4KkKRQB1xJRm7lE3MgV1FLgeh4w=",
+          "requires": {
+            "glob": "~4.3.0"
+          }
+        },
+        "flagged-respawn": {
+          "version": "0.3.2",
+          "resolved": "https://registry.npmjs.org/flagged-respawn/-/flagged-respawn-0.3.2.tgz",
+          "integrity": "sha1-/xke3c1wiKZ1smEP/8l2vpuAdLU="
+        },
+        "glob": {
+          "version": "4.3.5",
+          "resolved": "https://registry.npmjs.org/glob/-/glob-4.3.5.tgz",
+          "integrity": "sha1-gPuwjKVA8jiszl0R0em8QedRc9M=",
+          "requires": {
+            "inflight": "^1.0.4",
+            "inherits": "2",
+            "minimatch": "^2.0.1",
+            "once": "^1.3.0"
+          }
+        },
+        "liftoff": {
+          "version": "2.0.3",
+          "resolved": "https://registry.npmjs.org/liftoff/-/liftoff-2.0.3.tgz",
+          "integrity": "sha1-+6slNipQasKKPbDFXN6VYvvXBFY=",
+          "requires": {
+            "extend": "~2.0.0",
+            "findup-sync": "~0.2.0",
+            "flagged-respawn": "~0.3.0",
+            "minimist": "~1.1.0",
+            "resolve": "~1.1.0"
+          },
+          "dependencies": {
+            "minimist": {
+              "version": "1.1.3",
+              "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.1.3.tgz",
+              "integrity": "sha1-O+39kaktOQFvz6ocaB6Pqhoe/ag="
+            }
+          }
+        },
+        "minimatch": {
+          "version": "2.0.10",
+          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-2.0.10.tgz",
+          "integrity": "sha1-jQh8OcazjAAbl/ynzm0OHoCvusc=",
+          "requires": {
+            "brace-expansion": "^1.0.0"
+          }
+        },
+        "minimist": {
+          "version": "0.1.0",
+          "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.1.0.tgz",
+          "integrity": "sha1-md9lelJXTCHJBXSX33QnkLK0wN4="
+        },
+        "resolve": {
+          "version": "1.1.7",
+          "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.1.7.tgz",
+          "integrity": "sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs="
+        }
+      }
+    },
+    "gear-lib": {
+      "version": "0.9.2",
+      "resolved": "https://registry.npmjs.org/gear-lib/-/gear-lib-0.9.2.tgz",
+      "integrity": "sha1-vI1GHryB7K/+mcHagqvg9W65NUA=",
+      "requires": {
+        "async": "0.8.x",
+        "csslint": "0.10.x",
+        "gear": ">= 0.8.x",
+        "glob": "3.2.x",
+        "handlebars": "2.0.x",
+        "jshint": "2.5.x",
+        "jslint": "0.3.x",
+        "knox": "0.8.x",
+        "less": "1.7.x",
+        "mime": "1.2.x",
+        "uglify-js": "2.4.x"
+      },
+      "dependencies": {
+        "async": {
+          "version": "0.8.0",
+          "resolved": "https://registry.npmjs.org/async/-/async-0.8.0.tgz",
+          "integrity": "sha1-7mXsdymML/FFa8RBigUtDwZDURI="
+        },
+        "glob": {
+          "version": "3.2.11",
+          "resolved": "https://registry.npmjs.org/glob/-/glob-3.2.11.tgz",
+          "integrity": "sha1-Spc/Y1uRkPcV0QmH1cAP0oFevj0=",
+          "requires": {
+            "inherits": "2",
+            "minimatch": "0.3"
+          }
+        },
+        "handlebars": {
+          "version": "2.0.0",
+          "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-2.0.0.tgz",
+          "integrity": "sha1-bp1/hRSjRn+l6fgswVjs/B1ax28=",
+          "requires": {
+            "optimist": "~0.3",
+            "uglify-js": "~2.3"
+          },
+          "dependencies": {
+            "async": {
+              "version": "0.2.10",
+              "resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz",
+              "integrity": "sha1-trvgsGdLnXGXCMo43owjfLUmw9E=",
+              "optional": true
+            },
+            "uglify-js": {
+              "version": "2.3.6",
+              "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.3.6.tgz",
+              "integrity": "sha1-+gmEdwtCi3qbKoBY9GNV0U/vIRo=",
+              "optional": true,
+              "requires": {
+                "async": "~0.2.6",
+                "optimist": "~0.3.5",
+                "source-map": "~0.1.7"
+              }
+            }
+          }
+        },
+        "lru-cache": {
+          "version": "2.7.3",
+          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-2.7.3.tgz",
+          "integrity": "sha1-bUUk6LlV+V1PW1iFHOId1y+06VI="
+        },
+        "mime": {
+          "version": "1.2.11",
+          "resolved": "https://registry.npmjs.org/mime/-/mime-1.2.11.tgz",
+          "integrity": "sha1-WCA+7Ybjpe8XrtK32evUfwpg3RA="
+        },
+        "minimatch": {
+          "version": "0.3.0",
+          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.3.0.tgz",
+          "integrity": "sha1-J12O2qxPG7MyZHIInnlJyDlGmd0=",
+          "requires": {
+            "lru-cache": "2",
+            "sigmund": "~1.0.0"
+          }
+        },
+        "optimist": {
+          "version": "0.3.7",
+          "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.3.7.tgz",
+          "integrity": "sha1-yQlBrVnkJzMokjB00s8ufLxuwNk=",
+          "requires": {
+            "wordwrap": "~0.0.2"
+          }
+        },
+        "source-map": {
+          "version": "0.1.43",
+          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.43.tgz",
+          "integrity": "sha1-wkvBRspRfBRx9drL4lcbK3+eM0Y=",
+          "optional": true,
+          "requires": {
+            "amdefine": ">=0.0.4"
+          }
+        },
+        "wordwrap": {
+          "version": "0.0.3",
+          "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz",
+          "integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc="
+        }
+      }
+    },
     "get-caller-file": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-1.0.2.tgz",
@@ -5337,6 +5763,18 @@
       "resolved": "https://registry.npmjs.org/globals/-/globals-9.18.0.tgz",
       "integrity": "sha512-S0nG3CLEQiY/ILxqtztTWH/3iRRdyBLw6KMDxnKMchrtbj2OFmehVh0WUCfW3DUrIgx/qFrJPICrq4Z4sTR9UQ=="
     },
+    "globby": {
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/globby/-/globby-6.1.0.tgz",
+      "integrity": "sha1-9abXDoOV4hyFj7BInWTfAkJNUGw=",
+      "requires": {
+        "array-union": "^1.0.1",
+        "glob": "^7.0.3",
+        "object-assign": "^4.0.1",
+        "pify": "^2.0.0",
+        "pinkie-promise": "^2.0.0"
+      }
+    },
     "globule": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/globule/-/globule-1.2.1.tgz",
@@ -6071,6 +6509,18 @@
         "pinkie-promise": "^2.0.0"
       }
     },
+    "hawk": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/hawk/-/hawk-1.1.1.tgz",
+      "integrity": "sha1-h81JH5tG5OKurKM1QWdmiF0tHtk=",
+      "optional": true,
+      "requires": {
+        "boom": "0.4.x",
+        "cryptiles": "0.2.x",
+        "hoek": "0.9.x",
+        "sntp": "0.2.x"
+      }
+    },
     "he": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/he/-/he-1.1.1.tgz",
@@ -6078,9 +6528,52 @@
       "dev": true
     },
     "highlight.js": {
-      "version": "9.14.2",
-      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.14.2.tgz",
-      "integrity": "sha512-Nc6YNECYpxyJABGYJAyw7dBAYbXEuIzwzkqoJnwbc1nIpCiN+3ioYf0XrBnLiyyG0JLuJhpPtt2iTSbXiKLoyA=="
+      "version": "9.15.5",
+      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.15.5.tgz",
+      "integrity": "sha512-rxTzkHOur3JzJGHuKKfd9xoE5cBMkMPsAck1LcchT7WbMe4NjT2o1JQtpSrT2/k6iAsfRCgPOlv8FpZob67g7g==",
+      "requires": {
+        "bluebird": "^3.5.3",
+        "commander": "^2.19.0",
+        "del": "^3.0.0",
+        "gear": "^0.9.7",
+        "gear-lib": "^0.9.2",
+        "glob": "^7.1.3",
+        "js-beautify": "^1.8.9",
+        "jsdom": "9.2.1",
+        "lodash": "^4.17.11",
+        "tiny-worker": "^2.1.2"
+      },
+      "dependencies": {
+        "bluebird": {
+          "version": "3.5.3",
+          "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.3.tgz",
+          "integrity": "sha512-/qKPUQlaW1OyR51WeCPBvRnAlnZFUJkCSG5HzGnuIqhgyJtF+T94lFnn33eiazjRm2LAHVy2guNnaq48X9SJuw=="
+        },
+        "commander": {
+          "version": "2.19.0",
+          "resolved": "https://registry.npmjs.org/commander/-/commander-2.19.0.tgz",
+          "integrity": "sha512-6tvAOO+D6OENvRAh524Dh9jcfKTYDQAqvqezbCW82xj5X0pSrcpxtvRKHLG0yBY6SD7PSDrJaj+0AiOcKVd1Xg=="
+        },
+        "glob": {
+          "version": "7.1.3",
+          "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz",
+          "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==",
+          "requires": {
+            "fs.realpath": "^1.0.0",
+            "inflight": "^1.0.4",
+            "inherits": "2",
+            "minimatch": "^3.0.4",
+            "once": "^1.3.0",
+            "path-is-absolute": "^1.0.0"
+          }
+        }
+      }
+    },
+    "hoek": {
+      "version": "0.9.1",
+      "resolved": "https://registry.npmjs.org/hoek/-/hoek-0.9.1.tgz",
+      "integrity": "sha1-PTIkYrrfB3Fup+uFuviAec3c5QU=",
+      "optional": true
     },
     "home-or-tmp": {
       "version": "2.0.0",
@@ -6118,6 +6611,46 @@
         "phantomjs-prebuilt": "^2.1.4"
       }
     },
+    "htmlparser2": {
+      "version": "3.8.3",
+      "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-3.8.3.tgz",
+      "integrity": "sha1-mWwosZFRaovoZQGn15dX5ccMEGg=",
+      "requires": {
+        "domelementtype": "1",
+        "domhandler": "2.3",
+        "domutils": "1.5",
+        "entities": "1.0",
+        "readable-stream": "1.1"
+      },
+      "dependencies": {
+        "entities": {
+          "version": "1.0.0",
+          "resolved": "https://registry.npmjs.org/entities/-/entities-1.0.0.tgz",
+          "integrity": "sha1-sph6o4ITR/zeZCsk/fyeT7cSvyY="
+        },
+        "isarray": {
+          "version": "0.0.1",
+          "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz",
+          "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8="
+        },
+        "readable-stream": {
+          "version": "1.1.14",
+          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz",
+          "integrity": "sha1-fPTFTvZI44EwhMY23SB54WbAgdk=",
+          "requires": {
+            "core-util-is": "~1.0.0",
+            "inherits": "~2.0.1",
+            "isarray": "0.0.1",
+            "string_decoder": "~0.10.x"
+          }
+        },
+        "string_decoder": {
+          "version": "0.10.31",
+          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz",
+          "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ="
+        }
+      }
+    },
     "http-errors": {
       "version": "1.6.3",
       "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz",
@@ -6463,11 +6996,23 @@
         }
       }
     },
+    "is-path-cwd": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/is-path-cwd/-/is-path-cwd-1.0.0.tgz",
+      "integrity": "sha1-0iXsIxMuie3Tj9p2dHLmLmXxEG0="
+    },
+    "is-path-in-cwd": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/is-path-in-cwd/-/is-path-in-cwd-1.0.1.tgz",
+      "integrity": "sha512-FjV1RTW48E7CWM7eE/J2NJvAEEVektecDBVBE5Hh3nM1Jd0kvhHtX68Pr3xsDf857xt3Y4AkwVULK1Vku62aaQ==",
+      "requires": {
+        "is-path-inside": "^1.0.0"
+      }
+    },
     "is-path-inside": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-1.0.1.tgz",
       "integrity": "sha1-jvW33lBDej/cprToZe96pVy0gDY=",
-      "dev": true,
       "requires": {
         "path-is-inside": "^1.0.1"
       }
@@ -6672,6 +7217,42 @@
       "integrity": "sha512-xcinL3AuDJk7VSzsHgb9DvvIXayBbadtMZ4HFPx8rUszbW1MuNMlwYVC4zzCZ6e1sqZpnNS5ZFYOhXqA39T7LQ==",
       "dev": true
     },
+    "js-beautify": {
+      "version": "1.8.9",
+      "resolved": "https://registry.npmjs.org/js-beautify/-/js-beautify-1.8.9.tgz",
+      "integrity": "sha512-MwPmLywK9RSX0SPsUJjN7i+RQY9w/yC17Lbrq9ViEefpLRgqAR2BgrMN2AbifkUuhDV8tRauLhLda/9+bE0YQA==",
+      "requires": {
+        "config-chain": "^1.1.12",
+        "editorconfig": "^0.15.2",
+        "glob": "^7.1.3",
+        "mkdirp": "~0.5.0",
+        "nopt": "~4.0.1"
+      },
+      "dependencies": {
+        "glob": {
+          "version": "7.1.3",
+          "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz",
+          "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==",
+          "requires": {
+            "fs.realpath": "^1.0.0",
+            "inflight": "^1.0.4",
+            "inherits": "2",
+            "minimatch": "^3.0.4",
+            "once": "^1.3.0",
+            "path-is-absolute": "^1.0.0"
+          }
+        },
+        "nopt": {
+          "version": "4.0.1",
+          "resolved": "https://registry.npmjs.org/nopt/-/nopt-4.0.1.tgz",
+          "integrity": "sha1-0NRoWv1UFRk8jHUFYC0NF81kR00=",
+          "requires": {
+            "abbrev": "1",
+            "osenv": "^0.1.4"
+          }
+        }
+      }
+    },
     "js-tokens": {
       "version": "3.0.2",
       "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-3.0.2.tgz",
@@ -6693,11 +7274,133 @@
       "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=",
       "optional": true
     },
+    "jsdom": {
+      "version": "9.2.1",
+      "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-9.2.1.tgz",
+      "integrity": "sha1-Bhy8zG5WPRRJP2U6+S6tw8DTmRA=",
+      "requires": {
+        "abab": "^1.0.0",
+        "acorn": "^2.4.0",
+        "acorn-globals": "^1.0.4",
+        "array-equal": "^1.0.0",
+        "cssom": ">= 0.3.0 < 0.4.0",
+        "cssstyle": ">= 0.2.36 < 0.3.0",
+        "escodegen": "^1.6.1",
+        "iconv-lite": "^0.4.13",
+        "nwmatcher": ">= 1.3.7 < 2.0.0",
+        "parse5": "^1.5.1",
+        "request": "^2.55.0",
+        "sax": "^1.1.4",
+        "symbol-tree": ">= 3.1.0 < 4.0.0",
+        "tough-cookie": "^2.2.0",
+        "webidl-conversions": "^3.0.1",
+        "whatwg-url": "^3.0.0",
+        "xml-name-validator": ">= 2.0.1 < 3.0.0"
+      },
+      "dependencies": {
+        "acorn": {
+          "version": "2.7.0",
+          "resolved": "https://registry.npmjs.org/acorn/-/acorn-2.7.0.tgz",
+          "integrity": "sha1-q259nYhqrKiwhbwzEreaGYQz8Oc="
+        },
+        "sax": {
+          "version": "1.2.4",
+          "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz",
+          "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw=="
+        }
+      }
+    },
     "jsesc": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-1.3.0.tgz",
       "integrity": "sha1-RsP+yMGJKxKwgz25vHYiF226s0s="
     },
+    "jshint": {
+      "version": "2.5.11",
+      "resolved": "https://registry.npmjs.org/jshint/-/jshint-2.5.11.tgz",
+      "integrity": "sha1-4tlYWLuxqngwAQii6BCZ+wlWIuA=",
+      "requires": {
+        "cli": "0.6.x",
+        "console-browserify": "1.1.x",
+        "exit": "0.1.x",
+        "htmlparser2": "3.8.x",
+        "minimatch": "1.0.x",
+        "shelljs": "0.3.x",
+        "strip-json-comments": "1.0.x",
+        "underscore": "1.6.x"
+      },
+      "dependencies": {
+        "lru-cache": {
+          "version": "2.7.3",
+          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-2.7.3.tgz",
+          "integrity": "sha1-bUUk6LlV+V1PW1iFHOId1y+06VI="
+        },
+        "minimatch": {
+          "version": "1.0.0",
+          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-1.0.0.tgz",
+          "integrity": "sha1-4N0hILSeG3JM6NcUxSCCKpQ4V20=",
+          "requires": {
+            "lru-cache": "2",
+            "sigmund": "~1.0.0"
+          }
+        },
+        "shelljs": {
+          "version": "0.3.0",
+          "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.3.0.tgz",
+          "integrity": "sha1-NZbmMHp4FUT1kfN9phg2DzHbV7E="
+        },
+        "strip-json-comments": {
+          "version": "1.0.4",
+          "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-1.0.4.tgz",
+          "integrity": "sha1-HhX7ysl9Pumb8tc7TGVrCCu6+5E="
+        }
+      }
+    },
+    "jslint": {
+      "version": "0.3.4",
+      "resolved": "https://registry.npmjs.org/jslint/-/jslint-0.3.4.tgz",
+      "integrity": "sha1-+3aKyN4GQfzFcMh8ofvSjik8jXU=",
+      "requires": {
+        "glob": "~3.2.8",
+        "nopt": "~1.0.0"
+      },
+      "dependencies": {
+        "glob": {
+          "version": "3.2.11",
+          "resolved": "https://registry.npmjs.org/glob/-/glob-3.2.11.tgz",
+          "integrity": "sha1-Spc/Y1uRkPcV0QmH1cAP0oFevj0=",
+          "optional": true,
+          "requires": {
+            "inherits": "2",
+            "minimatch": "0.3"
+          }
+        },
+        "lru-cache": {
+          "version": "2.7.3",
+          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-2.7.3.tgz",
+          "integrity": "sha1-bUUk6LlV+V1PW1iFHOId1y+06VI=",
+          "optional": true
+        },
+        "minimatch": {
+          "version": "0.3.0",
+          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.3.0.tgz",
+          "integrity": "sha1-J12O2qxPG7MyZHIInnlJyDlGmd0=",
+          "optional": true,
+          "requires": {
+            "lru-cache": "2",
+            "sigmund": "~1.0.0"
+          }
+        },
+        "nopt": {
+          "version": "1.0.10",
+          "resolved": "https://registry.npmjs.org/nopt/-/nopt-1.0.10.tgz",
+          "integrity": "sha1-bd0hvSoxQXuScn3Vhfim83YI6+4=",
+          "requires": {
+            "abbrev": "1"
+          }
+        }
+      }
+    },
     "json-parse-helpfulerror": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/json-parse-helpfulerror/-/json-parse-helpfulerror-1.0.3.tgz",
@@ -6852,6 +7555,24 @@
         "graceful-fs": "^4.1.11"
       }
     },
+    "knox": {
+      "version": "0.8.10",
+      "resolved": "https://registry.npmjs.org/knox/-/knox-0.8.10.tgz",
+      "integrity": "sha1-ai7c2sHSrjedHhmU1Vm5XCg7JYg=",
+      "requires": {
+        "debug": "~0.7.0",
+        "mime": "*",
+        "stream-counter": "~0.1.0",
+        "xml2js": "0.2.x"
+      },
+      "dependencies": {
+        "debug": {
+          "version": "0.7.4",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-0.7.4.tgz",
+          "integrity": "sha1-BuHqgILCyxTjmAbiLi9vdX+Srzk="
+        }
+      }
+    },
     "last-run": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/last-run/-/last-run-1.1.1.tgz",
@@ -6902,11 +7623,161 @@
         "flush-write-stream": "^1.0.2"
       }
     },
+    "less": {
+      "version": "1.7.5",
+      "resolved": "https://registry.npmjs.org/less/-/less-1.7.5.tgz",
+      "integrity": "sha1-TyIM9yiKJ+rKc5325ICKLUwNV1Y=",
+      "requires": {
+        "clean-css": "2.2.x",
+        "graceful-fs": "~3.0.2",
+        "mime": "~1.2.11",
+        "mkdirp": "~0.5.0",
+        "request": "~2.40.0",
+        "source-map": "0.1.x"
+      },
+      "dependencies": {
+        "asn1": {
+          "version": "0.1.11",
+          "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.1.11.tgz",
+          "integrity": "sha1-VZvhg3bQik7E2+gId9J4GGObLfc=",
+          "optional": true
+        },
+        "assert-plus": {
+          "version": "0.1.5",
+          "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-0.1.5.tgz",
+          "integrity": "sha1-7nQAlBMALYTOxyGcasgRgS5yMWA=",
+          "optional": true
+        },
+        "async": {
+          "version": "0.9.2",
+          "resolved": "https://registry.npmjs.org/async/-/async-0.9.2.tgz",
+          "integrity": "sha1-rqdNXmHB+JlhO/ZL2mbUx48v0X0=",
+          "optional": true
+        },
+        "aws-sign2": {
+          "version": "0.5.0",
+          "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.5.0.tgz",
+          "integrity": "sha1-xXED96F/wDfwLXwuZLYC6iI/fWM=",
+          "optional": true
+        },
+        "combined-stream": {
+          "version": "0.0.7",
+          "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-0.0.7.tgz",
+          "integrity": "sha1-ATfmV7qlp1QcV6w3rF/AfXO03B8=",
+          "optional": true,
+          "requires": {
+            "delayed-stream": "0.0.5"
+          }
+        },
+        "delayed-stream": {
+          "version": "0.0.5",
+          "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-0.0.5.tgz",
+          "integrity": "sha1-1LH0OpPoKW3+AmlPRoC8N6MTxz8=",
+          "optional": true
+        },
+        "forever-agent": {
+          "version": "0.5.2",
+          "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.5.2.tgz",
+          "integrity": "sha1-bQ4JxJIflKJ/Y9O0nF/v8epMUTA=",
+          "optional": true
+        },
+        "form-data": {
+          "version": "0.1.4",
+          "resolved": "https://registry.npmjs.org/form-data/-/form-data-0.1.4.tgz",
+          "integrity": "sha1-kavXiKupcCsaq/qLwBAxoqyeOxI=",
+          "optional": true,
+          "requires": {
+            "async": "~0.9.0",
+            "combined-stream": "~0.0.4",
+            "mime": "~1.2.11"
+          }
+        },
+        "graceful-fs": {
+          "version": "3.0.11",
+          "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-3.0.11.tgz",
+          "integrity": "sha1-dhPHeKGv6mLyXGMKCG1/Osu92Bg=",
+          "optional": true,
+          "requires": {
+            "natives": "^1.1.0"
+          }
+        },
+        "http-signature": {
+          "version": "0.10.1",
+          "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-0.10.1.tgz",
+          "integrity": "sha1-T72sEyVZqoMjEh5UB3nAoBKyfmY=",
+          "optional": true,
+          "requires": {
+            "asn1": "0.1.11",
+            "assert-plus": "^0.1.5",
+            "ctype": "0.5.3"
+          }
+        },
+        "mime": {
+          "version": "1.2.11",
+          "resolved": "https://registry.npmjs.org/mime/-/mime-1.2.11.tgz",
+          "integrity": "sha1-WCA+7Ybjpe8XrtK32evUfwpg3RA=",
+          "optional": true
+        },
+        "mime-types": {
+          "version": "1.0.2",
+          "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-1.0.2.tgz",
+          "integrity": "sha1-mVrhOSq4r/y/yyZB3QVOlDwNXc4=",
+          "optional": true
+        },
+        "oauth-sign": {
+          "version": "0.3.0",
+          "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.3.0.tgz",
+          "integrity": "sha1-y1QPk7srIqfVlBaRoojWDo6pOG4=",
+          "optional": true
+        },
+        "qs": {
+          "version": "1.0.2",
+          "resolved": "https://registry.npmjs.org/qs/-/qs-1.0.2.tgz",
+          "integrity": "sha1-UKk+K1r2aRwxvOpdrnjubqGQN2g=",
+          "optional": true
+        },
+        "request": {
+          "version": "2.40.0",
+          "resolved": "https://registry.npmjs.org/request/-/request-2.40.0.tgz",
+          "integrity": "sha1-TdZw9pbx5uhC5mtLXoOTAaub62c=",
+          "optional": true,
+          "requires": {
+            "aws-sign2": "~0.5.0",
+            "forever-agent": "~0.5.0",
+            "form-data": "~0.1.0",
+            "hawk": "1.1.1",
+            "http-signature": "~0.10.0",
+            "json-stringify-safe": "~5.0.0",
+            "mime-types": "~1.0.1",
+            "node-uuid": "~1.4.0",
+            "oauth-sign": "~0.3.0",
+            "qs": "~1.0.0",
+            "stringstream": "~0.0.4",
+            "tough-cookie": ">=0.12.0",
+            "tunnel-agent": "~0.4.0"
+          }
+        },
+        "source-map": {
+          "version": "0.1.43",
+          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.43.tgz",
+          "integrity": "sha1-wkvBRspRfBRx9drL4lcbK3+eM0Y=",
+          "optional": true,
+          "requires": {
+            "amdefine": ">=0.0.4"
+          }
+        },
+        "tunnel-agent": {
+          "version": "0.4.3",
+          "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.4.3.tgz",
+          "integrity": "sha1-Y3PbdpCf5XDgjXNYM2Xtgop07us=",
+          "optional": true
+        }
+      }
+    },
     "levn": {
       "version": "0.3.0",
       "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz",
       "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=",
-      "dev": true,
       "requires": {
         "prelude-ls": "~1.1.2",
         "type-check": "~0.3.2"
@@ -7087,7 +7958,6 @@
       "version": "4.1.3",
       "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.3.tgz",
       "integrity": "sha512-fFEhvcgzuIoJVUF8fYr5KR0YqxD238zgObTps31YdADwPPAp82a4M8TrckkWyx7ekNlf9aBcVn81cFwwXngrJA==",
-      "dev": true,
       "requires": {
         "pseudomap": "^1.0.2",
         "yallist": "^2.1.2"
@@ -7096,8 +7966,7 @@
         "yallist": {
           "version": "2.1.2",
           "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz",
-          "integrity": "sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI=",
-          "dev": true
+          "integrity": "sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI="
         }
       }
     },
@@ -8077,6 +8946,12 @@
       "resolved": "https://registry.npmjs.org/napi-build-utils/-/napi-build-utils-1.0.1.tgz",
       "integrity": "sha512-boQj1WFgQH3v4clhu3mTNfP+vOBxorDlE8EKiMjUlLG3C4qAESnn9AxIOkFgTR2c9LtzNjPrjS60cT27ZKBhaA=="
     },
+    "natives": {
+      "version": "1.1.6",
+      "resolved": "https://registry.npmjs.org/natives/-/natives-1.1.6.tgz",
+      "integrity": "sha512-6+TDFewD4yxY14ptjKaS63GVdtKiES1pTPyxn9Jb0rBqPMZ7VcCiooEhPNsr+mqHtMGxa/5c/HhcC4uPEUw/nA==",
+      "optional": true
+    },
     "negotiator": {
       "version": "0.6.1",
       "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz",
@@ -8287,6 +9162,12 @@
         }
       }
     },
+    "node-uuid": {
+      "version": "1.4.8",
+      "resolved": "https://registry.npmjs.org/node-uuid/-/node-uuid-1.4.8.tgz",
+      "integrity": "sha1-sEDrCSOWivq/jTL7HxfxFn/auQc=",
+      "optional": true
+    },
     "nodemailer": {
       "version": "5.1.1",
       "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-5.1.1.tgz",
@@ -8804,6 +9685,11 @@
       "resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz",
       "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0="
     },
+    "nwmatcher": {
+      "version": "1.4.4",
+      "resolved": "https://registry.npmjs.org/nwmatcher/-/nwmatcher-1.4.4.tgz",
+      "integrity": "sha512-3iuY4N5dhgMpCUrOVnuAdGrgxVqV2cJpM+XNccjR2DKOB1RUP0aA+wGXEiNziG/UKboFyGBIoKOaNlJxx8bciQ=="
+    },
     "oauth-sign": {
       "version": "0.8.2",
       "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.8.2.tgz",
@@ -9032,7 +9918,6 @@
       "version": "0.8.2",
       "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.2.tgz",
       "integrity": "sha1-NkxeQJ0/TWMB1sC0wFu6UBgK62Q=",
-      "dev": true,
       "requires": {
         "deep-is": "~0.1.3",
         "fast-levenshtein": "~2.0.4",
@@ -9073,7 +9958,6 @@
       "version": "0.1.5",
       "resolved": "https://registry.npmjs.org/osenv/-/osenv-0.1.5.tgz",
       "integrity": "sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g==",
-      "dev": true,
       "requires": {
         "os-homedir": "^1.0.0",
         "os-tmpdir": "^1.0.0"
@@ -9095,6 +9979,11 @@
       "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=",
       "dev": true
     },
+    "p-map": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/p-map/-/p-map-1.2.0.tgz",
+      "integrity": "sha512-r6zKACMNhjPJMTl8KcFH4li//gkrXWfbD6feV8l6doRHlzljFWGJ2AP6iKaCJXyZmAUMOPtvbW7EXkbWO/pLEA=="
+    },
     "package-json": {
       "version": "4.0.1",
       "resolved": "https://registry.npmjs.org/package-json/-/package-json-4.0.1.tgz",
@@ -9150,6 +10039,11 @@
       "integrity": "sha1-bVuTSkVpk7I9N/QKOC1vFmao5cY=",
       "dev": true
     },
+    "parse5": {
+      "version": "1.5.1",
+      "resolved": "https://registry.npmjs.org/parse5/-/parse5-1.5.1.tgz",
+      "integrity": "sha1-m387DeMr543CQBsXVzzK8Pb1nZQ="
+    },
     "parseqs": {
       "version": "0.0.5",
       "resolved": "https://registry.npmjs.org/parseqs/-/parseqs-0.0.5.tgz",
@@ -9158,6 +10052,11 @@
         "better-assert": "~1.0.0"
       }
     },
+    "parserlib": {
+      "version": "0.2.5",
+      "resolved": "https://registry.npmjs.org/parserlib/-/parserlib-0.2.5.tgz",
+      "integrity": "sha1-hZB92GBaoGq7PdKV1QuyuPpN0Rc="
+    },
     "parseuri": {
       "version": "0.0.5",
       "resolved": "https://registry.npmjs.org/parseuri/-/parseuri-0.0.5.tgz",
@@ -9230,8 +10129,7 @@
     "path-is-inside": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/path-is-inside/-/path-is-inside-1.0.2.tgz",
-      "integrity": "sha1-NlQX3t5EQw0cEa9hAn+s8HS9/FM=",
-      "dev": true
+      "integrity": "sha1-NlQX3t5EQw0cEa9hAn+s8HS9/FM="
     },
     "path-key": {
       "version": "2.0.1",
@@ -9454,8 +10352,7 @@
     "prelude-ls": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz",
-      "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=",
-      "dev": true
+      "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ="
     },
     "prepend-http": {
       "version": "1.0.4",
@@ -9491,6 +10388,11 @@
       "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==",
       "dev": true
     },
+    "proto-list": {
+      "version": "1.2.4",
+      "resolved": "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz",
+      "integrity": "sha1-IS1b/hMYMGpCD2QCuOJv85ZHqEk="
+    },
     "proxy-addr": {
       "version": "2.0.4",
       "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.4.tgz",
@@ -9503,8 +10405,7 @@
     "pseudomap": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz",
-      "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM=",
-      "dev": true
+      "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM="
     },
     "psl": {
       "version": "1.1.29",
@@ -10033,7 +10934,6 @@
       "version": "2.6.3",
       "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz",
       "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==",
-      "dev": true,
       "requires": {
         "glob": "^7.1.3"
       },
@@ -10042,7 +10942,6 @@
           "version": "7.1.3",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz",
           "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==",
-          "dev": true,
           "requires": {
             "fs.realpath": "^1.0.0",
             "inflight": "^1.0.4",
@@ -10215,6 +11114,11 @@
         }
       }
     },
+    "sax": {
+      "version": "0.5.8",
+      "resolved": "https://registry.npmjs.org/sax/-/sax-0.5.8.tgz",
+      "integrity": "sha1-1HLbIo6zMcJQaw6MFVJK25OdEsE="
+    },
     "scss-tokenizer": {
       "version": "0.2.3",
       "resolved": "https://registry.npmjs.org/scss-tokenizer/-/scss-tokenizer-0.2.3.tgz",
@@ -10391,6 +11295,11 @@
         "rechoir": "^0.6.2"
       }
     },
+    "sigmund": {
+      "version": "1.0.1",
+      "resolved": "https://registry.npmjs.org/sigmund/-/sigmund-1.0.1.tgz",
+      "integrity": "sha1-P/IfGYytIXX587eBhT/ZTQ0ZtZA="
+    },
     "signal-exit": {
       "version": "3.0.2",
       "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz",
@@ -10544,6 +11453,15 @@
         "kind-of": "^3.2.0"
       }
     },
+    "sntp": {
+      "version": "0.2.4",
+      "resolved": "https://registry.npmjs.org/sntp/-/sntp-0.2.4.tgz",
+      "integrity": "sha1-+4hfGLDzqtGJ+CSGJTa87ux1CQA=",
+      "optional": true,
+      "requires": {
+        "hoek": "0.9.x"
+      }
+    },
     "socket.io": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-2.2.0.tgz",
@@ -10809,6 +11727,37 @@
         "duplexer": "~0.1.1"
       }
     },
+    "stream-counter": {
+      "version": "0.1.0",
+      "resolved": "https://registry.npmjs.org/stream-counter/-/stream-counter-0.1.0.tgz",
+      "integrity": "sha1-oDXkKTYftX82Fgbhf82Ki5Z3Mns=",
+      "requires": {
+        "readable-stream": "~1.0.2"
+      },
+      "dependencies": {
+        "isarray": {
+          "version": "0.0.1",
+          "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz",
+          "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8="
+        },
+        "readable-stream": {
+          "version": "1.0.34",
+          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.34.tgz",
+          "integrity": "sha1-Elgg40vIQtLyqq+v5MKRbuMsFXw=",
+          "requires": {
+            "core-util-is": "~1.0.0",
+            "inherits": "~2.0.1",
+            "isarray": "0.0.1",
+            "string_decoder": "~0.10.x"
+          }
+        },
+        "string_decoder": {
+          "version": "0.10.31",
+          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz",
+          "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ="
+        }
+      }
+    },
     "stream-exhaust": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/stream-exhaust/-/stream-exhaust-1.0.2.tgz",
@@ -10899,6 +11848,12 @@
         "safe-buffer": "~5.1.0"
       }
     },
+    "stringstream": {
+      "version": "0.0.6",
+      "resolved": "https://registry.npmjs.org/stringstream/-/stringstream-0.0.6.tgz",
+      "integrity": "sha512-87GEBAkegbBcweToUrdzf3eLhWNg06FJTebl4BVJz/JgWy8CvEr9dRtX5qWphiynMSQlxxi+QqN0z5T32SLlhA==",
+      "optional": true
+    },
     "strip-ansi": {
       "version": "3.0.1",
       "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz",
@@ -10991,6 +11946,11 @@
         "es6-symbol": "^3.1.1"
       }
     },
+    "symbol-tree": {
+      "version": "3.2.2",
+      "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.2.tgz",
+      "integrity": "sha1-rifbOPZgp64uHDt9G8KQgZuFGeY="
+    },
     "tar": {
       "version": "4.4.8",
       "resolved": "https://registry.npmjs.org/tar/-/tar-4.4.8.tgz",
@@ -11145,6 +12105,11 @@
         }
       }
     },
+    "tiny-worker": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/tiny-worker/-/tiny-worker-2.1.2.tgz",
+      "integrity": "sha512-t8xrlrw0ScBnJ1K5ziHcD6u2SgWpE9Tozv4EIqpXMnCfEVc3pWzMx+ZFwqpXk20C4WTRoLZVBi9v1tLkaciCTg=="
+    },
     "to-absolute-glob": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/to-absolute-glob/-/to-absolute-glob-2.0.2.tgz",
@@ -11268,6 +12233,11 @@
         "punycode": "^1.4.1"
       }
     },
+    "tr46": {
+      "version": "0.0.3",
+      "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
+      "integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o="
+    },
     "trim-newlines": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-1.0.0.tgz",
@@ -11379,7 +12349,6 @@
       "version": "0.3.2",
       "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz",
       "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=",
-      "dev": true,
       "requires": {
         "prelude-ls": "~1.1.2"
       }
@@ -11454,6 +12423,63 @@
       "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.5.tgz",
       "integrity": "sha512-JoLI4g5zv5qNyT09f4YAvEZIIV1oOjqnewYg5D38dkQljIzpPT296dbIGvKro3digYI1bkb7W6EP1y4uDlmzLg=="
     },
+    "uglify-js": {
+      "version": "2.4.24",
+      "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.4.24.tgz",
+      "integrity": "sha1-+tV1XB4Vd2WLsG/5q25UjJW+vW4=",
+      "requires": {
+        "async": "~0.2.6",
+        "source-map": "0.1.34",
+        "uglify-to-browserify": "~1.0.0",
+        "yargs": "~3.5.4"
+      },
+      "dependencies": {
+        "async": {
+          "version": "0.2.10",
+          "resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz",
+          "integrity": "sha1-trvgsGdLnXGXCMo43owjfLUmw9E="
+        },
+        "camelcase": {
+          "version": "1.2.1",
+          "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-1.2.1.tgz",
+          "integrity": "sha1-m7UwTS4LVmmLLHWLCKPqqdqlijk="
+        },
+        "source-map": {
+          "version": "0.1.34",
+          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.34.tgz",
+          "integrity": "sha1-p8/omux7FoLDsZjQrPtH19CQVms=",
+          "requires": {
+            "amdefine": ">=0.0.4"
+          }
+        },
+        "window-size": {
+          "version": "0.1.0",
+          "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.1.0.tgz",
+          "integrity": "sha1-VDjNLqk7IC76Ohn+iIeu58lPnJ0="
+        },
+        "wordwrap": {
+          "version": "0.0.2",
+          "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.2.tgz",
+          "integrity": "sha1-t5Zpu0LstAn4PVg8rVLKF+qhZD8="
+        },
+        "yargs": {
+          "version": "3.5.4",
+          "resolved": "https://registry.npmjs.org/yargs/-/yargs-3.5.4.tgz",
+          "integrity": "sha1-2K/49mXpTDS9JZvevRv68N3TU2E=",
+          "requires": {
+            "camelcase": "^1.0.2",
+            "decamelize": "^1.0.0",
+            "window-size": "0.1.0",
+            "wordwrap": "0.0.2"
+          }
+        }
+      }
+    },
+    "uglify-to-browserify": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/uglify-to-browserify/-/uglify-to-browserify-1.0.2.tgz",
+      "integrity": "sha1-bgkk1r2mta/jSeOabWMoUKD4grc="
+    },
     "unc-path-regex": {
       "version": "0.1.2",
       "resolved": "https://registry.npmjs.org/unc-path-regex/-/unc-path-regex-0.1.2.tgz",
@@ -11472,8 +12498,7 @@
     "underscore": {
       "version": "1.6.0",
       "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.6.0.tgz",
-      "integrity": "sha1-izixDKze9jM3uLJOT/htRa6lKag=",
-      "dev": true
+      "integrity": "sha1-izixDKze9jM3uLJOT/htRa6lKag="
     },
     "undertaker": {
       "version": "1.2.0",
@@ -11885,6 +12910,20 @@
         "source-map": "^0.5.1"
       }
     },
+    "webidl-conversions": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
+      "integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE="
+    },
+    "whatwg-url": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-3.1.0.tgz",
+      "integrity": "sha1-e9yuSQ+SGu9kUftnOexrvY6Qe/Y=",
+      "requires": {
+        "tr46": "~0.0.3",
+        "webidl-conversions": "^3.0.0"
+      }
+    },
     "which": {
       "version": "1.3.1",
       "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz",
@@ -11961,8 +13000,7 @@
     "wordwrap": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz",
-      "integrity": "sha1-J1hIEIkUVqQXHI0CJkQa3pDLyus=",
-      "dev": true
+      "integrity": "sha1-J1hIEIkUVqQXHI0CJkQa3pDLyus="
     },
     "wrap-ansi": {
       "version": "2.1.0",
@@ -12003,6 +13041,19 @@
       "integrity": "sha1-SWsswQnsqNus/i3HK2A8F8WHCtQ=",
       "dev": true
     },
+    "xml-name-validator": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-2.0.1.tgz",
+      "integrity": "sha1-TYuPHszTQZqjYgYb7O9RXh5VljU="
+    },
+    "xml2js": {
+      "version": "0.2.8",
+      "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.2.8.tgz",
+      "integrity": "sha1-m4FpCTFjH/CdGVdUn69U9PmAs8I=",
+      "requires": {
+        "sax": "0.5.x"
+      }
+    },
     "xmlhttprequest-ssl": {
       "version": "1.5.5",
       "resolved": "https://registry.npmjs.org/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.5.5.tgz",
diff --git a/api/package.json b/api/package.json
index d4941b7c1..83bf39c1e 100644
--- a/api/package.json
+++ b/api/package.json
@@ -42,7 +42,7 @@
     "cookie": "^0.3.1",
     "express": "^4.16.4",
     "fast-csv": "^2.4.1",
-    "highlight.js": "^9.14.2",
+    "highlight.js": "^9.15.5",
     "html-pdf": "^2.2.0",
     "jsonwebtoken": "^8.5.0",
     "markdown-it": "^8.4.2",

From ba92a258a7b8f4b9e7182b9b0d520deaea2d933c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 26 Feb 2019 11:22:18 +0000
Subject: [PATCH 086/207] Bump @types/mongoose from 5.3.19 to 5.3.20 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mongoose) from 5.3.19 to 5.3.20.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/mongoose)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index ab7a1ad15..d95c21374 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -217,9 +217,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.19",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.19.tgz",
-      "integrity": "sha512-CKEDkcGBIXmvPNq/0NCbckVR2xndxpCk8CQHb0Dh1UreWSr6HuegT2WuxllNJZm5lXl2XxWBzCW0kwPtLKmtbQ==",
+      "version": "5.3.20",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.20.tgz",
+      "integrity": "sha512-KXD/wRaUkxA7NwU+0yp60WEFFmkhzJ4idGawycjUxFMTANIM7ZqlZsoXhHu3p33cg450D8PuwtAorFUwuMXLwA==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 83bf39c1e..096e037ea 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.0",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.6",
-    "@types/mongoose": "~5.3.19",
+    "@types/mongoose": "~5.3.20",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.6",
     "@types/passport": "^1.0.0",

From 955abd9d05c8cb2f93f314eca666a5f9dd9fbb42 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 27 Feb 2019 06:06:09 +0000
Subject: [PATCH 087/207] Bump highlight.js from 9.15.5 to 9.15.6 in /api

Bumps [highlight.js](https://github.com/highlightjs/highlight.js) from 9.15.5 to 9.15.6.
- [Release notes](https://github.com/highlightjs/highlight.js/releases)
- [Changelog](https://github.com/highlightjs/highlight.js/blob/master/CHANGES.md)
- [Commits](https://github.com/highlightjs/highlight.js/compare/9.15.5...9.15.6)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 1125 ++---------------------------------------
 api/package.json      |    2 +-
 2 files changed, 38 insertions(+), 1089 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index d95c21374..e8f4acafd 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -313,11 +313,6 @@
         "@types/node": "*"
       }
     },
-    "@types/semver": {
-      "version": "5.5.0",
-      "resolved": "https://registry.npmjs.org/@types/semver/-/semver-5.5.0.tgz",
-      "integrity": "sha512-41qEJgBH/TWgo5NFSvBCJ1qkoi3Q6ONSF2avrHq1LVEZfYpdHmj0y9SuTK+u9ZhG1sYQKBL1AWXKyLWP4RaUoQ=="
-    },
     "@types/serve-static": {
       "version": "1.13.2",
       "resolved": "https://registry.npmjs.org/@types/serve-static/-/serve-static-1.13.2.tgz",
@@ -370,15 +365,11 @@
       "integrity": "sha512-mf0VpXk+NoTmkUmuJCsdwBYxjYZW41amCSzd4t/fABMKl+qGMViwFP0pR7ukFdZRXWI1LIkca3VIbXVBmWZ4kQ==",
       "dev": true
     },
-    "abab": {
-      "version": "1.0.4",
-      "resolved": "https://registry.npmjs.org/abab/-/abab-1.0.4.tgz",
-      "integrity": "sha1-X6rZwsB/YN12dw9xzwJbYqY8/U4="
-    },
     "abbrev": {
       "version": "1.0.9",
       "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.0.9.tgz",
-      "integrity": "sha1-kbR5JYinc4wl813W9jdSovh3YTU="
+      "integrity": "sha1-kbR5JYinc4wl813W9jdSovh3YTU=",
+      "dev": true
     },
     "accepts": {
       "version": "1.3.5",
@@ -395,21 +386,6 @@
       "integrity": "sha512-T/zvzYRfbVojPWahDsE5evJdHb3oJoQfFbsrKM7w5Zcs++Tr257tia3BmMP8XYVjp1S9RZXQMh7gao96BlqZOw==",
       "dev": true
     },
-    "acorn-globals": {
-      "version": "1.0.9",
-      "resolved": "https://registry.npmjs.org/acorn-globals/-/acorn-globals-1.0.9.tgz",
-      "integrity": "sha1-VbtemGkVB7dFedBRNBMhfDgMVM8=",
-      "requires": {
-        "acorn": "^2.1.0"
-      },
-      "dependencies": {
-        "acorn": {
-          "version": "2.7.0",
-          "resolved": "https://registry.npmjs.org/acorn/-/acorn-2.7.0.tgz",
-          "integrity": "sha1-q259nYhqrKiwhbwzEreaGYQz8Oc="
-        }
-      }
-    },
     "after": {
       "version": "0.8.2",
       "resolved": "https://registry.npmjs.org/after/-/after-0.8.2.tgz",
@@ -429,7 +405,8 @@
     "amdefine": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/amdefine/-/amdefine-1.0.1.tgz",
-      "integrity": "sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU="
+      "integrity": "sha1-SlKCrBZHKek2Gbz9OtFR+BfOkfU=",
+      "dev": true
     },
     "ansi-align": {
       "version": "2.0.0",
@@ -784,11 +761,6 @@
       "integrity": "sha1-p5SvDAWrF1KEbudTofIRoFugxE8=",
       "dev": true
     },
-    "array-equal": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/array-equal/-/array-equal-1.0.0.tgz",
-      "integrity": "sha1-jCpe8kcv2ep0KwTHenUJO6J1fJM="
-    },
     "array-extended": {
       "version": "0.0.11",
       "resolved": "https://registry.npmjs.org/array-extended/-/array-extended-0.0.11.tgz",
@@ -870,19 +842,6 @@
         }
       }
     },
-    "array-union": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/array-union/-/array-union-1.0.2.tgz",
-      "integrity": "sha1-mjRBDk9OPaI96jdb5b5w8kd47Dk=",
-      "requires": {
-        "array-uniq": "^1.0.1"
-      }
-    },
-    "array-uniq": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/array-uniq/-/array-uniq-1.0.3.tgz",
-      "integrity": "sha1-r2rId6Jcx/dOBYiUdThY39sk/bY="
-    },
     "array-unique": {
       "version": "0.2.1",
       "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.2.1.tgz",
@@ -2242,15 +2201,6 @@
         "type-is": "~1.6.16"
       }
     },
-    "boom": {
-      "version": "0.4.2",
-      "resolved": "https://registry.npmjs.org/boom/-/boom-0.4.2.tgz",
-      "integrity": "sha1-emNune1O/O+xnO9JR6PGffrukRs=",
-      "optional": true,
-      "requires": {
-        "hoek": "0.9.x"
-      }
-    },
     "boxen": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/boxen/-/boxen-1.3.0.tgz",
@@ -2665,57 +2615,6 @@
         }
       }
     },
-    "clean-css": {
-      "version": "2.2.23",
-      "resolved": "https://registry.npmjs.org/clean-css/-/clean-css-2.2.23.tgz",
-      "integrity": "sha1-BZC1R4tRbEkD7cLYm9P9vdKGMow=",
-      "optional": true,
-      "requires": {
-        "commander": "2.2.x"
-      },
-      "dependencies": {
-        "commander": {
-          "version": "2.2.0",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-2.2.0.tgz",
-          "integrity": "sha1-F1rUuTF/P/YV8gHB5XIk9Vo+kd8=",
-          "optional": true
-        }
-      }
-    },
-    "cli": {
-      "version": "0.6.6",
-      "resolved": "https://registry.npmjs.org/cli/-/cli-0.6.6.tgz",
-      "integrity": "sha1-Aq1Eo4Cr8nraxebwzdewQ9dMU+M=",
-      "requires": {
-        "exit": "0.1.2",
-        "glob": "~ 3.2.1"
-      },
-      "dependencies": {
-        "glob": {
-          "version": "3.2.11",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-3.2.11.tgz",
-          "integrity": "sha1-Spc/Y1uRkPcV0QmH1cAP0oFevj0=",
-          "requires": {
-            "inherits": "2",
-            "minimatch": "0.3"
-          }
-        },
-        "lru-cache": {
-          "version": "2.7.3",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-2.7.3.tgz",
-          "integrity": "sha1-bUUk6LlV+V1PW1iFHOId1y+06VI="
-        },
-        "minimatch": {
-          "version": "0.3.0",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.3.0.tgz",
-          "integrity": "sha1-J12O2qxPG7MyZHIInnlJyDlGmd0=",
-          "requires": {
-            "lru-cache": "2",
-            "sigmund": "~1.0.0"
-          }
-        }
-      }
-    },
     "cli-boxes": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/cli-boxes/-/cli-boxes-1.0.0.tgz",
@@ -2913,15 +2812,6 @@
         "typedarray": "^0.0.6"
       }
     },
-    "config-chain": {
-      "version": "1.1.12",
-      "resolved": "https://registry.npmjs.org/config-chain/-/config-chain-1.1.12.tgz",
-      "integrity": "sha512-a1eOIcu8+7lUInge4Rpf/n4Krkf3Dd9lqhljRzII1/Zno/kRtUWnznPO3jOKBmTEktkt3fkxisUcivoj0ebzoA==",
-      "requires": {
-        "ini": "^1.3.4",
-        "proto-list": "~1.2.1"
-      }
-    },
     "configstore": {
       "version": "3.1.2",
       "resolved": "https://registry.npmjs.org/configstore/-/configstore-3.1.2.tgz",
@@ -2936,14 +2826,6 @@
         "xdg-basedir": "^3.0.0"
       }
     },
-    "console-browserify": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/console-browserify/-/console-browserify-1.1.0.tgz",
-      "integrity": "sha1-8CQcRXMKn8YyOyBtvzjtx0HQuxA=",
-      "requires": {
-        "date-now": "^0.1.4"
-      }
-    },
     "console-control-strings": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz",
@@ -3070,15 +2952,6 @@
       "resolved": "https://registry.npmjs.org/crypt/-/crypt-0.0.2.tgz",
       "integrity": "sha1-iNf/fsDfuG9xPch7u0LQRNPmxBs="
     },
-    "cryptiles": {
-      "version": "0.2.2",
-      "resolved": "https://registry.npmjs.org/cryptiles/-/cryptiles-0.2.2.tgz",
-      "integrity": "sha1-7ZH/HxetE9N0gohZT4pIoNJvMlw=",
-      "optional": true,
-      "requires": {
-        "boom": "0.4.x"
-      }
-    },
     "crypto-random-string": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/crypto-random-string/-/crypto-random-string-1.0.0.tgz",
@@ -3105,33 +2978,6 @@
         }
       }
     },
-    "csslint": {
-      "version": "0.10.0",
-      "resolved": "https://registry.npmjs.org/csslint/-/csslint-0.10.0.tgz",
-      "integrity": "sha1-OmoE51Zcjp0ZvrSXZ8fslug2WAU=",
-      "requires": {
-        "parserlib": "~0.2.2"
-      }
-    },
-    "cssom": {
-      "version": "0.3.6",
-      "resolved": "https://registry.npmjs.org/cssom/-/cssom-0.3.6.tgz",
-      "integrity": "sha512-DtUeseGk9/GBW0hl0vVPpU22iHL6YB5BUX7ml1hB+GMpo0NX5G4voX3kdWiMSEguFtcW3Vh3djqNF4aIe6ne0A=="
-    },
-    "cssstyle": {
-      "version": "0.2.37",
-      "resolved": "https://registry.npmjs.org/cssstyle/-/cssstyle-0.2.37.tgz",
-      "integrity": "sha1-VBCXI0yyUTyDzu06zdwn/yeYfVQ=",
-      "requires": {
-        "cssom": "0.3.x"
-      }
-    },
-    "ctype": {
-      "version": "0.5.3",
-      "resolved": "https://registry.npmjs.org/ctype/-/ctype-0.5.3.tgz",
-      "integrity": "sha1-gsGMJGH3QRTvFsE1IkrQuRRMoS8=",
-      "optional": true
-    },
     "currently-unhandled": {
       "version": "0.4.1",
       "resolved": "https://registry.npmjs.org/currently-unhandled/-/currently-unhandled-0.4.1.tgz",
@@ -3180,11 +3026,6 @@
         "is-extended": "~0.0.3"
       }
     },
-    "date-now": {
-      "version": "0.1.4",
-      "resolved": "https://registry.npmjs.org/date-now/-/date-now-0.1.4.tgz",
-      "integrity": "sha1-6vQ5/U1ISK105cx9vvIAZyueNFs="
-    },
     "debug": {
       "version": "2.6.9",
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@@ -3262,7 +3103,8 @@
     "deep-is": {
       "version": "0.1.3",
       "resolved": "https://registry.npmjs.org/deep-is/-/deep-is-0.1.3.tgz",
-      "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ="
+      "integrity": "sha1-s2nW+128E+7PUk+RsHD+7cNXzzQ=",
+      "dev": true
     },
     "default-compare": {
       "version": "1.0.0",
@@ -3350,26 +3192,6 @@
         }
       }
     },
-    "del": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/del/-/del-3.0.0.tgz",
-      "integrity": "sha1-U+z2mf/LyzljdpGrE7rxYIGXZuU=",
-      "requires": {
-        "globby": "^6.1.0",
-        "is-path-cwd": "^1.0.0",
-        "is-path-in-cwd": "^1.0.0",
-        "p-map": "^1.1.1",
-        "pify": "^3.0.0",
-        "rimraf": "^2.2.8"
-      },
-      "dependencies": {
-        "pify": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/pify/-/pify-3.0.0.tgz",
-          "integrity": "sha1-5aSs0sEB/fPZpNB/DbxNtJ3SgXY="
-        }
-      }
-    },
     "delayed-stream": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz",
@@ -3453,37 +3275,6 @@
       "integrity": "sha512-A46qtFgd+g7pDZinpnwiRJtxbC1hpgf0uzP3iG89scHk0AUC7A1TGxf5OiiOUv/JMZR8GOt8hL900hV0bOy5xA==",
       "dev": true
     },
-    "dom-serializer": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/dom-serializer/-/dom-serializer-0.1.1.tgz",
-      "integrity": "sha512-l0IU0pPzLWSHBcieZbpOKgkIn3ts3vAh7ZuFyXNwJxJXk/c4Gwj9xaTJwIDVQCXawWD0qb3IzMGH5rglQaO0XA==",
-      "requires": {
-        "domelementtype": "^1.3.0",
-        "entities": "^1.1.1"
-      }
-    },
-    "domelementtype": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/domelementtype/-/domelementtype-1.3.1.tgz",
-      "integrity": "sha512-BSKB+TSpMpFI/HOxCNr1O8aMOTZ8hT3pM3GQ0w/mWRmkhEDSFJkkyzz4XQsBV44BChwGkrDfMyjVD0eA2aFV3w=="
-    },
-    "domhandler": {
-      "version": "2.3.0",
-      "resolved": "https://registry.npmjs.org/domhandler/-/domhandler-2.3.0.tgz",
-      "integrity": "sha1-LeWaCCLVAn+r/28DLCsloqir5zg=",
-      "requires": {
-        "domelementtype": "1"
-      }
-    },
-    "domutils": {
-      "version": "1.5.1",
-      "resolved": "https://registry.npmjs.org/domutils/-/domutils-1.5.1.tgz",
-      "integrity": "sha1-3NhIiib1Y9YQeeSMn3t+Mjc2gs8=",
-      "requires": {
-        "dom-serializer": "0",
-        "domelementtype": "1"
-      }
-    },
     "dot-prop": {
       "version": "4.2.0",
       "resolved": "https://registry.npmjs.org/dot-prop/-/dot-prop-4.2.0.tgz",
@@ -3543,36 +3334,6 @@
         "safe-buffer": "^5.0.1"
       }
     },
-    "editorconfig": {
-      "version": "0.15.2",
-      "resolved": "https://registry.npmjs.org/editorconfig/-/editorconfig-0.15.2.tgz",
-      "integrity": "sha512-GWjSI19PVJAM9IZRGOS+YKI8LN+/sjkSjNyvxL5ucqP9/IqtYNXBaQ/6c/hkPNYQHyOHra2KoXZI/JVpuqwmcQ==",
-      "requires": {
-        "@types/node": "^10.11.7",
-        "@types/semver": "^5.5.0",
-        "commander": "^2.19.0",
-        "lru-cache": "^4.1.3",
-        "semver": "^5.6.0",
-        "sigmund": "^1.0.1"
-      },
-      "dependencies": {
-        "@types/node": {
-          "version": "10.12.27",
-          "resolved": "https://registry.npmjs.org/@types/node/-/node-10.12.27.tgz",
-          "integrity": "sha512-e9wgeY6gaY21on3ve0xAjgBVjGDWq/xUteK0ujsE53bUoxycMkqfnkUgMt6ffZtykZ5X12Mg3T7Pw4TRCObDKg=="
-        },
-        "commander": {
-          "version": "2.19.0",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-2.19.0.tgz",
-          "integrity": "sha512-6tvAOO+D6OENvRAh524Dh9jcfKTYDQAqvqezbCW82xj5X0pSrcpxtvRKHLG0yBY6SD7PSDrJaj+0AiOcKVd1Xg=="
-        },
-        "semver": {
-          "version": "5.6.0",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-5.6.0.tgz",
-          "integrity": "sha512-RS9R6R35NYgQn++fkDWaOmqGoj4Ek9gGs+DPxNUZKuwE183xjJroKvyo1IzVFeXvUrvmALy6FWD5xrdJT25gMg=="
-        }
-      }
-    },
     "ee-first": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/ee-first/-/ee-first-1.1.1.tgz",
@@ -3730,6 +3491,7 @@
       "version": "1.8.1",
       "resolved": "https://registry.npmjs.org/escodegen/-/escodegen-1.8.1.tgz",
       "integrity": "sha1-WltTr0aTEQvrsIZ6o0MN07cKEBg=",
+      "dev": true,
       "requires": {
         "esprima": "^2.7.1",
         "estraverse": "^1.9.1",
@@ -3741,12 +3503,14 @@
         "esprima": {
           "version": "2.7.3",
           "resolved": "https://registry.npmjs.org/esprima/-/esprima-2.7.3.tgz",
-          "integrity": "sha1-luO3DVd59q1JzQMmc9HDEnZ7pYE="
+          "integrity": "sha1-luO3DVd59q1JzQMmc9HDEnZ7pYE=",
+          "dev": true
         },
         "source-map": {
           "version": "0.2.0",
           "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.2.0.tgz",
           "integrity": "sha1-2rc/vPwrqBm03gO9b26qSBZLP50=",
+          "dev": true,
           "optional": true,
           "requires": {
             "amdefine": ">=0.0.4"
@@ -3763,7 +3527,8 @@
     "estraverse": {
       "version": "1.9.3",
       "resolved": "https://registry.npmjs.org/estraverse/-/estraverse-1.9.3.tgz",
-      "integrity": "sha1-r2fy3JIlgkFZUJJgkaQAXSnJu0Q="
+      "integrity": "sha1-r2fy3JIlgkFZUJJgkaQAXSnJu0Q=",
+      "dev": true
     },
     "esutils": {
       "version": "2.0.2",
@@ -3830,11 +3595,6 @@
         }
       }
     },
-    "exit": {
-      "version": "0.1.2",
-      "resolved": "https://registry.npmjs.org/exit/-/exit-0.1.2.tgz",
-      "integrity": "sha1-BjJjj42HfMghB9MKD/8aF8uhzQw="
-    },
     "exit-hook": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/exit-hook/-/exit-hook-1.1.1.tgz",
@@ -4025,7 +3785,8 @@
     "fast-levenshtein": {
       "version": "2.0.6",
       "resolved": "https://registry.npmjs.org/fast-levenshtein/-/fast-levenshtein-2.0.6.tgz",
-      "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc="
+      "integrity": "sha1-PYpcZog6FqMMqGQ+hR8Zuqd5eRc=",
+      "dev": true
     },
     "fd-slicer": {
       "version": "1.0.1",
@@ -5064,193 +4825,6 @@
         "globule": "^1.0.0"
       }
     },
-    "gear": {
-      "version": "0.9.7",
-      "resolved": "https://registry.npmjs.org/gear/-/gear-0.9.7.tgz",
-      "integrity": "sha1-Hq0Z7uY5MZ2OLmVUlMYb2JVud38=",
-      "requires": {
-        "async": "0.8.x",
-        "liftoff": "2.0.x",
-        "minimist": "0.1.x",
-        "mkdirp": "0.5.x"
-      },
-      "dependencies": {
-        "async": {
-          "version": "0.8.0",
-          "resolved": "https://registry.npmjs.org/async/-/async-0.8.0.tgz",
-          "integrity": "sha1-7mXsdymML/FFa8RBigUtDwZDURI="
-        },
-        "extend": {
-          "version": "2.0.2",
-          "resolved": "https://registry.npmjs.org/extend/-/extend-2.0.2.tgz",
-          "integrity": "sha512-AgFD4VU+lVLP6vjnlNfF7OeInLTyeyckCNPEsuxz1vi786UuK/nk6ynPuhn/h+Ju9++TQyr5EpLRI14fc1QtTQ=="
-        },
-        "findup-sync": {
-          "version": "0.2.1",
-          "resolved": "https://registry.npmjs.org/findup-sync/-/findup-sync-0.2.1.tgz",
-          "integrity": "sha1-4KkKRQB1xJRm7lE3MgV1FLgeh4w=",
-          "requires": {
-            "glob": "~4.3.0"
-          }
-        },
-        "flagged-respawn": {
-          "version": "0.3.2",
-          "resolved": "https://registry.npmjs.org/flagged-respawn/-/flagged-respawn-0.3.2.tgz",
-          "integrity": "sha1-/xke3c1wiKZ1smEP/8l2vpuAdLU="
-        },
-        "glob": {
-          "version": "4.3.5",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-4.3.5.tgz",
-          "integrity": "sha1-gPuwjKVA8jiszl0R0em8QedRc9M=",
-          "requires": {
-            "inflight": "^1.0.4",
-            "inherits": "2",
-            "minimatch": "^2.0.1",
-            "once": "^1.3.0"
-          }
-        },
-        "liftoff": {
-          "version": "2.0.3",
-          "resolved": "https://registry.npmjs.org/liftoff/-/liftoff-2.0.3.tgz",
-          "integrity": "sha1-+6slNipQasKKPbDFXN6VYvvXBFY=",
-          "requires": {
-            "extend": "~2.0.0",
-            "findup-sync": "~0.2.0",
-            "flagged-respawn": "~0.3.0",
-            "minimist": "~1.1.0",
-            "resolve": "~1.1.0"
-          },
-          "dependencies": {
-            "minimist": {
-              "version": "1.1.3",
-              "resolved": "https://registry.npmjs.org/minimist/-/minimist-1.1.3.tgz",
-              "integrity": "sha1-O+39kaktOQFvz6ocaB6Pqhoe/ag="
-            }
-          }
-        },
-        "minimatch": {
-          "version": "2.0.10",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-2.0.10.tgz",
-          "integrity": "sha1-jQh8OcazjAAbl/ynzm0OHoCvusc=",
-          "requires": {
-            "brace-expansion": "^1.0.0"
-          }
-        },
-        "minimist": {
-          "version": "0.1.0",
-          "resolved": "https://registry.npmjs.org/minimist/-/minimist-0.1.0.tgz",
-          "integrity": "sha1-md9lelJXTCHJBXSX33QnkLK0wN4="
-        },
-        "resolve": {
-          "version": "1.1.7",
-          "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.1.7.tgz",
-          "integrity": "sha1-IDEU2CrSxe2ejgQRs5ModeiJ6Xs="
-        }
-      }
-    },
-    "gear-lib": {
-      "version": "0.9.2",
-      "resolved": "https://registry.npmjs.org/gear-lib/-/gear-lib-0.9.2.tgz",
-      "integrity": "sha1-vI1GHryB7K/+mcHagqvg9W65NUA=",
-      "requires": {
-        "async": "0.8.x",
-        "csslint": "0.10.x",
-        "gear": ">= 0.8.x",
-        "glob": "3.2.x",
-        "handlebars": "2.0.x",
-        "jshint": "2.5.x",
-        "jslint": "0.3.x",
-        "knox": "0.8.x",
-        "less": "1.7.x",
-        "mime": "1.2.x",
-        "uglify-js": "2.4.x"
-      },
-      "dependencies": {
-        "async": {
-          "version": "0.8.0",
-          "resolved": "https://registry.npmjs.org/async/-/async-0.8.0.tgz",
-          "integrity": "sha1-7mXsdymML/FFa8RBigUtDwZDURI="
-        },
-        "glob": {
-          "version": "3.2.11",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-3.2.11.tgz",
-          "integrity": "sha1-Spc/Y1uRkPcV0QmH1cAP0oFevj0=",
-          "requires": {
-            "inherits": "2",
-            "minimatch": "0.3"
-          }
-        },
-        "handlebars": {
-          "version": "2.0.0",
-          "resolved": "https://registry.npmjs.org/handlebars/-/handlebars-2.0.0.tgz",
-          "integrity": "sha1-bp1/hRSjRn+l6fgswVjs/B1ax28=",
-          "requires": {
-            "optimist": "~0.3",
-            "uglify-js": "~2.3"
-          },
-          "dependencies": {
-            "async": {
-              "version": "0.2.10",
-              "resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz",
-              "integrity": "sha1-trvgsGdLnXGXCMo43owjfLUmw9E=",
-              "optional": true
-            },
-            "uglify-js": {
-              "version": "2.3.6",
-              "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.3.6.tgz",
-              "integrity": "sha1-+gmEdwtCi3qbKoBY9GNV0U/vIRo=",
-              "optional": true,
-              "requires": {
-                "async": "~0.2.6",
-                "optimist": "~0.3.5",
-                "source-map": "~0.1.7"
-              }
-            }
-          }
-        },
-        "lru-cache": {
-          "version": "2.7.3",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-2.7.3.tgz",
-          "integrity": "sha1-bUUk6LlV+V1PW1iFHOId1y+06VI="
-        },
-        "mime": {
-          "version": "1.2.11",
-          "resolved": "https://registry.npmjs.org/mime/-/mime-1.2.11.tgz",
-          "integrity": "sha1-WCA+7Ybjpe8XrtK32evUfwpg3RA="
-        },
-        "minimatch": {
-          "version": "0.3.0",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.3.0.tgz",
-          "integrity": "sha1-J12O2qxPG7MyZHIInnlJyDlGmd0=",
-          "requires": {
-            "lru-cache": "2",
-            "sigmund": "~1.0.0"
-          }
-        },
-        "optimist": {
-          "version": "0.3.7",
-          "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.3.7.tgz",
-          "integrity": "sha1-yQlBrVnkJzMokjB00s8ufLxuwNk=",
-          "requires": {
-            "wordwrap": "~0.0.2"
-          }
-        },
-        "source-map": {
-          "version": "0.1.43",
-          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.43.tgz",
-          "integrity": "sha1-wkvBRspRfBRx9drL4lcbK3+eM0Y=",
-          "optional": true,
-          "requires": {
-            "amdefine": ">=0.0.4"
-          }
-        },
-        "wordwrap": {
-          "version": "0.0.3",
-          "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.3.tgz",
-          "integrity": "sha1-o9XabNXAvAAI03I0u68b7WMFkQc="
-        }
-      }
-    },
     "get-caller-file": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-1.0.2.tgz",
@@ -5763,18 +5337,6 @@
       "resolved": "https://registry.npmjs.org/globals/-/globals-9.18.0.tgz",
       "integrity": "sha512-S0nG3CLEQiY/ILxqtztTWH/3iRRdyBLw6KMDxnKMchrtbj2OFmehVh0WUCfW3DUrIgx/qFrJPICrq4Z4sTR9UQ=="
     },
-    "globby": {
-      "version": "6.1.0",
-      "resolved": "https://registry.npmjs.org/globby/-/globby-6.1.0.tgz",
-      "integrity": "sha1-9abXDoOV4hyFj7BInWTfAkJNUGw=",
-      "requires": {
-        "array-union": "^1.0.1",
-        "glob": "^7.0.3",
-        "object-assign": "^4.0.1",
-        "pify": "^2.0.0",
-        "pinkie-promise": "^2.0.0"
-      }
-    },
     "globule": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/globule/-/globule-1.2.1.tgz",
@@ -6509,18 +6071,6 @@
         "pinkie-promise": "^2.0.0"
       }
     },
-    "hawk": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/hawk/-/hawk-1.1.1.tgz",
-      "integrity": "sha1-h81JH5tG5OKurKM1QWdmiF0tHtk=",
-      "optional": true,
-      "requires": {
-        "boom": "0.4.x",
-        "cryptiles": "0.2.x",
-        "hoek": "0.9.x",
-        "sntp": "0.2.x"
-      }
-    },
     "he": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/he/-/he-1.1.1.tgz",
@@ -6528,52 +6078,9 @@
       "dev": true
     },
     "highlight.js": {
-      "version": "9.15.5",
-      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.15.5.tgz",
-      "integrity": "sha512-rxTzkHOur3JzJGHuKKfd9xoE5cBMkMPsAck1LcchT7WbMe4NjT2o1JQtpSrT2/k6iAsfRCgPOlv8FpZob67g7g==",
-      "requires": {
-        "bluebird": "^3.5.3",
-        "commander": "^2.19.0",
-        "del": "^3.0.0",
-        "gear": "^0.9.7",
-        "gear-lib": "^0.9.2",
-        "glob": "^7.1.3",
-        "js-beautify": "^1.8.9",
-        "jsdom": "9.2.1",
-        "lodash": "^4.17.11",
-        "tiny-worker": "^2.1.2"
-      },
-      "dependencies": {
-        "bluebird": {
-          "version": "3.5.3",
-          "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.3.tgz",
-          "integrity": "sha512-/qKPUQlaW1OyR51WeCPBvRnAlnZFUJkCSG5HzGnuIqhgyJtF+T94lFnn33eiazjRm2LAHVy2guNnaq48X9SJuw=="
-        },
-        "commander": {
-          "version": "2.19.0",
-          "resolved": "https://registry.npmjs.org/commander/-/commander-2.19.0.tgz",
-          "integrity": "sha512-6tvAOO+D6OENvRAh524Dh9jcfKTYDQAqvqezbCW82xj5X0pSrcpxtvRKHLG0yBY6SD7PSDrJaj+0AiOcKVd1Xg=="
-        },
-        "glob": {
-          "version": "7.1.3",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz",
-          "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==",
-          "requires": {
-            "fs.realpath": "^1.0.0",
-            "inflight": "^1.0.4",
-            "inherits": "2",
-            "minimatch": "^3.0.4",
-            "once": "^1.3.0",
-            "path-is-absolute": "^1.0.0"
-          }
-        }
-      }
-    },
-    "hoek": {
-      "version": "0.9.1",
-      "resolved": "https://registry.npmjs.org/hoek/-/hoek-0.9.1.tgz",
-      "integrity": "sha1-PTIkYrrfB3Fup+uFuviAec3c5QU=",
-      "optional": true
+      "version": "9.15.6",
+      "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.15.6.tgz",
+      "integrity": "sha512-zozTAWM1D6sozHo8kqhfYgsac+B+q0PmsjXeyDrYIHHcBN0zTVT66+s2GW1GZv7DbyaROdLXKdabwS/WqPyIdQ=="
     },
     "home-or-tmp": {
       "version": "2.0.0",
@@ -6611,46 +6118,6 @@
         "phantomjs-prebuilt": "^2.1.4"
       }
     },
-    "htmlparser2": {
-      "version": "3.8.3",
-      "resolved": "https://registry.npmjs.org/htmlparser2/-/htmlparser2-3.8.3.tgz",
-      "integrity": "sha1-mWwosZFRaovoZQGn15dX5ccMEGg=",
-      "requires": {
-        "domelementtype": "1",
-        "domhandler": "2.3",
-        "domutils": "1.5",
-        "entities": "1.0",
-        "readable-stream": "1.1"
-      },
-      "dependencies": {
-        "entities": {
-          "version": "1.0.0",
-          "resolved": "https://registry.npmjs.org/entities/-/entities-1.0.0.tgz",
-          "integrity": "sha1-sph6o4ITR/zeZCsk/fyeT7cSvyY="
-        },
-        "isarray": {
-          "version": "0.0.1",
-          "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz",
-          "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8="
-        },
-        "readable-stream": {
-          "version": "1.1.14",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.1.14.tgz",
-          "integrity": "sha1-fPTFTvZI44EwhMY23SB54WbAgdk=",
-          "requires": {
-            "core-util-is": "~1.0.0",
-            "inherits": "~2.0.1",
-            "isarray": "0.0.1",
-            "string_decoder": "~0.10.x"
-          }
-        },
-        "string_decoder": {
-          "version": "0.10.31",
-          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz",
-          "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ="
-        }
-      }
-    },
     "http-errors": {
       "version": "1.6.3",
       "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.6.3.tgz",
@@ -6996,23 +6463,11 @@
         }
       }
     },
-    "is-path-cwd": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/is-path-cwd/-/is-path-cwd-1.0.0.tgz",
-      "integrity": "sha1-0iXsIxMuie3Tj9p2dHLmLmXxEG0="
-    },
-    "is-path-in-cwd": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/is-path-in-cwd/-/is-path-in-cwd-1.0.1.tgz",
-      "integrity": "sha512-FjV1RTW48E7CWM7eE/J2NJvAEEVektecDBVBE5Hh3nM1Jd0kvhHtX68Pr3xsDf857xt3Y4AkwVULK1Vku62aaQ==",
-      "requires": {
-        "is-path-inside": "^1.0.0"
-      }
-    },
     "is-path-inside": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/is-path-inside/-/is-path-inside-1.0.1.tgz",
       "integrity": "sha1-jvW33lBDej/cprToZe96pVy0gDY=",
+      "dev": true,
       "requires": {
         "path-is-inside": "^1.0.1"
       }
@@ -7217,42 +6672,6 @@
       "integrity": "sha512-xcinL3AuDJk7VSzsHgb9DvvIXayBbadtMZ4HFPx8rUszbW1MuNMlwYVC4zzCZ6e1sqZpnNS5ZFYOhXqA39T7LQ==",
       "dev": true
     },
-    "js-beautify": {
-      "version": "1.8.9",
-      "resolved": "https://registry.npmjs.org/js-beautify/-/js-beautify-1.8.9.tgz",
-      "integrity": "sha512-MwPmLywK9RSX0SPsUJjN7i+RQY9w/yC17Lbrq9ViEefpLRgqAR2BgrMN2AbifkUuhDV8tRauLhLda/9+bE0YQA==",
-      "requires": {
-        "config-chain": "^1.1.12",
-        "editorconfig": "^0.15.2",
-        "glob": "^7.1.3",
-        "mkdirp": "~0.5.0",
-        "nopt": "~4.0.1"
-      },
-      "dependencies": {
-        "glob": {
-          "version": "7.1.3",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz",
-          "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==",
-          "requires": {
-            "fs.realpath": "^1.0.0",
-            "inflight": "^1.0.4",
-            "inherits": "2",
-            "minimatch": "^3.0.4",
-            "once": "^1.3.0",
-            "path-is-absolute": "^1.0.0"
-          }
-        },
-        "nopt": {
-          "version": "4.0.1",
-          "resolved": "https://registry.npmjs.org/nopt/-/nopt-4.0.1.tgz",
-          "integrity": "sha1-0NRoWv1UFRk8jHUFYC0NF81kR00=",
-          "requires": {
-            "abbrev": "1",
-            "osenv": "^0.1.4"
-          }
-        }
-      }
-    },
     "js-tokens": {
       "version": "3.0.2",
       "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-3.0.2.tgz",
@@ -7274,133 +6693,11 @@
       "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=",
       "optional": true
     },
-    "jsdom": {
-      "version": "9.2.1",
-      "resolved": "https://registry.npmjs.org/jsdom/-/jsdom-9.2.1.tgz",
-      "integrity": "sha1-Bhy8zG5WPRRJP2U6+S6tw8DTmRA=",
-      "requires": {
-        "abab": "^1.0.0",
-        "acorn": "^2.4.0",
-        "acorn-globals": "^1.0.4",
-        "array-equal": "^1.0.0",
-        "cssom": ">= 0.3.0 < 0.4.0",
-        "cssstyle": ">= 0.2.36 < 0.3.0",
-        "escodegen": "^1.6.1",
-        "iconv-lite": "^0.4.13",
-        "nwmatcher": ">= 1.3.7 < 2.0.0",
-        "parse5": "^1.5.1",
-        "request": "^2.55.0",
-        "sax": "^1.1.4",
-        "symbol-tree": ">= 3.1.0 < 4.0.0",
-        "tough-cookie": "^2.2.0",
-        "webidl-conversions": "^3.0.1",
-        "whatwg-url": "^3.0.0",
-        "xml-name-validator": ">= 2.0.1 < 3.0.0"
-      },
-      "dependencies": {
-        "acorn": {
-          "version": "2.7.0",
-          "resolved": "https://registry.npmjs.org/acorn/-/acorn-2.7.0.tgz",
-          "integrity": "sha1-q259nYhqrKiwhbwzEreaGYQz8Oc="
-        },
-        "sax": {
-          "version": "1.2.4",
-          "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz",
-          "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw=="
-        }
-      }
-    },
     "jsesc": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-1.3.0.tgz",
       "integrity": "sha1-RsP+yMGJKxKwgz25vHYiF226s0s="
     },
-    "jshint": {
-      "version": "2.5.11",
-      "resolved": "https://registry.npmjs.org/jshint/-/jshint-2.5.11.tgz",
-      "integrity": "sha1-4tlYWLuxqngwAQii6BCZ+wlWIuA=",
-      "requires": {
-        "cli": "0.6.x",
-        "console-browserify": "1.1.x",
-        "exit": "0.1.x",
-        "htmlparser2": "3.8.x",
-        "minimatch": "1.0.x",
-        "shelljs": "0.3.x",
-        "strip-json-comments": "1.0.x",
-        "underscore": "1.6.x"
-      },
-      "dependencies": {
-        "lru-cache": {
-          "version": "2.7.3",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-2.7.3.tgz",
-          "integrity": "sha1-bUUk6LlV+V1PW1iFHOId1y+06VI="
-        },
-        "minimatch": {
-          "version": "1.0.0",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-1.0.0.tgz",
-          "integrity": "sha1-4N0hILSeG3JM6NcUxSCCKpQ4V20=",
-          "requires": {
-            "lru-cache": "2",
-            "sigmund": "~1.0.0"
-          }
-        },
-        "shelljs": {
-          "version": "0.3.0",
-          "resolved": "https://registry.npmjs.org/shelljs/-/shelljs-0.3.0.tgz",
-          "integrity": "sha1-NZbmMHp4FUT1kfN9phg2DzHbV7E="
-        },
-        "strip-json-comments": {
-          "version": "1.0.4",
-          "resolved": "https://registry.npmjs.org/strip-json-comments/-/strip-json-comments-1.0.4.tgz",
-          "integrity": "sha1-HhX7ysl9Pumb8tc7TGVrCCu6+5E="
-        }
-      }
-    },
-    "jslint": {
-      "version": "0.3.4",
-      "resolved": "https://registry.npmjs.org/jslint/-/jslint-0.3.4.tgz",
-      "integrity": "sha1-+3aKyN4GQfzFcMh8ofvSjik8jXU=",
-      "requires": {
-        "glob": "~3.2.8",
-        "nopt": "~1.0.0"
-      },
-      "dependencies": {
-        "glob": {
-          "version": "3.2.11",
-          "resolved": "https://registry.npmjs.org/glob/-/glob-3.2.11.tgz",
-          "integrity": "sha1-Spc/Y1uRkPcV0QmH1cAP0oFevj0=",
-          "optional": true,
-          "requires": {
-            "inherits": "2",
-            "minimatch": "0.3"
-          }
-        },
-        "lru-cache": {
-          "version": "2.7.3",
-          "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-2.7.3.tgz",
-          "integrity": "sha1-bUUk6LlV+V1PW1iFHOId1y+06VI=",
-          "optional": true
-        },
-        "minimatch": {
-          "version": "0.3.0",
-          "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-0.3.0.tgz",
-          "integrity": "sha1-J12O2qxPG7MyZHIInnlJyDlGmd0=",
-          "optional": true,
-          "requires": {
-            "lru-cache": "2",
-            "sigmund": "~1.0.0"
-          }
-        },
-        "nopt": {
-          "version": "1.0.10",
-          "resolved": "https://registry.npmjs.org/nopt/-/nopt-1.0.10.tgz",
-          "integrity": "sha1-bd0hvSoxQXuScn3Vhfim83YI6+4=",
-          "requires": {
-            "abbrev": "1"
-          }
-        }
-      }
-    },
     "json-parse-helpfulerror": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/json-parse-helpfulerror/-/json-parse-helpfulerror-1.0.3.tgz",
@@ -7555,24 +6852,6 @@
         "graceful-fs": "^4.1.11"
       }
     },
-    "knox": {
-      "version": "0.8.10",
-      "resolved": "https://registry.npmjs.org/knox/-/knox-0.8.10.tgz",
-      "integrity": "sha1-ai7c2sHSrjedHhmU1Vm5XCg7JYg=",
-      "requires": {
-        "debug": "~0.7.0",
-        "mime": "*",
-        "stream-counter": "~0.1.0",
-        "xml2js": "0.2.x"
-      },
-      "dependencies": {
-        "debug": {
-          "version": "0.7.4",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-0.7.4.tgz",
-          "integrity": "sha1-BuHqgILCyxTjmAbiLi9vdX+Srzk="
-        }
-      }
-    },
     "last-run": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/last-run/-/last-run-1.1.1.tgz",
@@ -7623,161 +6902,11 @@
         "flush-write-stream": "^1.0.2"
       }
     },
-    "less": {
-      "version": "1.7.5",
-      "resolved": "https://registry.npmjs.org/less/-/less-1.7.5.tgz",
-      "integrity": "sha1-TyIM9yiKJ+rKc5325ICKLUwNV1Y=",
-      "requires": {
-        "clean-css": "2.2.x",
-        "graceful-fs": "~3.0.2",
-        "mime": "~1.2.11",
-        "mkdirp": "~0.5.0",
-        "request": "~2.40.0",
-        "source-map": "0.1.x"
-      },
-      "dependencies": {
-        "asn1": {
-          "version": "0.1.11",
-          "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.1.11.tgz",
-          "integrity": "sha1-VZvhg3bQik7E2+gId9J4GGObLfc=",
-          "optional": true
-        },
-        "assert-plus": {
-          "version": "0.1.5",
-          "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-0.1.5.tgz",
-          "integrity": "sha1-7nQAlBMALYTOxyGcasgRgS5yMWA=",
-          "optional": true
-        },
-        "async": {
-          "version": "0.9.2",
-          "resolved": "https://registry.npmjs.org/async/-/async-0.9.2.tgz",
-          "integrity": "sha1-rqdNXmHB+JlhO/ZL2mbUx48v0X0=",
-          "optional": true
-        },
-        "aws-sign2": {
-          "version": "0.5.0",
-          "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.5.0.tgz",
-          "integrity": "sha1-xXED96F/wDfwLXwuZLYC6iI/fWM=",
-          "optional": true
-        },
-        "combined-stream": {
-          "version": "0.0.7",
-          "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-0.0.7.tgz",
-          "integrity": "sha1-ATfmV7qlp1QcV6w3rF/AfXO03B8=",
-          "optional": true,
-          "requires": {
-            "delayed-stream": "0.0.5"
-          }
-        },
-        "delayed-stream": {
-          "version": "0.0.5",
-          "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-0.0.5.tgz",
-          "integrity": "sha1-1LH0OpPoKW3+AmlPRoC8N6MTxz8=",
-          "optional": true
-        },
-        "forever-agent": {
-          "version": "0.5.2",
-          "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.5.2.tgz",
-          "integrity": "sha1-bQ4JxJIflKJ/Y9O0nF/v8epMUTA=",
-          "optional": true
-        },
-        "form-data": {
-          "version": "0.1.4",
-          "resolved": "https://registry.npmjs.org/form-data/-/form-data-0.1.4.tgz",
-          "integrity": "sha1-kavXiKupcCsaq/qLwBAxoqyeOxI=",
-          "optional": true,
-          "requires": {
-            "async": "~0.9.0",
-            "combined-stream": "~0.0.4",
-            "mime": "~1.2.11"
-          }
-        },
-        "graceful-fs": {
-          "version": "3.0.11",
-          "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-3.0.11.tgz",
-          "integrity": "sha1-dhPHeKGv6mLyXGMKCG1/Osu92Bg=",
-          "optional": true,
-          "requires": {
-            "natives": "^1.1.0"
-          }
-        },
-        "http-signature": {
-          "version": "0.10.1",
-          "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-0.10.1.tgz",
-          "integrity": "sha1-T72sEyVZqoMjEh5UB3nAoBKyfmY=",
-          "optional": true,
-          "requires": {
-            "asn1": "0.1.11",
-            "assert-plus": "^0.1.5",
-            "ctype": "0.5.3"
-          }
-        },
-        "mime": {
-          "version": "1.2.11",
-          "resolved": "https://registry.npmjs.org/mime/-/mime-1.2.11.tgz",
-          "integrity": "sha1-WCA+7Ybjpe8XrtK32evUfwpg3RA=",
-          "optional": true
-        },
-        "mime-types": {
-          "version": "1.0.2",
-          "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-1.0.2.tgz",
-          "integrity": "sha1-mVrhOSq4r/y/yyZB3QVOlDwNXc4=",
-          "optional": true
-        },
-        "oauth-sign": {
-          "version": "0.3.0",
-          "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.3.0.tgz",
-          "integrity": "sha1-y1QPk7srIqfVlBaRoojWDo6pOG4=",
-          "optional": true
-        },
-        "qs": {
-          "version": "1.0.2",
-          "resolved": "https://registry.npmjs.org/qs/-/qs-1.0.2.tgz",
-          "integrity": "sha1-UKk+K1r2aRwxvOpdrnjubqGQN2g=",
-          "optional": true
-        },
-        "request": {
-          "version": "2.40.0",
-          "resolved": "https://registry.npmjs.org/request/-/request-2.40.0.tgz",
-          "integrity": "sha1-TdZw9pbx5uhC5mtLXoOTAaub62c=",
-          "optional": true,
-          "requires": {
-            "aws-sign2": "~0.5.0",
-            "forever-agent": "~0.5.0",
-            "form-data": "~0.1.0",
-            "hawk": "1.1.1",
-            "http-signature": "~0.10.0",
-            "json-stringify-safe": "~5.0.0",
-            "mime-types": "~1.0.1",
-            "node-uuid": "~1.4.0",
-            "oauth-sign": "~0.3.0",
-            "qs": "~1.0.0",
-            "stringstream": "~0.0.4",
-            "tough-cookie": ">=0.12.0",
-            "tunnel-agent": "~0.4.0"
-          }
-        },
-        "source-map": {
-          "version": "0.1.43",
-          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.43.tgz",
-          "integrity": "sha1-wkvBRspRfBRx9drL4lcbK3+eM0Y=",
-          "optional": true,
-          "requires": {
-            "amdefine": ">=0.0.4"
-          }
-        },
-        "tunnel-agent": {
-          "version": "0.4.3",
-          "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.4.3.tgz",
-          "integrity": "sha1-Y3PbdpCf5XDgjXNYM2Xtgop07us=",
-          "optional": true
-        }
-      }
-    },
     "levn": {
       "version": "0.3.0",
       "resolved": "https://registry.npmjs.org/levn/-/levn-0.3.0.tgz",
       "integrity": "sha1-OwmSTt+fCDwEkP3UwLxEIeBHZO4=",
+      "dev": true,
       "requires": {
         "prelude-ls": "~1.1.2",
         "type-check": "~0.3.2"
@@ -7958,6 +7087,7 @@
       "version": "4.1.3",
       "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-4.1.3.tgz",
       "integrity": "sha512-fFEhvcgzuIoJVUF8fYr5KR0YqxD238zgObTps31YdADwPPAp82a4M8TrckkWyx7ekNlf9aBcVn81cFwwXngrJA==",
+      "dev": true,
       "requires": {
         "pseudomap": "^1.0.2",
         "yallist": "^2.1.2"
@@ -7966,7 +7096,8 @@
         "yallist": {
           "version": "2.1.2",
           "resolved": "https://registry.npmjs.org/yallist/-/yallist-2.1.2.tgz",
-          "integrity": "sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI="
+          "integrity": "sha1-HBH5IY8HYImkfdUS+TxmmaaoHVI=",
+          "dev": true
         }
       }
     },
@@ -8946,12 +8077,6 @@
       "resolved": "https://registry.npmjs.org/napi-build-utils/-/napi-build-utils-1.0.1.tgz",
       "integrity": "sha512-boQj1WFgQH3v4clhu3mTNfP+vOBxorDlE8EKiMjUlLG3C4qAESnn9AxIOkFgTR2c9LtzNjPrjS60cT27ZKBhaA=="
     },
-    "natives": {
-      "version": "1.1.6",
-      "resolved": "https://registry.npmjs.org/natives/-/natives-1.1.6.tgz",
-      "integrity": "sha512-6+TDFewD4yxY14ptjKaS63GVdtKiES1pTPyxn9Jb0rBqPMZ7VcCiooEhPNsr+mqHtMGxa/5c/HhcC4uPEUw/nA==",
-      "optional": true
-    },
     "negotiator": {
       "version": "0.6.1",
       "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz",
@@ -9162,12 +8287,6 @@
         }
       }
     },
-    "node-uuid": {
-      "version": "1.4.8",
-      "resolved": "https://registry.npmjs.org/node-uuid/-/node-uuid-1.4.8.tgz",
-      "integrity": "sha1-sEDrCSOWivq/jTL7HxfxFn/auQc=",
-      "optional": true
-    },
     "nodemailer": {
       "version": "5.1.1",
       "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-5.1.1.tgz",
@@ -9685,11 +8804,6 @@
       "resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz",
       "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0="
     },
-    "nwmatcher": {
-      "version": "1.4.4",
-      "resolved": "https://registry.npmjs.org/nwmatcher/-/nwmatcher-1.4.4.tgz",
-      "integrity": "sha512-3iuY4N5dhgMpCUrOVnuAdGrgxVqV2cJpM+XNccjR2DKOB1RUP0aA+wGXEiNziG/UKboFyGBIoKOaNlJxx8bciQ=="
-    },
     "oauth-sign": {
       "version": "0.8.2",
       "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.8.2.tgz",
@@ -9918,6 +9032,7 @@
       "version": "0.8.2",
       "resolved": "https://registry.npmjs.org/optionator/-/optionator-0.8.2.tgz",
       "integrity": "sha1-NkxeQJ0/TWMB1sC0wFu6UBgK62Q=",
+      "dev": true,
       "requires": {
         "deep-is": "~0.1.3",
         "fast-levenshtein": "~2.0.4",
@@ -9958,6 +9073,7 @@
       "version": "0.1.5",
       "resolved": "https://registry.npmjs.org/osenv/-/osenv-0.1.5.tgz",
       "integrity": "sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g==",
+      "dev": true,
       "requires": {
         "os-homedir": "^1.0.0",
         "os-tmpdir": "^1.0.0"
@@ -9979,11 +9095,6 @@
       "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=",
       "dev": true
     },
-    "p-map": {
-      "version": "1.2.0",
-      "resolved": "https://registry.npmjs.org/p-map/-/p-map-1.2.0.tgz",
-      "integrity": "sha512-r6zKACMNhjPJMTl8KcFH4li//gkrXWfbD6feV8l6doRHlzljFWGJ2AP6iKaCJXyZmAUMOPtvbW7EXkbWO/pLEA=="
-    },
     "package-json": {
       "version": "4.0.1",
       "resolved": "https://registry.npmjs.org/package-json/-/package-json-4.0.1.tgz",
@@ -10039,11 +9150,6 @@
       "integrity": "sha1-bVuTSkVpk7I9N/QKOC1vFmao5cY=",
       "dev": true
     },
-    "parse5": {
-      "version": "1.5.1",
-      "resolved": "https://registry.npmjs.org/parse5/-/parse5-1.5.1.tgz",
-      "integrity": "sha1-m387DeMr543CQBsXVzzK8Pb1nZQ="
-    },
     "parseqs": {
       "version": "0.0.5",
       "resolved": "https://registry.npmjs.org/parseqs/-/parseqs-0.0.5.tgz",
@@ -10052,11 +9158,6 @@
         "better-assert": "~1.0.0"
       }
     },
-    "parserlib": {
-      "version": "0.2.5",
-      "resolved": "https://registry.npmjs.org/parserlib/-/parserlib-0.2.5.tgz",
-      "integrity": "sha1-hZB92GBaoGq7PdKV1QuyuPpN0Rc="
-    },
     "parseuri": {
       "version": "0.0.5",
       "resolved": "https://registry.npmjs.org/parseuri/-/parseuri-0.0.5.tgz",
@@ -10129,7 +9230,8 @@
     "path-is-inside": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/path-is-inside/-/path-is-inside-1.0.2.tgz",
-      "integrity": "sha1-NlQX3t5EQw0cEa9hAn+s8HS9/FM="
+      "integrity": "sha1-NlQX3t5EQw0cEa9hAn+s8HS9/FM=",
+      "dev": true
     },
     "path-key": {
       "version": "2.0.1",
@@ -10352,7 +9454,8 @@
     "prelude-ls": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/prelude-ls/-/prelude-ls-1.1.2.tgz",
-      "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ="
+      "integrity": "sha1-IZMqVJ9eUv/ZqCf1cOBL5iqX2lQ=",
+      "dev": true
     },
     "prepend-http": {
       "version": "1.0.4",
@@ -10388,11 +9491,6 @@
       "integrity": "sha512-7PiHtLll5LdnKIMw100I+8xJXR5gW2QwWYkT6iJva0bXitZKa/XMrSbdmg3r2Xnaidz9Qumd0VPaMrZlF9V9sA==",
       "dev": true
     },
-    "proto-list": {
-      "version": "1.2.4",
-      "resolved": "https://registry.npmjs.org/proto-list/-/proto-list-1.2.4.tgz",
-      "integrity": "sha1-IS1b/hMYMGpCD2QCuOJv85ZHqEk="
-    },
     "proxy-addr": {
       "version": "2.0.4",
       "resolved": "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.4.tgz",
@@ -10405,7 +9503,8 @@
     "pseudomap": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/pseudomap/-/pseudomap-1.0.2.tgz",
-      "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM="
+      "integrity": "sha1-8FKijacOYYkX7wqKw0wa5aaChrM=",
+      "dev": true
     },
     "psl": {
       "version": "1.1.29",
@@ -10934,6 +10033,7 @@
       "version": "2.6.3",
       "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz",
       "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==",
+      "dev": true,
       "requires": {
         "glob": "^7.1.3"
       },
@@ -10942,6 +10042,7 @@
           "version": "7.1.3",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz",
           "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==",
+          "dev": true,
           "requires": {
             "fs.realpath": "^1.0.0",
             "inflight": "^1.0.4",
@@ -11114,11 +10215,6 @@
         }
       }
     },
-    "sax": {
-      "version": "0.5.8",
-      "resolved": "https://registry.npmjs.org/sax/-/sax-0.5.8.tgz",
-      "integrity": "sha1-1HLbIo6zMcJQaw6MFVJK25OdEsE="
-    },
     "scss-tokenizer": {
       "version": "0.2.3",
       "resolved": "https://registry.npmjs.org/scss-tokenizer/-/scss-tokenizer-0.2.3.tgz",
@@ -11295,11 +10391,6 @@
         "rechoir": "^0.6.2"
       }
     },
-    "sigmund": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/sigmund/-/sigmund-1.0.1.tgz",
-      "integrity": "sha1-P/IfGYytIXX587eBhT/ZTQ0ZtZA="
-    },
     "signal-exit": {
       "version": "3.0.2",
       "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz",
@@ -11453,15 +10544,6 @@
         "kind-of": "^3.2.0"
       }
     },
-    "sntp": {
-      "version": "0.2.4",
-      "resolved": "https://registry.npmjs.org/sntp/-/sntp-0.2.4.tgz",
-      "integrity": "sha1-+4hfGLDzqtGJ+CSGJTa87ux1CQA=",
-      "optional": true,
-      "requires": {
-        "hoek": "0.9.x"
-      }
-    },
     "socket.io": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/socket.io/-/socket.io-2.2.0.tgz",
@@ -11727,37 +10809,6 @@
         "duplexer": "~0.1.1"
       }
     },
-    "stream-counter": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/stream-counter/-/stream-counter-0.1.0.tgz",
-      "integrity": "sha1-oDXkKTYftX82Fgbhf82Ki5Z3Mns=",
-      "requires": {
-        "readable-stream": "~1.0.2"
-      },
-      "dependencies": {
-        "isarray": {
-          "version": "0.0.1",
-          "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz",
-          "integrity": "sha1-ihis/Kmo9Bd+Cav8YDiTmwXR7t8="
-        },
-        "readable-stream": {
-          "version": "1.0.34",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.34.tgz",
-          "integrity": "sha1-Elgg40vIQtLyqq+v5MKRbuMsFXw=",
-          "requires": {
-            "core-util-is": "~1.0.0",
-            "inherits": "~2.0.1",
-            "isarray": "0.0.1",
-            "string_decoder": "~0.10.x"
-          }
-        },
-        "string_decoder": {
-          "version": "0.10.31",
-          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz",
-          "integrity": "sha1-YuIDvEF2bGwoyfyEMB2rHFMQ+pQ="
-        }
-      }
-    },
     "stream-exhaust": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/stream-exhaust/-/stream-exhaust-1.0.2.tgz",
@@ -11848,12 +10899,6 @@
         "safe-buffer": "~5.1.0"
       }
     },
-    "stringstream": {
-      "version": "0.0.6",
-      "resolved": "https://registry.npmjs.org/stringstream/-/stringstream-0.0.6.tgz",
-      "integrity": "sha512-87GEBAkegbBcweToUrdzf3eLhWNg06FJTebl4BVJz/JgWy8CvEr9dRtX5qWphiynMSQlxxi+QqN0z5T32SLlhA==",
-      "optional": true
-    },
     "strip-ansi": {
       "version": "3.0.1",
       "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz",
@@ -11946,11 +10991,6 @@
         "es6-symbol": "^3.1.1"
       }
     },
-    "symbol-tree": {
-      "version": "3.2.2",
-      "resolved": "https://registry.npmjs.org/symbol-tree/-/symbol-tree-3.2.2.tgz",
-      "integrity": "sha1-rifbOPZgp64uHDt9G8KQgZuFGeY="
-    },
     "tar": {
       "version": "4.4.8",
       "resolved": "https://registry.npmjs.org/tar/-/tar-4.4.8.tgz",
@@ -12105,11 +11145,6 @@
         }
       }
     },
-    "tiny-worker": {
-      "version": "2.1.2",
-      "resolved": "https://registry.npmjs.org/tiny-worker/-/tiny-worker-2.1.2.tgz",
-      "integrity": "sha512-t8xrlrw0ScBnJ1K5ziHcD6u2SgWpE9Tozv4EIqpXMnCfEVc3pWzMx+ZFwqpXk20C4WTRoLZVBi9v1tLkaciCTg=="
-    },
     "to-absolute-glob": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/to-absolute-glob/-/to-absolute-glob-2.0.2.tgz",
@@ -12233,11 +11268,6 @@
         "punycode": "^1.4.1"
       }
     },
-    "tr46": {
-      "version": "0.0.3",
-      "resolved": "https://registry.npmjs.org/tr46/-/tr46-0.0.3.tgz",
-      "integrity": "sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o="
-    },
     "trim-newlines": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/trim-newlines/-/trim-newlines-1.0.0.tgz",
@@ -12349,6 +11379,7 @@
       "version": "0.3.2",
       "resolved": "https://registry.npmjs.org/type-check/-/type-check-0.3.2.tgz",
       "integrity": "sha1-WITKtRLPHTVeP7eE8wgEsrUg23I=",
+      "dev": true,
       "requires": {
         "prelude-ls": "~1.1.2"
       }
@@ -12423,63 +11454,6 @@
       "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.5.tgz",
       "integrity": "sha512-JoLI4g5zv5qNyT09f4YAvEZIIV1oOjqnewYg5D38dkQljIzpPT296dbIGvKro3digYI1bkb7W6EP1y4uDlmzLg=="
     },
-    "uglify-js": {
-      "version": "2.4.24",
-      "resolved": "https://registry.npmjs.org/uglify-js/-/uglify-js-2.4.24.tgz",
-      "integrity": "sha1-+tV1XB4Vd2WLsG/5q25UjJW+vW4=",
-      "requires": {
-        "async": "~0.2.6",
-        "source-map": "0.1.34",
-        "uglify-to-browserify": "~1.0.0",
-        "yargs": "~3.5.4"
-      },
-      "dependencies": {
-        "async": {
-          "version": "0.2.10",
-          "resolved": "https://registry.npmjs.org/async/-/async-0.2.10.tgz",
-          "integrity": "sha1-trvgsGdLnXGXCMo43owjfLUmw9E="
-        },
-        "camelcase": {
-          "version": "1.2.1",
-          "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-1.2.1.tgz",
-          "integrity": "sha1-m7UwTS4LVmmLLHWLCKPqqdqlijk="
-        },
-        "source-map": {
-          "version": "0.1.34",
-          "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.1.34.tgz",
-          "integrity": "sha1-p8/omux7FoLDsZjQrPtH19CQVms=",
-          "requires": {
-            "amdefine": ">=0.0.4"
-          }
-        },
-        "window-size": {
-          "version": "0.1.0",
-          "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.1.0.tgz",
-          "integrity": "sha1-VDjNLqk7IC76Ohn+iIeu58lPnJ0="
-        },
-        "wordwrap": {
-          "version": "0.0.2",
-          "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-0.0.2.tgz",
-          "integrity": "sha1-t5Zpu0LstAn4PVg8rVLKF+qhZD8="
-        },
-        "yargs": {
-          "version": "3.5.4",
-          "resolved": "https://registry.npmjs.org/yargs/-/yargs-3.5.4.tgz",
-          "integrity": "sha1-2K/49mXpTDS9JZvevRv68N3TU2E=",
-          "requires": {
-            "camelcase": "^1.0.2",
-            "decamelize": "^1.0.0",
-            "window-size": "0.1.0",
-            "wordwrap": "0.0.2"
-          }
-        }
-      }
-    },
-    "uglify-to-browserify": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/uglify-to-browserify/-/uglify-to-browserify-1.0.2.tgz",
-      "integrity": "sha1-bgkk1r2mta/jSeOabWMoUKD4grc="
-    },
     "unc-path-regex": {
       "version": "0.1.2",
       "resolved": "https://registry.npmjs.org/unc-path-regex/-/unc-path-regex-0.1.2.tgz",
@@ -12498,7 +11472,8 @@
     "underscore": {
       "version": "1.6.0",
       "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.6.0.tgz",
-      "integrity": "sha1-izixDKze9jM3uLJOT/htRa6lKag="
+      "integrity": "sha1-izixDKze9jM3uLJOT/htRa6lKag=",
+      "dev": true
     },
     "undertaker": {
       "version": "1.2.0",
@@ -12910,20 +11885,6 @@
         "source-map": "^0.5.1"
       }
     },
-    "webidl-conversions": {
-      "version": "3.0.1",
-      "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz",
-      "integrity": "sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE="
-    },
-    "whatwg-url": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/whatwg-url/-/whatwg-url-3.1.0.tgz",
-      "integrity": "sha1-e9yuSQ+SGu9kUftnOexrvY6Qe/Y=",
-      "requires": {
-        "tr46": "~0.0.3",
-        "webidl-conversions": "^3.0.0"
-      }
-    },
     "which": {
       "version": "1.3.1",
       "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz",
@@ -13000,7 +11961,8 @@
     "wordwrap": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz",
-      "integrity": "sha1-J1hIEIkUVqQXHI0CJkQa3pDLyus="
+      "integrity": "sha1-J1hIEIkUVqQXHI0CJkQa3pDLyus=",
+      "dev": true
     },
     "wrap-ansi": {
       "version": "2.1.0",
@@ -13041,19 +12003,6 @@
       "integrity": "sha1-SWsswQnsqNus/i3HK2A8F8WHCtQ=",
       "dev": true
     },
-    "xml-name-validator": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/xml-name-validator/-/xml-name-validator-2.0.1.tgz",
-      "integrity": "sha1-TYuPHszTQZqjYgYb7O9RXh5VljU="
-    },
-    "xml2js": {
-      "version": "0.2.8",
-      "resolved": "https://registry.npmjs.org/xml2js/-/xml2js-0.2.8.tgz",
-      "integrity": "sha1-m4FpCTFjH/CdGVdUn69U9PmAs8I=",
-      "requires": {
-        "sax": "0.5.x"
-      }
-    },
     "xmlhttprequest-ssl": {
       "version": "1.5.5",
       "resolved": "https://registry.npmjs.org/xmlhttprequest-ssl/-/xmlhttprequest-ssl-1.5.5.tgz",
diff --git a/api/package.json b/api/package.json
index 096e037ea..c6b4f9fed 100644
--- a/api/package.json
+++ b/api/package.json
@@ -42,7 +42,7 @@
     "cookie": "^0.3.1",
     "express": "^4.16.4",
     "fast-csv": "^2.4.1",
-    "highlight.js": "^9.15.5",
+    "highlight.js": "^9.15.6",
     "html-pdf": "^2.2.0",
     "jsonwebtoken": "^8.5.0",
     "markdown-it": "^8.4.2",

From ab2c42974ae37cecccf285277016902e281b88d7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 27 Feb 2019 11:23:07 +0000
Subject: [PATCH 088/207] Bump mongoose from 5.4.15 to 5.4.16 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.15 to 5.4.16.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.15...5.4.16)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index e8f4acafd..fdc7eec81 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7854,9 +7854,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.15",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.15.tgz",
-      "integrity": "sha512-CodfapidWmPlU93ZmdQ8H9UGg5Mc/5MqEy8y5zNQKw+Kp1UwOzSEJY6zXJW76/5MBQER859KHl3rvHijVMsUMg==",
+      "version": "5.4.16",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.16.tgz",
+      "integrity": "sha512-1lGuXBBxs8KloHMe0mZGpC8L+l+flRFh3IoNf2lRmSaSMrpgEjrBHm6Aypfe2s+Y5xO0h7gua3TAZUplWpMxSw==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index c6b4f9fed..fb7b8b23a 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.15",
+    "mongoose": "~5.4.16",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 8026e66678a8be111569bdd88a8dabc67d8fa7a6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 1 Mar 2019 05:46:46 +0000
Subject: [PATCH 089/207] Bump tslint from 5.13.0 to 5.13.1 in /api

Bumps [tslint](https://github.com/palantir/tslint) from 5.13.0 to 5.13.1.
- [Release notes](https://github.com/palantir/tslint/releases)
- [Changelog](https://github.com/palantir/tslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/palantir/tslint/compare/5.13.0...5.13.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index fdc7eec81..124f24932 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -11295,9 +11295,9 @@
       "dev": true
     },
     "tslint": {
-      "version": "5.13.0",
-      "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.13.0.tgz",
-      "integrity": "sha512-ECOOQRxXCYnUUePG5h/+Z1Zouobk3KFpIHA9aKBB/nnMxs97S1JJPDGt5J4cGm1y9U9VmVlfboOxA8n1kSNzGw==",
+      "version": "5.13.1",
+      "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.13.1.tgz",
+      "integrity": "sha512-fplQqb2miLbcPhyHoMV4FU9PtNRbgmm/zI5d3SZwwmJQM6V0eodju+hplpyfhLWpmwrDNfNYU57uYRb8s0zZoQ==",
       "dev": true,
       "requires": {
         "babel-code-frame": "^6.22.0",
diff --git a/api/package.json b/api/package.json
index fb7b8b23a..95e61c810 100644
--- a/api/package.json
+++ b/api/package.json
@@ -108,7 +108,7 @@
     "rimraf": "2.6.3",
     "run-sequence": "2.2.1",
     "temp": "^0.9.0",
-    "tslint": "5.13.0",
+    "tslint": "5.13.1",
     "typedoc": "^0.14.2",
     "typescript": "^3.2.4"
   },

From 29bfd7b3dec943deefe248821b325535d60aa847 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 4 Mar 2019 05:48:52 +0000
Subject: [PATCH 090/207] Bump mongoose from 5.4.16 to 5.4.17 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.16 to 5.4.17.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.16...5.4.17)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 124f24932..ed4b36b22 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7854,9 +7854,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.16",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.16.tgz",
-      "integrity": "sha512-1lGuXBBxs8KloHMe0mZGpC8L+l+flRFh3IoNf2lRmSaSMrpgEjrBHm6Aypfe2s+Y5xO0h7gua3TAZUplWpMxSw==",
+      "version": "5.4.17",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.17.tgz",
+      "integrity": "sha512-9aAg8M0YUmGHQRDYvsKJ02wx/Qaof1Jn2iDH21ZtWGAZpQt9uVLNEOdcBuzi+lPJwGbLYh2dphdKX0sZ+dXAJQ==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index 95e61c810..bae4ea5d7 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.16",
+    "mongoose": "~5.4.17",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From f3ce100c60f1f89322463251c56f575ba07ba2cd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 7 Mar 2019 05:43:54 +0000
Subject: [PATCH 091/207] Bump @types/jsonwebtoken from 8.3.0 to 8.3.1 in /api

Bumps [@types/jsonwebtoken](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsonwebtoken) from 8.3.0 to 8.3.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsonwebtoken)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index ed4b36b22..26e28df2f 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -153,9 +153,9 @@
       "dev": true
     },
     "@types/jsonwebtoken": {
-      "version": "8.3.0",
-      "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-8.3.0.tgz",
-      "integrity": "sha512-YKnUTR4VxwljbPORPrRon9E3uel1aD8nUdvzqArCCdMTWPvo0gnI2UZkwIHN2QATdj6HYXV/Iq3/KcecAO42Ww==",
+      "version": "8.3.1",
+      "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-8.3.1.tgz",
+      "integrity": "sha512-/ll9KWnKf6qvTtMTdBto5QgKS83pxvxRqRUnmHMpMVab3lOIyfMXNeuvP6t4SQ1aKhv3zuphPUVGRX4vi0pt2g==",
       "dev": true,
       "requires": {
         "@types/node": "*"
diff --git a/api/package.json b/api/package.json
index bae4ea5d7..fbce4bf08 100644
--- a/api/package.json
+++ b/api/package.json
@@ -77,7 +77,7 @@
     "@types/chai": "4.1.7",
     "@types/cookie": "^0.3.2",
     "@types/express": "^4.16.1",
-    "@types/jsonwebtoken": "^8.3.0",
+    "@types/jsonwebtoken": "^8.3.1",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.6",
     "@types/mongoose": "~5.3.20",

From 92f56f911c40bbdcddffb9275366e3299ab6b090 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 7 Mar 2019 22:02:51 +0000
Subject: [PATCH 092/207] Bump @types/sharp from 0.21.2 to 0.21.3 in /api

Bumps [@types/sharp](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sharp) from 0.21.2 to 0.21.3.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sharp)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 26e28df2f..69c37a170 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -324,9 +324,9 @@
       }
     },
     "@types/sharp": {
-      "version": "0.21.2",
-      "resolved": "https://registry.npmjs.org/@types/sharp/-/sharp-0.21.2.tgz",
-      "integrity": "sha512-HIeqSPUKbC09YAFCVEmDCM7bU/7vmw8YcssiO9lKoZXPMLyAubgYLcmjGYMz2Re6yVXA204LnUcayRfy5hUcGQ==",
+      "version": "0.21.3",
+      "resolved": "https://registry.npmjs.org/@types/sharp/-/sharp-0.21.3.tgz",
+      "integrity": "sha512-wgCw1OO/iQ3w13WVRhx1fHoo5NDHq+444wqTnKcAWA9YMj1a9stoLlfLjW1mJJkFG1aRjeKd9KYhiYOJ3H7qEg==",
       "requires": {
         "@types/node": "*"
       }
diff --git a/api/package.json b/api/package.json
index fbce4bf08..bba26951c 100644
--- a/api/package.json
+++ b/api/package.json
@@ -33,7 +33,7 @@
   },
   "dependencies": {
     "@types/node-sass": "^4.11.0",
-    "@types/sharp": "^0.21.2",
+    "@types/sharp": "^0.21.3",
     "@types/socket.io": "^2.1.2",
     "app-root-path": "^2.1.0",
     "archiver": "^3.0.0",

From 570422c5bb38b47979ff384e3a3b09525d26019e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 11 Mar 2019 06:09:15 +0000
Subject: [PATCH 093/207] Bump mongoose from 5.4.17 to 5.4.18 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.17 to 5.4.18.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.17...5.4.18)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 12 ++++++------
 api/package.json      |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 69c37a170..995723620 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7854,9 +7854,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.17",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.17.tgz",
-      "integrity": "sha512-9aAg8M0YUmGHQRDYvsKJ02wx/Qaof1Jn2iDH21ZtWGAZpQt9uVLNEOdcBuzi+lPJwGbLYh2dphdKX0sZ+dXAJQ==",
+      "version": "5.4.18",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.18.tgz",
+      "integrity": "sha512-yiSd/1OYYfK9EuH6NFO/NnTD4AZPIpRY1i58xUssgCGsYDX3qEYcdgFeknB5OArMB1Ny3wwMW8xiip2I5pgszw==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
@@ -7873,9 +7873,9 @@
       },
       "dependencies": {
         "bson": {
-          "version": "1.1.0",
-          "resolved": "https://registry.npmjs.org/bson/-/bson-1.1.0.tgz",
-          "integrity": "sha512-9Aeai9TacfNtWXOYarkFJRW2CWo+dRon+fuLZYJmvLV3+MiUp0bEI6IAZfXEIg7/Pl/7IWlLaDnhzTsD81etQA=="
+          "version": "1.1.1",
+          "resolved": "https://registry.npmjs.org/bson/-/bson-1.1.1.tgz",
+          "integrity": "sha512-jCGVYLoYMHDkOsbwJZBCqwMHyH4c+wzgI9hG7Z6SZJRXWr+x58pdIbm2i9a/jFGCkRJqRUr8eoI7lDWa0hTkxg=="
         },
         "debug": {
           "version": "3.1.0",
diff --git a/api/package.json b/api/package.json
index bba26951c..fee984992 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.17",
+    "mongoose": "~5.4.18",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 22d0e96fe3ab8971d2be795f6161da8f91ab998c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 11 Mar 2019 19:52:09 +0000
Subject: [PATCH 094/207] Bump @types/jsonwebtoken from 8.3.1 to 8.3.2 in /api

Bumps [@types/jsonwebtoken](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsonwebtoken) from 8.3.1 to 8.3.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsonwebtoken)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 995723620..35e5f7f9b 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -153,9 +153,9 @@
       "dev": true
     },
     "@types/jsonwebtoken": {
-      "version": "8.3.1",
-      "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-8.3.1.tgz",
-      "integrity": "sha512-/ll9KWnKf6qvTtMTdBto5QgKS83pxvxRqRUnmHMpMVab3lOIyfMXNeuvP6t4SQ1aKhv3zuphPUVGRX4vi0pt2g==",
+      "version": "8.3.2",
+      "resolved": "https://registry.npmjs.org/@types/jsonwebtoken/-/jsonwebtoken-8.3.2.tgz",
+      "integrity": "sha512-Mkjljd9DTpkPlrmGfTJvcP4aBU7yO2QmW7wNVhV4/6AEUxYoacqU7FJU/N0yFEHTsIrE4da3rUrjrR5ejicFmA==",
       "dev": true,
       "requires": {
         "@types/node": "*"
diff --git a/api/package.json b/api/package.json
index fee984992..a99956ff3 100644
--- a/api/package.json
+++ b/api/package.json
@@ -77,7 +77,7 @@
     "@types/chai": "4.1.7",
     "@types/cookie": "^0.3.2",
     "@types/express": "^4.16.1",
-    "@types/jsonwebtoken": "^8.3.1",
+    "@types/jsonwebtoken": "^8.3.2",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.6",
     "@types/mongoose": "~5.3.20",

From 2d0a0e0f4b30885400f89242b9b9759c60d5f51d Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Wed, 13 Mar 2019 00:29:18 +0100
Subject: [PATCH 095/207] sticky course toolbar

---
 .../course-detail.component.html              | 31 +++++++---
 .../course-detail.component.scss              | 28 +--------
 .../course-detail/course-detail.component.ts  | 18 ++++--
 .../course-overview.component.html            |  8 ++-
 .../course-overview.component.ts              | 15 ++++-
 .../src/app/lecture/lecture.component.html    |  9 ++-
 .../src/app/lecture/lecture.component.ts      | 23 ++++++-
 .../sticky-toolbar.component.html             |  5 ++
 .../sticky-toolbar.component.scss             | 25 ++++++++
 .../sticky-toolbar.component.spec.ts          | 25 ++++++++
 .../sticky-toolbar.component.ts               | 19 ++++++
 .../shared/directives/scroll-spy.directive.ts | 61 +++++++++++++++++++
 .../directives/sticky-element.directive.ts    |  3 +-
 .../src/app/shared/shared.module.ts           | 10 ++-
 .../src/app/unit/unit.component.html          | 13 ++--
 15 files changed, 237 insertions(+), 56 deletions(-)
 create mode 100644 app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.html
 create mode 100644 app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.scss
 create mode 100644 app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.spec.ts
 create mode 100644 app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.ts
 create mode 100644 app/webFrontend/src/app/shared/directives/scroll-spy.directive.ts

diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.component.html b/app/webFrontend/src/app/course/course-detail/course-detail.component.html
index 96d458cb5..83ab884dc 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.component.html
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.component.html
@@ -1,12 +1,17 @@
-<div stickyElement="" [anchor]="stickyAnchor" class="stickytoolbar">
-  <mat-toolbar>
-    <small>My Application</small>
-  </mat-toolbar>
-</div>
-<div class="course-header">
+<app-sticky-toolbar
+  [anchor]="stickyAnchor">
   <div class="header-line">
-    <h1 #stickyAnchor>{{course?.name}}</h1>
-    <span class="course-admin-actions" *ngIf="course.userCanEditCourse">
+    <h2>
+      <span>{{course?.name}}</span>
+      <span *ngIf="lectureScrollEmitter|async as lecture"> > {{lecture?.name}}</span>
+      <span *ngIf="unitScrollEmitter|async as unit"> > {{unit?.name}}</span>
+    </h2>
+    <ng-template [ngTemplateOutlet]="headerAdminButtons"></ng-template>
+  </div>
+</app-sticky-toolbar>
+<div class="course-header">
+  <ng-template #headerAdminButtons>
+      <span class="course-admin-actions" *ngIf="course.userCanEditCourse">
       <button mat-icon-button [routerLink]="['/course', course._id, 'edit']"
               [matTooltip]="'course.text.editCourse' | translate">
         <mat-icon>mode_edit</mat-icon>
@@ -21,8 +26,16 @@ <h1 #stickyAnchor>{{course?.name}}</h1>
         <mat-icon color="warn" [matTooltip]="'course.text.notVisibleToStudents' | translate">visibility_off</mat-icon>
       </button>
     </span>
+  </ng-template>
+
+  <div #stickyAnchor>
+    <div class="header-line">
+      <h1>{{course?.name}}</h1>
+      <ng-template [ngTemplateOutlet]="headerAdminButtons"></ng-template>
+    </div>
   </div>
 
+
   <mat-chip-list>
     <mat-chip style="cursor:pointer" (click)="showUserProfile(course?.courseAdmin)">
       <div class="img-wrapper">
@@ -59,5 +72,5 @@ <h1 #stickyAnchor>{{course?.name}}</h1>
   </nav>
 </div>
 
-<router-outlet></router-outlet>
+<router-outlet ></router-outlet>
 <app-course-forum [chatRoom]="course?.chatRooms[0]"></app-course-forum>
diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.component.scss b/app/webFrontend/src/app/course/course-detail/course-detail.component.scss
index 8c0d4c283..b7496a335 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.component.scss
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.component.scss
@@ -13,6 +13,7 @@
   display: block;
 }
 
+
 .mat-chip-list {
   display: inline-block;
   margin-left: 5px;
@@ -72,34 +73,9 @@
 }
 
 .header-line {
+  width: 100%;
   display: flex;
   justify-content: space-between;
   align-items: center;
   flex-wrap: wrap;
-
-}
-
-.stickytoolbar {
-  overflow: hidden;
-  position: fixed;
-  top: 0;
-  left: 0;
-  right: 0;
-  z-index: 2;
-  display: none;
-  visibility: hidden;
-
-  &.is-sticky {
-    position: fixed;
-    visibility: visible;
-    display: block;
-    /*transition: all 0.4s ease-in-out;
-    -webkit-transition: all 0.4s ease-in-out;
-    -moz-transition: all 0.4s ease-in-out;
-    */
-
-
-    box-shadow: 0 3px 5px -1px rgba(0, 0, 0, .2), 0 6px 10px 0 rgba(0, 0, 0, .14), 0 1px 18px 0 rgba(0, 0, 0, .12);
-  }
-
 }
diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.component.ts b/app/webFrontend/src/app/course/course-detail/course-detail.component.ts
index 4492827cf..a959b92ec 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.component.ts
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.component.ts
@@ -1,4 +1,4 @@
-import {AfterViewInit, Component, OnDestroy, OnInit} from '@angular/core';
+import {AfterViewInit, Component, EventEmitter, OnDestroy, OnInit} from '@angular/core';
 import {ActivatedRoute, Router} from '@angular/router';
 
 import {CourseService, UserDataService} from '../../shared/services/data.service';
@@ -12,7 +12,8 @@ import {DialogService} from '../../shared/services/dialog.service';
 import {DataSharingService} from '../../shared/services/data-sharing.service';
 import {TranslateService} from '@ngx-translate/core';
 import {ICourseView} from '../../../../../../shared/models/ICourseView';
-
+import {ILecture} from "../../../../../../shared/models/ILecture";
+import {IUnit} from "../../../../../../shared/models/units/IUnit";
 
 
 @Component({
@@ -25,6 +26,8 @@ export class CourseDetailComponent implements OnInit, OnDestroy {
   course: ICourseView;
   id: string;
   tabs = [];
+  lectureScrollEmitter = new EventEmitter<ILecture>();
+  unitScrollEmitter = new EventEmitter<IUnit>();
 
   constructor(private router: Router,
               private route: ActivatedRoute,
@@ -36,11 +39,12 @@ export class CourseDetailComponent implements OnInit, OnDestroy {
               private userDataService: UserDataService,
               private dialogService: DialogService,
               private dataSharingService: DataSharingService,
-              private translate: TranslateService) {}
+              private translate: TranslateService) {
+  }
 
   ngOnInit() {
     const data: any = this.route.snapshot.data;
-    this.course = <ICourseView> data.course;
+    this.course = <ICourseView>data.course;
     this.id = this.course._id;
     LastVisitedCourseContainerUpdater.addCourseToLastVisitedCourses(this.id, this.userService, this.userDataService);
     this.titleService.setTitleCut(['Course: ', this.course.name]);
@@ -49,6 +53,11 @@ export class CourseDetailComponent implements OnInit, OnDestroy {
     });
     this.reloadTabBar();
 
+    this.dataSharingService.setDataForKey('lectureScrollEmitter', this.lectureScrollEmitter)
+    this.dataSharingService.setDataForKey('unitScrollEmitter', this.unitScrollEmitter)
+
+    this.lectureScrollEmitter.subscribe(() => this.unitScrollEmitter.emit(null));
+
 
   }
 
@@ -67,6 +76,7 @@ export class CourseDetailComponent implements OnInit, OnDestroy {
     this.dialogService.userProfile(teacher);
   }
 
+
   ngOnDestroy() {
     this.dataSharingService.deleteDataForKey('course');
   }
diff --git a/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.html b/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.html
index b0bce8f6b..107a4a567 100644
--- a/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.html
+++ b/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.html
@@ -1,10 +1,14 @@
-<div class="lectures" *ngIf="course">
+<div class="lectures" *ngIf="course"
+     scrollSpy=""
+     [spiedTags]="['APP-LECTURE']"
+     (sectionChange)="onLectureChange($event)">
   <div class="toggle-lectures-container">
     <button (click)="toggleAllLectures()" mat-button class="toggle-lectures">
       <span *ngIf="openAllLectures">{{'common.collapseAll' | translate}}</span>
       <span *ngIf="!openAllLectures">{{'common.expandAll' | translate}}</span>
     </button>
   </div>
-  <app-lecture [course]="course"  [opened]="openAllLectures"  [lecture]="lecture" *ngFor="let lecture of course.lectures">
+  <app-lecture [course]="course" [opened]="openAllLectures" [lecture]="lecture" *ngFor="let lecture of course.lectures"
+               [id]="lecture._id">
   </app-lecture>
 </div>
diff --git a/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.ts b/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.ts
index 488bbd87a..492873fab 100644
--- a/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.ts
+++ b/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.ts
@@ -1,8 +1,9 @@
-import {Component, Input, OnInit} from '@angular/core';
+import {Component, EventEmitter, Input, OnInit, Output} from '@angular/core';
 import {ICourse} from '../../../../../../../shared/models/ICourse';
 import {ActivatedRoute} from '@angular/router';
 import {CourseService} from '../../../shared/services/data.service';
 import {DataSharingService} from '../../../shared/services/data-sharing.service';
+import {ILecture} from "../../../../../../../shared/models/ILecture";
 
 
 @Component({
@@ -13,12 +14,24 @@ import {DataSharingService} from '../../../shared/services/data-sharing.service'
 export class CourseOverviewComponent implements OnInit {
   course: ICourse;
   openAllLectures = true;
+  currentSection;
+  lectureScrollEmitter: EventEmitter<ILecture>;
+
+
+  onLectureChange(lectureId: string) {
+    this.currentSection = lectureId;
+    let activeLecture = this.course.lectures.find(lecture => lecture._id == lectureId);
+    this.lectureScrollEmitter.emit(activeLecture);
+  }
 
   constructor(private dataSharingService: DataSharingService) {
   }
 
   ngOnInit() {
     this.course = this.dataSharingService.getDataForKey('course');
+
+    this.lectureScrollEmitter = this.dataSharingService.getDataForKey('lectureScrollEmitter');
+
   }
 
   toggleAllLectures() {
diff --git a/app/webFrontend/src/app/lecture/lecture.component.html b/app/webFrontend/src/app/lecture/lecture.component.html
index 89ee9b59b..ae67c002f 100644
--- a/app/webFrontend/src/app/lecture/lecture.component.html
+++ b/app/webFrontend/src/app/lecture/lecture.component.html
@@ -1,7 +1,12 @@
 <ng-container class="lecture-container" *ngIf="lecture">
-  <app-expandable-div [title]="lecture.name" [headerTag]="headerTags.H2" (notifyParent)="toggleOpen($event)" [opened]="opened"></app-expandable-div>
+  <app-expandable-div [title]="lecture.name" [headerTag]="headerTags.H2" (notifyParent)="toggleOpen($event)"
+                      [opened]="opened"></app-expandable-div>
   <p>{{lecture.description}}</p>
   <div *ngIf="this.opened" id="{{lecture._id}}">
-    <app-unit *ngIf="lecture.units" [course]="course" [units]="lecture.units"></app-unit>
+    <app-unit
+      scrollSpy=""
+      [spiedTags]="['DIV']"
+      (sectionChange)="onUnitChange($event)" *ngIf="lecture.units" [course]="course"
+      [units]="lecture.units"></app-unit>
   </div>
 </ng-container>
diff --git a/app/webFrontend/src/app/lecture/lecture.component.ts b/app/webFrontend/src/app/lecture/lecture.component.ts
index aba87a808..31af6cc1c 100644
--- a/app/webFrontend/src/app/lecture/lecture.component.ts
+++ b/app/webFrontend/src/app/lecture/lecture.component.ts
@@ -1,9 +1,11 @@
-import {Component, OnInit, Input, AfterViewInit} from '@angular/core';
+import {Component, OnInit, Input, AfterViewInit, EventEmitter} from '@angular/core';
 import {UserService} from '../shared/services/user.service';
 import {ICourse} from '../../../../../shared/models/ICourse';
 import {ILecture} from '../../../../../shared/models/ILecture';
 import {ExpandableDivHeaderTags} from '../shared/components/expandable-div/expandable-div-header-tags.enum';
 import {ActivatedRoute, Router} from '@angular/router';
+import {IUnit} from "../../../../../shared/models/units/IUnit";
+import {DataSharingService} from "../shared/services/data-sharing.service";
 
 @Component({
   selector: 'app-lecture',
@@ -16,27 +18,42 @@ export class LectureComponent implements OnInit, AfterViewInit {
   @Input() lecture: ILecture;
   @Input() opened: boolean;
   lectureId: string;
+  unitScrollEmitter: EventEmitter<IUnit>;
+
+
   private headerTags = ExpandableDivHeaderTags;
 
   constructor(public userService: UserService,
               private route: ActivatedRoute,
-              private router: Router) {
+              private router: Router,
+              private dataSharingService: DataSharingService) {
     this.opened = true;
   }
 
   ngOnInit() {
+    this.unitScrollEmitter = this.dataSharingService.getDataForKey('unitScrollEmitter');
+
+
     this.route.params.subscribe(params => {
       this.lectureId = decodeURIComponent(params['lecture']);
     });
   }
 
+  onUnitChange(unitid: string) {
+    let activeUnit = this.lecture.units.find(unit => unit._id == unitid);
+    if (activeUnit) {
+      this.unitScrollEmitter.emit(activeUnit);
+    }
+  }
+
   ngAfterViewInit(): void {
     try {
       const element = document.getElementById(this.lectureId);
       if (element) {
         element.scrollIntoView();
       }
-    } catch (err) {}
+    } catch (err) {
+    }
   }
 
   toggleOpen() {
diff --git a/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.html b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.html
new file mode 100644
index 000000000..8d8969c40
--- /dev/null
+++ b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.html
@@ -0,0 +1,5 @@
+<div stickyElement="" [anchor]="anchor" class="stickytoolbar">
+  <mat-toolbar>
+    <ng-content></ng-content>
+  </mat-toolbar>
+</div>
diff --git a/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.scss b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.scss
new file mode 100644
index 000000000..3ca3f5ea8
--- /dev/null
+++ b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.scss
@@ -0,0 +1,25 @@
+.stickytoolbar {
+  overflow: hidden;
+  position: fixed;
+  top: 0;
+  left: 0;
+  right: 0;
+  z-index: 2;
+  display: none;
+  visibility: hidden;
+
+  &.is-sticky {
+    position: fixed;
+    visibility: visible;
+    display: block;
+    -webkit-backface-visibility: hidden;
+
+    transition: all 1s ease-in-out;
+    -webkit-transition: all 1s ease-in-out;
+    -moz-transition: all 1s ease-in-out;
+
+
+    box-shadow: 0 3px 5px -1px rgba(0, 0, 0, .2), 0 6px 10px 0 rgba(0, 0, 0, .14), 0 1px 18px 0 rgba(0, 0, 0, .12);
+  }
+
+}
diff --git a/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.spec.ts b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.spec.ts
new file mode 100644
index 000000000..7ec8a2dc0
--- /dev/null
+++ b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.spec.ts
@@ -0,0 +1,25 @@
+import { async, ComponentFixture, TestBed } from '@angular/core/testing';
+
+import { StickyToolbarComponent } from './sticky-toolbar.component';
+
+describe('StickyToolbarComponent', () => {
+  let component: StickyToolbarComponent;
+  let fixture: ComponentFixture<StickyToolbarComponent>;
+
+  beforeEach(async(() => {
+    TestBed.configureTestingModule({
+      declarations: [ StickyToolbarComponent ]
+    })
+    .compileComponents();
+  }));
+
+  beforeEach(() => {
+    fixture = TestBed.createComponent(StickyToolbarComponent);
+    component = fixture.componentInstance;
+    fixture.detectChanges();
+  });
+
+  it('should create', () => {
+    expect(component).toBeTruthy();
+  });
+});
diff --git a/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.ts b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.ts
new file mode 100644
index 000000000..8f404aa34
--- /dev/null
+++ b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.ts
@@ -0,0 +1,19 @@
+import {Component, Input, OnInit, ViewEncapsulation} from '@angular/core';
+
+@Component({
+  selector: 'app-sticky-toolbar',
+  templateUrl: './sticky-toolbar.component.html',
+  styleUrls: ['./sticky-toolbar.component.scss'],
+  encapsulation: ViewEncapsulation.None
+
+})
+export class StickyToolbarComponent implements OnInit {
+  @Input() anchor: string;
+
+  constructor() {
+  }
+
+  ngOnInit() {
+  }
+
+}
diff --git a/app/webFrontend/src/app/shared/directives/scroll-spy.directive.ts b/app/webFrontend/src/app/shared/directives/scroll-spy.directive.ts
new file mode 100644
index 000000000..5b9c6a590
--- /dev/null
+++ b/app/webFrontend/src/app/shared/directives/scroll-spy.directive.ts
@@ -0,0 +1,61 @@
+import {Directive, Injectable, Input, EventEmitter, Output, ElementRef, HostListener} from '@angular/core';
+
+// Taken from https://stackblitz.com/edit/angular-scroll-spy
+
+@Directive({
+  selector: '[scrollSpy]'
+})
+export class ScrollSpyDirective {
+  @Input() public spiedTags = [];
+  @Input() public parentContainer: ElementRef;
+  @Output() public sectionChange = new EventEmitter<string>();
+  private currentSection: any;
+
+  constructor(private _el: ElementRef) {
+  }
+
+  @HostListener('window:scroll', ['$event'])
+  onScroll(event: any) {
+    let currentSection: string;
+    const windowScroll = window.pageYOffset;
+
+    const children = this._el.nativeElement.children;
+    const scrollTop = 0;//this._el.nativeElement.scrollTop;
+    const parentOffset = 0;//this._el.nativeElement.offsetTop;
+    for (let i = children.length - 1; i >= 0; i--) {
+      const element = children[i];
+      if (this.spiedTags.some(spiedTag => spiedTag === element.tagName)) {
+        if (this.getPosition(element).y <= windowScroll + scrollTop) {
+          currentSection = element.id;
+          break;
+        }
+      }
+    }
+
+
+    if (currentSection !== this.currentSection) {
+      this.currentSection = currentSection;
+      this.sectionChange.emit(this.currentSection);
+    }
+  }
+
+  getPosition(el) {
+    let top = 0;
+    let left = 0;
+    let element = el;
+
+    // Loop through the DOM tree
+    // and add it's parent's offset to get page offset
+    do {
+      top += element.offsetTop || 0;
+      left += element.offsetLeft || 0;
+      element = element.offsetParent;
+    } while (element);
+
+    return {
+      y: top,
+      x: left,
+    };
+  }
+
+}
diff --git a/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts b/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts
index 3c8e4313c..e40b6b86e 100644
--- a/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts
+++ b/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts
@@ -13,6 +13,7 @@ export class StickyElementDirective implements OnInit {
   constructor(private elementRef: ElementRef) {
   }
 
+
   ngOnInit(): void {
     // set directly so the changeDetector knows it's set to true later
     //this.elementRef.nativeElement.focus();
@@ -31,8 +32,6 @@ export class StickyElementDirective implements OnInit {
 
 
   ngAfterViewInit(): void {
-    console.log(this.elementRef);
-    console.log(this.anchorElement);
     this.anchorPosition = this.getPosition(this.anchorElement).y;
     console.log(this.anchorPosition);
   }
diff --git a/app/webFrontend/src/app/shared/shared.module.ts b/app/webFrontend/src/app/shared/shared.module.ts
index 84afb01ee..c401feb36 100644
--- a/app/webFrontend/src/app/shared/shared.module.ts
+++ b/app/webFrontend/src/app/shared/shared.module.ts
@@ -26,6 +26,8 @@ import {ShowCommentsDirective} from './directives/show-comments.directive';
 import {ResponsiveImageComponent} from './components/responsive-image/responsive-image.component';
 import {headersToString} from 'selenium-webdriver/http';
 import {StickyElementDirective} from "./directives/sticky-element.directive";
+import {StickyToolbarComponent} from "./components/sticky-toolbar/sticky-toolbar.component";
+import {ScrollSpyDirective} from "./directives/scroll-spy.directive";
 
 @NgModule({
   imports: [
@@ -58,7 +60,9 @@ import {StickyElementDirective} from "./directives/sticky-element.directive";
     UserProfileDialog,
     ShowCommentsDirective,
     ResponsiveImageComponent,
-    StickyElementDirective
+    StickyElementDirective,
+    StickyToolbarComponent,
+    ScrollSpyDirective
   ],
   exports: [
     GravatarDirective,
@@ -80,7 +84,9 @@ import {StickyElementDirective} from "./directives/sticky-element.directive";
     UserProfileDialog,
     ShowCommentsDirective,
     ResponsiveImageComponent,
-    StickyElementDirective
+    StickyElementDirective,
+    StickyToolbarComponent,
+    ScrollSpyDirective
   ],
   entryComponents: [
     PickMediaDialog,
diff --git a/app/webFrontend/src/app/unit/unit.component.html b/app/webFrontend/src/app/unit/unit.component.html
index a50c517e9..305faab6f 100644
--- a/app/webFrontend/src/app/unit/unit.component.html
+++ b/app/webFrontend/src/app/unit/unit.component.html
@@ -1,4 +1,4 @@
-<div *ngFor="let unit of units">
+<div *ngFor="let unit of units" [id]="unit._id">
   <mat-card class="unit-card">
     <button mat-icon-button *ngIf="unit.visible === false" disabled>
       <mat-icon color="warn">visibility_off</mat-icon>
@@ -22,17 +22,20 @@
       <app-file-unit *ngSwitchCase="'file'" [fileUnit]="unit"></app-file-unit>
       <app-task-unit *ngSwitchCase="'task'" [taskUnit]="unit"></app-task-unit>
       <app-code-kata *ngSwitchCase="'code-kata'" [codeKataUnit]="unit"></app-code-kata>
-      <app-free-text-unit *ngSwitchCase="'free-text'" [theme]="course?.freeTextStyle"  [freeTextUnit]="unit"></app-free-text-unit>
+      <app-free-text-unit *ngSwitchCase="'free-text'" [theme]="course?.freeTextStyle"
+                          [freeTextUnit]="unit"></app-free-text-unit>
       <div class="unit-detail">
         <span>{{chatMessageCount[unit._id]}}</span>
         <button mat-icon-button appShowComments [room]="unit.chatRoom" [title]="unit.name">
           <mat-icon aria-label="comments">forum</mat-icon>
         </button>
         <span class="user-detail" *ngIf="unit.unitCreator">{{unit.unitCreator.profile.firstName + ' ' +
-          unit.unitCreator.profile.lastName}}
+        unit.unitCreator.profile.lastName}}
         </span>
-        <span *ngIf="unit.createdAt === unit.updatedAt">{{ 'unit.text.publishedOn' | translate }}: {{getFormattedDate(unit.createdAt)}}</span>
-        <span *ngIf="unit.createdAt !== unit.updatedAt">{{ 'unit.text.changedOn' | translate }}: {{getFormattedDate(unit.updatedAt)}}</span>
+        <span *ngIf="unit.createdAt === unit.updatedAt">{{ 'unit.text.publishedOn' | translate }}
+          : {{getFormattedDate(unit.createdAt)}}</span>
+        <span *ngIf="unit.createdAt !== unit.updatedAt">{{ 'unit.text.changedOn' | translate }}
+          : {{getFormattedDate(unit.updatedAt)}}</span>
       </div>
     </mat-card-content>
   </mat-card>

From 35cee08ee824328e9e36bd4d7751f123436cc766 Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Wed, 13 Mar 2019 00:35:44 +0100
Subject: [PATCH 096/207] added changelog

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7748ef536..a988f6af5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ## [Unreleased]
 ### Added
 - Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
+- Sticky header course view. [#1115](https://github.com/geli-lms/geli/issues/1115)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From ecc9cb47c3153ead50b41d24d8d7c06d36d4aed3 Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Wed, 13 Mar 2019 00:44:59 +0100
Subject: [PATCH 097/207] lint fiexes

---
 .../app/course/course-detail/course-detail.component.ts   | 8 ++++----
 .../course-overview/course-overview.component.ts          | 4 ++--
 app/webFrontend/src/app/lecture/lecture.component.ts      | 6 +++---
 .../src/app/shared/directives/scroll-spy.directive.ts     | 4 ++--
 .../src/app/shared/directives/sticky-element.directive.ts | 3 +--
 app/webFrontend/src/app/shared/shared.module.ts           | 6 +++---
 6 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.component.ts b/app/webFrontend/src/app/course/course-detail/course-detail.component.ts
index a959b92ec..019c39cbc 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.component.ts
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.component.ts
@@ -12,8 +12,8 @@ import {DialogService} from '../../shared/services/dialog.service';
 import {DataSharingService} from '../../shared/services/data-sharing.service';
 import {TranslateService} from '@ngx-translate/core';
 import {ICourseView} from '../../../../../../shared/models/ICourseView';
-import {ILecture} from "../../../../../../shared/models/ILecture";
-import {IUnit} from "../../../../../../shared/models/units/IUnit";
+import {ILecture} from '../../../../../../shared/models/ILecture';
+import {IUnit} from '../../../../../../shared/models/units/IUnit';
 
 
 @Component({
@@ -53,8 +53,8 @@ export class CourseDetailComponent implements OnInit, OnDestroy {
     });
     this.reloadTabBar();
 
-    this.dataSharingService.setDataForKey('lectureScrollEmitter', this.lectureScrollEmitter)
-    this.dataSharingService.setDataForKey('unitScrollEmitter', this.unitScrollEmitter)
+    this.dataSharingService.setDataForKey('lectureScrollEmitter', this.lectureScrollEmitter);
+    this.dataSharingService.setDataForKey('unitScrollEmitter', this.unitScrollEmitter);
 
     this.lectureScrollEmitter.subscribe(() => this.unitScrollEmitter.emit(null));
 
diff --git a/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.ts b/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.ts
index 492873fab..60f5fa327 100644
--- a/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.ts
+++ b/app/webFrontend/src/app/course/course-detail/course-overview/course-overview.component.ts
@@ -3,7 +3,7 @@ import {ICourse} from '../../../../../../../shared/models/ICourse';
 import {ActivatedRoute} from '@angular/router';
 import {CourseService} from '../../../shared/services/data.service';
 import {DataSharingService} from '../../../shared/services/data-sharing.service';
-import {ILecture} from "../../../../../../../shared/models/ILecture";
+import {ILecture} from '../../../../../../../shared/models/ILecture';
 
 
 @Component({
@@ -20,7 +20,7 @@ export class CourseOverviewComponent implements OnInit {
 
   onLectureChange(lectureId: string) {
     this.currentSection = lectureId;
-    let activeLecture = this.course.lectures.find(lecture => lecture._id == lectureId);
+    const activeLecture = this.course.lectures.find(lecture => lecture._id === lectureId);
     this.lectureScrollEmitter.emit(activeLecture);
   }
 
diff --git a/app/webFrontend/src/app/lecture/lecture.component.ts b/app/webFrontend/src/app/lecture/lecture.component.ts
index 31af6cc1c..57e8c2ff3 100644
--- a/app/webFrontend/src/app/lecture/lecture.component.ts
+++ b/app/webFrontend/src/app/lecture/lecture.component.ts
@@ -4,8 +4,8 @@ import {ICourse} from '../../../../../shared/models/ICourse';
 import {ILecture} from '../../../../../shared/models/ILecture';
 import {ExpandableDivHeaderTags} from '../shared/components/expandable-div/expandable-div-header-tags.enum';
 import {ActivatedRoute, Router} from '@angular/router';
-import {IUnit} from "../../../../../shared/models/units/IUnit";
-import {DataSharingService} from "../shared/services/data-sharing.service";
+import {IUnit} from '../../../../../shared/models/units/IUnit';
+import {DataSharingService} from '../shared/services/data-sharing.service';
 
 @Component({
   selector: 'app-lecture',
@@ -40,7 +40,7 @@ export class LectureComponent implements OnInit, AfterViewInit {
   }
 
   onUnitChange(unitid: string) {
-    let activeUnit = this.lecture.units.find(unit => unit._id == unitid);
+    const activeUnit = this.lecture.units.find(unit => unit._id === unitid);
     if (activeUnit) {
       this.unitScrollEmitter.emit(activeUnit);
     }
diff --git a/app/webFrontend/src/app/shared/directives/scroll-spy.directive.ts b/app/webFrontend/src/app/shared/directives/scroll-spy.directive.ts
index 5b9c6a590..aef082469 100644
--- a/app/webFrontend/src/app/shared/directives/scroll-spy.directive.ts
+++ b/app/webFrontend/src/app/shared/directives/scroll-spy.directive.ts
@@ -20,8 +20,8 @@ export class ScrollSpyDirective {
     const windowScroll = window.pageYOffset;
 
     const children = this._el.nativeElement.children;
-    const scrollTop = 0;//this._el.nativeElement.scrollTop;
-    const parentOffset = 0;//this._el.nativeElement.offsetTop;
+    const scrollTop = 0; // this._el.nativeElement.scrollTop;
+    const parentOffset = 0; // this._el.nativeElement.offsetTop;
     for (let i = children.length - 1; i >= 0; i--) {
       const element = children[i];
       if (this.spiedTags.some(spiedTag => spiedTag === element.tagName)) {
diff --git a/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts b/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts
index e40b6b86e..5506d5ba6 100644
--- a/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts
+++ b/app/webFrontend/src/app/shared/directives/sticky-element.directive.ts
@@ -16,7 +16,7 @@ export class StickyElementDirective implements OnInit {
 
   ngOnInit(): void {
     // set directly so the changeDetector knows it's set to true later
-    //this.elementRef.nativeElement.focus();
+    // this.elementRef.nativeElement.focus();
   }
 
   @HostListener('window:scroll', ['$event'])
@@ -33,7 +33,6 @@ export class StickyElementDirective implements OnInit {
 
   ngAfterViewInit(): void {
     this.anchorPosition = this.getPosition(this.anchorElement).y;
-    console.log(this.anchorPosition);
   }
 
   getPosition(el) {
diff --git a/app/webFrontend/src/app/shared/shared.module.ts b/app/webFrontend/src/app/shared/shared.module.ts
index c401feb36..c8b23bbf5 100644
--- a/app/webFrontend/src/app/shared/shared.module.ts
+++ b/app/webFrontend/src/app/shared/shared.module.ts
@@ -25,9 +25,9 @@ import {ShowCommentsDirective} from './directives/show-comments.directive';
 
 import {ResponsiveImageComponent} from './components/responsive-image/responsive-image.component';
 import {headersToString} from 'selenium-webdriver/http';
-import {StickyElementDirective} from "./directives/sticky-element.directive";
-import {StickyToolbarComponent} from "./components/sticky-toolbar/sticky-toolbar.component";
-import {ScrollSpyDirective} from "./directives/scroll-spy.directive";
+import {StickyElementDirective} from './directives/sticky-element.directive';
+import {StickyToolbarComponent} from './components/sticky-toolbar/sticky-toolbar.component';
+import {ScrollSpyDirective} from './directives/scroll-spy.directive';
 
 @NgModule({
   imports: [

From eab122c658ab6e48215be139069583508ffc6871 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 14 Mar 2019 06:16:46 +0000
Subject: [PATCH 098/207] Bump gulp-typescript from 5.0.0 to 5.0.1 in /api

Bumps [gulp-typescript](https://github.com/ivogabe/gulp-typescript) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/ivogabe/gulp-typescript/releases)
- [Commits](https://github.com/ivogabe/gulp-typescript/compare/v5.0.0...v5.0.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 21 ++++++++++-----------
 api/package.json      |  2 +-
 2 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 35e5f7f9b..e7548eb3a 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -5852,9 +5852,9 @@
       }
     },
     "gulp-typescript": {
-      "version": "5.0.0",
-      "resolved": "https://registry.npmjs.org/gulp-typescript/-/gulp-typescript-5.0.0.tgz",
-      "integrity": "sha512-lMj2U+Ni6HyFaY2nr1sSQ6D014eHil5L1i52XWBaAQUR9UAUUp9btnm4yRBT2Jb8xhrwqmhMssZf/g2B7cinCA==",
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/gulp-typescript/-/gulp-typescript-5.0.1.tgz",
+      "integrity": "sha512-YuMMlylyJtUSHG1/wuSVTrZp60k1dMEFKYOvDf7OvbAJWrDtxxD4oZon4ancdWwzjj30ztiidhe4VXJniF0pIQ==",
       "dev": true,
       "requires": {
         "ansi-colors": "^3.0.5",
@@ -5866,9 +5866,9 @@
       },
       "dependencies": {
         "ansi-colors": {
-          "version": "3.2.1",
-          "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-3.2.1.tgz",
-          "integrity": "sha512-Xt+zb6nqgvV9SWAVp0EG3lRsHcbq5DDgqjPPz6pwgtj6RKz65zGXMNa82oJfOSBA/to6GmRP7Dr+6o+kbApTzQ==",
+          "version": "3.2.4",
+          "resolved": "https://registry.npmjs.org/ansi-colors/-/ansi-colors-3.2.4.tgz",
+          "integrity": "sha512-hHUXGagefjN2iRrID63xckIvotOXOojhQKWIPUZ4mNUZ9nLZW+7FMNoE1lOkEhNWYsx/7ysGIuJYCiMAA9FnrA==",
           "dev": true
         },
         "source-map": {
@@ -5878,13 +5878,12 @@
           "dev": true
         },
         "through2": {
-          "version": "3.0.0",
-          "resolved": "https://registry.npmjs.org/through2/-/through2-3.0.0.tgz",
-          "integrity": "sha512-8B+sevlqP4OiCjonI1Zw03Sf8PuV1eRsYQgLad5eonILOdyeRsY27A/2Ze8IlvlMvq31OH+3fz/styI7Ya62yQ==",
+          "version": "3.0.1",
+          "resolved": "https://registry.npmjs.org/through2/-/through2-3.0.1.tgz",
+          "integrity": "sha512-M96dvTalPT3YbYLaKaCuwu+j06D/8Jfib0o/PxbVt6Amhv3dUAtW6rTV1jPgJSBG83I/e04Y6xkVdVhSRhi0ww==",
           "dev": true,
           "requires": {
-            "readable-stream": "2 || 3",
-            "xtend": "~4.0.1"
+            "readable-stream": "2 || 3"
           }
         }
       }
diff --git a/api/package.json b/api/package.json
index a99956ff3..08a557267 100644
--- a/api/package.json
+++ b/api/package.json
@@ -101,7 +101,7 @@
     "gulp-sourcemaps": "2.6.5",
     "gulp-tslint": "8.1.4",
     "gulp-typedoc": "2.2.2",
-    "gulp-typescript": "5.0.0",
+    "gulp-typescript": "5.0.1",
     "mocha-lcov-reporter": "^1.3.0",
     "node-sass": "^4.11.0",
     "remap-istanbul": "0.13.0",

From 96cb744518ff450c141cc5759d7f08b3ea174811 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Thu, 14 Mar 2019 20:21:01 +0000
Subject: [PATCH 099/207] Bump mongoose from 5.4.18 to 5.4.19 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.18 to 5.4.19.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.18...5.4.19)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index e7548eb3a..b31639353 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -7853,9 +7853,9 @@
       }
     },
     "mongoose": {
-      "version": "5.4.18",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.18.tgz",
-      "integrity": "sha512-yiSd/1OYYfK9EuH6NFO/NnTD4AZPIpRY1i58xUssgCGsYDX3qEYcdgFeknB5OArMB1Ny3wwMW8xiip2I5pgszw==",
+      "version": "5.4.19",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.19.tgz",
+      "integrity": "sha512-paRU3nbCrPIUVw1GAlxo11uIIqrYORctUx1kcLj7i2NhkxPQuy5OK2/FYj8+tglsaixycmONSyop2HQp1IUQSA==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
diff --git a/api/package.json b/api/package.json
index 08a557267..bec5404cb 100644
--- a/api/package.json
+++ b/api/package.json
@@ -53,7 +53,7 @@
     "markdown-it-mark": "^2.0.0",
     "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.18",
+    "mongoose": "~5.4.19",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From b995e7f5fc2706709e83e3466f599d63c0beaa3f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 15 Mar 2019 10:32:20 +0000
Subject: [PATCH 100/207] Bump @types/mongoose from 5.3.20 to 5.3.22 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mongoose) from 5.3.20 to 5.3.22.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/mongoose)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 12 ++++++------
 api/package.json      |  2 +-
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index b31639353..0835308fe 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -207,9 +207,9 @@
       "dev": true
     },
     "@types/mongodb": {
-      "version": "3.1.19",
-      "resolved": "https://registry.npmjs.org/@types/mongodb/-/mongodb-3.1.19.tgz",
-      "integrity": "sha512-H54hQEovAhyLrIZOhPNfGyCCDoTqKsjb8GQBy8nptJqfxrYCp5WVcPJf9v0kfTPR72xOhaz9+WcYxOXWwEg1Vg==",
+      "version": "3.1.22",
+      "resolved": "https://registry.npmjs.org/@types/mongodb/-/mongodb-3.1.22.tgz",
+      "integrity": "sha512-hvNR0txBlJJAy1eZOeIDshW4dnQaC694COou4eHHaMdIcteCfoCQATD7sYNlXxNxfTc1iIbHUi7A8CAhQe08uA==",
       "dev": true,
       "requires": {
         "@types/bson": "*",
@@ -217,9 +217,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.20",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.20.tgz",
-      "integrity": "sha512-KXD/wRaUkxA7NwU+0yp60WEFFmkhzJ4idGawycjUxFMTANIM7ZqlZsoXhHu3p33cg450D8PuwtAorFUwuMXLwA==",
+      "version": "5.3.22",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.22.tgz",
+      "integrity": "sha512-OVKmjRUH7L3ml1kltLTcKNEE4888Q6tIuepukdSa5p2n40d7BNbhq1vT7HICaCBzk6W+VjEzs3hD+UtrUsxRbQ==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index bec5404cb..9460b654f 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.2",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.6",
-    "@types/mongoose": "~5.3.20",
+    "@types/mongoose": "~5.3.22",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.6",
     "@types/passport": "^1.0.0",

From 94d6568835b367ca3de3e4d8e75ab5613854c14b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 15 Mar 2019 12:47:25 +0000
Subject: [PATCH 101/207] Bump tslint from 5.13.1 to 5.14.0 in /api

Bumps [tslint](https://github.com/palantir/tslint) from 5.13.1 to 5.14.0.
- [Release notes](https://github.com/palantir/tslint/releases)
- [Changelog](https://github.com/palantir/tslint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/palantir/tslint/compare/5.13.1...5.14.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 8 ++++----
 api/package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 0835308fe..084269fde 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -11294,9 +11294,9 @@
       "dev": true
     },
     "tslint": {
-      "version": "5.13.1",
-      "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.13.1.tgz",
-      "integrity": "sha512-fplQqb2miLbcPhyHoMV4FU9PtNRbgmm/zI5d3SZwwmJQM6V0eodju+hplpyfhLWpmwrDNfNYU57uYRb8s0zZoQ==",
+      "version": "5.14.0",
+      "resolved": "https://registry.npmjs.org/tslint/-/tslint-5.14.0.tgz",
+      "integrity": "sha512-IUla/ieHVnB8Le7LdQFRGlVJid2T/gaJe5VkjzRVSRR6pA2ODYrnfR1hmxi+5+au9l50jBwpbBL34txgv4NnTQ==",
       "dev": true,
       "requires": {
         "babel-code-frame": "^6.22.0",
@@ -11311,7 +11311,7 @@
         "resolve": "^1.3.2",
         "semver": "^5.3.0",
         "tslib": "^1.8.0",
-        "tsutils": "^2.27.2"
+        "tsutils": "^2.29.0"
       },
       "dependencies": {
         "ansi-styles": {
diff --git a/api/package.json b/api/package.json
index 9460b654f..e8435ea98 100644
--- a/api/package.json
+++ b/api/package.json
@@ -108,7 +108,7 @@
     "rimraf": "2.6.3",
     "run-sequence": "2.2.1",
     "temp": "^0.9.0",
-    "tslint": "5.13.1",
+    "tslint": "5.14.0",
     "typedoc": "^0.14.2",
     "typescript": "^3.2.4"
   },

From d911d3e81c9bd8ba48f8f5b8caf65c49610cea17 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 19 Mar 2019 05:55:14 +0000
Subject: [PATCH 102/207] Bump sharp from 0.21.3 to 0.22.0 in /api

Bumps [sharp](https://github.com/lovell/sharp) from 0.21.3 to 0.22.0.
- [Release notes](https://github.com/lovell/sharp/releases)
- [Changelog](https://github.com/lovell/sharp/blob/master/docs/changelog.md)
- [Commits](https://github.com/lovell/sharp/compare/v0.21.3...v0.22.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 46 +++++++++++++++++++++++++------------------
 api/package.json      |  2 +-
 2 files changed, 28 insertions(+), 20 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 084269fde..1c7e70b96 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -2152,9 +2152,12 @@
       "integrity": "sha1-RqoXUftqL5PuXmibsQh9SxTGwgU="
     },
     "bindings": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.3.1.tgz",
-      "integrity": "sha512-i47mqjF9UbjxJhxGf+pZ6kSxrnI3wBLlnGI2ArWJ4r0VrvDS7ZYXkprq/pLaBWYq4GM0r4zdHY+NNRqEMU7uew=="
+      "version": "1.5.0",
+      "resolved": "https://registry.npmjs.org/bindings/-/bindings-1.5.0.tgz",
+      "integrity": "sha512-p2q/t/mhvuOj/UeLlV6566GD/guowlr0hHxClI0W9m7MWYkL1F0hLo+0Aexs9HSPCtR1SXQ0TD3MMKrXZajbiQ==",
+      "requires": {
+        "file-uri-to-path": "1.0.0"
+      }
     },
     "bl": {
       "version": "1.2.2",
@@ -3806,6 +3809,11 @@
         "object-assign": "^4.1.0"
       }
     },
+    "file-uri-to-path": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz",
+      "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw=="
+    },
     "filename-regex": {
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/filename-regex/-/filename-regex-2.0.1.tgz",
@@ -8094,9 +8102,9 @@
       "dev": true
     },
     "node-abi": {
-      "version": "2.5.1",
-      "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-2.5.1.tgz",
-      "integrity": "sha512-oDbFc7vCFx0RWWCweTer3hFm1u+e60N5FtGnmRV6QqvgATGFH/XRR6vqWIeBVosCYCqt6YdIr2L0exLZuEdVcQ==",
+      "version": "2.7.1",
+      "resolved": "https://registry.npmjs.org/node-abi/-/node-abi-2.7.1.tgz",
+      "integrity": "sha512-OV8Bq1OrPh6z+Y4dqwo05HqrRL9YNF7QVMRfq1/pguwKLG+q9UB/Lk0x5qXjO23JjJg+/jqCHSTaG1P3tfKfuw==",
       "requires": {
         "semver": "^5.4.1"
       }
@@ -9411,9 +9419,9 @@
       "dev": true
     },
     "prebuild-install": {
-      "version": "5.2.2",
-      "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-5.2.2.tgz",
-      "integrity": "sha512-4e8VJnP3zJdZv/uP0eNWmr2r9urp4NECw7Mt1OSAi3rcLrbBRxGiAkfUFtre2MhQ5wfREAjRV+K1gubvs/GPsA==",
+      "version": "5.2.5",
+      "resolved": "https://registry.npmjs.org/prebuild-install/-/prebuild-install-5.2.5.tgz",
+      "integrity": "sha512-6uZgMVg7yDfqlP5CPurVhtq3hUKBFNufiar4J5hZrlHTo59DDBEtyxw01xCdFss9j0Zb9+qzFVf/s4niayba3w==",
       "requires": {
         "detect-libc": "^1.0.3",
         "expand-template": "^2.0.3",
@@ -9421,7 +9429,7 @@
         "minimist": "^1.2.0",
         "mkdirp": "^0.5.1",
         "napi-build-utils": "^1.0.1",
-        "node-abi": "^2.2.0",
+        "node-abi": "^2.7.0",
         "noop-logger": "^0.1.1",
         "npmlog": "^4.0.1",
         "os-homedir": "^1.0.1",
@@ -10335,17 +10343,17 @@
       "integrity": "sha512-BvE/TwpZX4FXExxOxZyRGQQv651MSwmWKZGqvmPcRIjDqWub67kTKuIMx43cZZrS/cBBzwBcNDWoFxt2XEFIpQ=="
     },
     "sharp": {
-      "version": "0.21.3",
-      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.21.3.tgz",
-      "integrity": "sha512-5qZk8r+YgfyztLEKkNez20Wynq/Uh1oNyP5T/3gTYwt2lBYGs9iDs5m0yVsZEPm8eVBbAJhS08J1wp/g+Ai1Qw==",
+      "version": "0.22.0",
+      "resolved": "https://registry.npmjs.org/sharp/-/sharp-0.22.0.tgz",
+      "integrity": "sha512-yInpiWYvVbE0hJylso2Q2A7QaYFBxGdSlVVHGeUf1F9JsQNAUpmaqdnX54TImgKbSCy9mQpEAoGm1pcKCZhCsQ==",
       "requires": {
-        "bindings": "^1.3.1",
+        "bindings": "^1.5.0",
         "color": "^3.1.0",
         "detect-libc": "^1.0.3",
         "fs-copy-file-sync": "^1.1.1",
-        "nan": "^2.12.1",
+        "nan": "^2.13.1",
         "npmlog": "^4.1.2",
-        "prebuild-install": "^5.2.2",
+        "prebuild-install": "^5.2.5",
         "semver": "^5.6.0",
         "simple-get": "^3.0.3",
         "tar": "^4.4.8",
@@ -10353,9 +10361,9 @@
       },
       "dependencies": {
         "nan": {
-          "version": "2.12.1",
-          "resolved": "https://registry.npmjs.org/nan/-/nan-2.12.1.tgz",
-          "integrity": "sha512-JY7V6lRkStKcKTvHO5NVSQRv+RV+FIL5pvDoLiAtSL9pKlC5x9PKQcZDsq7m4FO4d57mkhC6Z+QhAh3Jdk5JFw=="
+          "version": "2.13.1",
+          "resolved": "https://registry.npmjs.org/nan/-/nan-2.13.1.tgz",
+          "integrity": "sha512-I6YB/YEuDeUZMmhscXKxGgZlFnhsn5y0hgOZBadkzfTRrZBtJDZeg6eQf7PYMIEclwmorTKK8GztsyOUSVBREA=="
         },
         "semver": {
           "version": "5.6.0",
diff --git a/api/package.json b/api/package.json
index e8435ea98..5cc5e42e6 100644
--- a/api/package.json
+++ b/api/package.json
@@ -65,7 +65,7 @@
     "raven": "^2.6.4",
     "reflect-metadata": "^0.1.13",
     "routing-controllers": "^0.7.7",
-    "sharp": "^0.21.3",
+    "sharp": "^0.22.0",
     "socket.io": "^2.2.0",
     "stream-buffers": "^3.0.1",
     "to-utf-8": "^1.3.0",

From 32abf12f68328337bd19859f56847fb97407b93c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 19 Mar 2019 10:50:40 +0000
Subject: [PATCH 103/207] Bump @types/mongoose from 5.3.22 to 5.3.23 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mongoose) from 5.3.22 to 5.3.23.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/mongoose)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 1c7e70b96..e10376f86 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -217,9 +217,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.22",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.22.tgz",
-      "integrity": "sha512-OVKmjRUH7L3ml1kltLTcKNEE4888Q6tIuepukdSa5p2n40d7BNbhq1vT7HICaCBzk6W+VjEzs3hD+UtrUsxRbQ==",
+      "version": "5.3.23",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.23.tgz",
+      "integrity": "sha512-UZJOkFe/ShSt3iYFBiadwwCu2Y8qm/RZyAoCQI2uf88wr3NfDBpbqqoIyrchBy1y2XtvAAyktEPzvvR7up6/TQ==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 5cc5e42e6..91cde3856 100644
--- a/api/package.json
+++ b/api/package.json
@@ -80,7 +80,7 @@
     "@types/jsonwebtoken": "^8.3.2",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.6",
-    "@types/mongoose": "~5.3.22",
+    "@types/mongoose": "~5.3.23",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.6",
     "@types/passport": "^1.0.0",

From 5d31a46fd7ca85e50af7cb069313e55e85e8be38 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 19:01:13 +0100
Subject: [PATCH 104/207] Refactor ProgressController tests to use TestHelper

---
 api/test/controllers/ProgressController.ts | 49 ++++------------------
 1 file changed, 9 insertions(+), 40 deletions(-)

diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index 925cb248b..d623a0a92 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -1,9 +1,7 @@
 import {ICodeKataModel} from '../../src/models/units/CodeKataUnit';
 import * as chai from 'chai';
 import chaiHttp = require('chai-http');
-import {Server} from '../../src/server';
-import {FixtureLoader} from '../../fixtures/FixtureLoader';
-import {JwtUtils} from '../../src/security/JwtUtils';
+import {TestHelper} from '../TestHelper';
 import {User} from '../../src/models/User';
 import {Unit} from '../../src/models/units/Unit';
 import {Lecture} from '../../src/models/Lecture';
@@ -12,15 +10,12 @@ import {Progress} from '../../src/models/progress/Progress';
 import * as moment from 'moment';
 
 chai.use(chaiHttp);
-const should = chai.should();
-const app = new Server().app;
 const BASE_URL = '/api/progress';
-const fixtureLoader = new FixtureLoader();
+const testHelper = new TestHelper(BASE_URL);
 
 describe('ProgressController', () => {
-  // Before each test we reset the database
   beforeEach(async () => {
-    await fixtureLoader.load();
+    await testHelper.resetForNextTest();
   });
 
   describe(`POST ${BASE_URL}`, () => {
@@ -39,11 +34,7 @@ describe('ProgressController', () => {
         type: 'codeKata'
       };
 
-      const res = await chai.request(app)
-        .post(BASE_URL)
-        .set('Cookie', `token=${JwtUtils.generateToken(student)}`)
-        .send(newProgress);
-
+      const res = await testHelper.commonUserPostRequest(student, '', newProgress);
       res.status.should.be.equal(200);
       res.body.course.should.be.equal(newProgress.course);
       res.body.unit.should.be.equal(newProgress.unit);
@@ -70,11 +61,7 @@ describe('ProgressController', () => {
         type: 'codeKata'
       };
 
-      const res = await chai.request(app)
-        .post(BASE_URL)
-        .set('Cookie', `token=${JwtUtils.generateToken(student)}`)
-        .send(newProgress);
-
+      const res = await testHelper.commonUserPostRequest(student, '', newProgress);
       res.status.should.be.equal(200);
       res.body.course.should.be.equal(newProgress.course);
       res.body.unit.should.be.equal(newProgress.unit);
@@ -101,12 +88,7 @@ describe('ProgressController', () => {
         type: 'codeKata'
       };
 
-      const res = await chai.request(app)
-        .post(BASE_URL)
-        .set('Cookie', `token=${JwtUtils.generateToken(student)}`)
-        .send(newProgress)
-        .catch(err => err.response);
-
+      const res = await testHelper.commonUserPostRequest(student, '', newProgress);
       res.status.should.be.equal(400);
       res.body.name.should.be.equal('BadRequestError');
       res.body.message.should.be.equal('Past deadline, no further update possible');
@@ -140,11 +122,7 @@ describe('ProgressController', () => {
         type: 'codeKata'
       };
 
-      const res = await chai.request(app)
-        .put(`${BASE_URL}/${progress._id.toString()}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(student)}`)
-        .send(newProgress);
-
+      const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
       res.status.should.be.equal(200);
       res.body.course.should.be.equal(newProgress.course);
       res.body.unit.should.be.equal(newProgress.unit);
@@ -182,11 +160,7 @@ describe('ProgressController', () => {
         type: 'codeKata'
       };
 
-      const res = await chai.request(app)
-        .put(`${BASE_URL}/${progress._id.toString()}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(student)}`)
-        .send(newProgress);
-
+      const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
       res.status.should.be.equal(200);
       res.body.course.should.be.equal(newProgress.course);
       res.body.unit.should.be.equal(newProgress.unit);
@@ -224,12 +198,7 @@ describe('ProgressController', () => {
         type: 'codeKata'
       };
 
-      const res = await chai.request(app)
-        .put(`${BASE_URL}/${progress._id.toString()}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(student)}`)
-        .send(newProgress)
-        .catch(err => err.response);
-
+      const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
       res.status.should.be.equal(400);
       res.body.name.should.be.equal('BadRequestError');
       res.body.message.should.be.equal('Past deadline, no further update possible');

From a47980cfd2207a0fd4484fa183d6ca41c5ae88ca Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 19:18:30 +0100
Subject: [PATCH 105/207] Add {get} /api/progress/* success unit tests

---
 api/test/controllers/ProgressController.ts | 27 ++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index d623a0a92..68be3049f 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -2,6 +2,7 @@ import {ICodeKataModel} from '../../src/models/units/CodeKataUnit';
 import * as chai from 'chai';
 import chaiHttp = require('chai-http');
 import {TestHelper} from '../TestHelper';
+import {FixtureUtils} from '../../fixtures/FixtureUtils';
 import {User} from '../../src/models/User';
 import {Unit} from '../../src/models/units/Unit';
 import {Lecture} from '../../src/models/Lecture';
@@ -18,6 +19,32 @@ describe('ProgressController', () => {
     await testHelper.resetForNextTest();
   });
 
+  describe(`GET ${BASE_URL}`, () => {
+    it('should get unit progress', async () => {
+      const unit = await FixtureUtils.getRandomUnit();
+      const course = await FixtureUtils.getCourseFromUnit(unit);
+      const user = await FixtureUtils.getRandomTeacherForCourse(course);
+
+      const res = await testHelper.commonUserGetRequest(user, `/units/${unit._id}`);
+      res.status.should.be.equal(200);
+    });
+
+    it('should get course progress', async () => {
+      const course = await FixtureUtils.getRandomCourse();
+      const user = await FixtureUtils.getRandomTeacherForCourse(course);
+
+      const res = await testHelper.commonUserGetRequest(user, `/courses/${course._id}`);
+      res.status.should.be.equal(200);
+    });
+
+    it('should get student user progress', async () => {
+      const student = await FixtureUtils.getRandomStudent();
+
+      const res = await testHelper.commonUserGetRequest(student, `/users/${student._id}`);
+      res.status.should.be.equal(200);
+    });
+  });
+
   describe(`POST ${BASE_URL}`, () => {
     it('should create progress for some progressable unit', async () => {
       const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});

From bf71db8a91265be408947d17918af251fffa136f Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 19:38:11 +0100
Subject: [PATCH 106/207] Add {get} /api/progress/ units & courses 403 tests

These access denial tests will fail until the corresponding route
vulnerabilities are fixed.
---
 api/test/controllers/ProgressController.ts | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index 68be3049f..90ad4fd6e 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -43,6 +43,23 @@ describe('ProgressController', () => {
       const res = await testHelper.commonUserGetRequest(student, `/users/${student._id}`);
       res.status.should.be.equal(200);
     });
+
+    it('should deny access to unit progress for an unauthorized user', async () => {
+      const unit = await FixtureUtils.getRandomUnit();
+      const course = await FixtureUtils.getCourseFromUnit(unit);
+      const unauthorizedUser = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const res = await testHelper.commonUserGetRequest(unauthorizedUser, `/units/${unit._id}`);
+      res.status.should.be.equal(403);
+    });
+
+    it('should deny access to course progress for an unauthorized user', async () => {
+      const course = await FixtureUtils.getRandomCourse();
+      const unauthorizedUser = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const res = await testHelper.commonUserGetRequest(unauthorizedUser, `/courses/${course._id}`);
+      res.status.should.be.equal(403);
+    });
   });
 
   describe(`POST ${BASE_URL}`, () => {

From ccb0d3cc174ca51b301dd23a3fe4260d2ecf0c0d Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 19:46:04 +0100
Subject: [PATCH 107/207] Disable the {get} /api/progress/ users & courses
 routes

The routes appear to be unused and are insufficiently secured.
---
 api/src/controllers/ProgressController.ts                | 6 ++++++
 api/test/controllers/ProgressController.ts               | 9 +++++++++
 .../src/app/shared/services/data/progress.service.ts     | 6 ++++++
 3 files changed, 21 insertions(+)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index 8a2249dba..15135beb4 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -100,11 +100,14 @@ export class ProgressController {
    *         "id": "5ab2b9516fab4a3ae0cd6737"
    *     }]
    */
+  // This route has been disabled since it appears to be unused and insufficiently secured.
+  /*
   @Get('/courses/:id')
   getCourseProgress(@Param('id') id: string) {
     return Progress.find({'course': id})
       .then((progresses) => progresses.map((progress) => progress.toObject({virtuals: true})));
   }
+  */
 
   /**
    * @api {get} /api/progress/users/:id Get user progress
@@ -144,11 +147,14 @@ export class ProgressController {
    *         "id": "5ab2b9516fab4a3ae0cd6737"
    *     }]
    */
+  // This route has been disabled since it appears to be unused and insufficiently secured.
+  /*
   @Get('/users/:id')
   getUserProgress(@Param('id') id: string) {
     return Progress.find({'user': id})
       .then((progresses) => progresses.map((progress) => progress.toObject({virtuals: true})));
   }
+  */
 
   /**
    * @api {post} /api/progress/ Create progress
diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index 90ad4fd6e..22e50bf1b 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -29,6 +29,8 @@ describe('ProgressController', () => {
       res.status.should.be.equal(200);
     });
 
+    // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
+    /*
     it('should get course progress', async () => {
       const course = await FixtureUtils.getRandomCourse();
       const user = await FixtureUtils.getRandomTeacherForCourse(course);
@@ -36,13 +38,17 @@ describe('ProgressController', () => {
       const res = await testHelper.commonUserGetRequest(user, `/courses/${course._id}`);
       res.status.should.be.equal(200);
     });
+    */
 
+    // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
+    /*
     it('should get student user progress', async () => {
       const student = await FixtureUtils.getRandomStudent();
 
       const res = await testHelper.commonUserGetRequest(student, `/users/${student._id}`);
       res.status.should.be.equal(200);
     });
+    */
 
     it('should deny access to unit progress for an unauthorized user', async () => {
       const unit = await FixtureUtils.getRandomUnit();
@@ -53,6 +59,8 @@ describe('ProgressController', () => {
       res.status.should.be.equal(403);
     });
 
+    // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
+    /*
     it('should deny access to course progress for an unauthorized user', async () => {
       const course = await FixtureUtils.getRandomCourse();
       const unauthorizedUser = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
@@ -60,6 +68,7 @@ describe('ProgressController', () => {
       const res = await testHelper.commonUserGetRequest(unauthorizedUser, `/courses/${course._id}`);
       res.status.should.be.equal(403);
     });
+    */
   });
 
   describe(`POST ${BASE_URL}`, () => {
diff --git a/app/webFrontend/src/app/shared/services/data/progress.service.ts b/app/webFrontend/src/app/shared/services/data/progress.service.ts
index 2e4de0da1..d449dc4b8 100644
--- a/app/webFrontend/src/app/shared/services/data/progress.service.ts
+++ b/app/webFrontend/src/app/shared/services/data/progress.service.ts
@@ -13,6 +13,8 @@ export class ProgressService extends DataService {
     return unitProgress.length > 0 ? unitProgress[0] : null;
   }
 
+  // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
+  /*
   getCourseProgress(courseId: string) {
     const originalApiPath = this.apiPath;
     this.apiPath += 'courses/';
@@ -20,7 +22,10 @@ export class ProgressService extends DataService {
     this.apiPath = originalApiPath;
     return promise;
   }
+  */
 
+  // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
+  /*
   getUserProgress(userId: string) {
     const originalApiPath = this.apiPath;
     this.apiPath += 'users/';
@@ -28,4 +33,5 @@ export class ProgressService extends DataService {
     this.apiPath = originalApiPath;
     return promise;
   }
+  */
 }

From d371a942e353b65ecfca972eff919e140cba85f0 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 19:56:39 +0100
Subject: [PATCH 108/207] Refactor getUnitProgress to use async/await

---
 api/src/controllers/ProgressController.ts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index 15135beb4..a80d84945 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -57,9 +57,9 @@ export class ProgressController {
    *     }]
    */
   @Get('/units/:id')
-  getUnitProgress(@Param('id') id: string) {
-    return Progress.find({'unit': id})
-      .then((progresses) => progresses.map((progress) => progress.toObject({virtuals: true})));
+  async getUnitProgress(@Param('id') id: string) {
+    const progressSet = await Progress.find({unit: id});
+    return progressSet.map((progress) => progress.toObject({virtuals: true}));
   }
 
   /**

From c56a3175a1b0780d24c340d9900e0d344bae4850 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 22:09:53 +0100
Subject: [PATCH 109/207] Secure getUnitProgress via course.checkPrivileges

The route is not yet completely secured because the progressSet must
also be filtered for requests by students (only respond with own data).
---
 api/src/controllers/ProgressController.ts | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index a80d84945..afc3d5fb2 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -1,12 +1,13 @@
 import {
-  BadRequestError, Body, CurrentUser, Get, JsonController, NotFoundError, Param, Post, Put,
-  UseBefore
+  BadRequestError, Body, CurrentUser, Get, JsonController, Param, Post, Put, UseBefore,
+  NotFoundError, ForbiddenError
 } from 'routing-controllers';
 import * as moment from 'moment';
 import passportJwtMiddleware from '../security/passportJwtMiddleware';
 import {Progress} from '../models/progress/Progress';
+import {Course} from '../models/Course';
+import {Unit, IUnitModel} from '../models/units/Unit';
 import {IUser} from '../../../shared/models/IUser';
-import {IUnitModel, Unit} from '../models/units/Unit';
 import {IProgress} from '../../../shared/models/progress/IProgress';
 
 @JsonController('/progress')
@@ -57,8 +58,14 @@ export class ProgressController {
    *     }]
    */
   @Get('/units/:id')
-  async getUnitProgress(@Param('id') id: string) {
+  async getUnitProgress(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
+    const unit = await Unit.findById(id);
+    const course = await Course.findById(unit._course);
+    if (!course.checkPrivileges(currentUser).userCanViewCourse) {
+      throw new ForbiddenError();
+    }
     const progressSet = await Progress.find({unit: id});
+    // TODO filter progress data for students
     return progressSet.map((progress) => progress.toObject({virtuals: true}));
   }
 

From 822673ae846148d539c850434729a96c2844cf09 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 23:13:40 +0100
Subject: [PATCH 110/207] Add getUnitProgress student response filter unit test

This will fail until the corresponding vulnerability is fixed.
(See the TODO in ProgressController.ts)
The commit also adds some setup functionality that could be used for
refactoring purposes in the other unit tests of this controller.
---
 api/test/controllers/ProgressController.ts | 54 +++++++++++++++++++++-
 1 file changed, 53 insertions(+), 1 deletion(-)

diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index 22e50bf1b..f53a3ae4a 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -3,7 +3,7 @@ import * as chai from 'chai';
 import chaiHttp = require('chai-http');
 import {TestHelper} from '../TestHelper';
 import {FixtureUtils} from '../../fixtures/FixtureUtils';
-import {User} from '../../src/models/User';
+import {User, IUserModel} from '../../src/models/User';
 import {Unit} from '../../src/models/units/Unit';
 import {Lecture} from '../../src/models/Lecture';
 import {Course} from '../../src/models/Course';
@@ -14,6 +14,45 @@ chai.use(chaiHttp);
 const BASE_URL = '/api/progress';
 const testHelper = new TestHelper(BASE_URL);
 
+/**
+ * Common setup function for the unit tests.
+ */
+async function prepareSetup(updateUnitDeadline = false) {
+  const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});
+  const course = await Course.findById(unit._course);
+  const student = await User.findOne({_id: course.students[0] });
+
+  if (updateUnitDeadline) {
+    unit.deadline = moment().add(1, 'hour').format();
+    await unit.save();
+  }
+
+  return {unit, course, student};
+}
+
+/**
+ * Common progress data setup function for the unit tests.
+ */
+function createNewProgressFor (unit: ICodeKataModel, student: IUserModel) {
+  return {
+    course: unit._course,
+    unit: unit._id.toString(),
+    user: student._id.toString(),
+    code: 'let a = test;',
+    done: true,
+    type: 'codeKata'
+  };
+}
+
+/**
+ * Helper function for the get route student filter unit test.
+ */
+async function postProgressTestData (unit: ICodeKataModel, student: IUserModel) {
+  const newProgress = createNewProgressFor(unit, student);
+  const resPost = await testHelper.commonUserPostRequest(student, '', newProgress);
+  resPost.status.should.be.equal(200);
+}
+
 describe('ProgressController', () => {
   beforeEach(async () => {
     await testHelper.resetForNextTest();
@@ -69,6 +108,19 @@ describe('ProgressController', () => {
       res.status.should.be.equal(403);
     });
     */
+
+    it.only('should only return own unit progress for a student', async () => {
+      const {unit, course, student} = await prepareSetup(true);
+      // Currently the FixtureLoader will enrol at least 2 students per course, so this should never fail.
+      const student2 = await User.findOne({_id: course.students[1] });
+      await Promise.all([postProgressTestData(unit, student), postProgressTestData(unit, student2)]);
+
+      const res = await testHelper.commonUserGetRequest(student, `/units/${unit._id}`);
+      res.status.should.be.equal(200);
+      res.body.should.not.be.empty;
+      const studentId = student._id.toString();
+      res.body.forEach((progress: any) => progress.user.should.equal(studentId));
+    });
   });
 
   describe(`POST ${BASE_URL}`, () => {

From 9d5d1c4109bf944af0584e614586233490b51a66 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 23:16:10 +0100
Subject: [PATCH 111/207] Filter getUnitProgress response for students

This fixes the remaining known access vulnerability of this route.
---
 api/src/controllers/ProgressController.ts | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index afc3d5fb2..5b6253542 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -9,6 +9,7 @@ import {Course} from '../models/Course';
 import {Unit, IUnitModel} from '../models/units/Unit';
 import {IUser} from '../../../shared/models/IUser';
 import {IProgress} from '../../../shared/models/progress/IProgress';
+import {extractSingleMongoId} from '../utilities/ExtractMongoId';
 
 @JsonController('/progress')
 @UseBefore(passportJwtMiddleware)
@@ -64,8 +65,14 @@ export class ProgressController {
     if (!course.checkPrivileges(currentUser).userCanViewCourse) {
       throw new ForbiddenError();
     }
-    const progressSet = await Progress.find({unit: id});
-    // TODO filter progress data for students
+    let progressSet = await Progress.find({unit: id});
+    if (currentUser.role !== 'teacher' && currentUser.role !== 'admin') {
+      // Only send the progress data if the user (student) is the "owner" thereof.
+      const currentUserId = extractSingleMongoId(currentUser);
+      progressSet = await Promise.all(progressSet.map(
+        (progress) => extractSingleMongoId(progress.user) === currentUserId ? progress : undefined));
+      progressSet = progressSet.filter((progress) => progress);
+    }
     return progressSet.map((progress) => progress.toObject({virtuals: true}));
   }
 

From 8404fba0f90e0ee00810edd9063a33518e886f3d Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 23:36:08 +0100
Subject: [PATCH 112/207] Refactor Progress unit tests via common functions

---
 api/test/controllers/ProgressController.ts | 178 ++++-----------------
 1 file changed, 32 insertions(+), 146 deletions(-)

diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index f53a3ae4a..97d6a6049 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -5,7 +5,6 @@ import {TestHelper} from '../TestHelper';
 import {FixtureUtils} from '../../fixtures/FixtureUtils';
 import {User, IUserModel} from '../../src/models/User';
 import {Unit} from '../../src/models/units/Unit';
-import {Lecture} from '../../src/models/Lecture';
 import {Course} from '../../src/models/Course';
 import {Progress} from '../../src/models/progress/Progress';
 import * as moment from 'moment';
@@ -17,13 +16,13 @@ const testHelper = new TestHelper(BASE_URL);
 /**
  * Common setup function for the unit tests.
  */
-async function prepareSetup(updateUnitDeadline = false) {
+async function prepareSetup(unitDeadlineAdd = 0) {
   const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});
   const course = await Course.findById(unit._course);
   const student = await User.findOne({_id: course.students[0] });
 
-  if (updateUnitDeadline) {
-    unit.deadline = moment().add(1, 'hour').format();
+  if (unitDeadlineAdd) {
+    unit.deadline = moment().add(unitDeadlineAdd, 'hour').format();
     await unit.save();
   }
 
@@ -33,24 +32,25 @@ async function prepareSetup(updateUnitDeadline = false) {
 /**
  * Common progress data setup function for the unit tests.
  */
-function createNewProgressFor (unit: ICodeKataModel, student: IUserModel) {
+function createProgressObjFor (unit: ICodeKataModel, student: IUserModel, done: Boolean = true) {
   return {
-    course: unit._course,
+    course: unit._course.toString(),
     unit: unit._id.toString(),
     user: student._id.toString(),
     code: 'let a = test;',
-    done: true,
+    done,
     type: 'codeKata'
   };
 }
 
 /**
- * Helper function for the get route student filter unit test.
+ * Common helper function for the unit tests that posts new progress data for a student and checks the status code.
  */
-async function postProgressTestData (unit: ICodeKataModel, student: IUserModel) {
-  const newProgress = createNewProgressFor(unit, student);
-  const resPost = await testHelper.commonUserPostRequest(student, '', newProgress);
-  resPost.status.should.be.equal(200);
+async function postProgressTestData (unit: ICodeKataModel, student: IUserModel, status: Number = 200) {
+  const newProgress = createProgressObjFor(unit, student);
+  const res = await testHelper.commonUserPostRequest(student, '', newProgress);
+  res.status.should.be.equal(status);
+  return {res, newProgress};
 }
 
 describe('ProgressController', () => {
@@ -60,11 +60,9 @@ describe('ProgressController', () => {
 
   describe(`GET ${BASE_URL}`, () => {
     it('should get unit progress', async () => {
-      const unit = await FixtureUtils.getRandomUnit();
-      const course = await FixtureUtils.getCourseFromUnit(unit);
-      const user = await FixtureUtils.getRandomTeacherForCourse(course);
+      const {unit, student} = await prepareSetup();
 
-      const res = await testHelper.commonUserGetRequest(user, `/units/${unit._id}`);
+      const res = await testHelper.commonUserGetRequest(student, `/units/${unit._id}`);
       res.status.should.be.equal(200);
     });
 
@@ -90,8 +88,7 @@ describe('ProgressController', () => {
     */
 
     it('should deny access to unit progress for an unauthorized user', async () => {
-      const unit = await FixtureUtils.getRandomUnit();
-      const course = await FixtureUtils.getCourseFromUnit(unit);
+      const {unit, course} = await prepareSetup();
       const unauthorizedUser = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
 
       const res = await testHelper.commonUserGetRequest(unauthorizedUser, `/units/${unit._id}`);
@@ -109,8 +106,8 @@ describe('ProgressController', () => {
     });
     */
 
-    it.only('should only return own unit progress for a student', async () => {
-      const {unit, course, student} = await prepareSetup(true);
+    it('should only return own unit progress for a student', async () => {
+      const {unit, course, student} = await prepareSetup(1);
       // Currently the FixtureLoader will enrol at least 2 students per course, so this should never fail.
       const student2 = await User.findOne({_id: course.students[1] });
       await Promise.all([postProgressTestData(unit, student), postProgressTestData(unit, student2)]);
@@ -125,22 +122,8 @@ describe('ProgressController', () => {
 
   describe(`POST ${BASE_URL}`, () => {
     it('should create progress for some progressable unit', async () => {
-      const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});
-      const lecture = await Lecture.findOne({units: { $in: [ unit._id ] }});
-      const course = await Course.findOne({lectures: { $in: [ lecture._id ] }});
-      const student = await User.findOne({_id: { $in: course.students}});
-
-      const newProgress = {
-        course: course._id.toString(),
-        unit: unit._id.toString(),
-        user: student._id.toString(),
-        code: 'let a = test;',
-        done: true,
-        type: 'codeKata'
-      };
-
-      const res = await testHelper.commonUserPostRequest(student, '', newProgress);
-      res.status.should.be.equal(200);
+      const {unit, student} = await prepareSetup();
+      const {res, newProgress} = await postProgressTestData(unit, student);
       res.body.course.should.be.equal(newProgress.course);
       res.body.unit.should.be.equal(newProgress.unit);
       res.body.user.should.be.equal(newProgress.user);
@@ -149,25 +132,8 @@ describe('ProgressController', () => {
     });
 
     it('should create progress for some progressable unit with a deadline', async () => {
-      const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});
-      const lecture = await Lecture.findOne({units: { $in: [ unit._id ] }});
-      const course = await Course.findOne({lectures: { $in: [ lecture._id ] }});
-      const student = await User.findOne({_id: { $in: course.students}});
-
-      unit.deadline = moment().add(1, 'hour').format();
-      await unit.save();
-
-      const newProgress = {
-        course: course._id.toString(),
-        unit: unit._id.toString(),
-        user: student._id.toString(),
-        code: 'let a = test',
-        done: true,
-        type: 'codeKata'
-      };
-
-      const res = await testHelper.commonUserPostRequest(student, '', newProgress);
-      res.status.should.be.equal(200);
+      const {unit, student} = await prepareSetup(1);
+      const {res, newProgress} = await postProgressTestData(unit, student);
       res.body.course.should.be.equal(newProgress.course);
       res.body.unit.should.be.equal(newProgress.unit);
       res.body.user.should.be.equal(newProgress.user);
@@ -176,25 +142,8 @@ describe('ProgressController', () => {
     });
 
     it('should fail creating progress for some progressable unit with a deadline', async () => {
-      const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});
-      const lecture = await Lecture.findOne({units: { $in: [ unit._id ] }});
-      const course = await Course.findOne({lectures: { $in: [ lecture._id ] }});
-      const student = await User.findOne({_id: { $in: course.students}});
-
-      unit.deadline = moment().subtract(1, 'hour').format();
-      await unit.save();
-
-      const newProgress = {
-        course: course._id.toString(),
-        unit: unit._id.toString(),
-        user: student._id.toString(),
-        code: 'let a = test',
-        done: true,
-        type: 'codeKata'
-      };
-
-      const res = await testHelper.commonUserPostRequest(student, '', newProgress);
-      res.status.should.be.equal(400);
+      const {unit, student} = await prepareSetup(-1);
+      const {res} = await postProgressTestData(unit, student, 400);
       res.body.name.should.be.equal('BadRequestError');
       res.body.message.should.be.equal('Past deadline, no further update possible');
     });
@@ -202,30 +151,11 @@ describe('ProgressController', () => {
 
   describe(`PUT ${BASE_URL}`, () => {
     it('should update progress for some progressable unit', async () => {
-      const unit = await Unit.findOne({progressable: true, __t: 'code-kata'});
-      const lecture = await Lecture.findOne({units: { $in: [ unit._id ] }});
-      const course = await Course.findOne({lectures: { $in: [ lecture._id ] }});
-      const student = await User.findOne({_id: { $in: course.students}});
-
-      const oldProgress = {
-        course: course._id.toString(),
-        unit: unit._id.toString(),
-        user: student._id.toString(),
-        code: 'let b = test',
-        done: false,
-        type: 'codeKata'
-      };
+      const {unit, student} = await prepareSetup();
 
+      const oldProgress = createProgressObjFor(unit, student, false);
       const progress = await Progress.create(oldProgress);
-
-      const newProgress = {
-        course: course._id.toString(),
-        unit: unit._id.toString(),
-        user: student._id.toString(),
-        code: 'let a = test',
-        done: true,
-        type: 'codeKata'
-      };
+      const newProgress = createProgressObjFor(unit, student);
 
       const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
       res.status.should.be.equal(200);
@@ -237,33 +167,11 @@ describe('ProgressController', () => {
     });
 
     it('should update progress for some progressable unit with a deadline', async () => {
-      const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});
-      const lecture = await Lecture.findOne({units: { $in: [ unit._id ] }});
-      const course = await Course.findOne({lectures: { $in: [ lecture._id ] }});
-      const student = await User.findOne({_id: { $in: course.students}});
-
-      unit.deadline = moment().add(1, 'hour').format();
-      await unit.save();
-
-      const oldProgress = {
-        course: course._id.toString(),
-        unit: unit._id.toString(),
-        user: student._id.toString(),
-        code: 'let b = test',
-        done: false,
-        type: 'codeKata'
-      };
+      const {unit, student} = await prepareSetup(1);
 
+      const oldProgress = createProgressObjFor(unit, student, false);
       const progress = await Progress.create(oldProgress);
-
-      const newProgress = {
-        course: course._id.toString(),
-        unit: unit._id.toString(),
-        user: student._id.toString(),
-        code: 'let a = test',
-        done: true,
-        type: 'codeKata'
-      };
+      const newProgress = createProgressObjFor(unit, student);
 
       const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
       res.status.should.be.equal(200);
@@ -275,33 +183,11 @@ describe('ProgressController', () => {
     });
 
     it('should fail updating progress for some progressable unit with a deadline', async () => {
-      const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});
-      const lecture = await Lecture.findOne({units: { $in: [ unit._id ] }});
-      const course = await Course.findOne({lectures: { $in: [ lecture._id ] }});
-      const student = await User.findOne({_id: { $in: course.students}});
-
-      unit.deadline = moment().subtract(1, 'hour').format();
-      await unit.save();
-
-      const oldProgress = {
-        course: course._id.toString(),
-        unit: unit._id.toString(),
-        user: student._id.toString(),
-        code: 'let b = test',
-        done: false,
-        type: 'codeKata'
-      };
+      const {unit, student} = await prepareSetup(-1);
 
+      const oldProgress = createProgressObjFor(unit, student, false);
       const progress = await Progress.create(oldProgress);
-
-      const newProgress = {
-        course: course._id.toString(),
-        unit: unit._id.toString(),
-        user: student._id.toString(),
-        code: 'let a = test',
-        done: true,
-        type: 'codeKata'
-      };
+      const newProgress = createProgressObjFor(unit, student);
 
       const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
       res.status.should.be.equal(400);

From be0e68d25d257356d38528d454b21614a31538df Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Tue, 19 Mar 2019 23:56:36 +0100
Subject: [PATCH 113/207] Factor out Progress unit test response checks

---
 api/test/controllers/ProgressController.ts | 59 +++++++++++-----------
 1 file changed, 30 insertions(+), 29 deletions(-)

diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index 97d6a6049..7418a5781 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -6,7 +6,7 @@ import {FixtureUtils} from '../../fixtures/FixtureUtils';
 import {User, IUserModel} from '../../src/models/User';
 import {Unit} from '../../src/models/units/Unit';
 import {Course} from '../../src/models/Course';
-import {Progress} from '../../src/models/progress/Progress';
+import {Progress, IProgressModel} from '../../src/models/progress/Progress';
 import * as moment from 'moment';
 
 chai.use(chaiHttp);
@@ -44,7 +44,18 @@ function createProgressObjFor (unit: ICodeKataModel, student: IUserModel, done:
 }
 
 /**
- * Common helper function for the unit tests that posts new progress data for a student and checks the status code.
+ * Common unit test helper function to check that responses equal the progress object.
+ */
+function checkResponseProgress (res: any, newProgress: any) {
+  res.body.course.should.be.equal(newProgress.course);
+  res.body.unit.should.be.equal(newProgress.unit);
+  res.body.user.should.be.equal(newProgress.user);
+  res.body.done.should.be.equal(newProgress.done);
+  res.body._id.should.be.a('string');
+}
+
+/**
+ * Common helper function for the unit tests that POST new progress data for a student and checks the status code.
  */
 async function postProgressTestData (unit: ICodeKataModel, student: IUserModel, status: Number = 200) {
   const newProgress = createProgressObjFor(unit, student);
@@ -53,6 +64,16 @@ async function postProgressTestData (unit: ICodeKataModel, student: IUserModel,
   return {res, newProgress};
 }
 
+/**
+ * Common helper function for the unit tests that PUT new progress data for a student and checks the status code.
+ */
+async function putProgressTestData (progress: IProgressModel, unit: ICodeKataModel, student: IUserModel, status: Number = 200) {
+  const newProgress = createProgressObjFor(unit, student);
+  const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
+  res.status.should.be.equal(status);
+  return {res, newProgress};
+}
+
 describe('ProgressController', () => {
   beforeEach(async () => {
     await testHelper.resetForNextTest();
@@ -124,21 +145,13 @@ describe('ProgressController', () => {
     it('should create progress for some progressable unit', async () => {
       const {unit, student} = await prepareSetup();
       const {res, newProgress} = await postProgressTestData(unit, student);
-      res.body.course.should.be.equal(newProgress.course);
-      res.body.unit.should.be.equal(newProgress.unit);
-      res.body.user.should.be.equal(newProgress.user);
-      res.body.done.should.be.equal(newProgress.done);
-      res.body._id.should.be.a('string');
+      checkResponseProgress(res, newProgress);
     });
 
     it('should create progress for some progressable unit with a deadline', async () => {
       const {unit, student} = await prepareSetup(1);
       const {res, newProgress} = await postProgressTestData(unit, student);
-      res.body.course.should.be.equal(newProgress.course);
-      res.body.unit.should.be.equal(newProgress.unit);
-      res.body.user.should.be.equal(newProgress.user);
-      res.body.done.should.be.equal(newProgress.done);
-      res.body._id.should.be.a('string');
+      checkResponseProgress(res, newProgress);
     });
 
     it('should fail creating progress for some progressable unit with a deadline', async () => {
@@ -155,14 +168,9 @@ describe('ProgressController', () => {
 
       const oldProgress = createProgressObjFor(unit, student, false);
       const progress = await Progress.create(oldProgress);
-      const newProgress = createProgressObjFor(unit, student);
 
-      const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
-      res.status.should.be.equal(200);
-      res.body.course.should.be.equal(newProgress.course);
-      res.body.unit.should.be.equal(newProgress.unit);
-      res.body.user.should.be.equal(newProgress.user);
-      res.body.done.should.be.equal(newProgress.done);
+      const {res, newProgress} = await putProgressTestData(progress, unit, student);
+      checkResponseProgress(res, newProgress);
       res.body._id.should.be.equal(progress._id.toString());
     });
 
@@ -171,14 +179,9 @@ describe('ProgressController', () => {
 
       const oldProgress = createProgressObjFor(unit, student, false);
       const progress = await Progress.create(oldProgress);
-      const newProgress = createProgressObjFor(unit, student);
 
-      const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
-      res.status.should.be.equal(200);
-      res.body.course.should.be.equal(newProgress.course);
-      res.body.unit.should.be.equal(newProgress.unit);
-      res.body.user.should.be.equal(newProgress.user);
-      res.body.done.should.be.equal(newProgress.done);
+      const {res, newProgress} = await putProgressTestData(progress, unit, student);
+      checkResponseProgress(res, newProgress);
       res.body._id.should.be.equal(progress._id.toString());
     });
 
@@ -187,10 +190,8 @@ describe('ProgressController', () => {
 
       const oldProgress = createProgressObjFor(unit, student, false);
       const progress = await Progress.create(oldProgress);
-      const newProgress = createProgressObjFor(unit, student);
 
-      const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
-      res.status.should.be.equal(400);
+      const {res} = await putProgressTestData(progress, unit, student, 400);
       res.body.name.should.be.equal('BadRequestError');
       res.body.message.should.be.equal('Past deadline, no further update possible');
     });

From fdbb18d93b1d7500260a4064b58e861cb41b58ab Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 00:02:58 +0100
Subject: [PATCH 114/207] Fix createProgress currentUser optionality

---
 api/src/controllers/ProgressController.ts | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index 5b6253542..bcd56fa2d 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -176,7 +176,6 @@ export class ProgressController {
    * @apiGroup Progress
    *
    * @apiParam {IProgress} data Progress data.
-   * @apiParam {IUser} currentUser Currently logged in user.
    *
    * @apiParam {String} id Notification ID.@apiSuccess {Progress} progress Created progress.
    *
@@ -212,9 +211,9 @@ export class ProgressController {
    * @apiError BadRequestError progress need fields course, user and unit
    */
   @Post('/')
-  async createProgress(@Body() data: IProgress, @CurrentUser() currentUser?: IUser) {
+  async createProgress(@Body() data: IProgress, @CurrentUser() currentUser: IUser) {
     // discard invalid requests
-    if (!data.course || !data.unit || !currentUser) {
+    if (!data.course || !data.unit) {
       throw new BadRequestError('progress need fields course, user and unit');
     }
 

From 881f571c525e84a459ff7483dc0ef61e2a6c3086 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 00:33:26 +0100
Subject: [PATCH 115/207] Add FixtureUtils.getUnauthorizedStudentForCourse

---
 api/fixtures/FixtureUtils.ts | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/api/fixtures/FixtureUtils.ts b/api/fixtures/FixtureUtils.ts
index 3816fa735..610c3db29 100644
--- a/api/fixtures/FixtureUtils.ts
+++ b/api/fixtures/FixtureUtils.ts
@@ -181,6 +181,20 @@ export class FixtureUtils {
     });
   }
 
+  /**
+   * Obtain an unauthorized student for a course.
+   * This student can be used for access denial unit tests.
+   *
+   * @param course The student can't belong to this given course; i.e. the student won't be part of the 'students'.
+   * @returns A user with 'student' role that is not authorized to access the given course.
+   */
+  public static async getUnauthorizedStudentForCourse(course: ICourse): Promise<IUserModel> {
+    return await User.findOne({
+      _id: {$nin: course.students},
+      role: 'student'
+    });
+  }
+
   private static async getAdmins(): Promise<IUser[]> {
     return this.getUser('admin');
   }

From 27eaa7a605304ca30949197f3573033c24d0b92d Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 00:56:57 +0100
Subject: [PATCH 116/207] Add ProgressController POST / PUT 403 unit tests

These will fail until the vulnerabilities are fixed.
---
 api/test/controllers/ProgressController.ts | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index 7418a5781..ad04ec034 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -160,6 +160,12 @@ describe('ProgressController', () => {
       res.body.name.should.be.equal('BadRequestError');
       res.body.message.should.be.equal('Past deadline, no further update possible');
     });
+
+    it('should fail to create progress for an unauthorized student', async () => {
+      const {unit, course} = await prepareSetup();
+      const unauthorizedStudent = await FixtureUtils.getUnauthorizedStudentForCourse(course);
+      await postProgressTestData(unit, unauthorizedStudent, 403);
+    });
   });
 
   describe(`PUT ${BASE_URL}`, () => {
@@ -195,5 +201,16 @@ describe('ProgressController', () => {
       res.body.name.should.be.equal('BadRequestError');
       res.body.message.should.be.equal('Past deadline, no further update possible');
     });
+
+    it('should fail to update progress for an unauthorized student', async () => {
+      const {unit, student, course} = await prepareSetup();
+      // Currently the FixtureLoader will enrol at least 2 students per course, so this should never fail.
+      const unauthorizedStudent = await User.findOne({_id: course.students[1] });
+
+      const oldProgress = createProgressObjFor(unit, student, false);
+      const progress = await Progress.create(oldProgress);
+
+      await putProgressTestData(progress, unit, unauthorizedStudent, 403);
+    });
   });
 });

From 53b954321cd71419df732a1aba46fcece3f5f528 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 01:01:19 +0100
Subject: [PATCH 117/207] Secure ProgressController POST & PUT routes

Via course.checkPrivileges and in PUT by checking the progress.user id.
---
 api/src/controllers/ProgressController.ts | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index bcd56fa2d..ef0d6d6ca 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -218,6 +218,10 @@ export class ProgressController {
     }
 
     const unit: IUnitModel = await Unit.findById(data.unit);
+    const course = await Course.findById(unit._course);
+    if (!course.checkPrivileges(currentUser).userCanViewCourse) {
+      throw new ForbiddenError();
+    }
     ProgressController.checkDeadline(unit);
 
     data.user = currentUser;
@@ -270,12 +274,18 @@ export class ProgressController {
   @Put('/:id')
   async updateProgress(@Param('id') id: string, @Body() data: any, @CurrentUser() currentUser: IUser) {
     const progress = await Progress.findById(id);
-
     if (!progress) {
       throw new NotFoundError();
     }
+    if (extractSingleMongoId(progress.user) !== extractSingleMongoId(currentUser)) {
+      throw new ForbiddenError();
+    }
 
     const unit: IUnitModel = await Unit.findById(progress.unit);
+    const course = await Course.findById(unit._course);
+    if (!course.checkPrivileges(currentUser).userCanViewCourse) {
+      throw new ForbiddenError();
+    }
     ProgressController.checkDeadline(unit);
 
     // set user

From ea78a2c6297caeb3dc0fb01f7c8e7cbd29dc2292 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 01:09:52 +0100
Subject: [PATCH 118/207] Add @apiError ForbiddenError to ProgressController

---
 api/src/controllers/ProgressController.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index ef0d6d6ca..3abfe52f6 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -57,6 +57,8 @@ export class ProgressController {
    *         "__t": "task-unit-progress",
    *         "id": "5ab2b9516fab4a3ae0cd6737"
    *     }]
+   *
+   * @apiError ForbiddenError
    */
   @Get('/units/:id')
   async getUnitProgress(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
@@ -209,6 +211,7 @@ export class ProgressController {
    *     }
    *
    * @apiError BadRequestError progress need fields course, user and unit
+   * @apiError ForbiddenError
    */
   @Post('/')
   async createProgress(@Body() data: IProgress, @CurrentUser() currentUser: IUser) {
@@ -270,6 +273,7 @@ export class ProgressController {
    *     }
    *
    * @apiError NotFoundError
+   * @apiError ForbiddenError
    */
   @Put('/:id')
   async updateProgress(@Param('id') id: string, @Body() data: any, @CurrentUser() currentUser: IUser) {

From b6edd9ff711c17ca397c13fc91dc228ba2394d22 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 01:50:06 +0100
Subject: [PATCH 119/207] Obviate createProgress route by extending
 updateProgress

The idempotent updateProgress PUT route now upserts,
thus replacing the createProgress POST route completely.
This also simplifies the updateProgress route, as well as
the unit tests and the front-end usage thereof.
---
 api/src/controllers/ProgressController.ts     | 92 ++-----------------
 api/test/controllers/ProgressController.ts    | 83 +++--------------
 .../code-kata-unit.component.ts               | 31 ++-----
 .../app/unit/task-unit/task-unit.component.ts | 28 ++----
 4 files changed, 43 insertions(+), 191 deletions(-)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index 3abfe52f6..f7aa09a97 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -1,6 +1,6 @@
 import {
-  BadRequestError, Body, CurrentUser, Get, JsonController, Param, Post, Put, UseBefore,
-  NotFoundError, ForbiddenError
+  BadRequestError, Body, CurrentUser, Get, JsonController, Param, Put, UseBefore,
+  ForbiddenError
 } from 'routing-controllers';
 import * as moment from 'moment';
 import passportJwtMiddleware from '../security/passportJwtMiddleware';
@@ -8,7 +8,6 @@ import {Progress} from '../models/progress/Progress';
 import {Course} from '../models/Course';
 import {Unit, IUnitModel} from '../models/units/Unit';
 import {IUser} from '../../../shared/models/IUser';
-import {IProgress} from '../../../shared/models/progress/IProgress';
 import {extractSingleMongoId} from '../utilities/ExtractMongoId';
 
 @JsonController('/progress')
@@ -173,68 +172,7 @@ export class ProgressController {
   */
 
   /**
-   * @api {post} /api/progress/ Create progress
-   * @apiName PostProgress
-   * @apiGroup Progress
-   *
-   * @apiParam {IProgress} data Progress data.
-   *
-   * @apiParam {String} id Notification ID.@apiSuccess {Progress} progress Created progress.
-   *
-   * @apiSuccessExample {json} Success-Response:
-   *     {
-   *         "_id": "5ab2b9516fab4a3ae0cd6737",
-   *         "done": false,
-   *         "updatedAt": "2018-03-21T19:58:09.386Z",
-   *         "createdAt": "2018-03-21T19:58:09.386Z",
-   *         "unit": "5ab2b80a6fab4a3ae0cd672d",
-   *         "course": "5a53c474a347af01b84e54b7",
-   *         "answers": {
-   *             "5ab2b80a6fab4a3ae0cd672e": {
-   *                 "5ab2b80a6fab4a3ae0cd6730": true,
-   *                 "5ab2b80a6fab4a3ae0cd672f": false
-   *             },
-   *             "5ab2b8dd6fab4a3ae0cd6734": {
-   *                 "5ab2b8dd6fab4a3ae0cd6736": false,
-   *                 "5ab2b8dd6fab4a3ae0cd6735": true
-   *             },
-   *             "5ab2b8dd6fab4a3ae0cd6731": {
-   *                 "5ab2b8dd6fab4a3ae0cd6733": false,
-   *                 "5ab2b8dd6fab4a3ae0cd6732": true
-   *             }
-   *         },
-   *         "type": "task-unit-progress",
-   *         "user": "5a037e6a60f72236d8e7c813",
-   *         "__v": 0,
-   *         "__t": "task-unit-progress",
-   *         "id": "5ab2b9516fab4a3ae0cd6737"
-   *     }
-   *
-   * @apiError BadRequestError progress need fields course, user and unit
-   * @apiError ForbiddenError
-   */
-  @Post('/')
-  async createProgress(@Body() data: IProgress, @CurrentUser() currentUser: IUser) {
-    // discard invalid requests
-    if (!data.course || !data.unit) {
-      throw new BadRequestError('progress need fields course, user and unit');
-    }
-
-    const unit: IUnitModel = await Unit.findById(data.unit);
-    const course = await Course.findById(unit._course);
-    if (!course.checkPrivileges(currentUser).userCanViewCourse) {
-      throw new ForbiddenError();
-    }
-    ProgressController.checkDeadline(unit);
-
-    data.user = currentUser;
-
-    const progress = await Progress.create(data);
-    return progress.toObject();
-  }
-
-  /**
-   * @api {put} /api/progress/:id Update progress
+   * @api {put} /api/progress/ Set progress for a unit (i.e. create or update it idempotently)
    * @apiName PutProgress
    * @apiGroup Progress
    *
@@ -272,31 +210,21 @@ export class ProgressController {
    *         "id": "5ab2b9516fab4a3ae0cd6737"
    *     }
    *
-   * @apiError NotFoundError
    * @apiError ForbiddenError
    */
-  @Put('/:id')
-  async updateProgress(@Param('id') id: string, @Body() data: any, @CurrentUser() currentUser: IUser) {
-    const progress = await Progress.findById(id);
-    if (!progress) {
-      throw new NotFoundError();
-    }
-    if (extractSingleMongoId(progress.user) !== extractSingleMongoId(currentUser)) {
-      throw new ForbiddenError();
-    }
-
-    const unit: IUnitModel = await Unit.findById(progress.unit);
+  @Put('/')
+  async updateProgress(@Body() data: any, @CurrentUser() currentUser: IUser) {
+    const unit: IUnitModel = await Unit.findById(data.unit);
     const course = await Course.findById(unit._course);
     if (!course.checkPrivileges(currentUser).userCanViewCourse) {
       throw new ForbiddenError();
     }
     ProgressController.checkDeadline(unit);
 
-    // set user
-    data.user = currentUser._id;
-
-    progress.set(data);
-    await progress.save();
+    const progress = await Progress.findOneAndUpdate(
+      {user: currentUser, unit},
+      {user: currentUser, unit, course, done: data.done, type: data.type},
+      {new: true, upsert: true});
 
     return progress.toObject();
   }
diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index ad04ec034..d6b68d877 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -6,7 +6,6 @@ import {FixtureUtils} from '../../fixtures/FixtureUtils';
 import {User, IUserModel} from '../../src/models/User';
 import {Unit} from '../../src/models/units/Unit';
 import {Course} from '../../src/models/Course';
-import {Progress, IProgressModel} from '../../src/models/progress/Progress';
 import * as moment from 'moment';
 
 chai.use(chaiHttp);
@@ -19,7 +18,7 @@ const testHelper = new TestHelper(BASE_URL);
 async function prepareSetup(unitDeadlineAdd = 0) {
   const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});
   const course = await Course.findById(unit._course);
-  const student = await User.findOne({_id: course.students[0] });
+  const student = await User.findById(course.students[0]);
 
   if (unitDeadlineAdd) {
     unit.deadline = moment().add(unitDeadlineAdd, 'hour').format();
@@ -54,22 +53,12 @@ function checkResponseProgress (res: any, newProgress: any) {
   res.body._id.should.be.a('string');
 }
 
-/**
- * Common helper function for the unit tests that POST new progress data for a student and checks the status code.
- */
-async function postProgressTestData (unit: ICodeKataModel, student: IUserModel, status: Number = 200) {
-  const newProgress = createProgressObjFor(unit, student);
-  const res = await testHelper.commonUserPostRequest(student, '', newProgress);
-  res.status.should.be.equal(status);
-  return {res, newProgress};
-}
-
 /**
  * Common helper function for the unit tests that PUT new progress data for a student and checks the status code.
  */
-async function putProgressTestData (progress: IProgressModel, unit: ICodeKataModel, student: IUserModel, status: Number = 200) {
+async function putProgressTestData (unit: ICodeKataModel, student: IUserModel, status: Number = 200) {
   const newProgress = createProgressObjFor(unit, student);
-  const res = await testHelper.commonUserPutRequest(student, `/${progress._id.toString()}`, newProgress);
+  const res = await testHelper.commonUserPutRequest(student, '', newProgress);
   res.status.should.be.equal(status);
   return {res, newProgress};
 }
@@ -130,8 +119,8 @@ describe('ProgressController', () => {
     it('should only return own unit progress for a student', async () => {
       const {unit, course, student} = await prepareSetup(1);
       // Currently the FixtureLoader will enrol at least 2 students per course, so this should never fail.
-      const student2 = await User.findOne({_id: course.students[1] });
-      await Promise.all([postProgressTestData(unit, student), postProgressTestData(unit, student2)]);
+      const student2 = await User.findById(course.students[1]);
+      await Promise.all([putProgressTestData(unit, student), putProgressTestData(unit, student2)]);
 
       const res = await testHelper.commonUserGetRequest(student, `/units/${unit._id}`);
       res.status.should.be.equal(200);
@@ -141,76 +130,34 @@ describe('ProgressController', () => {
     });
   });
 
-  describe(`POST ${BASE_URL}`, () => {
-    it('should create progress for some progressable unit', async () => {
-      const {unit, student} = await prepareSetup();
-      const {res, newProgress} = await postProgressTestData(unit, student);
-      checkResponseProgress(res, newProgress);
-    });
-
-    it('should create progress for some progressable unit with a deadline', async () => {
-      const {unit, student} = await prepareSetup(1);
-      const {res, newProgress} = await postProgressTestData(unit, student);
-      checkResponseProgress(res, newProgress);
-    });
-
-    it('should fail creating progress for some progressable unit with a deadline', async () => {
-      const {unit, student} = await prepareSetup(-1);
-      const {res} = await postProgressTestData(unit, student, 400);
-      res.body.name.should.be.equal('BadRequestError');
-      res.body.message.should.be.equal('Past deadline, no further update possible');
-    });
-
-    it('should fail to create progress for an unauthorized student', async () => {
-      const {unit, course} = await prepareSetup();
-      const unauthorizedStudent = await FixtureUtils.getUnauthorizedStudentForCourse(course);
-      await postProgressTestData(unit, unauthorizedStudent, 403);
-    });
-  });
-
   describe(`PUT ${BASE_URL}`, () => {
     it('should update progress for some progressable unit', async () => {
       const {unit, student} = await prepareSetup();
-
-      const oldProgress = createProgressObjFor(unit, student, false);
-      const progress = await Progress.create(oldProgress);
-
-      const {res, newProgress} = await putProgressTestData(progress, unit, student);
+      const progress = (await putProgressTestData(unit, student)).res.body;
+      const {res, newProgress} = await putProgressTestData(unit, student);
       checkResponseProgress(res, newProgress);
-      res.body._id.should.be.equal(progress._id.toString());
+      res.body._id.should.be.equal(progress._id.toString(), 'Progress update ID mismatch');
     });
 
     it('should update progress for some progressable unit with a deadline', async () => {
       const {unit, student} = await prepareSetup(1);
-
-      const oldProgress = createProgressObjFor(unit, student, false);
-      const progress = await Progress.create(oldProgress);
-
-      const {res, newProgress} = await putProgressTestData(progress, unit, student);
+      const progress = (await putProgressTestData(unit, student)).res.body;
+      const {res, newProgress} = await putProgressTestData(unit, student);
       checkResponseProgress(res, newProgress);
-      res.body._id.should.be.equal(progress._id.toString());
+      res.body._id.should.be.equal(progress._id.toString(), 'Progress update ID mismatch');
     });
 
     it('should fail updating progress for some progressable unit with a deadline', async () => {
       const {unit, student} = await prepareSetup(-1);
-
-      const oldProgress = createProgressObjFor(unit, student, false);
-      const progress = await Progress.create(oldProgress);
-
-      const {res} = await putProgressTestData(progress, unit, student, 400);
+      const {res} = await putProgressTestData(unit, student, 400);
       res.body.name.should.be.equal('BadRequestError');
       res.body.message.should.be.equal('Past deadline, no further update possible');
     });
 
     it('should fail to update progress for an unauthorized student', async () => {
-      const {unit, student, course} = await prepareSetup();
-      // Currently the FixtureLoader will enrol at least 2 students per course, so this should never fail.
-      const unauthorizedStudent = await User.findOne({_id: course.students[1] });
-
-      const oldProgress = createProgressObjFor(unit, student, false);
-      const progress = await Progress.create(oldProgress);
-
-      await putProgressTestData(progress, unit, unauthorizedStudent, 403);
+      const {unit, course} = await prepareSetup();
+      const unauthorizedStudent = await FixtureUtils.getUnauthorizedStudentForCourse(course);
+      await putProgressTestData(unit, unauthorizedStudent, 403);
     });
   });
 });
diff --git a/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts b/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts
index 173656951..882cb6bf3 100644
--- a/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts
+++ b/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts
@@ -90,27 +90,16 @@ export class CodeKataComponent implements OnInit {
       this.snackBar.open('Your code does not validate.');
     }
 
-    if (!this.progress._id) {
-      this.progress.user = this.userService.user._id;
-      this.progressService.createItem(this.progress)
-        .then((item) => {
-          this.snackBar.open('Progress has been saved');
-          this.progress = item;
-        })
-        .catch((err) => {
-          this.snackBar.open(`An error occurred: ${err.error.message}`);
-        });
-    } else {
-      this.progress.code = this.codeKataUnit.code;
-      this.progressService.updateItem(this.progress)
-        .then((item) => {
-          this.snackBar.open('Progress has been updated');
-          this.progress = item;
-        })
-        .catch((err) => {
-          this.snackBar.open(`An error occurred: ${err.error.message}`);
-        });
-    }
+    this.progress.user = this.userService.user._id;
+    this.progress.code = this.codeKataUnit.code;
+    this.progressService.updateItem(this.progress)
+      .then((item) => {
+        this.snackBar.open('Progress has been saved');
+        this.progress = item;
+      })
+      .catch((err) => {
+        this.snackBar.open(`An error occurred: ${err.error.message}`);
+      });
   }
 
   onUserInput() {
diff --git a/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts b/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts
index 71aa50728..ae2867ac5 100644
--- a/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts
+++ b/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts
@@ -81,26 +81,14 @@ export class TaskUnitComponent implements OnInit {
   validate() {
     this.validationMode = true;
 
-    const handleSave = (promise: Promise<any>) => {
-      promise
-        .then((savedProgress) => {
-          this.progress = savedProgress;
-          this.snackBar.openShort('Progress has been saved');
-        })
-        .catch((err) => {
-          this.snackBar.openShort(`An error occurred: ${err.error.message}`);
-        });
-    };
-
-    if (!this.progress._id) {
-      handleSave(this.progressService.createItem(this.progress));
-    } else {
-      handleSave(this.progressService.updateItem({
-        _id: this.progress._id,
-        answers: this.progress.answers,
-      }));
-    }
-
+    this.progressService.updateItem(this.progress)
+      .then((savedProgress) => {
+        this.snackBar.openShort('Progress has been saved');
+        this.progress = savedProgress;
+      })
+      .catch((err) => {
+        this.snackBar.openShort(`An error occurred: ${err.error.message}`);
+      });
   }
 
   shuffleAnswers() {

From 131f3f46a11cd8a8b50d6ab6e71f96305c55d64c Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 01:58:10 +0100
Subject: [PATCH 120/207] Add errorCodes.progress.pastDeadline

---
 api/src/config/errorCodes.ts               | 6 ++++++
 api/src/controllers/ProgressController.ts  | 3 ++-
 api/test/controllers/ProgressController.ts | 3 ++-
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/api/src/config/errorCodes.ts b/api/src/config/errorCodes.ts
index 847459cb1..60dd2f8ca 100644
--- a/api/src/config/errorCodes.ts
+++ b/api/src/config/errorCodes.ts
@@ -169,5 +169,11 @@ export const errorCodes = {
       code: 'targetUserNotFound',
       text: 'Target user not found'
     }
+  },
+  progress: {
+    pastDeadline: {
+      code: 'pastDeadline',
+      text: 'Past deadline, no further update possible'
+    }
   }
 };
diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index f7aa09a97..15196687e 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -4,6 +4,7 @@ import {
 } from 'routing-controllers';
 import * as moment from 'moment';
 import passportJwtMiddleware from '../security/passportJwtMiddleware';
+import {errorCodes} from '../config/errorCodes';
 import {Progress} from '../models/progress/Progress';
 import {Course} from '../models/Course';
 import {Unit, IUnitModel} from '../models/units/Unit';
@@ -15,7 +16,7 @@ import {extractSingleMongoId} from '../utilities/ExtractMongoId';
 export class ProgressController {
   private static checkDeadline(unit: any) {
     if (unit.deadline && moment(unit.deadline).isBefore()) {
-      throw new BadRequestError('Past deadline, no further update possible');
+      throw new BadRequestError(errorCodes.progress.pastDeadline.text);
     }
   }
 
diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index d6b68d877..91ca0ce85 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -7,6 +7,7 @@ import {User, IUserModel} from '../../src/models/User';
 import {Unit} from '../../src/models/units/Unit';
 import {Course} from '../../src/models/Course';
 import * as moment from 'moment';
+import {errorCodes} from '../../src/config/errorCodes';
 
 chai.use(chaiHttp);
 const BASE_URL = '/api/progress';
@@ -151,7 +152,7 @@ describe('ProgressController', () => {
       const {unit, student} = await prepareSetup(-1);
       const {res} = await putProgressTestData(unit, student, 400);
       res.body.name.should.be.equal('BadRequestError');
-      res.body.message.should.be.equal('Past deadline, no further update possible');
+      res.body.message.should.be.equal(errorCodes.progress.pastDeadline.text);
     });
 
     it('should fail to update progress for an unauthorized student', async () => {

From 9104d54d374eac3528ac08a2f01b1fa1ca9e6eed Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 01:59:07 +0100
Subject: [PATCH 121/207] Remove obviated ProgressController unit test code

---
 api/test/controllers/ProgressController.ts | 32 ----------------------
 1 file changed, 32 deletions(-)

diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index 91ca0ce85..284462300 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -77,27 +77,6 @@ describe('ProgressController', () => {
       res.status.should.be.equal(200);
     });
 
-    // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
-    /*
-    it('should get course progress', async () => {
-      const course = await FixtureUtils.getRandomCourse();
-      const user = await FixtureUtils.getRandomTeacherForCourse(course);
-
-      const res = await testHelper.commonUserGetRequest(user, `/courses/${course._id}`);
-      res.status.should.be.equal(200);
-    });
-    */
-
-    // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
-    /*
-    it('should get student user progress', async () => {
-      const student = await FixtureUtils.getRandomStudent();
-
-      const res = await testHelper.commonUserGetRequest(student, `/users/${student._id}`);
-      res.status.should.be.equal(200);
-    });
-    */
-
     it('should deny access to unit progress for an unauthorized user', async () => {
       const {unit, course} = await prepareSetup();
       const unauthorizedUser = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
@@ -106,17 +85,6 @@ describe('ProgressController', () => {
       res.status.should.be.equal(403);
     });
 
-    // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
-    /*
-    it('should deny access to course progress for an unauthorized user', async () => {
-      const course = await FixtureUtils.getRandomCourse();
-      const unauthorizedUser = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
-
-      const res = await testHelper.commonUserGetRequest(unauthorizedUser, `/courses/${course._id}`);
-      res.status.should.be.equal(403);
-    });
-    */
-
     it('should only return own unit progress for a student', async () => {
       const {unit, course, student} = await prepareSetup(1);
       // Currently the FixtureLoader will enrol at least 2 students per course, so this should never fail.

From 21031bdf20ff9867a69f13ede3cb5e59f0f5d3c7 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 02:02:26 +0100
Subject: [PATCH 122/207] Refactor ProgressController PUT success unit tests

---
 api/test/controllers/ProgressController.ts | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index 284462300..64d0f9c6e 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -100,20 +100,20 @@ describe('ProgressController', () => {
   });
 
   describe(`PUT ${BASE_URL}`, () => {
-    it('should update progress for some progressable unit', async () => {
-      const {unit, student} = await prepareSetup();
+    async function successTest (unitDeadlineAdd: number) {
+      const {unit, student} = await prepareSetup(unitDeadlineAdd);
       const progress = (await putProgressTestData(unit, student)).res.body;
       const {res, newProgress} = await putProgressTestData(unit, student);
       checkResponseProgress(res, newProgress);
       res.body._id.should.be.equal(progress._id.toString(), 'Progress update ID mismatch');
+    }
+
+    it('should update progress for some progressable unit', async () => {
+      await successTest(0);
     });
 
     it('should update progress for some progressable unit with a deadline', async () => {
-      const {unit, student} = await prepareSetup(1);
-      const progress = (await putProgressTestData(unit, student)).res.body;
-      const {res, newProgress} = await putProgressTestData(unit, student);
-      checkResponseProgress(res, newProgress);
-      res.body._id.should.be.equal(progress._id.toString(), 'Progress update ID mismatch');
+      await successTest(1);
     });
 
     it('should fail updating progress for some progressable unit with a deadline', async () => {

From 75fda5fe7dd44f6aad0d6b2d2a001b740d3902c4 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 02:33:05 +0100
Subject: [PATCH 123/207] Change getUnitProgress to only return one item

...instead of a list. But to remain compatible without further changes
the route also has to remain capable of returning "an empty list", so
it now returns an empty object if no data is available.
Front-end & unit tests have been adjusted accordingly.
---
 api/src/controllers/ProgressController.ts      | 18 +++++-------------
 api/test/controllers/ProgressController.ts     |  5 +++--
 .../shared/services/data/progress.service.ts   |  5 +++--
 3 files changed, 11 insertions(+), 17 deletions(-)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index 15196687e..eb7f31569 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -9,7 +9,6 @@ import {Progress} from '../models/progress/Progress';
 import {Course} from '../models/Course';
 import {Unit, IUnitModel} from '../models/units/Unit';
 import {IUser} from '../../../shared/models/IUser';
-import {extractSingleMongoId} from '../utilities/ExtractMongoId';
 
 @JsonController('/progress')
 @UseBefore(passportJwtMiddleware)
@@ -27,10 +26,10 @@ export class ProgressController {
    *
    * @apiParam {String} id Unit ID.
    *
-   * @apiSuccess {Progress[]} progresses Progress.
+   * @apiSuccess {Progress} progress Progress data or an empty object if no data is available.
    *
    * @apiSuccessExample {json} Success-Response:
-   *     [{
+   *     {
    *         "_id": "5ab2b9516fab4a3ae0cd6737",
    *         "done": false,
    *         "updatedAt": "2018-03-21T19:58:09.386Z",
@@ -56,7 +55,7 @@ export class ProgressController {
    *         "__v": 0,
    *         "__t": "task-unit-progress",
    *         "id": "5ab2b9516fab4a3ae0cd6737"
-   *     }]
+   *     }
    *
    * @apiError ForbiddenError
    */
@@ -67,15 +66,8 @@ export class ProgressController {
     if (!course.checkPrivileges(currentUser).userCanViewCourse) {
       throw new ForbiddenError();
     }
-    let progressSet = await Progress.find({unit: id});
-    if (currentUser.role !== 'teacher' && currentUser.role !== 'admin') {
-      // Only send the progress data if the user (student) is the "owner" thereof.
-      const currentUserId = extractSingleMongoId(currentUser);
-      progressSet = await Promise.all(progressSet.map(
-        (progress) => extractSingleMongoId(progress.user) === currentUserId ? progress : undefined));
-      progressSet = progressSet.filter((progress) => progress);
-    }
-    return progressSet.map((progress) => progress.toObject({virtuals: true}));
+    const progress = await Progress.findOne({user: currentUser, unit: id});
+    return progress ? progress.toObject({virtuals: true}) : {};
   }
 
   /**
diff --git a/api/test/controllers/ProgressController.ts b/api/test/controllers/ProgressController.ts
index 64d0f9c6e..20841d477 100644
--- a/api/test/controllers/ProgressController.ts
+++ b/api/test/controllers/ProgressController.ts
@@ -19,6 +19,8 @@ const testHelper = new TestHelper(BASE_URL);
 async function prepareSetup(unitDeadlineAdd = 0) {
   const unit: ICodeKataModel = <ICodeKataModel>await Unit.findOne({progressable: true, __t: 'code-kata'});
   const course = await Course.findById(unit._course);
+  course.active = true; // Ensure that the course is active.
+  await course.save();
   const student = await User.findById(course.students[0]);
 
   if (unitDeadlineAdd) {
@@ -93,9 +95,8 @@ describe('ProgressController', () => {
 
       const res = await testHelper.commonUserGetRequest(student, `/units/${unit._id}`);
       res.status.should.be.equal(200);
-      res.body.should.not.be.empty;
       const studentId = student._id.toString();
-      res.body.forEach((progress: any) => progress.user.should.equal(studentId));
+      res.body.user.should.equal(studentId);
     });
   });
 
diff --git a/app/webFrontend/src/app/shared/services/data/progress.service.ts b/app/webFrontend/src/app/shared/services/data/progress.service.ts
index d449dc4b8..c3e7fe125 100644
--- a/app/webFrontend/src/app/shared/services/data/progress.service.ts
+++ b/app/webFrontend/src/app/shared/services/data/progress.service.ts
@@ -9,8 +9,9 @@ export class ProgressService extends DataService {
   }
 
   async getUnitProgress<T>(unitId: string): Promise<T> {
-    const unitProgress = await this.readSingleItem<any[]>(unitId, this.apiPath + 'units/');
-    return unitProgress.length > 0 ? unitProgress[0] : null;
+    const unitProgress = await this.readSingleItem<any>(unitId, this.apiPath + 'units/');
+    const objectIsEmpty = Object.keys(unitProgress).length === 0 && unitProgress.constructor === Object;
+    return objectIsEmpty ? null : unitProgress;
   }
 
   // The corresponding route has been disabled since it appears to be unused and insufficiently secured.

From b505ebdd388877960ab8faa4eb6a538cfe66ab3f Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 02:54:05 +0100
Subject: [PATCH 124/207] Fix progressService.updateProgress

---
 .../src/app/shared/services/data/progress.service.ts        | 6 ++++++
 .../src/app/unit/code-kata-unit/code-kata-unit.component.ts | 2 +-
 .../src/app/unit/task-unit/task-unit.component.ts           | 2 +-
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/app/webFrontend/src/app/shared/services/data/progress.service.ts b/app/webFrontend/src/app/shared/services/data/progress.service.ts
index c3e7fe125..b16af93cf 100644
--- a/app/webFrontend/src/app/shared/services/data/progress.service.ts
+++ b/app/webFrontend/src/app/shared/services/data/progress.service.ts
@@ -14,6 +14,12 @@ export class ProgressService extends DataService {
     return objectIsEmpty ? null : unitProgress;
   }
 
+  updateProgress<T extends any>(updateItem: T): Promise<T> {
+    return this.backendService
+      .put(this.apiPath, JSON.stringify(updateItem))
+      .toPromise();
+  }
+
   // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
   /*
   getCourseProgress(courseId: string) {
diff --git a/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts b/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts
index 882cb6bf3..b01d15bac 100644
--- a/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts
+++ b/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts
@@ -92,7 +92,7 @@ export class CodeKataComponent implements OnInit {
 
     this.progress.user = this.userService.user._id;
     this.progress.code = this.codeKataUnit.code;
-    this.progressService.updateItem(this.progress)
+    this.progressService.updateProgress(this.progress)
       .then((item) => {
         this.snackBar.open('Progress has been saved');
         this.progress = item;
diff --git a/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts b/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts
index ae2867ac5..e8559b386 100644
--- a/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts
+++ b/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts
@@ -81,7 +81,7 @@ export class TaskUnitComponent implements OnInit {
   validate() {
     this.validationMode = true;
 
-    this.progressService.updateItem(this.progress)
+    this.progressService.updateProgress(this.progress)
       .then((savedProgress) => {
         this.snackBar.openShort('Progress has been saved');
         this.progress = savedProgress;

From 63bf4011c0c4a13eb639c435b9cac81d24a90291 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 03:56:55 +0100
Subject: [PATCH 125/207] Fix updateProgress

---
 api/src/controllers/ProgressController.ts | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index eb7f31569..d1a640ca2 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -214,10 +214,16 @@ export class ProgressController {
     }
     ProgressController.checkDeadline(unit);
 
-    const progress = await Progress.findOneAndUpdate(
-      {user: currentUser, unit},
-      {user: currentUser, unit, course, done: data.done, type: data.type},
-      {new: true, upsert: true});
+    data.user = currentUser._id;
+    data.course = course._id;
+
+    let progress = await Progress.findOne({user: currentUser, unit});
+    if (!progress) {
+      progress = await Progress.create(data);
+    } else {
+      progress.set(data);
+      await progress.save();
+    }
 
     return progress.toObject();
   }

From fc4da708a002f8674eac0947a7f1f4d67750c4d5 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 03:59:27 +0100
Subject: [PATCH 126/207] Fix TaskUnitComponent.validate validationMode reset

---
 app/webFrontend/src/app/unit/task-unit/task-unit.component.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts b/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts
index e8559b386..ca4e652bb 100644
--- a/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts
+++ b/app/webFrontend/src/app/unit/task-unit/task-unit.component.ts
@@ -85,6 +85,7 @@ export class TaskUnitComponent implements OnInit {
       .then((savedProgress) => {
         this.snackBar.openShort('Progress has been saved');
         this.progress = savedProgress;
+        this.validationMode = false;
       })
       .catch((err) => {
         this.snackBar.openShort(`An error occurred: ${err.error.message}`);

From 6ff0da6a0aeb3ddc645f16c1839d618ff1eba6c1 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 04:07:28 +0100
Subject: [PATCH 127/207] Fix CodeKataComponent progress.code loading

---
 .../src/app/unit/code-kata-unit/code-kata-unit.component.ts      | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts b/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts
index b01d15bac..d5f85e14e 100644
--- a/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts
+++ b/app/webFrontend/src/app/unit/code-kata-unit/code-kata-unit.component.ts
@@ -62,6 +62,7 @@ export class CodeKataComponent implements OnInit {
     const progress = await this.progressService.getUnitProgress<ICodeKataUnitProgress>(this.codeKataUnit._id);
     if (progress) {
       this.progress = progress;
+      this.codeKataUnit.code = progress.code;
     }
   }
 

From 453bf069469b82a55022c9e639a1b86abd76bd0a Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 05:16:15 +0100
Subject: [PATCH 128/207] CHANGELOG: Add #1116 ProgressController entries

---
 CHANGELOG.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7748ef536..f9aefeafb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,6 +13,21 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ## [Unreleased]
 ### Added
 - Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
+- `ProgressController` `GET` unit tests & access denial tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
+
+### Changed
+- Extended `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)
+
+### Removed
+- Unused `ProgressController` `GET` routes for `/courses/` & `/users/`. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- `ProgressController` `POST` route _(obviated by extended `PUT` route)_. [#1116](https://github.com/geli-lms/geli/issues/1116)
+
+### Fixed
+- `TaskUnitComponent.validate` `validationMode` reset. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- `CodeKataComponent` `progress.code` loading. [#1116](https://github.com/geli-lms/geli/issues/1116)
+
+### Security
+- Close `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From b59ff2e7a1c45a5a2a63911d115cfa94c6e0abef Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 05:23:08 +0100
Subject: [PATCH 129/207] CHANGELOG: Adjust #1116 ProgressController entries

---
 CHANGELOG.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f9aefeafb..5cb311eb4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ### Changed
 - Extended `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Refactored `ProgressController` unit tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
 
 ### Removed
 - Unused `ProgressController` `GET` routes for `/courses/` & `/users/`. [#1116](https://github.com/geli-lms/geli/issues/1116)
@@ -27,7 +28,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `CodeKataComponent` `progress.code` loading. [#1116](https://github.com/geli-lms/geli/issues/1116)
 
 ### Security
-- Close `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Closed `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From 2411017e97efbeae6dc136df6a28a6fb7bf1f4e5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 20 Mar 2019 05:33:03 +0000
Subject: [PATCH 130/207] Bump bcrypt from 3.0.4 to 3.0.5 in /api

Bumps [bcrypt](https://github.com/kelektiv/node.bcrypt.js) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/kelektiv/node.bcrypt.js/releases)
- [Changelog](https://github.com/kelektiv/node.bcrypt.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/kelektiv/node.bcrypt.js/compare/v3.0.4...v3.0.5)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 504 ++++++------------------------------------
 api/package.json      |   2 +-
 2 files changed, 74 insertions(+), 432 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index e10376f86..7270e191d 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -368,8 +368,7 @@
     "abbrev": {
       "version": "1.0.9",
       "resolved": "https://registry.npmjs.org/abbrev/-/abbrev-1.0.9.tgz",
-      "integrity": "sha1-kbR5JYinc4wl813W9jdSovh3YTU=",
-      "dev": true
+      "integrity": "sha1-kbR5JYinc4wl813W9jdSovh3YTU="
     },
     "accepts": {
       "version": "1.3.5",
@@ -1695,437 +1694,18 @@
       }
     },
     "bcrypt": {
-      "version": "3.0.4",
-      "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-3.0.4.tgz",
-      "integrity": "sha512-XqmCym97kT6l+jFEKeFvGuNE9aVEFDGsLMv+tIBTXkJI1sHS0g8s7VQEPJagSMPwWiB5Vpr2kVzVKc/YfwWthA==",
+      "version": "3.0.5",
+      "resolved": "https://registry.npmjs.org/bcrypt/-/bcrypt-3.0.5.tgz",
+      "integrity": "sha512-m4o91nB+Ce8696Ao4R3B/WtVWTc1Lszgd098/OIjU9D/URmdYwT3ooBs9uv1b97J5YhZweTq9lldPefTYZ0TwA==",
       "requires": {
-        "nan": "2.12.1",
+        "nan": "2.13.1",
         "node-pre-gyp": "0.12.0"
       },
       "dependencies": {
-        "abbrev": {
-          "version": "1.1.1",
-          "bundled": true
-        },
-        "ansi-regex": {
-          "version": "2.1.1",
-          "bundled": true
-        },
-        "aproba": {
-          "version": "1.2.0",
-          "bundled": true
-        },
-        "are-we-there-yet": {
-          "version": "1.1.5",
-          "bundled": true,
-          "requires": {
-            "delegates": "^1.0.0",
-            "readable-stream": "^2.0.6"
-          }
-        },
-        "balanced-match": {
-          "version": "1.0.0",
-          "bundled": true
-        },
-        "brace-expansion": {
-          "version": "1.1.11",
-          "bundled": true,
-          "requires": {
-            "balanced-match": "^1.0.0",
-            "concat-map": "0.0.1"
-          }
-        },
-        "chownr": {
-          "version": "1.1.1",
-          "bundled": true
-        },
-        "code-point-at": {
-          "version": "1.1.0",
-          "bundled": true
-        },
-        "concat-map": {
-          "version": "0.0.1",
-          "bundled": true
-        },
-        "console-control-strings": {
-          "version": "1.1.0",
-          "bundled": true
-        },
-        "core-util-is": {
-          "version": "1.0.2",
-          "bundled": true
-        },
-        "debug": {
-          "version": "2.6.9",
-          "bundled": true,
-          "requires": {
-            "ms": "2.0.0"
-          }
-        },
-        "deep-extend": {
-          "version": "0.6.0",
-          "bundled": true
-        },
-        "delegates": {
-          "version": "1.0.0",
-          "bundled": true
-        },
-        "detect-libc": {
-          "version": "1.0.3",
-          "bundled": true
-        },
-        "fs-minipass": {
-          "version": "1.2.5",
-          "bundled": true,
-          "requires": {
-            "minipass": "^2.2.1"
-          }
-        },
-        "fs.realpath": {
-          "version": "1.0.0",
-          "bundled": true
-        },
-        "gauge": {
-          "version": "2.7.4",
-          "bundled": true,
-          "requires": {
-            "aproba": "^1.0.3",
-            "console-control-strings": "^1.0.0",
-            "has-unicode": "^2.0.0",
-            "object-assign": "^4.1.0",
-            "signal-exit": "^3.0.0",
-            "string-width": "^1.0.1",
-            "strip-ansi": "^3.0.1",
-            "wide-align": "^1.1.0"
-          }
-        },
-        "glob": {
-          "version": "7.1.2",
-          "bundled": true,
-          "requires": {
-            "fs.realpath": "^1.0.0",
-            "inflight": "^1.0.4",
-            "inherits": "2",
-            "minimatch": "^3.0.4",
-            "once": "^1.3.0",
-            "path-is-absolute": "^1.0.0"
-          }
-        },
-        "has-unicode": {
-          "version": "2.0.1",
-          "bundled": true
-        },
-        "iconv-lite": {
-          "version": "0.4.24",
-          "bundled": true,
-          "requires": {
-            "safer-buffer": ">= 2.1.2 < 3"
-          }
-        },
-        "ignore-walk": {
-          "version": "3.0.1",
-          "bundled": true,
-          "requires": {
-            "minimatch": "^3.0.4"
-          }
-        },
-        "inflight": {
-          "version": "1.0.6",
-          "bundled": true,
-          "requires": {
-            "once": "^1.3.0",
-            "wrappy": "1"
-          }
-        },
-        "inherits": {
-          "version": "2.0.3",
-          "bundled": true
-        },
-        "ini": {
-          "version": "1.3.5",
-          "bundled": true
-        },
-        "is-fullwidth-code-point": {
-          "version": "1.0.0",
-          "bundled": true,
-          "requires": {
-            "number-is-nan": "^1.0.0"
-          }
-        },
-        "isarray": {
-          "version": "1.0.0",
-          "bundled": true
-        },
-        "minimatch": {
-          "version": "3.0.4",
-          "bundled": true,
-          "requires": {
-            "brace-expansion": "^1.1.7"
-          }
-        },
-        "minimist": {
-          "version": "0.0.8",
-          "bundled": true
-        },
-        "minipass": {
-          "version": "2.3.4",
-          "bundled": true,
-          "requires": {
-            "safe-buffer": "^5.1.2",
-            "yallist": "^3.0.0"
-          },
-          "dependencies": {
-            "safe-buffer": {
-              "version": "5.1.2",
-              "bundled": true
-            },
-            "yallist": {
-              "version": "3.0.2",
-              "bundled": true
-            }
-          }
-        },
-        "minizlib": {
-          "version": "1.1.1",
-          "bundled": true,
-          "requires": {
-            "minipass": "^2.2.1"
-          }
-        },
-        "mkdirp": {
-          "version": "0.5.1",
-          "bundled": true,
-          "requires": {
-            "minimist": "0.0.8"
-          }
-        },
-        "ms": {
-          "version": "2.0.0",
-          "bundled": true
-        },
         "nan": {
-          "version": "2.12.1",
-          "resolved": "https://registry.npmjs.org/nan/-/nan-2.12.1.tgz",
-          "integrity": "sha512-JY7V6lRkStKcKTvHO5NVSQRv+RV+FIL5pvDoLiAtSL9pKlC5x9PKQcZDsq7m4FO4d57mkhC6Z+QhAh3Jdk5JFw=="
-        },
-        "needle": {
-          "version": "2.2.4",
-          "bundled": true,
-          "requires": {
-            "debug": "^2.1.2",
-            "iconv-lite": "^0.4.4",
-            "sax": "^1.2.4"
-          }
-        },
-        "node-pre-gyp": {
-          "version": "0.12.0",
-          "bundled": true,
-          "requires": {
-            "detect-libc": "^1.0.2",
-            "mkdirp": "^0.5.1",
-            "needle": "^2.2.1",
-            "nopt": "^4.0.1",
-            "npm-packlist": "^1.1.6",
-            "npmlog": "^4.0.2",
-            "rc": "^1.2.7",
-            "rimraf": "^2.6.1",
-            "semver": "^5.3.0",
-            "tar": "^4"
-          }
-        },
-        "nopt": {
-          "version": "4.0.1",
-          "bundled": true,
-          "requires": {
-            "abbrev": "1",
-            "osenv": "^0.1.4"
-          }
-        },
-        "npm-bundled": {
-          "version": "1.0.5",
-          "bundled": true
-        },
-        "npm-packlist": {
-          "version": "1.1.12",
-          "bundled": true,
-          "requires": {
-            "ignore-walk": "^3.0.1",
-            "npm-bundled": "^1.0.1"
-          }
-        },
-        "npmlog": {
-          "version": "4.1.2",
-          "bundled": true,
-          "requires": {
-            "are-we-there-yet": "~1.1.2",
-            "console-control-strings": "~1.1.0",
-            "gauge": "~2.7.3",
-            "set-blocking": "~2.0.0"
-          }
-        },
-        "number-is-nan": {
-          "version": "1.0.1",
-          "bundled": true
-        },
-        "object-assign": {
-          "version": "4.1.1",
-          "bundled": true
-        },
-        "once": {
-          "version": "1.4.0",
-          "bundled": true,
-          "requires": {
-            "wrappy": "1"
-          }
-        },
-        "os-homedir": {
-          "version": "1.0.2",
-          "bundled": true
-        },
-        "os-tmpdir": {
-          "version": "1.0.2",
-          "bundled": true
-        },
-        "osenv": {
-          "version": "0.1.5",
-          "bundled": true,
-          "requires": {
-            "os-homedir": "^1.0.0",
-            "os-tmpdir": "^1.0.0"
-          }
-        },
-        "path-is-absolute": {
-          "version": "1.0.1",
-          "bundled": true
-        },
-        "process-nextick-args": {
-          "version": "2.0.0",
-          "bundled": true
-        },
-        "rc": {
-          "version": "1.2.8",
-          "bundled": true,
-          "requires": {
-            "deep-extend": "^0.6.0",
-            "ini": "~1.3.0",
-            "minimist": "^1.2.0",
-            "strip-json-comments": "~2.0.1"
-          },
-          "dependencies": {
-            "minimist": {
-              "version": "1.2.0",
-              "bundled": true
-            }
-          }
-        },
-        "readable-stream": {
-          "version": "2.3.5",
-          "bundled": true,
-          "requires": {
-            "core-util-is": "~1.0.0",
-            "inherits": "~2.0.3",
-            "isarray": "~1.0.0",
-            "process-nextick-args": "~2.0.0",
-            "safe-buffer": "~5.1.1",
-            "string_decoder": "~1.0.3",
-            "util-deprecate": "~1.0.1"
-          }
-        },
-        "rimraf": {
-          "version": "2.6.2",
-          "bundled": true,
-          "requires": {
-            "glob": "^7.0.5"
-          }
-        },
-        "safe-buffer": {
-          "version": "5.1.1",
-          "bundled": true
-        },
-        "safer-buffer": {
-          "version": "2.1.2",
-          "bundled": true
-        },
-        "sax": {
-          "version": "1.2.4",
-          "bundled": true
-        },
-        "semver": {
-          "version": "5.6.0",
-          "bundled": true
-        },
-        "set-blocking": {
-          "version": "2.0.0",
-          "bundled": true
-        },
-        "signal-exit": {
-          "version": "3.0.2",
-          "bundled": true
-        },
-        "string-width": {
-          "version": "1.0.2",
-          "bundled": true,
-          "requires": {
-            "code-point-at": "^1.0.0",
-            "is-fullwidth-code-point": "^1.0.0",
-            "strip-ansi": "^3.0.0"
-          }
-        },
-        "string_decoder": {
-          "version": "1.0.3",
-          "bundled": true,
-          "requires": {
-            "safe-buffer": "~5.1.0"
-          }
-        },
-        "strip-ansi": {
-          "version": "3.0.1",
-          "bundled": true,
-          "requires": {
-            "ansi-regex": "^2.0.0"
-          }
-        },
-        "strip-json-comments": {
-          "version": "2.0.1",
-          "bundled": true
-        },
-        "tar": {
-          "version": "4.4.8",
-          "bundled": true,
-          "requires": {
-            "chownr": "^1.1.1",
-            "fs-minipass": "^1.2.5",
-            "minipass": "^2.3.4",
-            "minizlib": "^1.1.1",
-            "mkdirp": "^0.5.0",
-            "safe-buffer": "^5.1.2",
-            "yallist": "^3.0.2"
-          },
-          "dependencies": {
-            "safe-buffer": {
-              "version": "5.1.2",
-              "bundled": true
-            },
-            "yallist": {
-              "version": "3.0.2",
-              "bundled": true
-            }
-          }
-        },
-        "util-deprecate": {
-          "version": "1.0.2",
-          "bundled": true
-        },
-        "wide-align": {
-          "version": "1.1.3",
-          "bundled": true,
-          "requires": {
-            "string-width": "^1.0.2 || 2"
-          }
-        },
-        "wrappy": {
-          "version": "1.0.2",
-          "bundled": true
+          "version": "2.13.1",
+          "resolved": "https://registry.npmjs.org/nan/-/nan-2.13.1.tgz",
+          "integrity": "sha512-I6YB/YEuDeUZMmhscXKxGgZlFnhsn5y0hgOZBadkzfTRrZBtJDZeg6eQf7PYMIEclwmorTKK8GztsyOUSVBREA=="
         }
       }
     },
@@ -6165,6 +5745,14 @@
       "integrity": "sha1-SMptcvbGo68Aqa1K5odr44ieKwk=",
       "dev": true
     },
+    "ignore-walk": {
+      "version": "3.0.1",
+      "resolved": "https://registry.npmjs.org/ignore-walk/-/ignore-walk-3.0.1.tgz",
+      "integrity": "sha512-DTVlMx3IYPe0/JJcYP7Gxg7ttZZu3IInhuEhbchuqneY9wWe5Ojy2mXLBaQFUQmo0AW2r3qG7m1mg86js+gnlQ==",
+      "requires": {
+        "minimatch": "^3.0.4"
+      }
+    },
     "import-lazy": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/import-lazy/-/import-lazy-2.1.0.tgz",
@@ -8084,6 +7672,16 @@
       "resolved": "https://registry.npmjs.org/napi-build-utils/-/napi-build-utils-1.0.1.tgz",
       "integrity": "sha512-boQj1WFgQH3v4clhu3mTNfP+vOBxorDlE8EKiMjUlLG3C4qAESnn9AxIOkFgTR2c9LtzNjPrjS60cT27ZKBhaA=="
     },
+    "needle": {
+      "version": "2.2.4",
+      "resolved": "https://registry.npmjs.org/needle/-/needle-2.2.4.tgz",
+      "integrity": "sha512-HyoqEb4wr/rsoaIDfTH2aVL9nWtQqba2/HvMv+++m8u0dz808MaagKILxtfeSN7QU7nvbQ79zk3vYOJp9zsNEA==",
+      "requires": {
+        "debug": "^2.1.2",
+        "iconv-lite": "^0.4.4",
+        "sax": "^1.2.4"
+      }
+    },
     "negotiator": {
       "version": "0.6.1",
       "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.1.tgz",
@@ -8156,6 +7754,34 @@
         }
       }
     },
+    "node-pre-gyp": {
+      "version": "0.12.0",
+      "resolved": "https://registry.npmjs.org/node-pre-gyp/-/node-pre-gyp-0.12.0.tgz",
+      "integrity": "sha512-4KghwV8vH5k+g2ylT+sLTjy5wmUOb9vPhnM8NHvRf9dHmnW/CndrFXy2aRPaPST6dugXSdHXfeaHQm77PIz/1A==",
+      "requires": {
+        "detect-libc": "^1.0.2",
+        "mkdirp": "^0.5.1",
+        "needle": "^2.2.1",
+        "nopt": "^4.0.1",
+        "npm-packlist": "^1.1.6",
+        "npmlog": "^4.0.2",
+        "rc": "^1.2.7",
+        "rimraf": "^2.6.1",
+        "semver": "^5.3.0",
+        "tar": "^4"
+      },
+      "dependencies": {
+        "nopt": {
+          "version": "4.0.1",
+          "resolved": "https://registry.npmjs.org/nopt/-/nopt-4.0.1.tgz",
+          "integrity": "sha1-0NRoWv1UFRk8jHUFYC0NF81kR00=",
+          "requires": {
+            "abbrev": "1",
+            "osenv": "^0.1.4"
+          }
+        }
+      }
+    },
     "node-sass": {
       "version": "4.11.0",
       "resolved": "https://registry.npmjs.org/node-sass/-/node-sass-4.11.0.tgz",
@@ -8786,6 +8412,20 @@
         "once": "^1.3.2"
       }
     },
+    "npm-bundled": {
+      "version": "1.0.6",
+      "resolved": "https://registry.npmjs.org/npm-bundled/-/npm-bundled-1.0.6.tgz",
+      "integrity": "sha512-8/JCaftHwbd//k6y2rEWp6k1wxVfpFzB6t1p825+cUb7Ym2XQfhwIC5KwhrvzZRJu+LtDE585zVaS32+CGtf0g=="
+    },
+    "npm-packlist": {
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/npm-packlist/-/npm-packlist-1.4.1.tgz",
+      "integrity": "sha512-+TcdO7HJJ8peiiYhvPxsEDhF3PJFGUGRcFsGve3vxvxdcpO2Z4Z7rkosRM0kWj6LfbK/P0gu3dzk5RU1ffvFcw==",
+      "requires": {
+        "ignore-walk": "^3.0.1",
+        "npm-bundled": "^1.0.1"
+      }
+    },
     "npm-run-path": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz",
@@ -9080,7 +8720,6 @@
       "version": "0.1.5",
       "resolved": "https://registry.npmjs.org/osenv/-/osenv-0.1.5.tgz",
       "integrity": "sha512-0CWcCECdMVc2Rw3U5w9ZjqX6ga6ubk1xDVKxtBQPK7wis/0F2r9T6k4ydGYhecl7YUBxBVxhL5oisPsNxAPe2g==",
-      "dev": true,
       "requires": {
         "os-homedir": "^1.0.0",
         "os-tmpdir": "^1.0.0"
@@ -10040,7 +9679,6 @@
       "version": "2.6.3",
       "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-2.6.3.tgz",
       "integrity": "sha512-mwqeW5XsA2qAejG46gYdENaxXjx9onRNCfn7L0duuP4hCuTIi/QO7PDK07KJfp1d+izWPrzEJDcSqBa0OZQriA==",
-      "dev": true,
       "requires": {
         "glob": "^7.1.3"
       },
@@ -10049,7 +9687,6 @@
           "version": "7.1.3",
           "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.3.tgz",
           "integrity": "sha512-vcfuiIxogLV4DlGBHIUOwI0IbrJ8HWPc4MU7HzviGeNho/UJDfi6B5p3sHeWIQ0KGIU0Jpxi5ZHxemQfLkkAwQ==",
-          "dev": true,
           "requires": {
             "fs.realpath": "^1.0.0",
             "inflight": "^1.0.4",
@@ -10222,6 +9859,11 @@
         }
       }
     },
+    "sax": {
+      "version": "1.2.4",
+      "resolved": "https://registry.npmjs.org/sax/-/sax-1.2.4.tgz",
+      "integrity": "sha512-NqVDv9TpANUjFm0N8uM5GxL36UgKi9/atZw+x7YFnQ8ckwFGKrl4xX4yWtrey3UJm5nP1kUbnYgLopqWNSRhWw=="
+    },
     "scss-tokenizer": {
       "version": "0.2.3",
       "resolved": "https://registry.npmjs.org/scss-tokenizer/-/scss-tokenizer-0.2.3.tgz",
diff --git a/api/package.json b/api/package.json
index 91cde3856..d44048306 100644
--- a/api/package.json
+++ b/api/package.json
@@ -37,7 +37,7 @@
     "@types/socket.io": "^2.1.2",
     "app-root-path": "^2.1.0",
     "archiver": "^3.0.0",
-    "bcrypt": "^3.0.4",
+    "bcrypt": "^3.0.5",
     "body-parser": "^1.18.2",
     "cookie": "^0.3.1",
     "express": "^4.16.4",

From d3463a658bc39f592843071975357f6629c63ebc Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Wed, 20 Mar 2019 08:41:57 +0000
Subject: [PATCH 131/207] Bump jsonwebtoken from 8.5.0 to 8.5.1 in /api

Bumps [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken) from 8.5.0 to 8.5.1.
- [Release notes](https://github.com/auth0/node-jsonwebtoken/releases)
- [Changelog](https://github.com/auth0/node-jsonwebtoken/blob/master/CHANGELOG.md)
- [Commits](https://github.com/auth0/node-jsonwebtoken/compare/v8.5.0...v8.5.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 22 +++++++++++-----------
 api/package.json      |  2 +-
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 7270e191d..a50cd11e2 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -6346,11 +6346,11 @@
       "dev": true
     },
     "jsonwebtoken": {
-      "version": "8.5.0",
-      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.0.tgz",
-      "integrity": "sha512-IqEycp0znWHNA11TpYi77bVgyBO/pGESDh7Ajhas+u0ttkGkKYIIAjniL4Bw5+oVejVF+SYkaI7XKfwCCyeTuA==",
+      "version": "8.5.1",
+      "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
+      "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==",
       "requires": {
-        "jws": "^3.2.1",
+        "jws": "^3.2.2",
         "lodash.includes": "^4.3.0",
         "lodash.isboolean": "^3.0.3",
         "lodash.isinteger": "^4.0.4",
@@ -6392,9 +6392,9 @@
       "dev": true
     },
     "jwa": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.3.0.tgz",
-      "integrity": "sha512-SxObIyzv9a6MYuZYaSN6DhSm9j3+qkokwvCB0/OTSV5ylPq1wUQiygZQcHT5Qlux0I5kmISx3J86TxKhuefItg==",
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
+      "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==",
       "requires": {
         "buffer-equal-constant-time": "1.0.1",
         "ecdsa-sig-formatter": "1.0.11",
@@ -6402,11 +6402,11 @@
       }
     },
     "jws": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.1.tgz",
-      "integrity": "sha512-bGA2omSrFUkd72dhh05bIAN832znP4wOU3lfuXtRBuGTbsmNmDXMQg28f0Vsxaxgk4myF5YkKQpz6qeRpMgX9g==",
+      "version": "3.2.2",
+      "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
+      "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==",
       "requires": {
-        "jwa": "^1.2.0",
+        "jwa": "^1.4.1",
         "safe-buffer": "^5.0.1"
       }
     },
diff --git a/api/package.json b/api/package.json
index d44048306..dbca456c1 100644
--- a/api/package.json
+++ b/api/package.json
@@ -44,7 +44,7 @@
     "fast-csv": "^2.4.1",
     "highlight.js": "^9.15.6",
     "html-pdf": "^2.2.0",
-    "jsonwebtoken": "^8.5.0",
+    "jsonwebtoken": "^8.5.1",
     "markdown-it": "^8.4.2",
     "markdown-it-abbr": "^1.0.4",
     "markdown-it-container": "^2.0.0",

From 2cc830e64a143eecc281b7159606aafe0e34f1ab Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Wed, 20 Mar 2019 15:10:42 +0100
Subject: [PATCH 132/207] Remove migrate-mongoose dependency

---
 CHANGELOG.md          |    3 +
 api/package-lock.json | 1565 +++++------------------------------------
 api/package.json      |    1 -
 3 files changed, 166 insertions(+), 1403 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7748ef536..e3636fb24 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,9 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Added
 - Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
 
+### Removed
+- Dependency `migrate-mongoose`. [#1189](https://github.com/geli-lms/geli/pull/1189)
+
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added
 - Export PDF with styled free text units. [#997](https://github.com/geli-lms/geli/issues/997) [#1047](https://github.com/geli-lms/geli/pull/1047)
diff --git a/api/package-lock.json b/api/package-lock.json
index a50cd11e2..87d83b605 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -467,11 +467,6 @@
         "ansi-wrap": "0.1.0"
       }
     },
-    "ansi-escapes": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/ansi-escapes/-/ansi-escapes-1.4.0.tgz",
-      "integrity": "sha1-06ioOzGapneTZisT52HHkRQiMG4="
-    },
     "ansi-gray": {
       "version": "0.1.1",
       "resolved": "https://registry.npmjs.org/ansi-gray/-/ansi-gray-0.1.1.tgz",
@@ -498,7 +493,8 @@
     "ansi-styles": {
       "version": "2.2.1",
       "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-2.2.1.tgz",
-      "integrity": "sha1-tDLdM1i2NM914eRmQ2gkBTPB3b4="
+      "integrity": "sha1-tDLdM1i2NM914eRmQ2gkBTPB3b4=",
+      "dev": true
     },
     "ansi-wrap": {
       "version": "0.1.0",
@@ -506,16 +502,6 @@
       "integrity": "sha1-qCJQ3bABXponyoLoLqYDu/pF768=",
       "dev": true
     },
-    "anymatch": {
-      "version": "1.3.2",
-      "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-1.3.2.tgz",
-      "integrity": "sha512-0XNayC8lTHQ2OI8aljNCN3sSx6hsr/1+rlcDAotXJR7C1oZZHCNsfpbKwMjRA3Uqb5tF1Rae2oloTr4xpq+WjA==",
-      "optional": true,
-      "requires": {
-        "micromatch": "^2.1.5",
-        "normalize-path": "^2.0.0"
-      }
-    },
     "apidoc": {
       "version": "0.17.6",
       "resolved": "https://registry.npmjs.org/apidoc/-/apidoc-0.17.6.tgz",
@@ -716,15 +702,6 @@
         "is-extended": "~0.0.8"
       }
     },
-    "arr-diff": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/arr-diff/-/arr-diff-2.0.0.tgz",
-      "integrity": "sha1-jzuCf5Vai9ZpaX5KQlasPOrjVs8=",
-      "optional": true,
-      "requires": {
-        "arr-flatten": "^1.0.1"
-      }
-    },
     "arr-filter": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/arr-filter/-/arr-filter-1.1.2.tgz",
@@ -737,7 +714,8 @@
     "arr-flatten": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/arr-flatten/-/arr-flatten-1.1.0.tgz",
-      "integrity": "sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg=="
+      "integrity": "sha512-L3hKV5R/p5o81R7O02IGnwpDmkp6E982XhtbuwSe3O4qOtMMMtodicASA1Cny2U+aCXcNpml+m4dPsvsJ3jatg==",
+      "dev": true
     },
     "arr-map": {
       "version": "2.0.2",
@@ -841,12 +819,6 @@
         }
       }
     },
-    "array-unique": {
-      "version": "0.2.1",
-      "resolved": "https://registry.npmjs.org/array-unique/-/array-unique-0.2.1.tgz",
-      "integrity": "sha1-odl8yvy8JiXMcPrc6zalDFiwGlM=",
-      "optional": true
-    },
     "arraybuffer.slice": {
       "version": "0.0.7",
       "resolved": "https://registry.npmjs.org/arraybuffer.slice/-/arraybuffer.slice-0.0.7.tgz",
@@ -905,7 +877,8 @@
     "async-each": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/async-each/-/async-each-1.0.1.tgz",
-      "integrity": "sha1-GdOGodntxufByF04iu28xW0zYC0="
+      "integrity": "sha1-GdOGodntxufByF04iu28xW0zYC0=",
+      "dev": true
     },
     "async-foreach": {
       "version": "0.1.3",
@@ -948,634 +921,17 @@
       "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.7.0.tgz",
       "integrity": "sha512-32NDda82rhwD9/JBCCkB+MRYDp0oSvlo2IL6rQWA10PQi7tDUM3eqMSltXmY+Oyl/7N3P3qNtAlv7X0d9bI28w=="
     },
-    "babel-cli": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-cli/-/babel-cli-6.26.0.tgz",
-      "integrity": "sha1-UCq1SHTX24itALiHoGODzgPQAvE=",
-      "requires": {
-        "babel-core": "^6.26.0",
-        "babel-polyfill": "^6.26.0",
-        "babel-register": "^6.26.0",
-        "babel-runtime": "^6.26.0",
-        "chokidar": "^1.6.1",
-        "commander": "^2.11.0",
-        "convert-source-map": "^1.5.0",
-        "fs-readdir-recursive": "^1.0.0",
-        "glob": "^7.1.2",
-        "lodash": "^4.17.4",
-        "output-file-sync": "^1.1.2",
-        "path-is-absolute": "^1.0.1",
-        "slash": "^1.0.0",
-        "source-map": "^0.5.6",
-        "v8flags": "^2.1.1"
-      }
-    },
     "babel-code-frame": {
       "version": "6.26.0",
       "resolved": "https://registry.npmjs.org/babel-code-frame/-/babel-code-frame-6.26.0.tgz",
       "integrity": "sha1-Y/1D99weO7fONZR9uP42mj9Yx0s=",
+      "dev": true,
       "requires": {
         "chalk": "^1.1.3",
         "esutils": "^2.0.2",
         "js-tokens": "^3.0.2"
       }
     },
-    "babel-core": {
-      "version": "6.26.3",
-      "resolved": "https://registry.npmjs.org/babel-core/-/babel-core-6.26.3.tgz",
-      "integrity": "sha512-6jyFLuDmeidKmUEb3NM+/yawG0M2bDZ9Z1qbZP59cyHLz8kYGKYwpJP0UwUKKUiTRNvxfLesJnTedqczP7cTDA==",
-      "requires": {
-        "babel-code-frame": "^6.26.0",
-        "babel-generator": "^6.26.0",
-        "babel-helpers": "^6.24.1",
-        "babel-messages": "^6.23.0",
-        "babel-register": "^6.26.0",
-        "babel-runtime": "^6.26.0",
-        "babel-template": "^6.26.0",
-        "babel-traverse": "^6.26.0",
-        "babel-types": "^6.26.0",
-        "babylon": "^6.18.0",
-        "convert-source-map": "^1.5.1",
-        "debug": "^2.6.9",
-        "json5": "^0.5.1",
-        "lodash": "^4.17.4",
-        "minimatch": "^3.0.4",
-        "path-is-absolute": "^1.0.1",
-        "private": "^0.1.8",
-        "slash": "^1.0.0",
-        "source-map": "^0.5.7"
-      }
-    },
-    "babel-generator": {
-      "version": "6.26.1",
-      "resolved": "https://registry.npmjs.org/babel-generator/-/babel-generator-6.26.1.tgz",
-      "integrity": "sha512-HyfwY6ApZj7BYTcJURpM5tznulaBvyio7/0d4zFOeMPUmfxkCjHocCuoLa2SAGzBI8AREcH3eP3758F672DppA==",
-      "requires": {
-        "babel-messages": "^6.23.0",
-        "babel-runtime": "^6.26.0",
-        "babel-types": "^6.26.0",
-        "detect-indent": "^4.0.0",
-        "jsesc": "^1.3.0",
-        "lodash": "^4.17.4",
-        "source-map": "^0.5.7",
-        "trim-right": "^1.0.1"
-      }
-    },
-    "babel-helper-builder-binary-assignment-operator-visitor": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helper-builder-binary-assignment-operator-visitor/-/babel-helper-builder-binary-assignment-operator-visitor-6.24.1.tgz",
-      "integrity": "sha1-zORReto1b0IgvK6KAsKzRvmlZmQ=",
-      "requires": {
-        "babel-helper-explode-assignable-expression": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-helper-call-delegate": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helper-call-delegate/-/babel-helper-call-delegate-6.24.1.tgz",
-      "integrity": "sha1-7Oaqzdx25Bw0YfiL/Fdb0Nqi340=",
-      "requires": {
-        "babel-helper-hoist-variables": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-traverse": "^6.24.1",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-helper-define-map": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-helper-define-map/-/babel-helper-define-map-6.26.0.tgz",
-      "integrity": "sha1-pfVtq0GiX5fstJjH66ypgZ+Vvl8=",
-      "requires": {
-        "babel-helper-function-name": "^6.24.1",
-        "babel-runtime": "^6.26.0",
-        "babel-types": "^6.26.0",
-        "lodash": "^4.17.4"
-      }
-    },
-    "babel-helper-explode-assignable-expression": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helper-explode-assignable-expression/-/babel-helper-explode-assignable-expression-6.24.1.tgz",
-      "integrity": "sha1-8luCz33BBDPFX3BZLVdGQArCLKo=",
-      "requires": {
-        "babel-runtime": "^6.22.0",
-        "babel-traverse": "^6.24.1",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-helper-function-name": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helper-function-name/-/babel-helper-function-name-6.24.1.tgz",
-      "integrity": "sha1-00dbjAPtmCQqJbSDUasYOZ01gKk=",
-      "requires": {
-        "babel-helper-get-function-arity": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1",
-        "babel-traverse": "^6.24.1",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-helper-get-function-arity": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helper-get-function-arity/-/babel-helper-get-function-arity-6.24.1.tgz",
-      "integrity": "sha1-j3eCqpNAfEHTqlCQj4mwMbG2hT0=",
-      "requires": {
-        "babel-runtime": "^6.22.0",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-helper-hoist-variables": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helper-hoist-variables/-/babel-helper-hoist-variables-6.24.1.tgz",
-      "integrity": "sha1-HssnaJydJVE+rbyZFKc/VAi+enY=",
-      "requires": {
-        "babel-runtime": "^6.22.0",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-helper-optimise-call-expression": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helper-optimise-call-expression/-/babel-helper-optimise-call-expression-6.24.1.tgz",
-      "integrity": "sha1-96E0J7qfc/j0+pk8VKl4gtEkQlc=",
-      "requires": {
-        "babel-runtime": "^6.22.0",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-helper-regex": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-helper-regex/-/babel-helper-regex-6.26.0.tgz",
-      "integrity": "sha1-MlxZ+QL4LyS3T6zu0DY5VPZJXnI=",
-      "requires": {
-        "babel-runtime": "^6.26.0",
-        "babel-types": "^6.26.0",
-        "lodash": "^4.17.4"
-      }
-    },
-    "babel-helper-remap-async-to-generator": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helper-remap-async-to-generator/-/babel-helper-remap-async-to-generator-6.24.1.tgz",
-      "integrity": "sha1-XsWBgnrXI/7N04HxySg5BnbkVRs=",
-      "requires": {
-        "babel-helper-function-name": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1",
-        "babel-traverse": "^6.24.1",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-helper-replace-supers": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helper-replace-supers/-/babel-helper-replace-supers-6.24.1.tgz",
-      "integrity": "sha1-v22/5Dk40XNpohPKiov3S2qQqxo=",
-      "requires": {
-        "babel-helper-optimise-call-expression": "^6.24.1",
-        "babel-messages": "^6.23.0",
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1",
-        "babel-traverse": "^6.24.1",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-helpers": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-helpers/-/babel-helpers-6.24.1.tgz",
-      "integrity": "sha1-NHHenK7DiOXIUOWX5Yom3fN2ArI=",
-      "requires": {
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1"
-      }
-    },
-    "babel-messages": {
-      "version": "6.23.0",
-      "resolved": "https://registry.npmjs.org/babel-messages/-/babel-messages-6.23.0.tgz",
-      "integrity": "sha1-8830cDhYA1sqKVHG7F7fbGLyYw4=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-check-es2015-constants": {
-      "version": "6.22.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-check-es2015-constants/-/babel-plugin-check-es2015-constants-6.22.0.tgz",
-      "integrity": "sha1-NRV7EBQm/S/9PaP3XH0ekYNbv4o=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-syntax-async-functions": {
-      "version": "6.13.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-syntax-async-functions/-/babel-plugin-syntax-async-functions-6.13.0.tgz",
-      "integrity": "sha1-ytnK0RkbWtY0vzCuCHI5HgZHvpU="
-    },
-    "babel-plugin-syntax-exponentiation-operator": {
-      "version": "6.13.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-syntax-exponentiation-operator/-/babel-plugin-syntax-exponentiation-operator-6.13.0.tgz",
-      "integrity": "sha1-nufoM3KQ2pUoggGmpX9BcDF4MN4="
-    },
-    "babel-plugin-syntax-trailing-function-commas": {
-      "version": "6.22.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-syntax-trailing-function-commas/-/babel-plugin-syntax-trailing-function-commas-6.22.0.tgz",
-      "integrity": "sha1-ugNgk3+NBuQBgKQ/4NVhb/9TLPM="
-    },
-    "babel-plugin-transform-async-to-generator": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-async-to-generator/-/babel-plugin-transform-async-to-generator-6.24.1.tgz",
-      "integrity": "sha1-ZTbjeK/2yx1VF6wOQOs+n8jQh2E=",
-      "requires": {
-        "babel-helper-remap-async-to-generator": "^6.24.1",
-        "babel-plugin-syntax-async-functions": "^6.8.0",
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-arrow-functions": {
-      "version": "6.22.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-arrow-functions/-/babel-plugin-transform-es2015-arrow-functions-6.22.0.tgz",
-      "integrity": "sha1-RSaSy3EdX3ncf4XkQM5BufJE0iE=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-block-scoped-functions": {
-      "version": "6.22.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-block-scoped-functions/-/babel-plugin-transform-es2015-block-scoped-functions-6.22.0.tgz",
-      "integrity": "sha1-u8UbSflk1wy42OC5ToICRs46YUE=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-block-scoping": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-block-scoping/-/babel-plugin-transform-es2015-block-scoping-6.26.0.tgz",
-      "integrity": "sha1-1w9SmcEwjQXBL0Y4E7CgnnOxiV8=",
-      "requires": {
-        "babel-runtime": "^6.26.0",
-        "babel-template": "^6.26.0",
-        "babel-traverse": "^6.26.0",
-        "babel-types": "^6.26.0",
-        "lodash": "^4.17.4"
-      }
-    },
-    "babel-plugin-transform-es2015-classes": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-classes/-/babel-plugin-transform-es2015-classes-6.24.1.tgz",
-      "integrity": "sha1-WkxYpQyclGHlZLSyo7+ryXolhNs=",
-      "requires": {
-        "babel-helper-define-map": "^6.24.1",
-        "babel-helper-function-name": "^6.24.1",
-        "babel-helper-optimise-call-expression": "^6.24.1",
-        "babel-helper-replace-supers": "^6.24.1",
-        "babel-messages": "^6.23.0",
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1",
-        "babel-traverse": "^6.24.1",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-computed-properties": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-computed-properties/-/babel-plugin-transform-es2015-computed-properties-6.24.1.tgz",
-      "integrity": "sha1-b+Ko0WiV1WNPTNmZttNICjCBWbM=",
-      "requires": {
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-destructuring": {
-      "version": "6.23.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-destructuring/-/babel-plugin-transform-es2015-destructuring-6.23.0.tgz",
-      "integrity": "sha1-mXux8auWf2gtKwh2/jWNYOdlxW0=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-duplicate-keys": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-duplicate-keys/-/babel-plugin-transform-es2015-duplicate-keys-6.24.1.tgz",
-      "integrity": "sha1-c+s9MQypaePvnskcU3QabxV2Qj4=",
-      "requires": {
-        "babel-runtime": "^6.22.0",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-for-of": {
-      "version": "6.23.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-for-of/-/babel-plugin-transform-es2015-for-of-6.23.0.tgz",
-      "integrity": "sha1-9HyVsrYT3x0+zC/bdXNiPHUkhpE=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-function-name": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-function-name/-/babel-plugin-transform-es2015-function-name-6.24.1.tgz",
-      "integrity": "sha1-g0yJhTvDaxrw86TF26qU/Y6sqos=",
-      "requires": {
-        "babel-helper-function-name": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-literals": {
-      "version": "6.22.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-literals/-/babel-plugin-transform-es2015-literals-6.22.0.tgz",
-      "integrity": "sha1-T1SgLWzWbPkVKAAZox0xklN3yi4=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-modules-amd": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-amd/-/babel-plugin-transform-es2015-modules-amd-6.24.1.tgz",
-      "integrity": "sha1-Oz5UAXI5hC1tGcMBHEvS8AoA0VQ=",
-      "requires": {
-        "babel-plugin-transform-es2015-modules-commonjs": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-modules-commonjs": {
-      "version": "6.26.2",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-commonjs/-/babel-plugin-transform-es2015-modules-commonjs-6.26.2.tgz",
-      "integrity": "sha512-CV9ROOHEdrjcwhIaJNBGMBCodN+1cfkwtM1SbUHmvyy35KGT7fohbpOxkE2uLz1o6odKK2Ck/tz47z+VqQfi9Q==",
-      "requires": {
-        "babel-plugin-transform-strict-mode": "^6.24.1",
-        "babel-runtime": "^6.26.0",
-        "babel-template": "^6.26.0",
-        "babel-types": "^6.26.0"
-      }
-    },
-    "babel-plugin-transform-es2015-modules-systemjs": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-systemjs/-/babel-plugin-transform-es2015-modules-systemjs-6.24.1.tgz",
-      "integrity": "sha1-/4mhQrkRmpBhlfXxBuzzBdlAfSM=",
-      "requires": {
-        "babel-helper-hoist-variables": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-modules-umd": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-modules-umd/-/babel-plugin-transform-es2015-modules-umd-6.24.1.tgz",
-      "integrity": "sha1-rJl+YoXNGO1hdq22B9YCNErThGg=",
-      "requires": {
-        "babel-plugin-transform-es2015-modules-amd": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-object-super": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-object-super/-/babel-plugin-transform-es2015-object-super-6.24.1.tgz",
-      "integrity": "sha1-JM72muIcuDp/hgPa0CH1cusnj40=",
-      "requires": {
-        "babel-helper-replace-supers": "^6.24.1",
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-parameters": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-parameters/-/babel-plugin-transform-es2015-parameters-6.24.1.tgz",
-      "integrity": "sha1-V6w1GrScrxSpfNE7CfZv3wpiXys=",
-      "requires": {
-        "babel-helper-call-delegate": "^6.24.1",
-        "babel-helper-get-function-arity": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-template": "^6.24.1",
-        "babel-traverse": "^6.24.1",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-shorthand-properties": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-shorthand-properties/-/babel-plugin-transform-es2015-shorthand-properties-6.24.1.tgz",
-      "integrity": "sha1-JPh11nIch2YbvZmkYi5R8U3jiqA=",
-      "requires": {
-        "babel-runtime": "^6.22.0",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-spread": {
-      "version": "6.22.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-spread/-/babel-plugin-transform-es2015-spread-6.22.0.tgz",
-      "integrity": "sha1-1taKmfia7cRTbIGlQujdnxdG+NE=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-sticky-regex": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-sticky-regex/-/babel-plugin-transform-es2015-sticky-regex-6.24.1.tgz",
-      "integrity": "sha1-AMHNsaynERLN8M9hJsLta0V8zbw=",
-      "requires": {
-        "babel-helper-regex": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-plugin-transform-es2015-template-literals": {
-      "version": "6.22.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-template-literals/-/babel-plugin-transform-es2015-template-literals-6.22.0.tgz",
-      "integrity": "sha1-qEs0UPfp+PH2g51taH2oS7EjbY0=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-typeof-symbol": {
-      "version": "6.23.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-typeof-symbol/-/babel-plugin-transform-es2015-typeof-symbol-6.23.0.tgz",
-      "integrity": "sha1-3sCfHN3/lLUqxz1QXITfWdzOs3I=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-es2015-unicode-regex": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-es2015-unicode-regex/-/babel-plugin-transform-es2015-unicode-regex-6.24.1.tgz",
-      "integrity": "sha1-04sS9C6nMj9yk4fxinxa4frrNek=",
-      "requires": {
-        "babel-helper-regex": "^6.24.1",
-        "babel-runtime": "^6.22.0",
-        "regexpu-core": "^2.0.0"
-      }
-    },
-    "babel-plugin-transform-exponentiation-operator": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-exponentiation-operator/-/babel-plugin-transform-exponentiation-operator-6.24.1.tgz",
-      "integrity": "sha1-KrDJx/MJj6SJB3cruBP+QejeOg4=",
-      "requires": {
-        "babel-helper-builder-binary-assignment-operator-visitor": "^6.24.1",
-        "babel-plugin-syntax-exponentiation-operator": "^6.8.0",
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-regenerator": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-regenerator/-/babel-plugin-transform-regenerator-6.26.0.tgz",
-      "integrity": "sha1-4HA2lvveJ/Cj78rPi03KL3s6jy8=",
-      "requires": {
-        "regenerator-transform": "^0.10.0"
-      }
-    },
-    "babel-plugin-transform-runtime": {
-      "version": "6.23.0",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-runtime/-/babel-plugin-transform-runtime-6.23.0.tgz",
-      "integrity": "sha1-iEkNRGUC6puOfvsP4J7E2ZR5se4=",
-      "requires": {
-        "babel-runtime": "^6.22.0"
-      }
-    },
-    "babel-plugin-transform-strict-mode": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-plugin-transform-strict-mode/-/babel-plugin-transform-strict-mode-6.24.1.tgz",
-      "integrity": "sha1-1fr3qleKZbvlkc9e2uBKDGcCB1g=",
-      "requires": {
-        "babel-runtime": "^6.22.0",
-        "babel-types": "^6.24.1"
-      }
-    },
-    "babel-polyfill": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-polyfill/-/babel-polyfill-6.26.0.tgz",
-      "integrity": "sha1-N5k3q8Z9eJWXCtxiHyhM2WbPIVM=",
-      "requires": {
-        "babel-runtime": "^6.26.0",
-        "core-js": "^2.5.0",
-        "regenerator-runtime": "^0.10.5"
-      },
-      "dependencies": {
-        "regenerator-runtime": {
-          "version": "0.10.5",
-          "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.10.5.tgz",
-          "integrity": "sha1-M2w+/BIgrc7dosn6tntaeVWjNlg="
-        }
-      }
-    },
-    "babel-preset-es2015": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-preset-es2015/-/babel-preset-es2015-6.24.1.tgz",
-      "integrity": "sha1-1EBQ1rwsn+6nAqrzjXJ6AhBTiTk=",
-      "requires": {
-        "babel-plugin-check-es2015-constants": "^6.22.0",
-        "babel-plugin-transform-es2015-arrow-functions": "^6.22.0",
-        "babel-plugin-transform-es2015-block-scoped-functions": "^6.22.0",
-        "babel-plugin-transform-es2015-block-scoping": "^6.24.1",
-        "babel-plugin-transform-es2015-classes": "^6.24.1",
-        "babel-plugin-transform-es2015-computed-properties": "^6.24.1",
-        "babel-plugin-transform-es2015-destructuring": "^6.22.0",
-        "babel-plugin-transform-es2015-duplicate-keys": "^6.24.1",
-        "babel-plugin-transform-es2015-for-of": "^6.22.0",
-        "babel-plugin-transform-es2015-function-name": "^6.24.1",
-        "babel-plugin-transform-es2015-literals": "^6.22.0",
-        "babel-plugin-transform-es2015-modules-amd": "^6.24.1",
-        "babel-plugin-transform-es2015-modules-commonjs": "^6.24.1",
-        "babel-plugin-transform-es2015-modules-systemjs": "^6.24.1",
-        "babel-plugin-transform-es2015-modules-umd": "^6.24.1",
-        "babel-plugin-transform-es2015-object-super": "^6.24.1",
-        "babel-plugin-transform-es2015-parameters": "^6.24.1",
-        "babel-plugin-transform-es2015-shorthand-properties": "^6.24.1",
-        "babel-plugin-transform-es2015-spread": "^6.22.0",
-        "babel-plugin-transform-es2015-sticky-regex": "^6.24.1",
-        "babel-plugin-transform-es2015-template-literals": "^6.22.0",
-        "babel-plugin-transform-es2015-typeof-symbol": "^6.22.0",
-        "babel-plugin-transform-es2015-unicode-regex": "^6.24.1",
-        "babel-plugin-transform-regenerator": "^6.24.1"
-      }
-    },
-    "babel-preset-es2016": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-preset-es2016/-/babel-preset-es2016-6.24.1.tgz",
-      "integrity": "sha1-+QC/k+LrwNJ235uKtZck6/2Vn4s=",
-      "requires": {
-        "babel-plugin-transform-exponentiation-operator": "^6.24.1"
-      }
-    },
-    "babel-preset-es2017": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-preset-es2017/-/babel-preset-es2017-6.24.1.tgz",
-      "integrity": "sha1-WXvq37n38gi8/YoS6bKym4svFNE=",
-      "requires": {
-        "babel-plugin-syntax-trailing-function-commas": "^6.22.0",
-        "babel-plugin-transform-async-to-generator": "^6.24.1"
-      }
-    },
-    "babel-preset-latest": {
-      "version": "6.24.1",
-      "resolved": "https://registry.npmjs.org/babel-preset-latest/-/babel-preset-latest-6.24.1.tgz",
-      "integrity": "sha1-Z33gaRVKdIXC0lxXfAL2JLhbheg=",
-      "requires": {
-        "babel-preset-es2015": "^6.24.1",
-        "babel-preset-es2016": "^6.24.1",
-        "babel-preset-es2017": "^6.24.1"
-      }
-    },
-    "babel-register": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-register/-/babel-register-6.26.0.tgz",
-      "integrity": "sha1-btAhFz4vy0htestFxgCahW9kcHE=",
-      "requires": {
-        "babel-core": "^6.26.0",
-        "babel-runtime": "^6.26.0",
-        "core-js": "^2.5.0",
-        "home-or-tmp": "^2.0.0",
-        "lodash": "^4.17.4",
-        "mkdirp": "^0.5.1",
-        "source-map-support": "^0.4.15"
-      }
-    },
-    "babel-runtime": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-runtime/-/babel-runtime-6.26.0.tgz",
-      "integrity": "sha1-llxwWGaOgrVde/4E/yM3vItWR/4=",
-      "requires": {
-        "core-js": "^2.4.0",
-        "regenerator-runtime": "^0.11.0"
-      }
-    },
-    "babel-template": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-template/-/babel-template-6.26.0.tgz",
-      "integrity": "sha1-3gPi0WOWsGn0bdn/+FIfsaDjXgI=",
-      "requires": {
-        "babel-runtime": "^6.26.0",
-        "babel-traverse": "^6.26.0",
-        "babel-types": "^6.26.0",
-        "babylon": "^6.18.0",
-        "lodash": "^4.17.4"
-      }
-    },
-    "babel-traverse": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-traverse/-/babel-traverse-6.26.0.tgz",
-      "integrity": "sha1-RqnL1+3MYsjlwGTi0tjQ9ANXZu4=",
-      "requires": {
-        "babel-code-frame": "^6.26.0",
-        "babel-messages": "^6.23.0",
-        "babel-runtime": "^6.26.0",
-        "babel-types": "^6.26.0",
-        "babylon": "^6.18.0",
-        "debug": "^2.6.8",
-        "globals": "^9.18.0",
-        "invariant": "^2.2.2",
-        "lodash": "^4.17.4"
-      }
-    },
-    "babel-types": {
-      "version": "6.26.0",
-      "resolved": "https://registry.npmjs.org/babel-types/-/babel-types-6.26.0.tgz",
-      "integrity": "sha1-o7Bz+Uq0nrb6Vc1lInozQ4BjJJc=",
-      "requires": {
-        "babel-runtime": "^6.26.0",
-        "esutils": "^2.0.2",
-        "lodash": "^4.17.4",
-        "to-fast-properties": "^1.0.3"
-      }
-    },
-    "babylon": {
-      "version": "6.18.0",
-      "resolved": "https://registry.npmjs.org/babylon/-/babylon-6.18.0.tgz",
-      "integrity": "sha512-q/UEjfGJ2Cm3oKV71DJz9d25TPnq5rhBVL2Q4fA5wcC3jcrdn7+SssEybFIxwAvvP+YCsCYNKughoF33GxgycQ=="
-    },
     "bach": {
       "version": "1.2.0",
       "resolved": "https://registry.npmjs.org/bach/-/bach-1.2.0.tgz",
@@ -1729,7 +1085,8 @@
     "binary-extensions": {
       "version": "1.11.0",
       "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-1.11.0.tgz",
-      "integrity": "sha1-RqoXUftqL5PuXmibsQh9SxTGwgU="
+      "integrity": "sha1-RqoXUftqL5PuXmibsQh9SxTGwgU=",
+      "dev": true
     },
     "bindings": {
       "version": "1.5.0",
@@ -1882,28 +1239,12 @@
         "concat-map": "0.0.1"
       }
     },
-    "braces": {
-      "version": "1.8.5",
-      "resolved": "https://registry.npmjs.org/braces/-/braces-1.8.5.tgz",
-      "integrity": "sha1-uneWLhLf+WnWt2cR6RS3N4V79qc=",
-      "optional": true,
-      "requires": {
-        "expand-range": "^1.8.1",
-        "preserve": "^0.2.0",
-        "repeat-element": "^1.1.2"
-      }
-    },
     "browser-stdout": {
       "version": "1.3.1",
       "resolved": "https://registry.npmjs.org/browser-stdout/-/browser-stdout-1.3.1.tgz",
       "integrity": "sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==",
       "dev": true
     },
-    "bson": {
-      "version": "1.0.9",
-      "resolved": "https://registry.npmjs.org/bson/-/bson-1.0.9.tgz",
-      "integrity": "sha512-IQX9/h7WdMBIW/q/++tGd+emQr0XMdeZ6icnT/74Xk9fnabWn+gZgpE+9V+gujL3hhJOoNrnDVY7tWdzc7NUTg=="
-    },
     "buffer": {
       "version": "5.2.1",
       "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.2.1.tgz",
@@ -1953,15 +1294,11 @@
       "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.0.tgz",
       "integrity": "sha512-c5mRlguI/Pe2dSZmpER62rSCu0ryKmWddzRYsuXc50U2/g8jMOulc31VZMa4mYx31U5xsmSOpDCgH88Vl9cDGQ=="
     },
-    "buffer-shims": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/buffer-shims/-/buffer-shims-1.0.0.tgz",
-      "integrity": "sha1-mXjOMXOIxkmth5MCjDR37wRKi1E="
-    },
     "builtin-modules": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-1.1.1.tgz",
-      "integrity": "sha1-Jw8HbFpywC9bZaR9+Uxf46J4iS8="
+      "integrity": "sha1-Jw8HbFpywC9bZaR9+Uxf46J4iS8=",
+      "dev": true
     },
     "busboy": {
       "version": "0.2.14",
@@ -2033,7 +1370,8 @@
     "camelcase": {
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/camelcase/-/camelcase-3.0.0.tgz",
-      "integrity": "sha1-MvxLn82vhF/N9+c7uXysImHwqwo="
+      "integrity": "sha1-MvxLn82vhF/N9+c7uXysImHwqwo=",
+      "dev": true
     },
     "camelcase-keys": {
       "version": "2.1.0",
@@ -2097,6 +1435,7 @@
       "version": "1.1.3",
       "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz",
       "integrity": "sha1-qBFcVeSnAv5NFQq9OHKCKn4J/Jg=",
+      "dev": true,
       "requires": {
         "ansi-styles": "^2.2.1",
         "escape-string-regexp": "^1.0.2",
@@ -2121,23 +1460,6 @@
       "integrity": "sha1-V00xLt2Iu13YkS6Sht1sCu1KrII=",
       "dev": true
     },
-    "chokidar": {
-      "version": "1.7.0",
-      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-1.7.0.tgz",
-      "integrity": "sha1-eY5ol3gVHIB2tLNg5e3SjNortGg=",
-      "optional": true,
-      "requires": {
-        "anymatch": "^1.3.0",
-        "async-each": "^1.0.0",
-        "fsevents": "^1.0.0",
-        "glob-parent": "^2.0.0",
-        "inherits": "^2.0.1",
-        "is-binary-path": "^1.0.0",
-        "is-glob": "^2.0.0",
-        "path-is-absolute": "^1.0.0",
-        "readdirp": "^2.0.0"
-      }
-    },
     "chownr": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/chownr/-/chownr-1.1.1.tgz",
@@ -2204,23 +1526,11 @@
       "integrity": "sha1-T6kXw+WclKAEzWH47lCdplFocUM=",
       "dev": true
     },
-    "cli-cursor": {
-      "version": "1.0.2",
-      "resolved": "https://registry.npmjs.org/cli-cursor/-/cli-cursor-1.0.2.tgz",
-      "integrity": "sha1-ZNo/fValRBLll5S9Ytw1KV6PKYc=",
-      "requires": {
-        "restore-cursor": "^1.0.1"
-      }
-    },
-    "cli-width": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/cli-width/-/cli-width-2.2.0.tgz",
-      "integrity": "sha1-/xnt6Kml5XkyQUewwR8PvLq+1jk="
-    },
     "cliui": {
       "version": "3.2.0",
       "resolved": "https://registry.npmjs.org/cliui/-/cliui-3.2.0.tgz",
       "integrity": "sha1-EgYBU3qRbSmUD5NNo7SNWFo5IT0=",
+      "dev": true,
       "requires": {
         "string-width": "^1.0.1",
         "strip-ansi": "^3.0.1",
@@ -2338,7 +1648,8 @@
     "colors": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/colors/-/colors-1.3.0.tgz",
-      "integrity": "sha512-EDpX3a7wHMWFA7PUHWPHNWqOxIIRSJetuwl0AS5Oi/5FMV8kWm69RTlgm00GKjBO1xFHMtBbL49yRtMMdticBw=="
+      "integrity": "sha512-EDpX3a7wHMWFA7PUHWPHNWqOxIIRSJetuwl0AS5Oi/5FMV8kWm69RTlgm00GKjBO1xFHMtBbL49yRtMMdticBw==",
+      "dev": true
     },
     "combined-stream": {
       "version": "1.0.6",
@@ -2351,7 +1662,8 @@
     "commander": {
       "version": "2.15.1",
       "resolved": "https://registry.npmjs.org/commander/-/commander-2.15.1.tgz",
-      "integrity": "sha512-VlfT9F3V0v+jr4yxPc5gg9s62/fIVWsd2Bk2iD435um1NlGMYdVCq+MjcXnhYq2icNOizHr1kK+5TI6H0Hy0ag=="
+      "integrity": "sha512-VlfT9F3V0v+jr4yxPc5gg9s62/fIVWsd2Bk2iD435um1NlGMYdVCq+MjcXnhYq2icNOizHr1kK+5TI6H0Hy0ag==",
+      "dev": true
     },
     "component-bind": {
       "version": "1.0.0",
@@ -2427,7 +1739,8 @@
     "convert-source-map": {
       "version": "1.5.1",
       "resolved": "https://registry.npmjs.org/convert-source-map/-/convert-source-map-1.5.1.tgz",
-      "integrity": "sha1-uCeAl7m8IpNl3lxiz1/K7YtVmeU="
+      "integrity": "sha1-uCeAl7m8IpNl3lxiz1/K7YtVmeU=",
+      "dev": true
     },
     "cookie": {
       "version": "0.3.1",
@@ -2461,11 +1774,6 @@
         "is-plain-object": "^2.0.1"
       }
     },
-    "core-js": {
-      "version": "2.5.7",
-      "resolved": "https://registry.npmjs.org/core-js/-/core-js-2.5.7.tgz",
-      "integrity": "sha512-RszJCAxg/PP6uzXVXL6BsxSXx/B05oJAQ2vkJRjyjrEcNVycaqOmNb5OTxZPE3xa5gwZduqza6L9JOCenh/Ecw=="
-    },
     "core-util-is": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.2.tgz",
@@ -2648,7 +1956,8 @@
     "decamelize": {
       "version": "1.2.0",
       "resolved": "https://registry.npmjs.org/decamelize/-/decamelize-1.2.0.tgz",
-      "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA="
+      "integrity": "sha1-9lNNFRSCabIDUue+4m9QH5oZEpA=",
+      "dev": true
     },
     "declare.js": {
       "version": "0.0.8",
@@ -2801,14 +2110,6 @@
       "integrity": "sha1-8NZtA2cqglyxtzvbP+YjEMjlUrc=",
       "dev": true
     },
-    "detect-indent": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/detect-indent/-/detect-indent-4.0.0.tgz",
-      "integrity": "sha1-920GQ1LN9Docts5hnE7jqUdd4gg=",
-      "requires": {
-        "repeating": "^2.0.0"
-      }
-    },
     "detect-libc": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/detect-libc/-/detect-libc-1.0.3.tgz",
@@ -3007,6 +2308,7 @@
       "version": "1.3.2",
       "resolved": "https://registry.npmjs.org/error-ex/-/error-ex-1.3.2.tgz",
       "integrity": "sha512-7dFHNmqeFSEt2ZBsCriorKnn3Z2pj+fd9kmI6QoWw4//DL+icEBfc0U7qJCisqrTsKTjw4fNFy2pW9OqStD84g==",
+      "dev": true,
       "requires": {
         "is-arrayish": "^0.2.1"
       }
@@ -3033,11 +2335,6 @@
         "es6-symbol": "^3.1.1"
       }
     },
-    "es6-promise": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/es6-promise/-/es6-promise-3.2.1.tgz",
-      "integrity": "sha1-7FYjOGgDKQkgcXDDlEjiREndH8Q="
-    },
     "es6-symbol": {
       "version": "3.1.1",
       "resolved": "https://registry.npmjs.org/es6-symbol/-/es6-symbol-3.1.1.tgz",
@@ -3068,7 +2365,8 @@
     "escape-string-regexp": {
       "version": "1.0.5",
       "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz",
-      "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ="
+      "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=",
+      "dev": true
     },
     "escodegen": {
       "version": "1.8.1",
@@ -3116,7 +2414,8 @@
     "esutils": {
       "version": "2.0.2",
       "resolved": "https://registry.npmjs.org/esutils/-/esutils-2.0.2.tgz",
-      "integrity": "sha1-Cr9PHKpbyx96nYrMbepPqqBLrJs="
+      "integrity": "sha1-Cr9PHKpbyx96nYrMbepPqqBLrJs=",
+      "dev": true
     },
     "etag": {
       "version": "1.8.1",
@@ -3178,29 +2477,6 @@
         }
       }
     },
-    "exit-hook": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/exit-hook/-/exit-hook-1.1.1.tgz",
-      "integrity": "sha1-8FyiM7SMBdVP/wd2XfhQfpXAL/g="
-    },
-    "expand-brackets": {
-      "version": "0.1.5",
-      "resolved": "https://registry.npmjs.org/expand-brackets/-/expand-brackets-0.1.5.tgz",
-      "integrity": "sha1-3wcoTjQqgHzXM6xa9yQR5YHRF3s=",
-      "optional": true,
-      "requires": {
-        "is-posix-bracket": "^0.1.0"
-      }
-    },
-    "expand-range": {
-      "version": "1.8.2",
-      "resolved": "https://registry.npmjs.org/expand-range/-/expand-range-1.8.2.tgz",
-      "integrity": "sha1-opnv/TNf4nIeuujiV+x5ZE/IUzc=",
-      "optional": true,
-      "requires": {
-        "fill-range": "^2.1.0"
-      }
-    },
     "expand-template": {
       "version": "2.0.3",
       "resolved": "https://registry.npmjs.org/expand-template/-/expand-template-2.0.3.tgz",
@@ -3301,15 +2577,6 @@
         "declare.js": "~0.0.4"
       }
     },
-    "extglob": {
-      "version": "0.3.2",
-      "resolved": "https://registry.npmjs.org/extglob/-/extglob-0.3.2.tgz",
-      "integrity": "sha1-Lhj/PS9JqydlzskCPwEdqo2DSaE=",
-      "optional": true,
-      "requires": {
-        "is-extglob": "^1.0.0"
-      }
-    },
     "extract-zip": {
       "version": "1.6.7",
       "resolved": "https://registry.npmjs.org/extract-zip/-/extract-zip-1.6.7.tgz",
@@ -3380,39 +2647,11 @@
         "pend": "~1.2.0"
       }
     },
-    "figures": {
-      "version": "1.7.0",
-      "resolved": "https://registry.npmjs.org/figures/-/figures-1.7.0.tgz",
-      "integrity": "sha1-y+Hjr/zxzUS4DK3+0o3Hk6lwHS4=",
-      "requires": {
-        "escape-string-regexp": "^1.0.5",
-        "object-assign": "^4.1.0"
-      }
-    },
     "file-uri-to-path": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/file-uri-to-path/-/file-uri-to-path-1.0.0.tgz",
       "integrity": "sha512-0Zt+s3L7Vf1biwWZ29aARiVYLx7iMGnEUl9x33fbB/j3jR81u/O2LbqK+Bm1CDSNDKVtJ/YjwY7TUd5SkeLQLw=="
     },
-    "filename-regex": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/filename-regex/-/filename-regex-2.0.1.tgz",
-      "integrity": "sha1-wcS5vuPglyXdsQa3XB4wH+LxiyY=",
-      "optional": true
-    },
-    "fill-range": {
-      "version": "2.2.4",
-      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-2.2.4.tgz",
-      "integrity": "sha512-cnrcCbj01+j2gTG921VZPnHbjmdAf8oQV/iGeV2kZxGSyfYjjTyY79ErsK1WJWMpw6DaApEX72binqJE+/d+5Q==",
-      "optional": true,
-      "requires": {
-        "is-number": "^2.1.0",
-        "isobject": "^2.0.0",
-        "randomatic": "^3.0.0",
-        "repeat-element": "^1.1.2",
-        "repeat-string": "^1.5.2"
-      }
-    },
     "finalhandler": {
       "version": "1.1.1",
       "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.1.tgz",
@@ -3438,6 +2677,7 @@
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/find-up/-/find-up-1.1.2.tgz",
       "integrity": "sha1-ay6YIrGizgpgq2TWEOzK1TyyTQ8=",
+      "dev": true,
       "requires": {
         "path-exists": "^2.0.0",
         "pinkie-promise": "^2.0.0"
@@ -3778,16 +3018,8 @@
     "for-in": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/for-in/-/for-in-1.0.2.tgz",
-      "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA="
-    },
-    "for-own": {
-      "version": "0.1.5",
-      "resolved": "https://registry.npmjs.org/for-own/-/for-own-0.1.5.tgz",
-      "integrity": "sha1-UmXGgaTylNq78XyVCbZ2OqhFEM4=",
-      "optional": true,
-      "requires": {
-        "for-in": "^1.0.1"
-      }
+      "integrity": "sha1-gQaNKVqBQuwKxybG4iAMMPttXoA=",
+      "dev": true
     },
     "foreach": {
       "version": "2.0.5",
@@ -3880,11 +3112,6 @@
         "through2": "^2.0.3"
       }
     },
-    "fs-readdir-recursive": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/fs-readdir-recursive/-/fs-readdir-recursive-1.1.0.tgz",
-      "integrity": "sha512-GNanXlVr2pf02+sPN40XN8HG+ePaNcvM0q5mZBd668Obwb0yD5GiUbZOFgwn8kGMY6I3mdyDJzieUy3PTYyTRA=="
-    },
     "fs.realpath": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
@@ -3894,6 +3121,7 @@
       "version": "1.2.4",
       "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-1.2.4.tgz",
       "integrity": "sha512-z8H8/diyk76B7q5wg+Ud0+CqzcAF3mBBI/bA5ne5zrRUUIvNkJY//D3BqyH571KuAC4Nr7Rw7CjWX4r0y9DvNg==",
+      "dev": true,
       "optional": true,
       "requires": {
         "nan": "^2.9.2",
@@ -3903,21 +3131,24 @@
         "abbrev": {
           "version": "1.1.1",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "ansi-regex": {
           "version": "2.1.1",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "aproba": {
           "version": "1.2.0",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "are-we-there-yet": {
           "version": "1.1.4",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "delegates": "^1.0.0",
@@ -3927,12 +3158,12 @@
         "balanced-match": {
           "version": "1.0.0",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "brace-expansion": {
           "version": "1.1.11",
           "bundled": true,
-          "optional": true,
+          "dev": true,
           "requires": {
             "balanced-match": "^1.0.0",
             "concat-map": "0.0.1"
@@ -3941,31 +3172,34 @@
         "chownr": {
           "version": "1.0.1",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "code-point-at": {
           "version": "1.1.0",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "concat-map": {
           "version": "0.0.1",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "console-control-strings": {
           "version": "1.1.0",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "core-util-is": {
           "version": "1.0.2",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "debug": {
           "version": "2.6.9",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "ms": "2.0.0"
@@ -3974,21 +3208,25 @@
         "deep-extend": {
           "version": "0.5.1",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "delegates": {
           "version": "1.0.0",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "detect-libc": {
           "version": "1.0.3",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "fs-minipass": {
           "version": "1.2.5",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "minipass": "^2.2.1"
@@ -3997,11 +3235,13 @@
         "fs.realpath": {
           "version": "1.0.0",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "gauge": {
           "version": "2.7.4",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "aproba": "^1.0.3",
@@ -4017,6 +3257,7 @@
         "glob": {
           "version": "7.1.2",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "fs.realpath": "^1.0.0",
@@ -4030,11 +3271,13 @@
         "has-unicode": {
           "version": "2.0.1",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "iconv-lite": {
           "version": "0.4.21",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "safer-buffer": "^2.1.0"
@@ -4043,6 +3286,7 @@
         "ignore-walk": {
           "version": "3.0.1",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "minimatch": "^3.0.4"
@@ -4051,6 +3295,7 @@
         "inflight": {
           "version": "1.0.6",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "once": "^1.3.0",
@@ -4060,17 +3305,18 @@
         "inherits": {
           "version": "2.0.3",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "ini": {
           "version": "1.3.5",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "is-fullwidth-code-point": {
           "version": "1.0.0",
           "bundled": true,
-          "optional": true,
+          "dev": true,
           "requires": {
             "number-is-nan": "^1.0.0"
           }
@@ -4078,12 +3324,13 @@
         "isarray": {
           "version": "1.0.0",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "minimatch": {
           "version": "3.0.4",
           "bundled": true,
-          "optional": true,
+          "dev": true,
           "requires": {
             "brace-expansion": "^1.1.7"
           }
@@ -4091,12 +3338,12 @@
         "minimist": {
           "version": "0.0.8",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "minipass": {
           "version": "2.2.4",
           "bundled": true,
-          "optional": true,
+          "dev": true,
           "requires": {
             "safe-buffer": "^5.1.1",
             "yallist": "^3.0.0"
@@ -4105,6 +3352,7 @@
         "minizlib": {
           "version": "1.1.0",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "minipass": "^2.2.1"
@@ -4113,7 +3361,7 @@
         "mkdirp": {
           "version": "0.5.1",
           "bundled": true,
-          "optional": true,
+          "dev": true,
           "requires": {
             "minimist": "0.0.8"
           }
@@ -4121,11 +3369,13 @@
         "ms": {
           "version": "2.0.0",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "needle": {
           "version": "2.2.0",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "debug": "^2.1.2",
@@ -4136,6 +3386,7 @@
         "node-pre-gyp": {
           "version": "0.10.0",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "detect-libc": "^1.0.2",
@@ -4153,6 +3404,7 @@
         "nopt": {
           "version": "4.0.1",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "abbrev": "1",
@@ -4162,11 +3414,13 @@
         "npm-bundled": {
           "version": "1.0.3",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "npm-packlist": {
           "version": "1.1.10",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "ignore-walk": "^3.0.1",
@@ -4176,6 +3430,7 @@
         "npmlog": {
           "version": "4.1.2",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "are-we-there-yet": "~1.1.2",
@@ -4187,17 +3442,18 @@
         "number-is-nan": {
           "version": "1.0.1",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "object-assign": {
           "version": "4.1.1",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "once": {
           "version": "1.4.0",
           "bundled": true,
-          "optional": true,
+          "dev": true,
           "requires": {
             "wrappy": "1"
           }
@@ -4205,16 +3461,19 @@
         "os-homedir": {
           "version": "1.0.2",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "os-tmpdir": {
           "version": "1.0.2",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "osenv": {
           "version": "0.1.5",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "os-homedir": "^1.0.0",
@@ -4224,16 +3483,19 @@
         "path-is-absolute": {
           "version": "1.0.1",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "process-nextick-args": {
           "version": "2.0.0",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "rc": {
           "version": "1.2.7",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "deep-extend": "^0.5.1",
@@ -4245,6 +3507,7 @@
             "minimist": {
               "version": "1.2.0",
               "bundled": true,
+              "dev": true,
               "optional": true
             }
           }
@@ -4252,6 +3515,7 @@
         "readable-stream": {
           "version": "2.3.6",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "core-util-is": "~1.0.0",
@@ -4266,6 +3530,7 @@
         "rimraf": {
           "version": "2.6.2",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "glob": "^7.0.5"
@@ -4274,37 +3539,42 @@
         "safe-buffer": {
           "version": "5.1.1",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "safer-buffer": {
           "version": "2.1.2",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "sax": {
           "version": "1.2.4",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "semver": {
           "version": "5.5.0",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "set-blocking": {
           "version": "2.0.0",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "signal-exit": {
           "version": "3.0.2",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "string-width": {
           "version": "1.0.2",
           "bundled": true,
-          "optional": true,
+          "dev": true,
           "requires": {
             "code-point-at": "^1.0.0",
             "is-fullwidth-code-point": "^1.0.0",
@@ -4314,6 +3584,7 @@
         "string_decoder": {
           "version": "1.1.1",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "safe-buffer": "~5.1.0"
@@ -4322,7 +3593,7 @@
         "strip-ansi": {
           "version": "3.0.1",
           "bundled": true,
-          "optional": true,
+          "dev": true,
           "requires": {
             "ansi-regex": "^2.0.0"
           }
@@ -4330,11 +3601,13 @@
         "strip-json-comments": {
           "version": "2.0.1",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "tar": {
           "version": "4.4.1",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "chownr": "^1.0.1",
@@ -4349,11 +3622,13 @@
         "util-deprecate": {
           "version": "1.0.2",
           "bundled": true,
+          "dev": true,
           "optional": true
         },
         "wide-align": {
           "version": "1.1.2",
           "bundled": true,
+          "dev": true,
           "optional": true,
           "requires": {
             "string-width": "^1.0.2"
@@ -4362,12 +3637,12 @@
         "wrappy": {
           "version": "1.0.2",
           "bundled": true,
-          "optional": true
+          "dev": true
         },
         "yallist": {
           "version": "3.0.2",
           "bundled": true,
-          "optional": true
+          "dev": true
         }
       }
     },
@@ -4416,7 +3691,8 @@
     "get-caller-file": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-1.0.2.tgz",
-      "integrity": "sha1-9wLmMSfn4jHBYKgMFVSstw1QR+U="
+      "integrity": "sha1-9wLmMSfn4jHBYKgMFVSstw1QR+U=",
+      "dev": true
     },
     "get-func-name": {
       "version": "2.0.0",
@@ -4468,25 +3744,6 @@
         "path-is-absolute": "^1.0.0"
       }
     },
-    "glob-base": {
-      "version": "0.3.0",
-      "resolved": "https://registry.npmjs.org/glob-base/-/glob-base-0.3.0.tgz",
-      "integrity": "sha1-27Fk9iIbHAscz4Kuoyi0l98Oo8Q=",
-      "optional": true,
-      "requires": {
-        "glob-parent": "^2.0.0",
-        "is-glob": "^2.0.0"
-      }
-    },
-    "glob-parent": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-2.0.0.tgz",
-      "integrity": "sha1-gTg9ctsFT8zPUzbaqQLxgvbtuyg=",
-      "optional": true,
-      "requires": {
-        "is-glob": "^2.0.0"
-      }
-    },
     "glob-stream": {
       "version": "6.1.0",
       "resolved": "https://registry.npmjs.org/glob-stream/-/glob-stream-6.1.0.tgz",
@@ -4920,11 +4177,6 @@
         "which": "^1.2.14"
       }
     },
-    "globals": {
-      "version": "9.18.0",
-      "resolved": "https://registry.npmjs.org/globals/-/globals-9.18.0.tgz",
-      "integrity": "sha512-S0nG3CLEQiY/ILxqtztTWH/3iRRdyBLw6KMDxnKMchrtbj2OFmehVh0WUCfW3DUrIgx/qFrJPICrq4Z4sTR9UQ=="
-    },
     "globule": {
       "version": "1.2.1",
       "resolved": "https://registry.npmjs.org/globule/-/globule-1.2.1.tgz",
@@ -5541,6 +4793,7 @@
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/has-ansi/-/has-ansi-2.0.0.tgz",
       "integrity": "sha1-NPUEnOHs3ysGSa8+8k5F7TVBbZE=",
+      "dev": true,
       "requires": {
         "ansi-regex": "^2.0.0"
       }
@@ -5669,15 +4922,6 @@
       "resolved": "https://registry.npmjs.org/highlight.js/-/highlight.js-9.15.6.tgz",
       "integrity": "sha512-zozTAWM1D6sozHo8kqhfYgsac+B+q0PmsjXeyDrYIHHcBN0zTVT66+s2GW1GZv7DbyaROdLXKdabwS/WqPyIdQ=="
     },
-    "home-or-tmp": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/home-or-tmp/-/home-or-tmp-2.0.0.tgz",
-      "integrity": "sha1-42w/LSyufXRqhX440Y1fMqeILbg=",
-      "requires": {
-        "os-homedir": "^1.0.0",
-        "os-tmpdir": "^1.0.1"
-      }
-    },
     "homedir-polyfill": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/homedir-polyfill/-/homedir-polyfill-1.0.1.tgz",
@@ -5687,15 +4931,11 @@
         "parse-passwd": "^1.0.0"
       }
     },
-    "hooks-fixed": {
-      "version": "2.0.2",
-      "resolved": "https://registry.npmjs.org/hooks-fixed/-/hooks-fixed-2.0.2.tgz",
-      "integrity": "sha512-YurCM4gQSetcrhwEtpQHhQ4M7Zo7poNGqY4kQGeBS6eZtOcT3tnNs01ThFa0jYBByAiYt1MjMjP/YApG0EnAvQ=="
-    },
     "hosted-git-info": {
       "version": "2.6.0",
       "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.6.0.tgz",
-      "integrity": "sha512-lIbgIIQA3lz5XaB6vxakj6sDHADJiZadYEJB+FgA+C4nubM1NwcuvUr9EJPmnH1skZqpqUzWborWo8EIUi0Sdw=="
+      "integrity": "sha512-lIbgIIQA3lz5XaB6vxakj6sDHADJiZadYEJB+FgA+C4nubM1NwcuvUr9EJPmnH1skZqpqUzWborWo8EIUi0Sdw==",
+      "dev": true
     },
     "html-pdf": {
       "version": "2.2.0",
@@ -5804,44 +5044,17 @@
       "resolved": "https://registry.npmjs.org/ini/-/ini-1.3.5.tgz",
       "integrity": "sha512-RZY5huIKCMRWDUqZlEi72f/lmXKMvuszcMBduliQ3nnWbx9X/ZBQO7DijMEYS9EhHBb2qacRUMtC7svLwe0lcw=="
     },
-    "inquirer": {
-      "version": "0.12.0",
-      "resolved": "https://registry.npmjs.org/inquirer/-/inquirer-0.12.0.tgz",
-      "integrity": "sha1-HvK/1jUE3wvHV4X/+MLEHfEvB34=",
-      "requires": {
-        "ansi-escapes": "^1.1.0",
-        "ansi-regex": "^2.0.0",
-        "chalk": "^1.0.0",
-        "cli-cursor": "^1.0.1",
-        "cli-width": "^2.0.0",
-        "figures": "^1.3.5",
-        "lodash": "^4.3.0",
-        "readline2": "^1.0.1",
-        "run-async": "^0.1.0",
-        "rx-lite": "^3.1.2",
-        "string-width": "^1.0.1",
-        "strip-ansi": "^3.0.0",
-        "through": "^2.3.6"
-      }
-    },
     "interpret": {
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/interpret/-/interpret-1.1.0.tgz",
-      "integrity": "sha1-ftGxQQxqDg94z5XTuEQMY/eLhhQ=",
-      "dev": true
-    },
-    "invariant": {
-      "version": "2.2.4",
-      "resolved": "https://registry.npmjs.org/invariant/-/invariant-2.2.4.tgz",
-      "integrity": "sha512-phJfQVBuaJM5raOpJjSfkiD6BpbCE4Ns//LaXl6wGYtUBY83nWS6Rf9tXm2e8VaK60JEjYldbPif/A2B1C2gNA==",
-      "requires": {
-        "loose-envify": "^1.0.0"
-      }
+      "integrity": "sha1-ftGxQQxqDg94z5XTuEQMY/eLhhQ=",
+      "dev": true
     },
     "invert-kv": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/invert-kv/-/invert-kv-1.0.0.tgz",
-      "integrity": "sha1-EEqOSqym09jNFXqO+L+rLXo//bY="
+      "integrity": "sha1-EEqOSqym09jNFXqO+L+rLXo//bY=",
+      "dev": true
     },
     "ip-regex": {
       "version": "2.1.0",
@@ -5876,12 +5089,14 @@
     "is-arrayish": {
       "version": "0.2.1",
       "resolved": "https://registry.npmjs.org/is-arrayish/-/is-arrayish-0.2.1.tgz",
-      "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0="
+      "integrity": "sha1-d8mYQFJ6qOyxqLppe4BkWnqSap0=",
+      "dev": true
     },
     "is-binary-path": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-1.0.1.tgz",
       "integrity": "sha1-dfFmQrSA8YenEcgUFh/TpKdlWJg=",
+      "dev": true,
       "requires": {
         "binary-extensions": "^1.0.0"
       }
@@ -5895,6 +5110,7 @@
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-1.0.0.tgz",
       "integrity": "sha1-VAVy0096wxGfj3bDDLwbHgN6/74=",
+      "dev": true,
       "requires": {
         "builtin-modules": "^1.0.0"
       }
@@ -5936,25 +5152,11 @@
         }
       }
     },
-    "is-dotfile": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/is-dotfile/-/is-dotfile-1.0.3.tgz",
-      "integrity": "sha1-pqLzL/0t+wT1yiXs0Pa4PPeYoeE=",
-      "optional": true
-    },
-    "is-equal-shallow": {
-      "version": "0.1.3",
-      "resolved": "https://registry.npmjs.org/is-equal-shallow/-/is-equal-shallow-0.1.3.tgz",
-      "integrity": "sha1-IjgJj8Ih3gvPpdnqxMRdY4qhxTQ=",
-      "optional": true,
-      "requires": {
-        "is-primitive": "^2.0.0"
-      }
-    },
     "is-extendable": {
       "version": "0.1.1",
       "resolved": "https://registry.npmjs.org/is-extendable/-/is-extendable-0.1.1.tgz",
-      "integrity": "sha1-YrEQ4omkcUGOPsNqYX1HLjAd/Ik="
+      "integrity": "sha1-YrEQ4omkcUGOPsNqYX1HLjAd/Ik=",
+      "dev": true
     },
     "is-extended": {
       "version": "0.0.10",
@@ -5964,16 +5166,11 @@
         "extended": "~0.0.3"
       }
     },
-    "is-extglob": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-1.0.0.tgz",
-      "integrity": "sha1-rEaBd8SUNAWgkvyPKXYMb/xiBsA=",
-      "optional": true
-    },
     "is-finite": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/is-finite/-/is-finite-1.0.2.tgz",
       "integrity": "sha1-zGZ3aVYCvlUO8R6LSqYwU0K20Ko=",
+      "dev": true,
       "requires": {
         "number-is-nan": "^1.0.0"
       }
@@ -5986,15 +5183,6 @@
         "number-is-nan": "^1.0.0"
       }
     },
-    "is-glob": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-2.0.1.tgz",
-      "integrity": "sha1-0Jb5JqPe1WAPP9/ZEZjLCIjC2GM=",
-      "optional": true,
-      "requires": {
-        "is-extglob": "^1.0.0"
-      }
-    },
     "is-installed-globally": {
       "version": "0.1.0",
       "resolved": "https://registry.npmjs.org/is-installed-globally/-/is-installed-globally-0.1.0.tgz",
@@ -6026,15 +5214,6 @@
       "integrity": "sha1-8vtjpl5JBbQGyGBydloaTceTufQ=",
       "dev": true
     },
-    "is-number": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/is-number/-/is-number-2.1.0.tgz",
-      "integrity": "sha1-Afy7s5NGOlSPL0ZszhbezknbkI8=",
-      "optional": true,
-      "requires": {
-        "kind-of": "^3.0.2"
-      }
-    },
     "is-obj": {
       "version": "1.0.1",
       "resolved": "http://registry.npmjs.org/is-obj/-/is-obj-1.0.1.tgz",
@@ -6084,18 +5263,6 @@
         }
       }
     },
-    "is-posix-bracket": {
-      "version": "0.1.1",
-      "resolved": "https://registry.npmjs.org/is-posix-bracket/-/is-posix-bracket-0.1.1.tgz",
-      "integrity": "sha1-MzTceXdDaOkvAW5vvAqI9c1ua8Q=",
-      "optional": true
-    },
-    "is-primitive": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/is-primitive/-/is-primitive-2.0.0.tgz",
-      "integrity": "sha1-IHurkWOEmcB7Kt8kCkGochADRXU=",
-      "optional": true
-    },
     "is-promise": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/is-promise/-/is-promise-2.1.0.tgz",
@@ -6144,7 +5311,8 @@
     "is-utf8": {
       "version": "0.2.1",
       "resolved": "https://registry.npmjs.org/is-utf8/-/is-utf8-0.2.1.tgz",
-      "integrity": "sha1-Sw2hRCEE0bM2NA6AeX6GXPOffXI="
+      "integrity": "sha1-Sw2hRCEE0bM2NA6AeX6GXPOffXI=",
+      "dev": true
     },
     "is-valid-glob": {
       "version": "1.0.0",
@@ -6168,15 +5336,6 @@
       "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz",
       "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA="
     },
-    "isobject": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/isobject/-/isobject-2.1.0.tgz",
-      "integrity": "sha1-8GVWEJaj8dou9GJy+BXIQNh+DIk=",
-      "optional": true,
-      "requires": {
-        "isarray": "1.0.0"
-      }
-    },
     "isstream": {
       "version": "0.1.2",
       "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz",
@@ -6270,7 +5429,8 @@
     "js-tokens": {
       "version": "3.0.2",
       "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-3.0.2.tgz",
-      "integrity": "sha1-mGbfOVECEw449/mWvOtlRDIJwls="
+      "integrity": "sha1-mGbfOVECEw449/mWvOtlRDIJwls=",
+      "dev": true
     },
     "js-yaml": {
       "version": "3.12.0",
@@ -6288,11 +5448,6 @@
       "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=",
       "optional": true
     },
-    "jsesc": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-1.3.0.tgz",
-      "integrity": "sha1-RsP+yMGJKxKwgz25vHYiF226s0s="
-    },
     "json-parse-helpfulerror": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/json-parse-helpfulerror/-/json-parse-helpfulerror-1.0.3.tgz",
@@ -6325,11 +5480,6 @@
       "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz",
       "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus="
     },
-    "json5": {
-      "version": "0.5.1",
-      "resolved": "https://registry.npmjs.org/json5/-/json5-0.5.1.tgz",
-      "integrity": "sha1-Hq3nrMASA0rYTiOWdn6tn6VJWCE="
-    },
     "jsonfile": {
       "version": "4.0.0",
       "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz",
@@ -6410,11 +5560,6 @@
         "safe-buffer": "^5.0.1"
       }
     },
-    "kareem": {
-      "version": "1.5.0",
-      "resolved": "https://registry.npmjs.org/kareem/-/kareem-1.5.0.tgz",
-      "integrity": "sha1-4+QQHZ3P3imXadr0tNtk2JXRdEg="
-    },
     "kew": {
       "version": "0.7.0",
       "resolved": "https://registry.npmjs.org/kew/-/kew-0.7.0.tgz",
@@ -6425,6 +5570,7 @@
       "version": "3.2.2",
       "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-3.2.2.tgz",
       "integrity": "sha1-MeohpzS6ubuw8yRm2JOupR5KPGQ=",
+      "dev": true,
       "requires": {
         "is-buffer": "^1.1.5"
       }
@@ -6478,6 +5624,7 @@
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/lcid/-/lcid-1.0.0.tgz",
       "integrity": "sha1-MIrMr6C8SDo4Z7S28rlQYlHRuDU=",
+      "dev": true,
       "requires": {
         "invert-kv": "^1.0.0"
       }
@@ -6535,6 +5682,7 @@
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-1.1.0.tgz",
       "integrity": "sha1-lWkFcI1YtLq0wiYbBPWfMcmTdMA=",
+      "dev": true,
       "requires": {
         "graceful-fs": "^4.1.2",
         "parse-json": "^2.2.0",
@@ -6580,11 +5728,6 @@
       "resolved": "https://registry.npmjs.org/lodash.flatten/-/lodash.flatten-4.4.0.tgz",
       "integrity": "sha1-8xwiIlqWMtK7+OSt2+8kCqdlph8="
     },
-    "lodash.get": {
-      "version": "4.4.2",
-      "resolved": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz",
-      "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk="
-    },
     "lodash.includes": {
       "version": "4.3.0",
       "resolved": "https://registry.npmjs.org/lodash.includes/-/lodash.includes-4.3.0.tgz",
@@ -6642,14 +5785,6 @@
       "integrity": "sha512-U7KCmLdqsGHBLeWqYlFA0V0Sl6P08EE1ZrmA9cxjUE0WVqT9qnyVDPz1kzpFEP0jdJuFnasWIfSd7fsaNXkpbg==",
       "dev": true
     },
-    "loose-envify": {
-      "version": "1.3.1",
-      "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.3.1.tgz",
-      "integrity": "sha1-0aitM/qc4OcT1l/dCsi3SNR4yEg=",
-      "requires": {
-        "js-tokens": "^3.0.0"
-      }
-    },
     "loud-rejection": {
       "version": "1.6.0",
       "resolved": "https://registry.npmjs.org/loud-rejection/-/loud-rejection-1.6.0.tgz",
@@ -7096,12 +6231,6 @@
         }
       }
     },
-    "math-random": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/math-random/-/math-random-1.0.1.tgz",
-      "integrity": "sha1-izqsWIuKZuSXXjzepn97sylgH6w=",
-      "optional": true
-    },
     "md5": {
       "version": "2.2.1",
       "resolved": "https://registry.npmjs.org/md5/-/md5-2.2.1.tgz",
@@ -7180,76 +6309,6 @@
       "resolved": "https://registry.npmjs.org/methods/-/methods-1.1.2.tgz",
       "integrity": "sha1-VSmk1nZUE07cxSZmVoNbD4Ua/O4="
     },
-    "micromatch": {
-      "version": "2.3.11",
-      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-2.3.11.tgz",
-      "integrity": "sha1-hmd8l9FyCzY0MdBNDRUpO9OMFWU=",
-      "optional": true,
-      "requires": {
-        "arr-diff": "^2.0.0",
-        "array-unique": "^0.2.1",
-        "braces": "^1.8.2",
-        "expand-brackets": "^0.1.4",
-        "extglob": "^0.3.1",
-        "filename-regex": "^2.0.0",
-        "is-extglob": "^1.0.0",
-        "is-glob": "^2.0.1",
-        "kind-of": "^3.0.2",
-        "normalize-path": "^2.0.1",
-        "object.omit": "^2.0.0",
-        "parse-glob": "^3.0.4",
-        "regex-cache": "^0.4.2"
-      }
-    },
-    "migrate-mongoose": {
-      "version": "3.2.2",
-      "resolved": "https://registry.npmjs.org/migrate-mongoose/-/migrate-mongoose-3.2.2.tgz",
-      "integrity": "sha1-+v4BtfNvfMK7Jvabng7IXZ3/OmU=",
-      "requires": {
-        "babel-cli": "^6.18.0",
-        "babel-core": "^6.20.0",
-        "babel-plugin-transform-runtime": "^6.15.0",
-        "babel-polyfill": "^6.20.0",
-        "babel-preset-latest": "^6.16.0",
-        "babel-register": "^6.18.0",
-        "bluebird": "^3.3.3",
-        "colors": "^1.1.2",
-        "inquirer": "^0.12.0",
-        "mkdirp": "^0.5.1",
-        "mongoose": "^4.4.6",
-        "yargs": "^4.8.1"
-      },
-      "dependencies": {
-        "async": {
-          "version": "2.6.0",
-          "resolved": "https://registry.npmjs.org/async/-/async-2.6.0.tgz",
-          "integrity": "sha512-xAfGg1/NTLBBKlHFmnd7PlmUW9KhVQIUuSrYem9xzFUZy13ScvtyGGejaae9iAVRiRq9+Cx7DPFaAAhCpyxyPw==",
-          "requires": {
-            "lodash": "^4.14.0"
-          }
-        },
-        "mongoose": {
-          "version": "4.13.14",
-          "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-4.13.14.tgz",
-          "integrity": "sha512-20zynb1fvCO37AP+0iTPGDbt4dJJkzM9fNK5BwKf5n+gFU5YYdXpnhxs9Kf8C+Fe0xY8vpUKV8wA7VGWcmDaFw==",
-          "requires": {
-            "async": "2.6.0",
-            "bson": "~1.0.4",
-            "hooks-fixed": "2.0.2",
-            "kareem": "1.5.0",
-            "lodash.get": "4.4.2",
-            "mongodb": "2.2.34",
-            "mpath": "0.3.0",
-            "mpromise": "0.5.5",
-            "mquery": "2.3.3",
-            "ms": "2.0.0",
-            "muri": "1.3.0",
-            "regexp-clone": "0.0.1",
-            "sliced": "1.0.1"
-          }
-        }
-      }
-    },
     "mime": {
       "version": "1.4.1",
       "resolved": "https://registry.npmjs.org/mime/-/mime-1.4.1.tgz",
@@ -7400,54 +6459,6 @@
       "resolved": "https://registry.npmjs.org/moment/-/moment-2.24.0.tgz",
       "integrity": "sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg=="
     },
-    "mongodb": {
-      "version": "2.2.34",
-      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-2.2.34.tgz",
-      "integrity": "sha1-o09Zu+thdUrsQy3nLD/iFSakTBo=",
-      "requires": {
-        "es6-promise": "3.2.1",
-        "mongodb-core": "2.1.18",
-        "readable-stream": "2.2.7"
-      },
-      "dependencies": {
-        "process-nextick-args": {
-          "version": "1.0.7",
-          "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-1.0.7.tgz",
-          "integrity": "sha1-FQ4gt1ZZCtP5EJPyWk8q2L/zC6M="
-        },
-        "readable-stream": {
-          "version": "2.2.7",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.2.7.tgz",
-          "integrity": "sha1-BwV6y+JGeyIELTb5jFrVBwVOlbE=",
-          "requires": {
-            "buffer-shims": "~1.0.0",
-            "core-util-is": "~1.0.0",
-            "inherits": "~2.0.1",
-            "isarray": "~1.0.0",
-            "process-nextick-args": "~1.0.6",
-            "string_decoder": "~1.0.0",
-            "util-deprecate": "~1.0.1"
-          }
-        },
-        "string_decoder": {
-          "version": "1.0.3",
-          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.0.3.tgz",
-          "integrity": "sha512-4AH6Z5fzNNBcH+6XDMfA/BTt87skxqJlO0lAh3Dker5zThcAxG6mKz+iGu308UKoPPQ8Dcqx/4JhujzltRa+hQ==",
-          "requires": {
-            "safe-buffer": "~5.1.0"
-          }
-        }
-      }
-    },
-    "mongodb-core": {
-      "version": "2.1.18",
-      "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-2.1.18.tgz",
-      "integrity": "sha1-TEYTm986HwMt7ZHbSfOO7AFlkFA=",
-      "requires": {
-        "bson": "~1.0.4",
-        "require_optional": "~1.0.0"
-      }
-    },
     "mongoose": {
       "version": "5.4.19",
       "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.19.tgz",
@@ -7553,39 +6564,6 @@
         "on-headers": "~1.0.1"
       }
     },
-    "mpath": {
-      "version": "0.3.0",
-      "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.3.0.tgz",
-      "integrity": "sha1-elj3iem1/TyUUgY0FXlg8mvV70Q="
-    },
-    "mpromise": {
-      "version": "0.5.5",
-      "resolved": "https://registry.npmjs.org/mpromise/-/mpromise-0.5.5.tgz",
-      "integrity": "sha1-9bJCWddjrMIlewoMjG2Gb9UXMuY="
-    },
-    "mquery": {
-      "version": "2.3.3",
-      "resolved": "https://registry.npmjs.org/mquery/-/mquery-2.3.3.tgz",
-      "integrity": "sha512-NC8L14kn+qxJbbJ1gbcEMDxF0sC3sv+1cbRReXXwVvowcwY1y9KoVZFq0ebwARibsadu8lx8nWGvm3V0Pf0ZWQ==",
-      "requires": {
-        "bluebird": "3.5.0",
-        "debug": "2.6.9",
-        "regexp-clone": "0.0.1",
-        "sliced": "0.0.5"
-      },
-      "dependencies": {
-        "bluebird": {
-          "version": "3.5.0",
-          "resolved": "https://registry.npmjs.org/bluebird/-/bluebird-3.5.0.tgz",
-          "integrity": "sha1-eRQg1/VR7qKJdFOop3ZT+WYG1nw="
-        },
-        "sliced": {
-          "version": "0.0.5",
-          "resolved": "https://registry.npmjs.org/sliced/-/sliced-0.0.5.tgz",
-          "integrity": "sha1-XtwETKTrb3gW1Qui/GPiXY/kcH8="
-        }
-      }
-    },
     "ms": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
@@ -7606,26 +6584,17 @@
         "xtend": "^4.0.0"
       }
     },
-    "muri": {
-      "version": "1.3.0",
-      "resolved": "https://registry.npmjs.org/muri/-/muri-1.3.0.tgz",
-      "integrity": "sha512-FiaFwKl864onHFFUV/a2szAl7X0fxVlSKNdhTf+BM8i8goEgYut8u5P9MqQqIYwvaMxjzVESsoEm/2kfkFH1rg=="
-    },
     "mute-stdout": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/mute-stdout/-/mute-stdout-1.0.0.tgz",
       "integrity": "sha1-WzLqB+tDyd7WEwQ0z5JvRrKn/U0=",
       "dev": true
     },
-    "mute-stream": {
-      "version": "0.0.5",
-      "resolved": "https://registry.npmjs.org/mute-stream/-/mute-stream-0.0.5.tgz",
-      "integrity": "sha1-j7+rsKmKJT0xhDMfno3rc3L6xsA="
-    },
     "nan": {
       "version": "2.10.0",
       "resolved": "https://registry.npmjs.org/nan/-/nan-2.10.0.tgz",
-      "integrity": "sha512-bAdJv7fBLhWC+/Bls0Oza+mvTaNQtP+1RyhhhvD95pgUJz6XM5IzgmxOkItJ9tkoCiplvAnXI1tNmmUD/eScyA=="
+      "integrity": "sha512-bAdJv7fBLhWC+/Bls0Oza+mvTaNQtP+1RyhhhvD95pgUJz6XM5IzgmxOkItJ9tkoCiplvAnXI1tNmmUD/eScyA==",
+      "dev": true
     },
     "nanomatch": {
       "version": "1.2.9",
@@ -8388,6 +7357,7 @@
       "version": "2.4.0",
       "resolved": "https://registry.npmjs.org/normalize-package-data/-/normalize-package-data-2.4.0.tgz",
       "integrity": "sha512-9jjUFbTPfEy3R/ad/2oNbKtW9Hgovl5O1FvFWKkKblNXoN/Oou6+9+KKohPK13Yc3/TyunyWhJp6gvRNR/PPAw==",
+      "dev": true,
       "requires": {
         "hosted-git-info": "^2.1.4",
         "is-builtin-module": "^1.0.0",
@@ -8583,16 +7553,6 @@
         }
       }
     },
-    "object.omit": {
-      "version": "2.0.1",
-      "resolved": "https://registry.npmjs.org/object.omit/-/object.omit-2.0.1.tgz",
-      "integrity": "sha1-Gpx0SCnznbuFjHbKNXmuKlTr0fo=",
-      "optional": true,
-      "requires": {
-        "for-own": "^0.1.4",
-        "is-extendable": "^0.1.1"
-      }
-    },
     "object.pick": {
       "version": "1.3.0",
       "resolved": "https://registry.npmjs.org/object.pick/-/object.pick-1.3.0.tgz",
@@ -8652,11 +7612,6 @@
         "wrappy": "1"
       }
     },
-    "onetime": {
-      "version": "1.1.0",
-      "resolved": "http://registry.npmjs.org/onetime/-/onetime-1.1.0.tgz",
-      "integrity": "sha1-ofeDj4MUxRbwXs78vEzP4EtO14k="
-    },
     "optimist": {
       "version": "0.6.1",
       "resolved": "https://registry.npmjs.org/optimist/-/optimist-0.6.1.tgz",
@@ -8707,6 +7662,7 @@
       "version": "1.4.0",
       "resolved": "https://registry.npmjs.org/os-locale/-/os-locale-1.4.0.tgz",
       "integrity": "sha1-IPnxeuKe00XoveWDsT0gCYA8FNk=",
+      "dev": true,
       "requires": {
         "lcid": "^1.0.0"
       }
@@ -8725,16 +7681,6 @@
         "os-tmpdir": "^1.0.0"
       }
     },
-    "output-file-sync": {
-      "version": "1.1.2",
-      "resolved": "https://registry.npmjs.org/output-file-sync/-/output-file-sync-1.1.2.tgz",
-      "integrity": "sha1-0KM+7+YaIF+suQCS6CZZjVJFznY=",
-      "requires": {
-        "graceful-fs": "^4.1.4",
-        "mkdirp": "^0.5.1",
-        "object-assign": "^4.1.0"
-      }
-    },
     "p-finally": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz",
@@ -8764,22 +7710,11 @@
         "path-root": "^0.1.1"
       }
     },
-    "parse-glob": {
-      "version": "3.0.4",
-      "resolved": "https://registry.npmjs.org/parse-glob/-/parse-glob-3.0.4.tgz",
-      "integrity": "sha1-ssN2z7EfNVE7rdFz7wu246OIORw=",
-      "optional": true,
-      "requires": {
-        "glob-base": "^0.3.0",
-        "is-dotfile": "^1.0.0",
-        "is-extglob": "^1.0.0",
-        "is-glob": "^2.0.0"
-      }
-    },
     "parse-json": {
       "version": "2.2.0",
       "resolved": "https://registry.npmjs.org/parse-json/-/parse-json-2.2.0.tgz",
       "integrity": "sha1-9ID0BDTvgHQfhGkJn43qGPVaTck=",
+      "dev": true,
       "requires": {
         "error-ex": "^1.2.0"
       }
@@ -8864,6 +7799,7 @@
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/path-exists/-/path-exists-2.1.0.tgz",
       "integrity": "sha1-D+tsZPD8UY2adU3V77YscCJ2H0s=",
+      "dev": true,
       "requires": {
         "pinkie-promise": "^2.0.0"
       }
@@ -8915,6 +7851,7 @@
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/path-type/-/path-type-1.1.0.tgz",
       "integrity": "sha1-WcRPfuSR2nBNpBXaWkBwuk+P5EE=",
+      "dev": true,
       "requires": {
         "graceful-fs": "^4.1.2",
         "pify": "^2.0.0",
@@ -9016,7 +7953,8 @@
     "pify": {
       "version": "2.3.0",
       "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
-      "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw="
+      "integrity": "sha1-7RQaasBDqEnqWISY59yosVMw6Qw=",
+      "dev": true
     },
     "pinkie": {
       "version": "2.0.4",
@@ -9109,23 +8047,12 @@
       "integrity": "sha1-1PRWKwzjaW5BrFLQ4ALlemNdxtw=",
       "dev": true
     },
-    "preserve": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/preserve/-/preserve-0.2.0.tgz",
-      "integrity": "sha1-gV7R9uvGWSb4ZbMQwHE7yzMVzks=",
-      "optional": true
-    },
     "pretty-hrtime": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/pretty-hrtime/-/pretty-hrtime-1.0.3.tgz",
       "integrity": "sha1-t+PqQkNaTJsnWdmeDyAesZWALuE=",
       "dev": true
     },
-    "private": {
-      "version": "0.1.8",
-      "resolved": "https://registry.npmjs.org/private/-/private-0.1.8.tgz",
-      "integrity": "sha512-VvivMrbvd2nKkiG38qjULzlc+4Vx4wm/whI9pQD35YrARNnhxeiRktSOhSukRLFNlzg6Br/cJPet5J/u19r/mg=="
-    },
     "process-nextick-args": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.0.tgz",
@@ -9194,31 +8121,6 @@
       "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz",
       "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA=="
     },
-    "randomatic": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/randomatic/-/randomatic-3.0.0.tgz",
-      "integrity": "sha512-VdxFOIEY3mNO5PtSRkkle/hPJDHvQhK21oa73K4yAc9qmp6N429gAyF1gZMOTMeS0/AYzaV/2Trcef+NaIonSA==",
-      "optional": true,
-      "requires": {
-        "is-number": "^4.0.0",
-        "kind-of": "^6.0.0",
-        "math-random": "^1.0.1"
-      },
-      "dependencies": {
-        "is-number": {
-          "version": "4.0.0",
-          "resolved": "https://registry.npmjs.org/is-number/-/is-number-4.0.0.tgz",
-          "integrity": "sha512-rSklcAIlf1OmFdyAqbnWTLVelsQ58uvZ66S/ZyawjWqIviTWCjg2PzVGw8WUA+nNuPTqb4wgA+NszrJ+08LlgQ==",
-          "optional": true
-        },
-        "kind-of": {
-          "version": "6.0.2",
-          "resolved": "https://registry.npmjs.org/kind-of/-/kind-of-6.0.2.tgz",
-          "integrity": "sha512-s5kLOcnH0XqDO+FvuaLX8DDjZ18CGFk7VygH40QoKPUQhW4e2rvM0rwUq0t8IQDOwYSeLK01U90OjzBTme2QqA==",
-          "optional": true
-        }
-      }
-    },
     "range-parser": {
       "version": "1.2.0",
       "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.0.tgz",
@@ -9269,6 +8171,7 @@
       "version": "1.1.0",
       "resolved": "https://registry.npmjs.org/read-pkg/-/read-pkg-1.1.0.tgz",
       "integrity": "sha1-9f+qXs0pyzHAR0vKfXVra7KePyg=",
+      "dev": true,
       "requires": {
         "load-json-file": "^1.0.0",
         "normalize-package-data": "^2.3.2",
@@ -9279,6 +8182,7 @@
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/read-pkg-up/-/read-pkg-up-1.0.1.tgz",
       "integrity": "sha1-nWPBMnbAZZGNV/ACpX9AobZD+wI=",
+      "dev": true,
       "requires": {
         "find-up": "^1.0.0",
         "read-pkg": "^1.0.0"
@@ -9333,6 +8237,7 @@
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-2.1.0.tgz",
       "integrity": "sha1-TtCtBg3zBzMAxIRANz9y0cxkLXg=",
+      "dev": true,
       "requires": {
         "graceful-fs": "^4.1.2",
         "minimatch": "^3.0.2",
@@ -9340,16 +8245,6 @@
         "set-immediate-shim": "^1.0.1"
       }
     },
-    "readline2": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/readline2/-/readline2-1.0.1.tgz",
-      "integrity": "sha1-QQWWCP/BVHV7cV2ZidGZ/783LjU=",
-      "requires": {
-        "code-point-at": "^1.0.0",
-        "is-fullwidth-code-point": "^1.0.0",
-        "mute-stream": "0.0.5"
-      }
-    },
     "rechoir": {
       "version": "0.6.2",
       "resolved": "https://registry.npmjs.org/rechoir/-/rechoir-0.6.2.tgz",
@@ -9374,35 +8269,6 @@
       "resolved": "https://registry.npmjs.org/reflect-metadata/-/reflect-metadata-0.1.13.tgz",
       "integrity": "sha512-Ts1Y/anZELhSsjMcU605fU9RE4Oi3p5ORujwbIKXfWa+0Zxs510Qrmrce5/Jowq3cHSZSJqBjypxmHarc+vEWg=="
     },
-    "regenerate": {
-      "version": "1.4.0",
-      "resolved": "https://registry.npmjs.org/regenerate/-/regenerate-1.4.0.tgz",
-      "integrity": "sha512-1G6jJVDWrt0rK99kBjvEtziZNCICAuvIPkSiUFIQxVP06RCVpq3dmDo2oi6ABpYaDYaTRr67BEhL8r1wgEZZKg=="
-    },
-    "regenerator-runtime": {
-      "version": "0.11.1",
-      "resolved": "https://registry.npmjs.org/regenerator-runtime/-/regenerator-runtime-0.11.1.tgz",
-      "integrity": "sha512-MguG95oij0fC3QV3URf4V2SDYGJhJnJGqvIIgdECeODCT98wSWDAJ94SSuVpYQUoTcGUIL6L4yNB7j1DFFHSBg=="
-    },
-    "regenerator-transform": {
-      "version": "0.10.1",
-      "resolved": "https://registry.npmjs.org/regenerator-transform/-/regenerator-transform-0.10.1.tgz",
-      "integrity": "sha512-PJepbvDbuK1xgIgnau7Y90cwaAmO/LCLMI2mPvaXq2heGMR3aWW5/BQvYrhJ8jgmQjXewXvBjzfqKcVOmhjZ6Q==",
-      "requires": {
-        "babel-runtime": "^6.18.0",
-        "babel-types": "^6.19.0",
-        "private": "^0.1.6"
-      }
-    },
-    "regex-cache": {
-      "version": "0.4.4",
-      "resolved": "https://registry.npmjs.org/regex-cache/-/regex-cache-0.4.4.tgz",
-      "integrity": "sha512-nVIZwtCjkC9YgvWkpM55B5rBhBYRZhAaJbgcFYXXsHnbZ9UZI9nnVWYZpBlCqv9ho2eZryPnWrZGsOdPwVWXWQ==",
-      "optional": true,
-      "requires": {
-        "is-equal-shallow": "^0.1.3"
-      }
-    },
     "regex-not": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/regex-not/-/regex-not-1.0.2.tgz",
@@ -9418,16 +8284,6 @@
       "resolved": "https://registry.npmjs.org/regexp-clone/-/regexp-clone-0.0.1.tgz",
       "integrity": "sha1-p8LgmJH9vzj7sQ03b7cwA+aKxYk="
     },
-    "regexpu-core": {
-      "version": "2.0.0",
-      "resolved": "https://registry.npmjs.org/regexpu-core/-/regexpu-core-2.0.0.tgz",
-      "integrity": "sha1-SdA4g3uNz4v6W5pCE5k45uoq4kA=",
-      "requires": {
-        "regenerate": "^1.2.1",
-        "regjsgen": "^0.2.0",
-        "regjsparser": "^0.1.4"
-      }
-    },
     "registry-auth-token": {
       "version": "3.3.2",
       "resolved": "https://registry.npmjs.org/registry-auth-token/-/registry-auth-token-3.3.2.tgz",
@@ -9447,26 +8303,6 @@
         "rc": "^1.0.1"
       }
     },
-    "regjsgen": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/regjsgen/-/regjsgen-0.2.0.tgz",
-      "integrity": "sha1-bAFq3qxVT3WCP+N6wFuS1aTtsfc="
-    },
-    "regjsparser": {
-      "version": "0.1.5",
-      "resolved": "https://registry.npmjs.org/regjsparser/-/regjsparser-0.1.5.tgz",
-      "integrity": "sha1-fuj4Tcb6eS0/0K4ijSS9lJ6tIFw=",
-      "requires": {
-        "jsesc": "~0.5.0"
-      },
-      "dependencies": {
-        "jsesc": {
-          "version": "0.5.0",
-          "resolved": "https://registry.npmjs.org/jsesc/-/jsesc-0.5.0.tgz",
-          "integrity": "sha1-597mbjXW/Bb3EP6R1c9p9w8IkR0="
-        }
-      }
-    },
     "remap-istanbul": {
       "version": "0.13.0",
       "resolved": "https://registry.npmjs.org/remap-istanbul/-/remap-istanbul-0.13.0.tgz",
@@ -9527,17 +8363,20 @@
     "repeat-element": {
       "version": "1.1.2",
       "resolved": "https://registry.npmjs.org/repeat-element/-/repeat-element-1.1.2.tgz",
-      "integrity": "sha1-7wiaF40Ug7quTZPrmLT55OEdmQo="
+      "integrity": "sha1-7wiaF40Ug7quTZPrmLT55OEdmQo=",
+      "dev": true
     },
     "repeat-string": {
       "version": "1.6.1",
       "resolved": "https://registry.npmjs.org/repeat-string/-/repeat-string-1.6.1.tgz",
-      "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc="
+      "integrity": "sha1-jcrkcOHIirwtYA//Sndihtp15jc=",
+      "dev": true
     },
     "repeating": {
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/repeating/-/repeating-2.0.1.tgz",
       "integrity": "sha1-UhTFOpJtNVJwdSf7q0FdvAjQbdo=",
+      "dev": true,
       "requires": {
         "is-finite": "^1.0.0"
       }
@@ -9605,12 +8444,14 @@
     "require-directory": {
       "version": "2.1.1",
       "resolved": "https://registry.npmjs.org/require-directory/-/require-directory-2.1.1.tgz",
-      "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I="
+      "integrity": "sha1-jGStX9MNqxyXbiNE/+f3kqam30I=",
+      "dev": true
     },
     "require-main-filename": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/require-main-filename/-/require-main-filename-1.0.1.tgz",
-      "integrity": "sha1-l/cXtp1IeE9fUmpsWqj/3aBVpNE="
+      "integrity": "sha1-l/cXtp1IeE9fUmpsWqj/3aBVpNE=",
+      "dev": true
     },
     "require_optional": {
       "version": "1.0.1",
@@ -9660,15 +8501,6 @@
       "integrity": "sha1-LGN/53yJOv0qZj/iGqkIAGjiBSo=",
       "dev": true
     },
-    "restore-cursor": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/restore-cursor/-/restore-cursor-1.0.1.tgz",
-      "integrity": "sha1-NGYfRohjJ/7SmRR5FSJS35LapUE=",
-      "requires": {
-        "exit-hook": "^1.0.0",
-        "onetime": "^1.0.0"
-      }
-    },
     "ret": {
       "version": "0.1.15",
       "resolved": "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz",
@@ -9711,14 +8543,6 @@
         "template-url": "^1.0.0"
       }
     },
-    "run-async": {
-      "version": "0.1.0",
-      "resolved": "https://registry.npmjs.org/run-async/-/run-async-0.1.0.tgz",
-      "integrity": "sha1-yK1KXhEGYeQCp9IbUw4AnyX444k=",
-      "requires": {
-        "once": "^1.3.0"
-      }
-    },
     "run-sequence": {
       "version": "2.2.1",
       "resolved": "https://registry.npmjs.org/run-sequence/-/run-sequence-2.2.1.tgz",
@@ -9782,11 +8606,6 @@
         }
       }
     },
-    "rx-lite": {
-      "version": "3.1.2",
-      "resolved": "https://registry.npmjs.org/rx-lite/-/rx-lite-3.1.2.tgz",
-      "integrity": "sha1-Gc5QLKVyZl87ZHsQk5+X/RYV8QI="
-    },
     "safe-buffer": {
       "version": "5.1.2",
       "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
@@ -9954,7 +8773,8 @@
     "set-immediate-shim": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/set-immediate-shim/-/set-immediate-shim-1.0.1.tgz",
-      "integrity": "sha1-SysbJ+uAip+NzEgaWOXlb1mfP2E="
+      "integrity": "sha1-SysbJ+uAip+NzEgaWOXlb1mfP2E=",
+      "dev": true
     },
     "set-value": {
       "version": "2.0.0",
@@ -10075,11 +8895,6 @@
         }
       }
     },
-    "slash": {
-      "version": "1.0.0",
-      "resolved": "https://registry.npmjs.org/slash/-/slash-1.0.0.tgz",
-      "integrity": "sha1-xB8vbDn8FtHNF61LXYlhFK5HDVU="
-    },
     "sliced": {
       "version": "1.0.1",
       "resolved": "https://registry.npmjs.org/sliced/-/sliced-1.0.1.tgz",
@@ -10285,7 +9100,8 @@
     "source-map": {
       "version": "0.5.7",
       "resolved": "https://registry.npmjs.org/source-map/-/source-map-0.5.7.tgz",
-      "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w="
+      "integrity": "sha1-igOdLRAh0i0eoUyA2OpGi6LvP8w=",
+      "dev": true
     },
     "source-map-resolve": {
       "version": "0.5.2",
@@ -10300,14 +9116,6 @@
         "urix": "^0.1.0"
       }
     },
-    "source-map-support": {
-      "version": "0.4.18",
-      "resolved": "https://registry.npmjs.org/source-map-support/-/source-map-support-0.4.18.tgz",
-      "integrity": "sha512-try0/JqxPLF9nOjvSta7tVondkP5dwgyLDjVoyMDlmjugT2lRZ1OfsrYTkCd2hkDnJTKRbO/Rl3orm8vlsUzbA==",
-      "requires": {
-        "source-map": "^0.5.6"
-      }
-    },
     "source-map-url": {
       "version": "0.4.0",
       "resolved": "https://registry.npmjs.org/source-map-url/-/source-map-url-0.4.0.tgz",
@@ -10333,6 +9141,7 @@
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/spdx-correct/-/spdx-correct-3.0.0.tgz",
       "integrity": "sha512-N19o9z5cEyc8yQQPukRCZ9EUmb4HUpnrmaL/fxS2pBo2jbfcFRVuFZ/oFC+vZz0MNNk0h80iMn5/S6qGZOL5+g==",
+      "dev": true,
       "requires": {
         "spdx-expression-parse": "^3.0.0",
         "spdx-license-ids": "^3.0.0"
@@ -10341,12 +9150,14 @@
     "spdx-exceptions": {
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/spdx-exceptions/-/spdx-exceptions-2.1.0.tgz",
-      "integrity": "sha512-4K1NsmrlCU1JJgUrtgEeTVyfx8VaYea9J9LvARxhbHtVtohPs/gFGG5yy49beySjlIMhhXZ4QqujIZEfS4l6Cg=="
+      "integrity": "sha512-4K1NsmrlCU1JJgUrtgEeTVyfx8VaYea9J9LvARxhbHtVtohPs/gFGG5yy49beySjlIMhhXZ4QqujIZEfS4l6Cg==",
+      "dev": true
     },
     "spdx-expression-parse": {
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/spdx-expression-parse/-/spdx-expression-parse-3.0.0.tgz",
       "integrity": "sha512-Yg6D3XpRD4kkOmTpdgbUiEJFKghJH03fiC1OPll5h/0sO6neh2jqRDVHOQ4o/LMea0tgCkbMgea5ip/e+MkWyg==",
+      "dev": true,
       "requires": {
         "spdx-exceptions": "^2.1.0",
         "spdx-license-ids": "^3.0.0"
@@ -10355,7 +9166,8 @@
     "spdx-license-ids": {
       "version": "3.0.0",
       "resolved": "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.0.tgz",
-      "integrity": "sha512-2+EPwgbnmOIl8HjGBXXMd9NAu02vLjOO1nWw4kmeRDFyHn+M/ETfHxQUK0oXg8ctgVnl9t3rosNVsZ1jG61nDA=="
+      "integrity": "sha512-2+EPwgbnmOIl8HjGBXXMd9NAu02vLjOO1nWw4kmeRDFyHn+M/ETfHxQUK0oXg8ctgVnl9t3rosNVsZ1jG61nDA==",
+      "dev": true
     },
     "split": {
       "version": "0.3.3",
@@ -10560,6 +9372,7 @@
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/strip-bom/-/strip-bom-2.0.0.tgz",
       "integrity": "sha1-YhmoVhZSBJHzV4i9vxRHqZx+aw4=",
+      "dev": true,
       "requires": {
         "is-utf8": "^0.2.0"
       }
@@ -10628,7 +9441,8 @@
     "supports-color": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-2.0.0.tgz",
-      "integrity": "sha1-U10EXOa2Nj+kARcIRimZXp3zJMc="
+      "integrity": "sha1-U10EXOa2Nj+kARcIRimZXp3zJMc=",
+      "dev": true
     },
     "sver-compat": {
       "version": "1.5.0",
@@ -10739,7 +9553,8 @@
     "through": {
       "version": "2.3.8",
       "resolved": "https://registry.npmjs.org/through/-/through-2.3.8.tgz",
-      "integrity": "sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU="
+      "integrity": "sha1-DdTJ/6q8NXlgsbckEV1+Doai4fU=",
+      "dev": true
     },
     "through2": {
       "version": "2.0.3",
@@ -10814,11 +9629,6 @@
       "resolved": "https://registry.npmjs.org/to-buffer/-/to-buffer-1.1.1.tgz",
       "integrity": "sha512-lx9B5iv7msuFYE3dytT+KE5tap+rNYw+K4jVkb9R/asAb+pbBSM17jtunHplhBe6RRJdZx3Pn2Jph24O32mOVg=="
     },
-    "to-fast-properties": {
-      "version": "1.0.3",
-      "resolved": "https://registry.npmjs.org/to-fast-properties/-/to-fast-properties-1.0.3.tgz",
-      "integrity": "sha1-uDVx+k2MJbguIxsG46MFXeTKGkc="
-    },
     "to-object-path": {
       "version": "0.3.0",
       "resolved": "https://registry.npmjs.org/to-object-path/-/to-object-path-0.3.0.tgz",
@@ -10923,11 +9733,6 @@
       "integrity": "sha1-WIeWa7WCpFA6QetST301ARgVphM=",
       "dev": true
     },
-    "trim-right": {
-      "version": "1.0.1",
-      "resolved": "https://registry.npmjs.org/trim-right/-/trim-right-1.0.1.tgz",
-      "integrity": "sha1-yy4SAwZ+DI3h9hQJS5/kVwTqYAM="
-    },
     "true-case-path": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/true-case-path/-/true-case-path-1.0.3.tgz",
@@ -11374,11 +10179,6 @@
         }
       }
     },
-    "user-home": {
-      "version": "1.1.1",
-      "resolved": "https://registry.npmjs.org/user-home/-/user-home-1.1.1.tgz",
-      "integrity": "sha1-K1viOjK2Onyd640PKNSFcko98ZA="
-    },
     "util-deprecate": {
       "version": "1.0.2",
       "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz",
@@ -11394,18 +10194,11 @@
       "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz",
       "integrity": "sha512-yXJmeNaw3DnnKAOKJE51sL/ZaYfWJRl1pK9dr19YFCu0ObS231AB1/LbqTKRAQ5kw8A90rA6fr4riOUpTZvQZA=="
     },
-    "v8flags": {
-      "version": "2.1.1",
-      "resolved": "https://registry.npmjs.org/v8flags/-/v8flags-2.1.1.tgz",
-      "integrity": "sha1-qrGh+jDUX4jdMhFIh1rALAtV5bQ=",
-      "requires": {
-        "user-home": "^1.1.1"
-      }
-    },
     "validate-npm-package-license": {
       "version": "3.0.3",
       "resolved": "https://registry.npmjs.org/validate-npm-package-license/-/validate-npm-package-license-3.0.3.tgz",
       "integrity": "sha512-63ZOUnL4SIXj4L0NixR3L1lcjO38crAbgrTpl28t8jjrfuiOBL5Iygm+60qPs/KsZGzPNg6Smnc/oY16QTjF0g==",
+      "dev": true,
       "requires": {
         "spdx-correct": "^3.0.0",
         "spdx-expression-parse": "^3.0.0"
@@ -11545,7 +10338,8 @@
     "which-module": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/which-module/-/which-module-1.0.0.tgz",
-      "integrity": "sha1-u6Y8qGGUiZT/MHc2CJ47lgJsKk8="
+      "integrity": "sha1-u6Y8qGGUiZT/MHc2CJ47lgJsKk8=",
+      "dev": true
     },
     "which-pm-runs": {
       "version": "1.0.0",
@@ -11602,11 +10396,6 @@
         }
       }
     },
-    "window-size": {
-      "version": "0.2.0",
-      "resolved": "https://registry.npmjs.org/window-size/-/window-size-0.2.0.tgz",
-      "integrity": "sha1-tDFbtCFKPXBY6+7okuE/ok2YsHU="
-    },
     "wordwrap": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/wordwrap/-/wordwrap-1.0.0.tgz",
@@ -11617,6 +10406,7 @@
       "version": "2.1.0",
       "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-2.1.0.tgz",
       "integrity": "sha1-2Pw9KE3QV5T+hJc8rs3Rz4JP3YU=",
+      "dev": true,
       "requires": {
         "string-width": "^1.0.1",
         "strip-ansi": "^3.0.1"
@@ -11665,43 +10455,14 @@
     "y18n": {
       "version": "3.2.1",
       "resolved": "https://registry.npmjs.org/y18n/-/y18n-3.2.1.tgz",
-      "integrity": "sha1-bRX7qITAhnnA136I53WegR4H+kE="
+      "integrity": "sha1-bRX7qITAhnnA136I53WegR4H+kE=",
+      "dev": true
     },
     "yallist": {
       "version": "3.0.3",
       "resolved": "https://registry.npmjs.org/yallist/-/yallist-3.0.3.tgz",
       "integrity": "sha512-S+Zk8DEWE6oKpV+vI3qWkaK+jSbIK86pCwe2IF/xwIpQ8jEuxpw9NyaGjmp9+BoJv5FV2piqCDcoCtStppiq2A=="
     },
-    "yargs": {
-      "version": "4.8.1",
-      "resolved": "https://registry.npmjs.org/yargs/-/yargs-4.8.1.tgz",
-      "integrity": "sha1-wMQpJMpKqmsObaFznfshZDn53cA=",
-      "requires": {
-        "cliui": "^3.2.0",
-        "decamelize": "^1.1.1",
-        "get-caller-file": "^1.0.1",
-        "lodash.assign": "^4.0.3",
-        "os-locale": "^1.4.0",
-        "read-pkg-up": "^1.0.1",
-        "require-directory": "^2.1.1",
-        "require-main-filename": "^1.0.1",
-        "set-blocking": "^2.0.0",
-        "string-width": "^1.0.1",
-        "which-module": "^1.0.0",
-        "window-size": "^0.2.0",
-        "y18n": "^3.2.1",
-        "yargs-parser": "^2.4.1"
-      }
-    },
-    "yargs-parser": {
-      "version": "2.4.1",
-      "resolved": "https://registry.npmjs.org/yargs-parser/-/yargs-parser-2.4.1.tgz",
-      "integrity": "sha1-hVaN488VD/SfpRgl8DqMiA3cxcQ=",
-      "requires": {
-        "camelcase": "^3.0.0",
-        "lodash.assign": "^4.0.6"
-      }
-    },
     "yauzl": {
       "version": "2.4.1",
       "resolved": "https://registry.npmjs.org/yauzl/-/yauzl-2.4.1.tgz",
diff --git a/api/package.json b/api/package.json
index dbca456c1..5bafef125 100644
--- a/api/package.json
+++ b/api/package.json
@@ -51,7 +51,6 @@
     "markdown-it-deflist": "^2.0.3",
     "markdown-it-emoji": "^1.4.0",
     "markdown-it-mark": "^2.0.0",
-    "migrate-mongoose": "^3.2.2",
     "moment": "^2.24.0",
     "mongoose": "~5.4.19",
     "morgan": "^1.9.1",

From 45e114aa4e11dbd5fb197031f7869712e43947f8 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 16:00:44 +0100
Subject: [PATCH 133/207] Remove disabled ProgressController GET route code

---
 api/src/controllers/ProgressController.ts     | 94 -------------------
 .../shared/services/data/progress.service.ts  | 22 -----
 2 files changed, 116 deletions(-)

diff --git a/api/src/controllers/ProgressController.ts b/api/src/controllers/ProgressController.ts
index d1a640ca2..6b6563f82 100644
--- a/api/src/controllers/ProgressController.ts
+++ b/api/src/controllers/ProgressController.ts
@@ -70,100 +70,6 @@ export class ProgressController {
     return progress ? progress.toObject({virtuals: true}) : {};
   }
 
-  /**
-   * @api {get} /api/progress/courses/:id Get course progress
-   * @apiName GetCourseProgress
-   * @apiGroup Progress
-   *
-   * @apiParam {String} id Course ID.
-   *
-   * @apiSuccess {Progress[]} progresses List of progress.
-   *
-   * @apiSuccessExample {json} Success-Response:
-   *     [{
-   *         "_id": "5ab2b9516fab4a3ae0cd6737",
-   *         "done": false,
-   *         "updatedAt": "2018-03-21T19:58:09.386Z",
-   *         "createdAt": "2018-03-21T19:58:09.386Z",
-   *         "unit": "5ab2b80a6fab4a3ae0cd672d",
-   *         "course": "5a53c474a347af01b84e54b7",
-   *         "answers": {
-   *             "5ab2b80a6fab4a3ae0cd672e": {
-   *                 "5ab2b80a6fab4a3ae0cd6730": true,
-   *                 "5ab2b80a6fab4a3ae0cd672f": false
-   *             },
-   *             "5ab2b8dd6fab4a3ae0cd6734": {
-   *                 "5ab2b8dd6fab4a3ae0cd6736": false,
-   *                 "5ab2b8dd6fab4a3ae0cd6735": true
-   *             },
-   *             "5ab2b8dd6fab4a3ae0cd6731": {
-   *                 "5ab2b8dd6fab4a3ae0cd6733": false,
-   *                 "5ab2b8dd6fab4a3ae0cd6732": true
-   *             }
-   *         },
-   *         "type": "task-unit-progress",
-   *         "user": "5a037e6a60f72236d8e7c813",
-   *         "__v": 0,
-   *         "__t": "task-unit-progress",
-   *         "id": "5ab2b9516fab4a3ae0cd6737"
-   *     }]
-   */
-  // This route has been disabled since it appears to be unused and insufficiently secured.
-  /*
-  @Get('/courses/:id')
-  getCourseProgress(@Param('id') id: string) {
-    return Progress.find({'course': id})
-      .then((progresses) => progresses.map((progress) => progress.toObject({virtuals: true})));
-  }
-  */
-
-  /**
-   * @api {get} /api/progress/users/:id Get user progress
-   * @apiName GetUserProgress
-   * @apiGroup Progress
-   *
-   * @apiParam {String} id User ID.
-   *
-   * @apiSuccess {Progress[]} progresses List of progress.
-   *
-   * @apiSuccessExample {json} Success-Response:
-   *     [{
-   *         "_id": "5ab2b9516fab4a3ae0cd6737",
-   *         "done": false,
-   *         "updatedAt": "2018-03-21T19:58:09.386Z",
-   *         "createdAt": "2018-03-21T19:58:09.386Z",
-   *         "unit": "5ab2b80a6fab4a3ae0cd672d",
-   *         "course": "5a53c474a347af01b84e54b7",
-   *         "answers": {
-   *             "5ab2b80a6fab4a3ae0cd672e": {
-   *                 "5ab2b80a6fab4a3ae0cd6730": true,
-   *                 "5ab2b80a6fab4a3ae0cd672f": false
-   *             },
-   *             "5ab2b8dd6fab4a3ae0cd6734": {
-   *                 "5ab2b8dd6fab4a3ae0cd6736": false,
-   *                 "5ab2b8dd6fab4a3ae0cd6735": true
-   *             },
-   *             "5ab2b8dd6fab4a3ae0cd6731": {
-   *                 "5ab2b8dd6fab4a3ae0cd6733": false,
-   *                 "5ab2b8dd6fab4a3ae0cd6732": true
-   *             }
-   *         },
-   *         "type": "task-unit-progress",
-   *         "user": "5a037e6a60f72236d8e7c813",
-   *         "__v": 0,
-   *         "__t": "task-unit-progress",
-   *         "id": "5ab2b9516fab4a3ae0cd6737"
-   *     }]
-   */
-  // This route has been disabled since it appears to be unused and insufficiently secured.
-  /*
-  @Get('/users/:id')
-  getUserProgress(@Param('id') id: string) {
-    return Progress.find({'user': id})
-      .then((progresses) => progresses.map((progress) => progress.toObject({virtuals: true})));
-  }
-  */
-
   /**
    * @api {put} /api/progress/ Set progress for a unit (i.e. create or update it idempotently)
    * @apiName PutProgress
diff --git a/app/webFrontend/src/app/shared/services/data/progress.service.ts b/app/webFrontend/src/app/shared/services/data/progress.service.ts
index b16af93cf..9bca7b1ab 100644
--- a/app/webFrontend/src/app/shared/services/data/progress.service.ts
+++ b/app/webFrontend/src/app/shared/services/data/progress.service.ts
@@ -19,26 +19,4 @@ export class ProgressService extends DataService {
       .put(this.apiPath, JSON.stringify(updateItem))
       .toPromise();
   }
-
-  // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
-  /*
-  getCourseProgress(courseId: string) {
-    const originalApiPath = this.apiPath;
-    this.apiPath += 'courses/';
-    const promise = this.readSingleItem(courseId);
-    this.apiPath = originalApiPath;
-    return promise;
-  }
-  */
-
-  // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
-  /*
-  getUserProgress(userId: string) {
-    const originalApiPath = this.apiPath;
-    this.apiPath += 'users/';
-    const promise = this.readSingleItem(userId);
-    this.apiPath = originalApiPath;
-    return promise;
-  }
-  */
 }

From 2dc0da10a9fb7f89a7bd1ee408453312ec157cfc Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Wed, 20 Mar 2019 18:34:48 +0100
Subject: [PATCH 134/207] CHANGELOG: Add progress GET route response change
 entry

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5cb311eb4..6ed4495a2 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -18,6 +18,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Changed
 - Extended `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - Refactored `ProgressController` unit tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Instead of a list of progress data, the `ProgressController` `GET` route now responds with a single progress object or an empty object if no data can be found. [#1116](https://github.com/geli-lms/geli/issues/1116)
 
 ### Removed
 - Unused `ProgressController` `GET` routes for `/courses/` & `/users/`. [#1116](https://github.com/geli-lms/geli/issues/1116)

From 378e16547b357f076b468e65e02a2f23db1e6779 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 00:59:35 +0100
Subject: [PATCH 135/207] Refactor CodeKataUnit POST unit tests with TestHelper

---
 api/test/integration/unit/codeKataUnit.ts | 35 ++++++-----------------
 1 file changed, 8 insertions(+), 27 deletions(-)

diff --git a/api/test/integration/unit/codeKataUnit.ts b/api/test/integration/unit/codeKataUnit.ts
index 1d5b81e7e..3badbe1d7 100644
--- a/api/test/integration/unit/codeKataUnit.ts
+++ b/api/test/integration/unit/codeKataUnit.ts
@@ -1,7 +1,7 @@
 import * as chai from 'chai';
 import chaiHttp = require('chai-http');
+import {TestHelper} from '../../TestHelper';
 import {Server} from '../../../src/server';
-import {FixtureLoader} from '../../../fixtures/FixtureLoader';
 import {JwtUtils} from '../../../src/security/JwtUtils';
 import {User} from '../../../src/models/User';
 import {Lecture} from '../../../src/models/Lecture';
@@ -11,10 +11,9 @@ import {Unit} from '../../../src/models/units/Unit';
 import {ICodeKataModel} from '../../../src/models/units/CodeKataUnit';
 
 chai.use(chaiHttp);
-const should = chai.should();
 const app = new Server().app;
 const BASE_URL = '/api/units';
-const fixtureLoader = new FixtureLoader();
+const testHelper = new TestHelper(BASE_URL);
 
 describe(`CodeKataUnit ${BASE_URL}`, () => {
   const model = {
@@ -36,9 +35,9 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
     '\n' +
     '}'
   };
-  // Before each test we reset the database
+
   beforeEach(async () => {
-    await fixtureLoader.load();
+    await testHelper.resetForNextTest();
   });
 
   describe(`POST ${BASE_URL}`, () => {
@@ -54,12 +53,7 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
     it('should fail with BadRequest (missing lectureId)', async () => {
       const teacher = await FixtureUtils.getRandomTeacher();
 
-      const res = await chai.request(app)
-        .post(BASE_URL)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .send({model: model})
-        .catch(err => err.response);
-
+      const res = await testHelper.commonUserPostRequest(teacher, '', {model});
       res.status.should.be.equal(400);
     });
 
@@ -68,12 +62,7 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       const course = await Course.findOne({lectures: { $in: [ lecture._id ] }});
       const courseAdmin = await User.findOne({_id: course.courseAdmin});
 
-      const res = await chai.request(app)
-        .post(BASE_URL)
-        .set('Cookie', `token=${JwtUtils.generateToken(courseAdmin)}`)
-        .send({lectureId: lecture._id})
-        .catch(err => err.response);
-
+      const res = await testHelper.commonUserPostRequest(courseAdmin, '', {lectureId: lecture._id});
       res.status.should.be.equal(400);
     });
 
@@ -83,11 +72,7 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       const courseAdmin = await User.findOne({_id: course.courseAdmin});
       model._course = course._id;
 
-      const res = await chai.request(app)
-        .post(BASE_URL)
-        .set('Cookie', `token=${JwtUtils.generateToken(courseAdmin)}`)
-        .send({lectureId: lecture._id, model: model});
-
+      const res = await testHelper.commonUserPostRequest(courseAdmin, '', {lectureId: lecture._id, model});
       res.status.should.be.equal(200);
       res.body.name.should.equal(model.name);
       res.body.description.should.equal(model.description);
@@ -109,11 +94,7 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       model.definition = undefined;
       model.test = undefined;
 
-      const res = await chai.request(app)
-        .post(BASE_URL)
-        .set('Cookie', `token=${JwtUtils.generateToken(courseAdmin)}`)
-        .send({lectureId: lecture._id, model: model});
-
+      const res = await testHelper.commonUserPostRequest(courseAdmin, '', {lectureId: lecture._id, model});
       res.status.should.be.equal(200);
       res.body.name.should.equal(model.name);
       res.body.description.should.equal(model.description);

From eacab377961b53d605d1614c953f0a2f69c6bef1 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 01:01:18 +0100
Subject: [PATCH 136/207] Fix CodeKataUnit PUT route test describe section

---
 api/test/integration/unit/codeKataUnit.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/api/test/integration/unit/codeKataUnit.ts b/api/test/integration/unit/codeKataUnit.ts
index 3badbe1d7..bc052bdf0 100644
--- a/api/test/integration/unit/codeKataUnit.ts
+++ b/api/test/integration/unit/codeKataUnit.ts
@@ -101,7 +101,9 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       res.body.unitCreator.profile.lastName.should.equal(courseAdmin.profile.lastName);
       res.body.unitCreator.profile.firstName.should.equal(courseAdmin.profile.firstName);
     });
+  });
 
+  describe(`PUT ${BASE_URL}`, () => {
     it('should update a codeKata', async () => {
       const unit = await Unit.findOne({__t: 'code-kata'});
       const lecture = await Lecture.findOne({units: { $in: [ unit._id ] }});

From 7c6948623bac6102b1d3ce63d663699a832b0436 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 01:03:22 +0100
Subject: [PATCH 137/207] Refactor CodeKataUnit PUT unit test with TestHelper

---
 api/test/integration/unit/codeKataUnit.ts | 7 +------
 1 file changed, 1 insertion(+), 6 deletions(-)

diff --git a/api/test/integration/unit/codeKataUnit.ts b/api/test/integration/unit/codeKataUnit.ts
index bc052bdf0..aa2d03257 100644
--- a/api/test/integration/unit/codeKataUnit.ts
+++ b/api/test/integration/unit/codeKataUnit.ts
@@ -2,7 +2,6 @@ import * as chai from 'chai';
 import chaiHttp = require('chai-http');
 import {TestHelper} from '../../TestHelper';
 import {Server} from '../../../src/server';
-import {JwtUtils} from '../../../src/security/JwtUtils';
 import {User} from '../../../src/models/User';
 import {Lecture} from '../../../src/models/Lecture';
 import {Course} from '../../../src/models/Course';
@@ -111,11 +110,7 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       const courseAdmin = await User.findOne({_id: course.courseAdmin});
       (<ICodeKataModel>unit).test += '\n// Test if we can edit a Kata';
 
-      const res = await chai.request(app)
-        .put(BASE_URL + '/' + unit.id)
-        .set('Cookie', `token=${JwtUtils.generateToken(courseAdmin)}`)
-        .send(unit.toObject());
-
+      const res = await testHelper.commonUserPutRequest(courseAdmin, `/${unit.id}`, unit.toObject());
       res.status.should.be.equal(200);
       res.body.test.should.string('// Test if we can edit a Kata');
     });

From e5f696dde95778fa5e78561036c28b16489b978c Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 18:22:32 +0100
Subject: [PATCH 138/207] Add UnitController GET success unit test

---
 api/test/integration/unit/codeKataUnit.ts | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/api/test/integration/unit/codeKataUnit.ts b/api/test/integration/unit/codeKataUnit.ts
index aa2d03257..e2d009737 100644
--- a/api/test/integration/unit/codeKataUnit.ts
+++ b/api/test/integration/unit/codeKataUnit.ts
@@ -39,6 +39,17 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
     await testHelper.resetForNextTest();
   });
 
+  describe(`GET ${BASE_URL}`, () => {
+    it('should get unit data', async () => {
+      const unit = await Unit.findOne({__t: 'code-kata'});
+      const course = await Course.findById(unit._course);
+      const courseAdmin = await User.findById(course.courseAdmin);
+
+      const res = await testHelper.commonUserGetRequest(courseAdmin, `/${unit.id}`);
+      res.status.should.be.equal(200);
+    });
+  });
+
   describe(`POST ${BASE_URL}`, () => {
     it('should fail with wrong authorization', async () => {
       const res = await chai.request(app)

From 6a8108157f42ece572b608066a46d9893bdc62c9 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 18:27:32 +0100
Subject: [PATCH 139/207] Add UnitController DELETE success unit test

---
 api/test/integration/unit/codeKataUnit.ts | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/api/test/integration/unit/codeKataUnit.ts b/api/test/integration/unit/codeKataUnit.ts
index e2d009737..1293de010 100644
--- a/api/test/integration/unit/codeKataUnit.ts
+++ b/api/test/integration/unit/codeKataUnit.ts
@@ -126,4 +126,18 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       res.body.test.should.string('// Test if we can edit a Kata');
     });
   });
+
+  describe(`DELETE ${BASE_URL}`, () => {
+    it('should delete unit', async () => {
+      const unit = await Unit.findOne({__t: 'code-kata'});
+      const course = await Course.findById(unit._course);
+      const courseAdmin = await User.findById(course.courseAdmin);
+
+      const res = await testHelper.commonUserDeleteRequest(courseAdmin, `/${unit.id}`);
+      res.status.should.be.equal(200);
+
+      const res2 = await testHelper.commonUserGetRequest(courseAdmin, `/${unit.id}`);
+      res2.status.should.be.equal(404);
+    });
+  });
 });

From 9068197c17a96e32581fd4254b1d9e54e176910f Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 18:40:51 +0100
Subject: [PATCH 140/207] Add UnitController 403 unit tests

These will fail until the corresponding vulnerabilities are fixed.
---
 api/test/integration/unit/codeKataUnit.ts | 42 +++++++++++++++++++++++
 1 file changed, 42 insertions(+)

diff --git a/api/test/integration/unit/codeKataUnit.ts b/api/test/integration/unit/codeKataUnit.ts
index 1293de010..69c94c8c1 100644
--- a/api/test/integration/unit/codeKataUnit.ts
+++ b/api/test/integration/unit/codeKataUnit.ts
@@ -48,6 +48,15 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       const res = await testHelper.commonUserGetRequest(courseAdmin, `/${unit.id}`);
       res.status.should.be.equal(200);
     });
+
+    it('should deny access to unit data if the user is unauthorized', async () => {
+      const unit = await Unit.findOne({__t: 'code-kata'});
+      const course = await Course.findById(unit._course);
+      const unauthorizedUser = await FixtureUtils.getUnauthorizedStudentForCourse(course);
+
+      const res = await testHelper.commonUserGetRequest(unauthorizedUser, `/${unit.id}`);
+      res.status.should.be.equal(403);
+    });
   });
 
   describe(`POST ${BASE_URL}`, () => {
@@ -111,6 +120,16 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       res.body.unitCreator.profile.lastName.should.equal(courseAdmin.profile.lastName);
       res.body.unitCreator.profile.firstName.should.equal(courseAdmin.profile.firstName);
     });
+
+    it('should fail to create a new unit for an unauthorized teacher', async () => {
+      const lecture = await FixtureUtils.getRandomLecture();
+      const course = await Course.findOne({lectures: { $in: [ lecture._id ] }});
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      model._course = course._id;
+
+      const res = await testHelper.commonUserPostRequest(unauthorizedTeacher, '', {lectureId: lecture._id, model});
+      res.status.should.be.equal(403);
+    });
   });
 
   describe(`PUT ${BASE_URL}`, () => {
@@ -125,6 +144,17 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       res.status.should.be.equal(200);
       res.body.test.should.string('// Test if we can edit a Kata');
     });
+
+    it('should fail to update a unit for an unauthorized teacher', async () => {
+      const unit = await Unit.findOne({__t: 'code-kata'});
+      const lecture = await Lecture.findOne({units: { $in: [ unit._id ] }});
+      const course = await Course.findOne({lectures: { $in: [ lecture._id ] }});
+      (<ICodeKataModel>unit).test += '\n// Test if we can edit a Kata';
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const res = await testHelper.commonUserPutRequest(unauthorizedTeacher, `/${unit.id}`, unit.toObject());
+      res.status.should.be.equal(403);
+    });
   });
 
   describe(`DELETE ${BASE_URL}`, () => {
@@ -139,5 +169,17 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
       const res2 = await testHelper.commonUserGetRequest(courseAdmin, `/${unit.id}`);
       res2.status.should.be.equal(404);
     });
+
+    it('should fail to delete unit for an unauthorized teacher', async () => {
+      const unit = await Unit.findOne({__t: 'code-kata'});
+      const course = await Course.findById(unit._course);
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const res = await testHelper.commonUserDeleteRequest(unauthorizedTeacher, `/${unit.id}`);
+      res.status.should.be.equal(403);
+
+      const res2 = await testHelper.commonUserGetRequest(unauthorizedTeacher, `/${unit.id}`);
+      res2.status.should.be.equal(200);
+    });
   });
 });

From 3260618c543874bff5e35bfd0950a30e5089db0e Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 18:52:24 +0100
Subject: [PATCH 141/207] Factor out shared UnitController GET unit test code

---
 api/test/integration/unit/codeKataUnit.ts | 19 +++++++++----------
 1 file changed, 9 insertions(+), 10 deletions(-)

diff --git a/api/test/integration/unit/codeKataUnit.ts b/api/test/integration/unit/codeKataUnit.ts
index 69c94c8c1..a6ffd81a6 100644
--- a/api/test/integration/unit/codeKataUnit.ts
+++ b/api/test/integration/unit/codeKataUnit.ts
@@ -4,7 +4,7 @@ import {TestHelper} from '../../TestHelper';
 import {Server} from '../../../src/server';
 import {User} from '../../../src/models/User';
 import {Lecture} from '../../../src/models/Lecture';
-import {Course} from '../../../src/models/Course';
+import {Course, ICourseModel} from '../../../src/models/Course';
 import {FixtureUtils} from '../../../fixtures/FixtureUtils';
 import {Unit} from '../../../src/models/units/Unit';
 import {ICodeKataModel} from '../../../src/models/units/CodeKataUnit';
@@ -40,22 +40,21 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
   });
 
   describe(`GET ${BASE_URL}`, () => {
-    it('should get unit data', async () => {
+    async function commonGetTest (getUserForCourseFunc: Function, status: number) {
       const unit = await Unit.findOne({__t: 'code-kata'});
       const course = await Course.findById(unit._course);
-      const courseAdmin = await User.findById(course.courseAdmin);
+      const courseAdmin = await getUserForCourseFunc(course);
 
       const res = await testHelper.commonUserGetRequest(courseAdmin, `/${unit.id}`);
-      res.status.should.be.equal(200);
+      res.status.should.be.equal(status);
+    }
+
+    it('should get unit data', async () => {
+      await commonGetTest(async (course: ICourseModel) => await User.findById(course.courseAdmin), 200);
     });
 
     it('should deny access to unit data if the user is unauthorized', async () => {
-      const unit = await Unit.findOne({__t: 'code-kata'});
-      const course = await Course.findById(unit._course);
-      const unauthorizedUser = await FixtureUtils.getUnauthorizedStudentForCourse(course);
-
-      const res = await testHelper.commonUserGetRequest(unauthorizedUser, `/${unit.id}`);
-      res.status.should.be.equal(403);
+      await commonGetTest(FixtureUtils.getUnauthorizedStudentForCourse, 403);
     });
   });
 

From f486ad44022507abb65dc68fe01bc88884aa547a Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 18:58:08 +0100
Subject: [PATCH 142/207] Secure UnitController GET via course.checkPrivileges

---
 api/src/controllers/UnitController.ts | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index c72e857c1..fff47b37e 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -1,9 +1,10 @@
 import {
   Body, Get, Put, Delete, Param, JsonController, UseBefore, NotFoundError, BadRequestError, Post,
-  Authorized, CurrentUser
+  Authorized, CurrentUser, ForbiddenError
 } from 'routing-controllers';
 import passportJwtMiddleware from '../security/passportJwtMiddleware';
 
+import {Course} from '../models/Course';
 import {Lecture} from '../models/Lecture';
 import {IUnitModel, Unit} from '../models/units/Unit';
 import {IUser} from '../../../shared/models/IUser';
@@ -36,11 +37,15 @@ export class UnitController {
    *     }
    */
   @Get('/:id')
-  async getUnit(@Param('id') id: string) {
+  async getUnit(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
     const unit = await Unit.findById(id);
     if (!unit) {
       throw new NotFoundError();
     }
+    const course = await Course.findById(unit._course);
+    if (!course.checkPrivileges(currentUser).userCanViewCourse) {
+      throw new ForbiddenError();
+    }
     return unit.toObject();
   }
 

From 93ec3c770550f78afc541b42d2a32c926f2b3e0e Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 19:03:00 +0100
Subject: [PATCH 143/207] Secure UnitController POST via course.checkPrivileges

---
 api/src/controllers/UnitController.ts | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index fff47b37e..bfcdcb93c 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -87,6 +87,12 @@ export class UnitController {
   async addUnit(@Body() data: any, @CurrentUser() currentUser: IUser) {
     // discard invalid requests
     this.checkPostParam(data);
+
+    const course = await Course.findById(data.model._course);
+    if (!course.checkPrivileges(currentUser).userCanEditCourse) {
+      throw new ForbiddenError();
+    }
+
     // Set current user as creator, old unit's dont have a creator
     data.model.unitCreator = currentUser._id;
     try {

From 1a4880a48be3bc1c7aa165a611bff5b2664d223d Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 19:04:43 +0100
Subject: [PATCH 144/207] Secure UnitController PUT via course.checkPrivileges

---
 api/src/controllers/UnitController.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index bfcdcb93c..27affb29e 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -140,13 +140,18 @@ export class UnitController {
    */
   @Authorized(['teacher', 'admin'])
   @Put('/:id')
-  async updateUnit(@Param('id') id: string, @Body() data: any) {
+  async updateUnit(@Param('id') id: string, @Body() data: any, @CurrentUser() currentUser: IUser) {
     const oldUnit: IUnitModel = await Unit.findById(id);
 
     if (!oldUnit) {
       throw new NotFoundError();
     }
 
+    const course = await Course.findById(oldUnit._course);
+    if (!course.checkPrivileges(currentUser).userCanEditCourse) {
+      throw new ForbiddenError();
+    }
+
     try {
       oldUnit.set(data);
       const updatedUnit: IUnitModel = await oldUnit.save();

From aeab1d8ad6e3803d4153f55d0326b8e6712c7001 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 19:08:37 +0100
Subject: [PATCH 145/207] Refactor UnitController DELETE to use async/await

---
 api/src/controllers/UnitController.ts | 20 +++++++++-----------
 1 file changed, 9 insertions(+), 11 deletions(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index 27affb29e..a97a8c39b 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -185,18 +185,16 @@ export class UnitController {
    */
   @Authorized(['teacher', 'admin'])
   @Delete('/:id')
-  deleteUnit(@Param('id') id: string) {
-    return Unit.findById(id).then((unit) => {
-      if (!unit) {
-        throw new NotFoundError();
-      }
+  async deleteUnit(@Param('id') id: string) {
+    const unit = await Unit.findById(id);
+
+    if (!unit) {
+      throw new NotFoundError();
+    }
 
-      return Lecture.updateMany({}, {$pull: {units: id}})
-        .then(() => unit.remove())
-        .then(() => {
-          return {result: true};
-        });
-    });
+    await Lecture.updateMany({}, {$pull: {units: id}});
+    await unit.remove();
+    return {result: true};
   }
 
   protected pushToLecture(lectureId: string, unit: any) {

From 127440c0168479d3a33e0cae958c0a19b4017dae Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 19:10:57 +0100
Subject: [PATCH 146/207] Fix UnitController DELETE 403 unit test

---
 api/test/integration/unit/codeKataUnit.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/api/test/integration/unit/codeKataUnit.ts b/api/test/integration/unit/codeKataUnit.ts
index a6ffd81a6..e0318d7be 100644
--- a/api/test/integration/unit/codeKataUnit.ts
+++ b/api/test/integration/unit/codeKataUnit.ts
@@ -172,12 +172,13 @@ describe(`CodeKataUnit ${BASE_URL}`, () => {
     it('should fail to delete unit for an unauthorized teacher', async () => {
       const unit = await Unit.findOne({__t: 'code-kata'});
       const course = await Course.findById(unit._course);
+      const courseAdmin = await User.findById(course.courseAdmin);
       const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
 
       const res = await testHelper.commonUserDeleteRequest(unauthorizedTeacher, `/${unit.id}`);
       res.status.should.be.equal(403);
 
-      const res2 = await testHelper.commonUserGetRequest(unauthorizedTeacher, `/${unit.id}`);
+      const res2 = await testHelper.commonUserGetRequest(courseAdmin, `/${unit.id}`);
       res2.status.should.be.equal(200);
     });
   });

From 5d99e4436eb0c8e728610b7e67482efc00faa2f5 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 19:11:17 +0100
Subject: [PATCH 147/207] Secure UnitController DELETE via
 course.checkPrivileges

---
 api/src/controllers/UnitController.ts | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index a97a8c39b..f37c22919 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -185,13 +185,18 @@ export class UnitController {
    */
   @Authorized(['teacher', 'admin'])
   @Delete('/:id')
-  async deleteUnit(@Param('id') id: string) {
+  async deleteUnit(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
     const unit = await Unit.findById(id);
 
     if (!unit) {
       throw new NotFoundError();
     }
 
+    const course = await Course.findById(unit._course);
+    if (!course.checkPrivileges(currentUser).userCanEditCourse) {
+      throw new ForbiddenError();
+    }
+
     await Lecture.updateMany({}, {$pull: {units: id}});
     await unit.remove();
     return {result: true};

From 1e1aab2fb91abb175e181afc95fda16fc0a0917b Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 19:20:30 +0100
Subject: [PATCH 148/207] Factor out shared UnitController code as getUnitFor

---
 api/src/controllers/UnitController.ts | 45 ++++++++++-----------------
 1 file changed, 17 insertions(+), 28 deletions(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index f37c22919..bf1265d6d 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -13,6 +13,20 @@ import {IUser} from '../../../shared/models/IUser';
 @UseBefore(passportJwtMiddleware)
 export class UnitController {
 
+  static async getUnitFor (unitId: string, currentUser: IUser, privilege: 'userCanViewCourse' | 'userCanEditCourse') {
+    const unit = await Unit.findById(unitId);
+    if (!unit) {
+      throw new NotFoundError();
+    }
+
+    const course = await Course.findById(unit._course);
+    if (!course.checkPrivileges(currentUser)[privilege]) {
+      throw new ForbiddenError();
+    }
+
+    return unit;
+  }
+
   /**
    * @api {get} /api/units/:id Request unit
    * @apiName GetUnit
@@ -38,14 +52,7 @@ export class UnitController {
    */
   @Get('/:id')
   async getUnit(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
-    const unit = await Unit.findById(id);
-    if (!unit) {
-      throw new NotFoundError();
-    }
-    const course = await Course.findById(unit._course);
-    if (!course.checkPrivileges(currentUser).userCanViewCourse) {
-      throw new ForbiddenError();
-    }
+    const unit = await UnitController.getUnitFor(id, currentUser, 'userCanViewCourse');
     return unit.toObject();
   }
 
@@ -141,16 +148,7 @@ export class UnitController {
   @Authorized(['teacher', 'admin'])
   @Put('/:id')
   async updateUnit(@Param('id') id: string, @Body() data: any, @CurrentUser() currentUser: IUser) {
-    const oldUnit: IUnitModel = await Unit.findById(id);
-
-    if (!oldUnit) {
-      throw new NotFoundError();
-    }
-
-    const course = await Course.findById(oldUnit._course);
-    if (!course.checkPrivileges(currentUser).userCanEditCourse) {
-      throw new ForbiddenError();
-    }
+    const oldUnit = await UnitController.getUnitFor(id, currentUser, 'userCanEditCourse');
 
     try {
       oldUnit.set(data);
@@ -186,16 +184,7 @@ export class UnitController {
   @Authorized(['teacher', 'admin'])
   @Delete('/:id')
   async deleteUnit(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
-    const unit = await Unit.findById(id);
-
-    if (!unit) {
-      throw new NotFoundError();
-    }
-
-    const course = await Course.findById(unit._course);
-    if (!course.checkPrivileges(currentUser).userCanEditCourse) {
-      throw new ForbiddenError();
-    }
+    const unit = await UnitController.getUnitFor(id, currentUser, 'userCanEditCourse');
 
     await Lecture.updateMany({}, {$pull: {units: id}});
     await unit.remove();

From 72287baa32b57d48ad76bf35b405d7060d0b515a Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 19:21:30 +0100
Subject: [PATCH 149/207] Add missing UnitController @apiErrors

---
 api/src/controllers/UnitController.ts | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index bf1265d6d..afe0abf1e 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -49,6 +49,9 @@ export class UnitController {
    *         "type": "free-text",
    *         "__v": 0
    *     }
+   *
+   * @apiError NotFoundError
+   * @apiError ForbiddenError
    */
   @Get('/:id')
   async getUnit(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
@@ -87,6 +90,7 @@ export class UnitController {
    * @apiError BadRequestError No unit was submitted.
    * @apiError BadRequestError Unit has no _course set.
    * @apiError BadRequestError
+   * @apiError ForbiddenError
    * @apiError ValidationError
    */
   @Authorized(['teacher', 'admin'])
@@ -140,9 +144,10 @@ export class UnitController {
    *         "__v": 0
    *     }
    *
-   * @apiError NotFoundError
    * @apiError BadRequestError Invalid combination of file upload and unit data.
    * @apiError BadRequestError
+   * @apiError NotFoundError
+   * @apiError ForbiddenError
    * @apiError ValidationError
    */
   @Authorized(['teacher', 'admin'])
@@ -180,6 +185,7 @@ export class UnitController {
    *     }
    *
    * @apiError NotFoundError
+   * @apiError ForbiddenError
    */
   @Authorized(['teacher', 'admin'])
   @Delete('/:id')

From a0e28d37befe573f124b65d92d43e2c2841be94c Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 19:50:33 +0100
Subject: [PATCH 150/207] Refactor UnitController POST route errorCodes

---
 api/src/config/errorCodes.ts          | 14 ++++++++++++++
 api/src/controllers/UnitController.ts |  8 ++++----
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/api/src/config/errorCodes.ts b/api/src/config/errorCodes.ts
index 60dd2f8ca..b4812fd30 100644
--- a/api/src/config/errorCodes.ts
+++ b/api/src/config/errorCodes.ts
@@ -175,5 +175,19 @@ export const errorCodes = {
       code: 'pastDeadline',
       text: 'Past deadline, no further update possible'
     }
+  },
+  unit: {
+    postMissingLectureId: {
+      code: 'postMissingLectureId',
+      text: 'No lecture ID was submitted.'
+    },
+    postMissingUnit: {
+      code: 'postMissingUnit',
+      text: 'No unit was submitted.'
+    },
+    postMissingCourse: {
+      code: 'postMissingCourse',
+      text: 'Unit has no _course set'
+    }
   }
 };
diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index afe0abf1e..d3acf85e8 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -3,7 +3,7 @@ import {
   Authorized, CurrentUser, ForbiddenError
 } from 'routing-controllers';
 import passportJwtMiddleware from '../security/passportJwtMiddleware';
-
+import {errorCodes} from '../config/errorCodes';
 import {Course} from '../models/Course';
 import {Lecture} from '../models/Lecture';
 import {IUnitModel, Unit} from '../models/units/Unit';
@@ -216,15 +216,15 @@ export class UnitController {
 
   protected checkPostParam(data: any) {
     if (!data.lectureId) {
-      throw new BadRequestError('No lecture ID was submitted.');
+      throw new BadRequestError(errorCodes.unit.postMissingLectureId.text);
     }
 
     if (!data.model) {
-      throw new BadRequestError('No unit was submitted.');
+      throw new BadRequestError(errorCodes.unit.postMissingUnit.text);
     }
 
     if (!data.model._course) {
-      throw new BadRequestError('Unit has no _course set');
+      throw new BadRequestError(errorCodes.unit.postMissingCourse.text);
     }
   }
 }

From 66adf6e1d720d77e35cfba2df127bfffdcc3f65e Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 20:24:17 +0100
Subject: [PATCH 151/207] Change UnitController DELETE response to {}

---
 api/src/controllers/UnitController.ts | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index d3acf85e8..412f5c058 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -177,12 +177,10 @@ export class UnitController {
    *
    * @apiParam {String} id Unit ID.
    *
-   * @apiSuccess {Boolean} result Confirmation of deletion.
+   * @apiSuccess {Object} result Empty object.
    *
    * @apiSuccessExample {json} Success-Response:
-   *     {
-   *         "result": true
-   *     }
+   *     {}
    *
    * @apiError NotFoundError
    * @apiError ForbiddenError
@@ -194,7 +192,7 @@ export class UnitController {
 
     await Lecture.updateMany({}, {$pull: {units: id}});
     await unit.remove();
-    return {result: true};
+    return {};
   }
 
   protected pushToLecture(lectureId: string, unit: any) {

From c8636b225e7d10b296120a2990cf76e5ce718ad5 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 20:32:23 +0100
Subject: [PATCH 152/207] CHANGELOG: Add entries for issue 1190

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 6ed4495a2..132168f37 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -14,6 +14,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Added
 - Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
 - `ProgressController` `GET` unit tests & access denial tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- `UnitController` `GET` & `DELETE` route unit tests for status code `200`. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- `UnitController` status code `403` (not authorized to view / edit course) unit tests for all routes. [#1190](https://github.com/geli-lms/geli/issues/1190)
 
 ### Changed
 - Extended `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)
@@ -30,6 +32,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ### Security
 - Closed `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Closed `UnitController` vulnerabilities. [#1190](https://github.com/geli-lms/geli/issues/1190)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From 0a1a75d5bda6f260abf8c237db69f31863a9cfa8 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:08:16 +0100
Subject: [PATCH 153/207] Refactor WhitelistController unit tests via
 TestHelper

---
 api/test/integration/whitelistUser.ts | 41 +++++++--------------------
 1 file changed, 10 insertions(+), 31 deletions(-)

diff --git a/api/test/integration/whitelistUser.ts b/api/test/integration/whitelistUser.ts
index 5965bcab4..e380d56e9 100644
--- a/api/test/integration/whitelistUser.ts
+++ b/api/test/integration/whitelistUser.ts
@@ -1,12 +1,9 @@
 import * as chai from 'chai';
 import {Server} from '../../src/server';
-import {FixtureLoader} from '../../fixtures/FixtureLoader';
-import {JwtUtils} from '../../src/security/JwtUtils';
+import {TestHelper} from '../TestHelper';
 import {User} from '../../src/models/User';
 import {WhitelistUser} from '../../src/models/WhitelistUser';
 import {IWhitelistUser} from '../../../shared/models/IWhitelistUser';
-import * as mongoose from 'mongoose';
-import ObjectId = mongoose.Types.ObjectId;
 import {FixtureUtils} from '../../fixtures/FixtureUtils';
 import {ICourse} from '../../../shared/models/ICourse';
 import {IUser} from '../../../shared/models/IUser';
@@ -14,11 +11,10 @@ import {Course} from '../../src/models/Course';
 
 const app = new Server().app;
 const BASE_URL = '/api/whitelist';
-const fixtureLoader = new FixtureLoader();
+const testHelper = new TestHelper(BASE_URL);
 
 describe('Whitelist User', () => {
-  // Before each test we reset the database
-  beforeEach(() => fixtureLoader.load());
+  beforeEach(() => testHelper.resetForNextTest());
 
   describe(`GET ${BASE_URL}`, () => {
     it('should get a whitelist user', async () => {
@@ -31,15 +27,14 @@ describe('Whitelist User', () => {
         courseId: course._id
       });
       const createdWhitelistUser: IWhitelistUser = await WhitelistUser.create(newWhitelistUser);
-      const res = await chai.request(app)
-        .get(`${BASE_URL}/${createdWhitelistUser._id.toString()}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`);
+      const res = await testHelper.commonUserGetRequest(teacher, `/${createdWhitelistUser._id.toString()}`);
       res.status.should.be.equal(200);
       res.body.firstName.should.be.equal(newWhitelistUser.firstName);
       res.body.lastName.should.be.equal(newWhitelistUser.lastName);
       res.body.uid.should.be.equal(newWhitelistUser.uid);
     });
   });
+
   describe(`POST ${BASE_URL}`, () => {
     it('should create a new whitelist User', async () => {
       const course: ICourse = await FixtureUtils.getRandomCourse();
@@ -50,10 +45,7 @@ describe('Whitelist User', () => {
         courseId: course._id
       };
       const teacher = await FixtureUtils.getRandomTeacher();
-      const res = await chai.request(app)
-        .post(`${BASE_URL}/`)
-        .send(whitelistUser)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`);
+      const res = await testHelper.commonUserPostRequest(teacher, '', whitelistUser);
       res.status.should.be.equal(200);
       res.body.firstName.should.be.equal(whitelistUser.firstName.toLowerCase());
       res.body.lastName.should.be.equal(whitelistUser.lastName.toLowerCase());
@@ -94,10 +86,7 @@ describe('Whitelist User', () => {
         uid: user.uid,
         courseId: course._id
       };
-      const res = await chai.request(app)
-        .post(`${BASE_URL}/`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .send(whitelistUser);
+      const res = await testHelper.commonUserPostRequest(teacher, '', whitelistUser);
       res.status.should.be.equal(200);
       const resCourse = await Course.findById(course._id).populate('students');
       const addedUsers: IUser[] = resCourse.students.filter(stud => stud.uid === user.uid);
@@ -119,11 +108,7 @@ describe('Whitelist User', () => {
         courseId: course._id
       });
       const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
-      const res = await
-        chai.request(app)
-          .put(`${BASE_URL}/${createdWhitelistUser._id}`)
-          .send(createdWhitelistUser)
-          .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`);
+      const res = await testHelper.commonUserPutRequest(teacher, `/${createdWhitelistUser._id}`, createdWhitelistUser);
       res.status.should.be.equal(200);
       res.body.firstName.should.be.equal(newWhitelistUser.firstName);
       res.body.lastName.should.be.equal(newWhitelistUser.lastName);
@@ -131,7 +116,6 @@ describe('Whitelist User', () => {
     });
 
     it('should fail with wrong authorization', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
       const course: ICourse = await FixtureUtils.getRandomCourse();
       const newWhitelistUser: IWhitelistUser = new WhitelistUser({
         firstName: 'Max',
@@ -160,14 +144,11 @@ describe('Whitelist User', () => {
           courseId: course._id
         });
         const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
-        const res = await chai.request(app)
-          .del(`${BASE_URL}/${createdWhitelistUser._id}`)
-          .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`);
+        const res = await testHelper.commonUserDeleteRequest(teacher, `/${createdWhitelistUser._id}`);
         res.status.should.be.equal(200);
       });
 
       it('should fail with wrong authorization', async () => {
-        const teacher = await FixtureUtils.getRandomTeacher();
         const course: ICourse = await FixtureUtils.getRandomCourse();
         const newWhitelistUser: IWhitelistUser = new WhitelistUser({
           firstName: 'Max',
@@ -197,9 +178,7 @@ describe('Whitelist User', () => {
         course.whitelist = course.whitelist.concat(createdWhitelistUser);
         await Course.findByIdAndUpdate(course._id, course);
 
-        const res = await chai.request(app)
-          .del(`${BASE_URL}/${createdWhitelistUser._id}`)
-          .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`);
+        const res = await testHelper.commonUserDeleteRequest(teacher, `/${createdWhitelistUser._id}`);
         res.status.should.be.equal(200);
         const resCourse = await Course.findById(course._id).populate('students');
         const emptyUsers: IUser[] = resCourse.students.filter(stud => stud.uid === member.uid);

From 7e0aa9bddae91d816752c4dfc2381e9766368981 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:11:17 +0100
Subject: [PATCH 154/207] Fix WhitelistController class name

---
 api/src/controllers/WhitelistController.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/src/controllers/WhitelistController.ts b/api/src/controllers/WhitelistController.ts
index 45c3c70a8..feef47256 100644
--- a/api/src/controllers/WhitelistController.ts
+++ b/api/src/controllers/WhitelistController.ts
@@ -11,7 +11,7 @@ import {IWhitelistUser} from '../../../shared/models/IWhitelistUser';
 
 @JsonController('/whitelist')
 @UseBefore(passportJwtMiddleware)
-export class WitelistController {
+export class WhitelistController {
 
   /**
    * @api {get} /api/whitelist/check/:whitelist

From f6181052bf9f88a0ec2f3e58c71c659107b7a1f9 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:11:35 +0100
Subject: [PATCH 155/207] Remove unused WhitelistController imports

---
 api/src/controllers/WhitelistController.ts | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/src/controllers/WhitelistController.ts b/api/src/controllers/WhitelistController.ts
index feef47256..1652435e7 100644
--- a/api/src/controllers/WhitelistController.ts
+++ b/api/src/controllers/WhitelistController.ts
@@ -1,5 +1,5 @@
-import {Get, Post, Put, Delete, Authorized, Param, Body, QueryParam, CurrentUser,
-  UseBefore, UploadedFile, JsonController, BadRequestError, HttpError} from 'routing-controllers';
+import {Get, Post, Put, Delete, Authorized, Param, Body,
+  UseBefore, JsonController, BadRequestError} from 'routing-controllers';
 import passportJwtMiddleware from '../security/passportJwtMiddleware';
 import {WhitelistUser} from '../models/WhitelistUser';
 import {errorCodes} from '../config/errorCodes';

From d072dad09a1ee85cb3e106640bf98830813ca7b1 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:13:22 +0100
Subject: [PATCH 156/207] Adjust WhitelistController unit test file name

---
 api/test/integration/{whitelistUser.ts => whitelist.ts} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename api/test/integration/{whitelistUser.ts => whitelist.ts} (99%)

diff --git a/api/test/integration/whitelistUser.ts b/api/test/integration/whitelist.ts
similarity index 99%
rename from api/test/integration/whitelistUser.ts
rename to api/test/integration/whitelist.ts
index e380d56e9..eb58ac73b 100644
--- a/api/test/integration/whitelistUser.ts
+++ b/api/test/integration/whitelist.ts
@@ -13,7 +13,7 @@ const app = new Server().app;
 const BASE_URL = '/api/whitelist';
 const testHelper = new TestHelper(BASE_URL);
 
-describe('Whitelist User', () => {
+describe('Whitelist', () => {
   beforeEach(() => testHelper.resetForNextTest());
 
   describe(`GET ${BASE_URL}`, () => {

From b3ea725b5bb52fa2c37cc7f8b84dca37b6e3b766 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:18:34 +0100
Subject: [PATCH 157/207] Rename WhitelistController.toMongooseObjectId

...to prepareWhitelistUserData, because the "toMongooseObjectId" might
be somewhat more confusing since the method doesn't actually return a
single ObjectId object, but a filtered version of the given whitelistUser.
---
 api/src/controllers/WhitelistController.ts | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/api/src/controllers/WhitelistController.ts b/api/src/controllers/WhitelistController.ts
index 1652435e7..d4ded1bbb 100644
--- a/api/src/controllers/WhitelistController.ts
+++ b/api/src/controllers/WhitelistController.ts
@@ -102,7 +102,7 @@ export class WhitelistController {
   async addWhitelistUser(@Body() whitelistUser: IWhitelistUser) {
     let savedWhitelistUser;
     try {
-      savedWhitelistUser = await new WhitelistUser(this.toMongooseObjectId(whitelistUser)).save();
+      savedWhitelistUser = await new WhitelistUser(this.prepareWhitelistUserData(whitelistUser)).save();
     } catch (err) {
       throw new BadRequestError(errorCodes.whitelist.duplicateWhitelistUser.text);
     }
@@ -144,7 +144,7 @@ export class WhitelistController {
     const foundWhitelistUser = await WhitelistUser.findById(id);
     try {
       updatedWhitelistUser = await WhitelistUser.findOneAndUpdate(
-        this.toMongooseObjectId(whitelistUser),
+        this.prepareWhitelistUserData(whitelistUser),
         {'new': true});
     } catch (err) {
       throw new BadRequestError(errorCodes.whitelist.duplicateWhitelistUser.text);
@@ -199,7 +199,7 @@ export class WhitelistController {
     }
   }
 
-  toMongooseObjectId(whitelistUser: IWhitelistUser) {
+  prepareWhitelistUserData(whitelistUser: IWhitelistUser) {
     return {
       _id: whitelistUser._id,
       firstName: whitelistUser.firstName,

From fdc470a8f71cf9ed89036df931f97ee9a892d632 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:20:34 +0100
Subject: [PATCH 158/207] Refactor WhitelistController.getUser to use
 async/await

---
 api/src/controllers/WhitelistController.ts | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/api/src/controllers/WhitelistController.ts b/api/src/controllers/WhitelistController.ts
index d4ded1bbb..b151ca56f 100644
--- a/api/src/controllers/WhitelistController.ts
+++ b/api/src/controllers/WhitelistController.ts
@@ -64,11 +64,9 @@ export class WhitelistController {
    *     }
    */
   @Get('/:id')
-  getUser(@Param('id') id: string) {
-    return WhitelistUser.findById(id)
-      .then((whitelistUser) => {
-        return whitelistUser.toObject({virtuals: true});
-      });
+  async getUser(@Param('id') id: string) {
+    const whitelistUser = await WhitelistUser.findById(id);
+    return whitelistUser.toObject({virtuals: true});
   }
 
   /**

From 60de881a119d672fa30cc04bdc44c3602fc3d537 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Thu, 21 Mar 2019 23:26:34 +0100
Subject: [PATCH 159/207] Change WhitelistController DELETE response to {}

---
 api/src/controllers/WhitelistController.ts | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/api/src/controllers/WhitelistController.ts b/api/src/controllers/WhitelistController.ts
index b151ca56f..61c4d8fbf 100644
--- a/api/src/controllers/WhitelistController.ts
+++ b/api/src/controllers/WhitelistController.ts
@@ -161,19 +161,17 @@ export class WhitelistController {
    *
    * @apiParam {String} id Whitelist user ID.
    *
-   * @apiSuccess {Boolean} result Confirmation of deletion.
+   * @apiSuccess {Object} result Empty object.
    *
    * @apiSuccessExample {json} Success-Response:
-   *     {
-   *         result: true
-   *     }
+   *     {}
    */
   @Delete('/:id')
   @Authorized(['teacher', 'admin'])
   async deleteWhitelistUser(@Param('id') id: string) {
     const whitelistUser = await WhitelistUser.findByIdAndRemove(id);
     await this.deleteUserIfFound(whitelistUser);
-    return {result: true};
+    return {};
   }
 
   private async deleteUserIfFound(whitelistUser: IWhitelistUser) {

From b5c89b7c12cf4998dbd1a37d6f6bd6697e1c8c71 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 00:00:22 +0100
Subject: [PATCH 160/207] Disable unused WhitelistController PUT route

---
 api/src/controllers/WhitelistController.ts | 3 +++
 api/test/integration/whitelist.ts          | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/api/src/controllers/WhitelistController.ts b/api/src/controllers/WhitelistController.ts
index 61c4d8fbf..57a181e0d 100644
--- a/api/src/controllers/WhitelistController.ts
+++ b/api/src/controllers/WhitelistController.ts
@@ -135,6 +135,8 @@ export class WhitelistController {
    *
    * @apiError BadRequestError That matriculation number is already in use for this course.
    */
+  // This route has been disabled since it appears to be unused and insufficiently secured.
+  /*
   @Put('/:id')
   @Authorized(['teacher', 'admin'])
   async updateWhitelistUser(@Param('id') id: string, @Body() whitelistUser: IWhitelistUser) {
@@ -151,6 +153,7 @@ export class WhitelistController {
     await this.addUserIfFound(updatedWhitelistUser);
     return updatedWhitelistUser ? updatedWhitelistUser.toObject() : undefined;
   }
+  */
 
   /**
    * @api {delete} /api/whitelist/:id Delete whitelist user
diff --git a/api/test/integration/whitelist.ts b/api/test/integration/whitelist.ts
index eb58ac73b..9e8fe4814 100644
--- a/api/test/integration/whitelist.ts
+++ b/api/test/integration/whitelist.ts
@@ -97,6 +97,8 @@ describe('Whitelist', () => {
     });
   });
 
+  // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
+  /*
   describe(`PUT ${BASE_URL}`, () => {
     it('should update a whitelist user', async () => {
       const teacher = await FixtureUtils.getRandomTeacher();
@@ -132,6 +134,7 @@ describe('Whitelist', () => {
       res.status.should.be.equal(401);
     });
   });
+  */
 
     describe(`DELETE ${BASE_URL}`, () => {
       it('should delete a whitelist user', async () => {

From 1dae0aa75407f2ca50ecb7b232a71d30c73085ed Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 00:14:17 +0100
Subject: [PATCH 161/207] Fix WhitelistController unit test teacher acquisition

It was completely random and thus the existing unit tests would
erroneously break in nondeterministic fashion once the vulnerabilities
are closed (i.e. once only authorized users are allowed).
---
 api/test/integration/whitelist.ts | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/api/test/integration/whitelist.ts b/api/test/integration/whitelist.ts
index 9e8fe4814..b0f1cdc13 100644
--- a/api/test/integration/whitelist.ts
+++ b/api/test/integration/whitelist.ts
@@ -18,8 +18,8 @@ describe('Whitelist', () => {
 
   describe(`GET ${BASE_URL}`, () => {
     it('should get a whitelist user', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
       const course: ICourse = await FixtureUtils.getRandomCourse();
+      const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
       const newWhitelistUser: IWhitelistUser = new WhitelistUser({
         firstName: 'Max',
         lastName: 'Mustermann',
@@ -44,7 +44,7 @@ describe('Whitelist', () => {
         uid: '1236456',
         courseId: course._id
       };
-      const teacher = await FixtureUtils.getRandomTeacher();
+      const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
       const res = await testHelper.commonUserPostRequest(teacher, '', whitelistUser);
       res.status.should.be.equal(200);
       res.body.firstName.should.be.equal(whitelistUser.firstName.toLowerCase());
@@ -69,8 +69,8 @@ describe('Whitelist', () => {
     });
 
     it('should add an user by synchronizing', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
       const course: ICourse = await FixtureUtils.getRandomCourse();
+      const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
       const user: IUser = await User.create(
         { uid: '1236456',
           password: 'test1234',
@@ -138,8 +138,8 @@ describe('Whitelist', () => {
 
     describe(`DELETE ${BASE_URL}`, () => {
       it('should delete a whitelist user', async () => {
-        const teacher = await FixtureUtils.getRandomTeacher();
         const course: ICourse = await FixtureUtils.getRandomCourse();
+        const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
         const newWhitelistUser: IWhitelistUser = new WhitelistUser({
           firstName: 'Max',
           lastName: 'Mustermann',
@@ -168,8 +168,8 @@ describe('Whitelist', () => {
       });
 
       it('should delete an user by synchronizing', async () => {
-        const teacher = await FixtureUtils.getRandomTeacher();
         const course: ICourse = await FixtureUtils.getRandomCourse();
+        const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
         const member = course.students[0];
         const newWhitelistUser: IWhitelistUser = new WhitelistUser({
           firstName: member.profile.firstName,

From 50733c78b52fd44f99050333a586637808f20fa4 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 00:18:45 +0100
Subject: [PATCH 162/207] Add WhitelistController 403 unit tests

These will fail until the vulnerabilities are closed.
---
 api/test/integration/whitelist.ts | 43 ++++++++++++++++++++++++++++++-
 1 file changed, 42 insertions(+), 1 deletion(-)

diff --git a/api/test/integration/whitelist.ts b/api/test/integration/whitelist.ts
index b0f1cdc13..05c356fc4 100644
--- a/api/test/integration/whitelist.ts
+++ b/api/test/integration/whitelist.ts
@@ -33,10 +33,24 @@ describe('Whitelist', () => {
       res.body.lastName.should.be.equal(newWhitelistUser.lastName);
       res.body.uid.should.be.equal(newWhitelistUser.uid);
     });
+
+    it('should deny access to whitelist user data for an unauthorized teacher', async () => {
+      const course: ICourse = await FixtureUtils.getRandomCourse();
+      const teacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      const newWhitelistUser: IWhitelistUser = new WhitelistUser({
+        firstName: 'Max',
+        lastName: 'Mustermann',
+        uid: '123456',
+        courseId: course._id
+      });
+      const createdWhitelistUser: IWhitelistUser = await WhitelistUser.create(newWhitelistUser);
+      const res = await testHelper.commonUserGetRequest(teacher, `/${createdWhitelistUser._id.toString()}`);
+      res.status.should.be.equal(403);
+    });
   });
 
   describe(`POST ${BASE_URL}`, () => {
-    it('should create a new whitelist User', async () => {
+    it('should create a new whitelist user', async () => {
       const course: ICourse = await FixtureUtils.getRandomCourse();
       const whitelistUser: any = {
         firstName: 'Max',
@@ -95,6 +109,19 @@ describe('Whitelist', () => {
       addedUsers[0].profile.firstName.should.be.eq(whitelistUser.firstName);
       addedUsers[0].profile.lastName.should.be.eq(whitelistUser.lastName);
     });
+
+    it('should fail to create a new whitelist user for an unauthorized teacher', async () => {
+      const course: ICourse = await FixtureUtils.getRandomCourse();
+      const whitelistUser: any = {
+        firstName: 'Max',
+        lastName: 'Mustermann',
+        uid: '1236456',
+        courseId: course._id
+      };
+      const teacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      const res = await testHelper.commonUserPostRequest(teacher, '', whitelistUser);
+      res.status.should.be.equal(403);
+    });
   });
 
   // The corresponding route has been disabled since it appears to be unused and insufficiently secured.
@@ -187,5 +214,19 @@ describe('Whitelist', () => {
         const emptyUsers: IUser[] = resCourse.students.filter(stud => stud.uid === member.uid);
         emptyUsers.length.should.be.eq(0);
       });
+
+      it('should fail to delete for an unauthorized teacher', async () => {
+        const course: ICourse = await FixtureUtils.getRandomCourse();
+        const teacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+        const newWhitelistUser: IWhitelistUser = new WhitelistUser({
+          firstName: 'Max',
+          lastName: 'Mustermann',
+          uid: '123456',
+          courseId: course._id
+        });
+        const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
+        const res = await testHelper.commonUserDeleteRequest(teacher, `/${createdWhitelistUser._id}`);
+        res.status.should.be.equal(403);
+      });
     });
 });

From 18e2db0610648a3ecbaaad26dc11d45ad94fac84 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 00:28:35 +0100
Subject: [PATCH 163/207] Secure WhitelistController via course.checkPrivileges

---
 api/src/controllers/WhitelistController.ts | 29 +++++++++++++++++-----
 1 file changed, 23 insertions(+), 6 deletions(-)

diff --git a/api/src/controllers/WhitelistController.ts b/api/src/controllers/WhitelistController.ts
index 57a181e0d..ce10f2167 100644
--- a/api/src/controllers/WhitelistController.ts
+++ b/api/src/controllers/WhitelistController.ts
@@ -1,5 +1,5 @@
-import {Get, Post, Put, Delete, Authorized, Param, Body,
-  UseBefore, JsonController, BadRequestError} from 'routing-controllers';
+import {Get, Post, Delete, Authorized, Param, Body, CurrentUser,
+  UseBefore, JsonController, BadRequestError, ForbiddenError} from 'routing-controllers';
 import passportJwtMiddleware from '../security/passportJwtMiddleware';
 import {WhitelistUser} from '../models/WhitelistUser';
 import {errorCodes} from '../config/errorCodes';
@@ -8,6 +8,7 @@ import ObjectId = mongoose.Types.ObjectId;
 import {Course} from '../models/Course';
 import {User} from '../models/User';
 import {IWhitelistUser} from '../../../shared/models/IWhitelistUser';
+import {IUser} from '../../../shared/models/IUser';
 
 @JsonController('/whitelist')
 @UseBefore(passportJwtMiddleware)
@@ -64,8 +65,13 @@ export class WhitelistController {
    *     }
    */
   @Get('/:id')
-  async getUser(@Param('id') id: string) {
+  async getUser(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
     const whitelistUser = await WhitelistUser.findById(id);
+    const course = await Course.findById(whitelistUser.courseId);
+    if (!course.checkPrivileges(currentUser).userCanEditCourse) {
+      throw new ForbiddenError();
+    }
+
     return whitelistUser.toObject({virtuals: true});
   }
 
@@ -97,7 +103,12 @@ export class WhitelistController {
    */
   @Post('/')
   @Authorized(['teacher', 'admin'])
-  async addWhitelistUser(@Body() whitelistUser: IWhitelistUser) {
+  async addWhitelistUser(@Body() whitelistUser: IWhitelistUser, @CurrentUser() currentUser: IUser) {
+    const course = await Course.findById(whitelistUser.courseId);
+    if (!course.checkPrivileges(currentUser).userCanEditCourse) {
+      throw new ForbiddenError();
+    }
+
     let savedWhitelistUser;
     try {
       savedWhitelistUser = await new WhitelistUser(this.prepareWhitelistUserData(whitelistUser)).save();
@@ -171,8 +182,14 @@ export class WhitelistController {
    */
   @Delete('/:id')
   @Authorized(['teacher', 'admin'])
-  async deleteWhitelistUser(@Param('id') id: string) {
-    const whitelistUser = await WhitelistUser.findByIdAndRemove(id);
+  async deleteWhitelistUser(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
+    const whitelistUser = await WhitelistUser.findById(id);
+    const course = await Course.findById(whitelistUser.courseId);
+    if (!course.checkPrivileges(currentUser).userCanEditCourse) {
+      throw new ForbiddenError();
+    }
+
+    await WhitelistUser.deleteOne({_id: id});
     await this.deleteUserIfFound(whitelistUser);
     return {};
   }

From 45980624e221cc3d06dc5cbafeb0dafdaf49c807 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 00:29:43 +0100
Subject: [PATCH 164/207] Fix WhitelistController DELETE unit test indentation

---
 api/test/integration/whitelist.ts | 116 +++++++++++++++---------------
 1 file changed, 58 insertions(+), 58 deletions(-)

diff --git a/api/test/integration/whitelist.ts b/api/test/integration/whitelist.ts
index 05c356fc4..f2bfe8ae7 100644
--- a/api/test/integration/whitelist.ts
+++ b/api/test/integration/whitelist.ts
@@ -163,70 +163,70 @@ describe('Whitelist', () => {
   });
   */
 
-    describe(`DELETE ${BASE_URL}`, () => {
-      it('should delete a whitelist user', async () => {
-        const course: ICourse = await FixtureUtils.getRandomCourse();
-        const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
-        const newWhitelistUser: IWhitelistUser = new WhitelistUser({
-          firstName: 'Max',
-          lastName: 'Mustermann',
-          uid: '123456',
-          courseId: course._id
-        });
-        const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
-        const res = await testHelper.commonUserDeleteRequest(teacher, `/${createdWhitelistUser._id}`);
-        res.status.should.be.equal(200);
+  describe(`DELETE ${BASE_URL}`, () => {
+    it('should delete a whitelist user', async () => {
+      const course: ICourse = await FixtureUtils.getRandomCourse();
+      const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
+      const newWhitelistUser: IWhitelistUser = new WhitelistUser({
+        firstName: 'Max',
+        lastName: 'Mustermann',
+        uid: '123456',
+        courseId: course._id
       });
+      const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
+      const res = await testHelper.commonUserDeleteRequest(teacher, `/${createdWhitelistUser._id}`);
+      res.status.should.be.equal(200);
+    });
 
-      it('should fail with wrong authorization', async () => {
-        const course: ICourse = await FixtureUtils.getRandomCourse();
-        const newWhitelistUser: IWhitelistUser = new WhitelistUser({
-          firstName: 'Max',
-          lastName: 'Mustermann',
-          uid: '123456',
-          courseId: course._id
-        });
-        const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
-        const res = await chai.request(app)
-          .del(`${BASE_URL}/${createdWhitelistUser._id}`)
-          .set('Cookie', `token=awf`)
-          .catch(err => err.response);
-        res.status.should.be.equal(401);
+    it('should fail with wrong authorization', async () => {
+      const course: ICourse = await FixtureUtils.getRandomCourse();
+      const newWhitelistUser: IWhitelistUser = new WhitelistUser({
+        firstName: 'Max',
+        lastName: 'Mustermann',
+        uid: '123456',
+        courseId: course._id
       });
+      const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
+      const res = await chai.request(app)
+        .del(`${BASE_URL}/${createdWhitelistUser._id}`)
+        .set('Cookie', `token=awf`)
+        .catch(err => err.response);
+      res.status.should.be.equal(401);
+    });
 
-      it('should delete an user by synchronizing', async () => {
-        const course: ICourse = await FixtureUtils.getRandomCourse();
-        const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
-        const member = course.students[0];
-        const newWhitelistUser: IWhitelistUser = new WhitelistUser({
-          firstName: member.profile.firstName,
-          lastName: member.profile.lastName,
-          uid: member.uid,
-          courseId: course._id
-        });
-        const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
-        course.whitelist = course.whitelist.concat(createdWhitelistUser);
-        await Course.findByIdAndUpdate(course._id, course);
-
-        const res = await testHelper.commonUserDeleteRequest(teacher, `/${createdWhitelistUser._id}`);
-        res.status.should.be.equal(200);
-        const resCourse = await Course.findById(course._id).populate('students');
-        const emptyUsers: IUser[] = resCourse.students.filter(stud => stud.uid === member.uid);
-        emptyUsers.length.should.be.eq(0);
+    it('should delete an user by synchronizing', async () => {
+      const course: ICourse = await FixtureUtils.getRandomCourse();
+      const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
+      const member = course.students[0];
+      const newWhitelistUser: IWhitelistUser = new WhitelistUser({
+        firstName: member.profile.firstName,
+        lastName: member.profile.lastName,
+        uid: member.uid,
+        courseId: course._id
       });
+      const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
+      course.whitelist = course.whitelist.concat(createdWhitelistUser);
+      await Course.findByIdAndUpdate(course._id, course);
 
-      it('should fail to delete for an unauthorized teacher', async () => {
-        const course: ICourse = await FixtureUtils.getRandomCourse();
-        const teacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
-        const newWhitelistUser: IWhitelistUser = new WhitelistUser({
-          firstName: 'Max',
-          lastName: 'Mustermann',
-          uid: '123456',
-          courseId: course._id
-        });
-        const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
-        const res = await testHelper.commonUserDeleteRequest(teacher, `/${createdWhitelistUser._id}`);
-        res.status.should.be.equal(403);
+      const res = await testHelper.commonUserDeleteRequest(teacher, `/${createdWhitelistUser._id}`);
+      res.status.should.be.equal(200);
+      const resCourse = await Course.findById(course._id).populate('students');
+      const emptyUsers: IUser[] = resCourse.students.filter(stud => stud.uid === member.uid);
+      emptyUsers.length.should.be.eq(0);
+    });
+
+    it('should fail to delete for an unauthorized teacher', async () => {
+      const course: ICourse = await FixtureUtils.getRandomCourse();
+      const teacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      const newWhitelistUser: IWhitelistUser = new WhitelistUser({
+        firstName: 'Max',
+        lastName: 'Mustermann',
+        uid: '123456',
+        courseId: course._id
       });
+      const createdWhitelistUser = await WhitelistUser.create(newWhitelistUser);
+      const res = await testHelper.commonUserDeleteRequest(teacher, `/${createdWhitelistUser._id}`);
+      res.status.should.be.equal(403);
     });
+  });
 });

From e7681e08df8abe9ab0173aa5ee27e01cb3d3badd Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 00:40:07 +0100
Subject: [PATCH 165/207] Add WhitelistController student GET 403 unit test

---
 api/test/integration/whitelist.ts | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/api/test/integration/whitelist.ts b/api/test/integration/whitelist.ts
index f2bfe8ae7..92815970c 100644
--- a/api/test/integration/whitelist.ts
+++ b/api/test/integration/whitelist.ts
@@ -47,6 +47,20 @@ describe('Whitelist', () => {
       const res = await testHelper.commonUserGetRequest(teacher, `/${createdWhitelistUser._id.toString()}`);
       res.status.should.be.equal(403);
     });
+
+    it('should deny access to whitelist user data for a student', async () => {
+      const course: ICourse = await FixtureUtils.getRandomCourse();
+      const student = await User.findById(course.students[0]);
+      const newWhitelistUser: IWhitelistUser = new WhitelistUser({
+        firstName: 'Max',
+        lastName: 'Mustermann',
+        uid: '123456',
+        courseId: course._id
+      });
+      const createdWhitelistUser: IWhitelistUser = await WhitelistUser.create(newWhitelistUser);
+      const res = await testHelper.commonUserGetRequest(student, `/${createdWhitelistUser._id.toString()}`);
+      res.status.should.be.equal(403);
+    });
   });
 
   describe(`POST ${BASE_URL}`, () => {

From 6b6d8c9d4f86083f2a4fda40b58fc756c0b28a30 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 00:41:12 +0100
Subject: [PATCH 166/207] Add @Authorized to WhitelistController getUser route

---
 api/src/controllers/WhitelistController.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/api/src/controllers/WhitelistController.ts b/api/src/controllers/WhitelistController.ts
index ce10f2167..867e77015 100644
--- a/api/src/controllers/WhitelistController.ts
+++ b/api/src/controllers/WhitelistController.ts
@@ -65,6 +65,7 @@ export class WhitelistController {
    *     }
    */
   @Get('/:id')
+  @Authorized(['teacher', 'admin'])
   async getUser(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
     const whitelistUser = await WhitelistUser.findById(id);
     const course = await Course.findById(whitelistUser.courseId);

From 840acf46df4cd2b4b1f03d1305a046682c1b801c Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 00:46:57 +0100
Subject: [PATCH 167/207] CHANGELOG: Add issue 1192 entries (Whitelist vulns)

---
 CHANGELOG.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 132168f37..3cdbfa469 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -16,6 +16,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `ProgressController` `GET` unit tests & access denial tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - `UnitController` `GET` & `DELETE` route unit tests for status code `200`. [#1190](https://github.com/geli-lms/geli/issues/1190)
 - `UnitController` status code `403` (not authorized to view / edit course) unit tests for all routes. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- `WhitelistController` status code `403` unit tests for all routes. [#1192](https://github.com/geli-lms/geli/issues/1192)
 
 ### Changed
 - Extended `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)
@@ -25,6 +26,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Removed
 - Unused `ProgressController` `GET` routes for `/courses/` & `/users/`. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - `ProgressController` `POST` route _(obviated by extended `PUT` route)_. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Unused `WhitelistController` `PUT` route. [#1192](https://github.com/geli-lms/geli/issues/1192)
 
 ### Fixed
 - `TaskUnitComponent.validate` `validationMode` reset. [#1116](https://github.com/geli-lms/geli/issues/1116)
@@ -33,6 +35,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Security
 - Closed `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - Closed `UnitController` vulnerabilities. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- Closed `WhitelistController` vulnerabilities. [#1192](https://github.com/geli-lms/geli/issues/1192)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From 87d90849932dcd5a8d7099c49d98d308f63b2413 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Fri, 22 Mar 2019 05:50:26 +0000
Subject: [PATCH 168/207] Bump @types/sharp from 0.21.3 to 0.22.0 in /api

Bumps [@types/sharp](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sharp) from 0.21.3 to 0.22.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sharp)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index a50cd11e2..2284b32b9 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -324,9 +324,9 @@
       }
     },
     "@types/sharp": {
-      "version": "0.21.3",
-      "resolved": "https://registry.npmjs.org/@types/sharp/-/sharp-0.21.3.tgz",
-      "integrity": "sha512-wgCw1OO/iQ3w13WVRhx1fHoo5NDHq+444wqTnKcAWA9YMj1a9stoLlfLjW1mJJkFG1aRjeKd9KYhiYOJ3H7qEg==",
+      "version": "0.22.0",
+      "resolved": "https://registry.npmjs.org/@types/sharp/-/sharp-0.22.0.tgz",
+      "integrity": "sha512-aArqMOewA97tClqOaZPQhSqH8OZkhtwbmijAuxWOznrVma43UPQmNqzfBFmc+khIXwXefc7Sr77qv00MOcbKXA==",
       "requires": {
         "@types/node": "*"
       }
diff --git a/api/package.json b/api/package.json
index dbca456c1..23c01c820 100644
--- a/api/package.json
+++ b/api/package.json
@@ -33,7 +33,7 @@
   },
   "dependencies": {
     "@types/node-sass": "^4.11.0",
-    "@types/sharp": "^0.21.3",
+    "@types/sharp": "^0.22.0",
     "@types/socket.io": "^2.1.2",
     "app-root-path": "^2.1.0",
     "archiver": "^3.0.0",

From 255daa142240ceff81d2f26b949ee97c0f783c9a Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 14:51:30 +0100
Subject: [PATCH 169/207] Mark UnitController.getUnitFor as protected

---
 api/src/controllers/UnitController.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index 412f5c058..64f7a98f9 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -13,7 +13,7 @@ import {IUser} from '../../../shared/models/IUser';
 @UseBefore(passportJwtMiddleware)
 export class UnitController {
 
-  static async getUnitFor (unitId: string, currentUser: IUser, privilege: 'userCanViewCourse' | 'userCanEditCourse') {
+  protected static async getUnitFor (unitId: string, currentUser: IUser, privilege: 'userCanViewCourse' | 'userCanEditCourse') {
     const unit = await Unit.findById(unitId);
     if (!unit) {
       throw new NotFoundError();

From 745263724cc3e299325d12695ece70882b10f485 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 14:54:20 +0100
Subject: [PATCH 170/207] Refactor UnitController using orFail for unit 404

---
 api/src/controllers/UnitController.ts | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index 64f7a98f9..4226d315e 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -14,10 +14,7 @@ import {IUser} from '../../../shared/models/IUser';
 export class UnitController {
 
   protected static async getUnitFor (unitId: string, currentUser: IUser, privilege: 'userCanViewCourse' | 'userCanEditCourse') {
-    const unit = await Unit.findById(unitId);
-    if (!unit) {
-      throw new NotFoundError();
-    }
+    const unit = await Unit.findById(unitId).orFail(new NotFoundError());
 
     const course = await Course.findById(unit._course);
     if (!course.checkPrivileges(currentUser)[privilege]) {

From 0ec4611ef3b37c3ea69b86e57484c9233ce0cc68 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 18:34:56 +0100
Subject: [PATCH 171/207] Refactor UnitController methods to non-static &
 private

---
 api/src/controllers/UnitController.ts | 35 +++++++++++++++------------
 1 file changed, 19 insertions(+), 16 deletions(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index 4226d315e..c18d8fa98 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -13,17 +13,6 @@ import {IUser} from '../../../shared/models/IUser';
 @UseBefore(passportJwtMiddleware)
 export class UnitController {
 
-  protected static async getUnitFor (unitId: string, currentUser: IUser, privilege: 'userCanViewCourse' | 'userCanEditCourse') {
-    const unit = await Unit.findById(unitId).orFail(new NotFoundError());
-
-    const course = await Course.findById(unit._course);
-    if (!course.checkPrivileges(currentUser)[privilege]) {
-      throw new ForbiddenError();
-    }
-
-    return unit;
-  }
-
   /**
    * @api {get} /api/units/:id Request unit
    * @apiName GetUnit
@@ -52,7 +41,7 @@ export class UnitController {
    */
   @Get('/:id')
   async getUnit(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
-    const unit = await UnitController.getUnitFor(id, currentUser, 'userCanViewCourse');
+    const unit = await this.getUnitFor(id, currentUser, 'userCanViewCourse');
     return unit.toObject();
   }
 
@@ -150,7 +139,7 @@ export class UnitController {
   @Authorized(['teacher', 'admin'])
   @Put('/:id')
   async updateUnit(@Param('id') id: string, @Body() data: any, @CurrentUser() currentUser: IUser) {
-    const oldUnit = await UnitController.getUnitFor(id, currentUser, 'userCanEditCourse');
+    const oldUnit = await this.getUnitFor(id, currentUser, 'userCanEditCourse');
 
     try {
       oldUnit.set(data);
@@ -185,14 +174,28 @@ export class UnitController {
   @Authorized(['teacher', 'admin'])
   @Delete('/:id')
   async deleteUnit(@Param('id') id: string, @CurrentUser() currentUser: IUser) {
-    const unit = await UnitController.getUnitFor(id, currentUser, 'userCanEditCourse');
+    const unit = await this.getUnitFor(id, currentUser, 'userCanEditCourse');
 
     await Lecture.updateMany({}, {$pull: {units: id}});
     await unit.remove();
     return {};
   }
 
-  protected pushToLecture(lectureId: string, unit: any) {
+  private async getUnitFor (unitId: string, currentUser: IUser, privilege: 'userCanViewCourse' | 'userCanEditCourse') {
+    const unit = await Unit.findById(unitId);
+    if (!unit) {
+      throw new NotFoundError();
+    }
+
+    const course = await Course.findById(unit._course);
+    if (!course.checkPrivileges(currentUser)[privilege]) {
+      throw new ForbiddenError();
+    }
+
+    return unit;
+  }
+
+  private pushToLecture(lectureId: string, unit: any) {
     return Lecture.findById(lectureId)
       .then((lecture) => {
         lecture.units.push(unit);
@@ -209,7 +212,7 @@ export class UnitController {
       });
   }
 
-  protected checkPostParam(data: any) {
+  private checkPostParam(data: any) {
     if (!data.lectureId) {
       throw new BadRequestError(errorCodes.unit.postMissingLectureId.text);
     }

From 994b406a893504251c22154aeab94a61eb34337f Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 18:39:11 +0100
Subject: [PATCH 172/207] Mark prepareWhitelistUserData as private

---
 api/src/controllers/WhitelistController.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/src/controllers/WhitelistController.ts b/api/src/controllers/WhitelistController.ts
index 867e77015..9a3b81f82 100644
--- a/api/src/controllers/WhitelistController.ts
+++ b/api/src/controllers/WhitelistController.ts
@@ -216,7 +216,7 @@ export class WhitelistController {
     }
   }
 
-  prepareWhitelistUserData(whitelistUser: IWhitelistUser) {
+  private prepareWhitelistUserData(whitelistUser: IWhitelistUser) {
     return {
       _id: whitelistUser._id,
       firstName: whitelistUser.firstName,

From b55a7726c96a77364e5a9c02bc84ac0c2fea30b4 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 20:52:53 +0100
Subject: [PATCH 173/207] Re-refactor UnitController.getUnitFor with orFail

---
 api/src/controllers/UnitController.ts | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/api/src/controllers/UnitController.ts b/api/src/controllers/UnitController.ts
index c18d8fa98..c2c1c3054 100644
--- a/api/src/controllers/UnitController.ts
+++ b/api/src/controllers/UnitController.ts
@@ -182,10 +182,7 @@ export class UnitController {
   }
 
   private async getUnitFor (unitId: string, currentUser: IUser, privilege: 'userCanViewCourse' | 'userCanEditCourse') {
-    const unit = await Unit.findById(unitId);
-    if (!unit) {
-      throw new NotFoundError();
-    }
+    const unit = await Unit.findById(unitId).orFail(new NotFoundError());
 
     const course = await Course.findById(unit._course);
     if (!course.checkPrivileges(currentUser)[privilege]) {

From 96137cc53d7091480e883761b60ef5f2c3e6bbd7 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 21:02:04 +0100
Subject: [PATCH 174/207] CHANGELOG: Adjust tense of [Unreleased] entries

---
 CHANGELOG.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 132168f37..87f9c7927 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -18,8 +18,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `UnitController` status code `403` (not authorized to view / edit course) unit tests for all routes. [#1190](https://github.com/geli-lms/geli/issues/1190)
 
 ### Changed
-- Extended `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)
-- Refactored `ProgressController` unit tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Extend `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Refactor `ProgressController` unit tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - Instead of a list of progress data, the `ProgressController` `GET` route now responds with a single progress object or an empty object if no data can be found. [#1116](https://github.com/geli-lms/geli/issues/1116)
 
 ### Removed
@@ -31,8 +31,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `CodeKataComponent` `progress.code` loading. [#1116](https://github.com/geli-lms/geli/issues/1116)
 
 ### Security
-- Closed `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
-- Closed `UnitController` vulnerabilities. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- Closes `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Closes `UnitController` vulnerabilities. [#1190](https://github.com/geli-lms/geli/issues/1190)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From ea91a7c8d965ec566c2fffbdeca0afa674ab9e87 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 21:04:01 +0100
Subject: [PATCH 175/207] CHANGELOG: Change "Closes" to "Close" (imperative)

---
 CHANGELOG.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 87f9c7927..95ebb40e9 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -31,8 +31,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `CodeKataComponent` `progress.code` loading. [#1116](https://github.com/geli-lms/geli/issues/1116)
 
 ### Security
-- Closes `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
-- Closes `UnitController` vulnerabilities. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- Close `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Close `UnitController` vulnerabilities. [#1190](https://github.com/geli-lms/geli/issues/1190)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From 89bbaeb0e587f37fb6d29b881d180d1fdca341d5 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 23:36:22 +0100
Subject: [PATCH 176/207] Add _course property to Directory & File schemata

It's called "_course" because that's how it's called in the Unit schema,
and the purpose here is very similar.
---
 api/src/models/mediaManager/Directory.ts | 5 +++++
 api/src/models/mediaManager/File.ts      | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/api/src/models/mediaManager/Directory.ts b/api/src/models/mediaManager/Directory.ts
index 8632ea14e..08169221d 100644
--- a/api/src/models/mediaManager/Directory.ts
+++ b/api/src/models/mediaManager/Directory.ts
@@ -8,6 +8,10 @@ interface IDirectoryModel extends IDirectory, mongoose.Document {
 }
 
 const directorySchema = new mongoose.Schema({
+  _course: {
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'Course'
+  },
   name: {
     type: String,
     required: true
@@ -35,6 +39,7 @@ const directorySchema = new mongoose.Schema({
       if (doc.populated('files') === undefined) {
         ret.files = ret.files.map(extractSingleMongoId);
       }
+      delete ret._course;
     }
   },
 });
diff --git a/api/src/models/mediaManager/File.ts b/api/src/models/mediaManager/File.ts
index ee8c24be1..d8162f5dd 100644
--- a/api/src/models/mediaManager/File.ts
+++ b/api/src/models/mediaManager/File.ts
@@ -12,6 +12,10 @@ interface IFileModel extends IFile, mongoose.Document {
 }
 
 const fileSchema = new mongoose.Schema({
+  _course: {
+    type: mongoose.Schema.Types.ObjectId,
+    ref: 'Course'
+  },
   name: {
     type: String,
     required: true
@@ -37,6 +41,7 @@ const fileSchema = new mongoose.Schema({
       if (ret._id) {
         ret._id = ret._id.toString();
       }
+      delete ret._course;
       delete ret.physicalPath;
       return ret;
     }

From cce39715ebd83df7e20949d6f1bb307e4045393a Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Fri, 22 Mar 2019 23:58:17 +0100
Subject: [PATCH 177/207] Refactor MediaController unit tests via TestHelper

---
 api/test/controllers/media.ts | 102 ++++++----------------------------
 1 file changed, 16 insertions(+), 86 deletions(-)

diff --git a/api/test/controllers/media.ts b/api/test/controllers/media.ts
index f2d451882..eef79e2ea 100644
--- a/api/test/controllers/media.ts
+++ b/api/test/controllers/media.ts
@@ -1,7 +1,7 @@
 import {Server} from '../../src/server';
-import {FixtureLoader} from '../../fixtures/FixtureLoader';
 import * as chai from 'chai';
 import chaiHttp = require('chai-http');
+import {TestHelper} from '../TestHelper';
 import {FixtureUtils} from '../../fixtures/FixtureUtils';
 import {JwtUtils} from '../../src/security/JwtUtils';
 import {Directory} from '../../src/models/mediaManager/Directory';
@@ -13,14 +13,10 @@ chai.use(chaiHttp);
 const should = chai.should();
 const app = new Server().app;
 const BASE_URL = '/api/media';
-const fixtureLoader = new FixtureLoader();
-const appRoot = require('app-root-path');
+const testHelper = new TestHelper(BASE_URL);
 
 describe('Media', async () => {
-  // Before each test we reset the database
-  beforeEach(async () => {
-    await fixtureLoader.load();
-  });
+  beforeEach(() => testHelper.resetForNextTest());
 
   describe(`GET ${BASE_URL}`, async () => {
     it('should get a directory', async () => {
@@ -40,12 +36,7 @@ describe('Media', async () => {
         files: [file]
       }).save();
 
-
-      const result = await chai.request(app)
-        .get(`${BASE_URL}/directory/${rootDirectory.id}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserGetRequest(teacher, `/directory/${rootDirectory.id}`);
       result.status.should.be.equal(200,
         'could not get directory' +
         ' -> ' + result.body.message);
@@ -76,11 +67,7 @@ describe('Media', async () => {
       }).save();
 
 
-      const result = await chai.request(app)
-        .get(`${BASE_URL}/directory/${rootDirectory.id}/lazy`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserGetRequest(teacher, `/directory/${rootDirectory.id}/lazy`);
       result.status.should.be.equal(200,
         'could not get directory' +
         ' -> ' + result.body.message);
@@ -111,15 +98,10 @@ describe('Media', async () => {
         size: 129
       }).save();
 
-      const result = await chai.request(app)
-        .get(`${BASE_URL}/file/${file.id}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserGetRequest(teacher, `/file/${file.id}`);
       result.status.should.be.equal(200,
         'could not get file' +
         ' -> ' + result.body.message);
-
       result.body._id.should.be.equal(file.id);
       result.body.name.should.be.equal(file.name);
       result.body.size.should.be.equal(file.size);
@@ -135,12 +117,7 @@ describe('Media', async () => {
         name: 'root'
       });
 
-      const result = await chai.request(app)
-        .post(`${BASE_URL}/directory`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .send(rootDirectory)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserPostRequest(teacher, '/directory', rootDirectory);
       result.status.should.be.equal(200,
         'could not create root' +
         ' -> ' + result.body.message);
@@ -162,12 +139,7 @@ describe('Media', async () => {
         name: 'sub'
       });
 
-      const result = await chai.request(app)
-        .post(`${BASE_URL}/directory/${rootDirectory._id}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .send(subDirectory)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserPostRequest(teacher, `/directory/${rootDirectory._id}`, subDirectory);
       result.status.should.be.equal(200,
         'could not create subdirectory' +
         ' -> ' + result.body.message);
@@ -261,17 +233,10 @@ describe('Media', async () => {
       const renamedDirectory = rootDirectory;
       renamedDirectory.name = 'renamedRoot';
 
-
-      const result = await chai.request(app)
-        .put(`${BASE_URL}/directory/${rootDirectory._id}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .send(renamedDirectory)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserPutRequest(teacher, `/directory/${rootDirectory._id}`, renamedDirectory);
       result.status.should.be.equal(200,
         'could not rename directory' +
         ' -> ' + result.body.message);
-
       result.body._id.should.equal(rootDirectory.id);
       result.body.name.should.equal(renamedDirectory.name);
       result.body.subDirectories.should.be.instanceOf(Array)
@@ -292,17 +257,10 @@ describe('Media', async () => {
       const renamedFile = file;
       file.name = 'renamedFile';
 
-
-      const result = await chai.request(app)
-        .put(`${BASE_URL}/file/${file._id}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .send(renamedFile)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserPutRequest(teacher, `/file/${file._id}`, renamedFile);
       result.status.should.be.equal(200,
         'could not rename file' +
         ' -> ' + result.body.message);
-
       result.body._id.should.equal(file.id);
       result.body.name.should.equal(renamedFile.name);
       result.body.link.should.equal(file.link);
@@ -322,15 +280,10 @@ describe('Media', async () => {
         subDirectories: [subDirectory],
       }).save();
 
-      const result = await chai.request(app)
-        .del(`${BASE_URL}/directory/${rootDirectory._id}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserDeleteRequest(teacher, `/directory/${rootDirectory._id}`);
       result.status.should.be.equal(200,
         'could not delete directory' +
         ' -> ' + result.body.message);
-
       should.not.exist(await Directory.findById(rootDirectory));
     });
 
@@ -345,15 +298,10 @@ describe('Media', async () => {
         subDirectories: [subDirectory],
       }).save();
 
-      const result = await chai.request(app)
-        .del(`${BASE_URL}/directory/${rootDirectory._id}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserDeleteRequest(teacher, `/directory/${rootDirectory._id}`);
       result.status.should.be.equal(200,
         'could not delete directory' +
         ' -> ' + result.body.message);
-
       should.not.exist(await Directory.findById(rootDirectory));
       should.not.exist(await Directory.findById(subDirectory));
     });
@@ -377,15 +325,10 @@ describe('Media', async () => {
         files: [file]
       }).save();
 
-      const result = await chai.request(app)
-        .del(`${BASE_URL}/directory/${rootDirectory._id}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserDeleteRequest(teacher, `/directory/${rootDirectory._id}`);
       result.status.should.be.equal(200,
         'could not delete directory' +
         ' -> ' + result.body.message);
-
       should.not.exist(await Directory.findById(rootDirectory));
       should.not.exist(await File.findById(file));
     });
@@ -404,15 +347,10 @@ describe('Media', async () => {
         size: testFile.length
       }).save();
 
-      const result = await chai.request(app)
-        .del(`${BASE_URL}/file/${file._id}`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserDeleteRequest(teacher, `/file/${file._id}`);
       result.status.should.be.equal(200,
         'could not delete file' +
         ' -> ' + result.body.message);
-
       should.not.exist(await File.findById(file));
       fs.existsSync(config.uploadFolder + '/test.file').should.be.equal(false);
     });
@@ -420,22 +358,14 @@ describe('Media', async () => {
     it('should fail when directory not found', async () => {
       const teacher = await FixtureUtils.getRandomTeacher();
 
-      const result = await chai.request(app)
-        .del(`${BASE_URL}/directory/507f1f77bcf86cd799439011`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserDeleteRequest(teacher, '/directory/507f1f77bcf86cd799439011');
       result.status.should.be.equal(404);
     });
 
     it('should fail when file not found', async () => {
       const teacher = await FixtureUtils.getRandomTeacher();
 
-      const result = await chai.request(app)
-        .del(`${BASE_URL}/file/507f1f77bcf86cd799439011`)
-        .set('Cookie', `token=${JwtUtils.generateToken(teacher)}`)
-        .catch((err) => err.response);
-
+      const result = await testHelper.commonUserDeleteRequest(teacher, '/file/507f1f77bcf86cd799439011');
       result.status.should.be.equal(404);
     });
   });

From ad895f14b4ffdeb8fb47a55b63f38ffccc32df52 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 00:19:57 +0100
Subject: [PATCH 178/207] Factor out MediaController commonGetSetup & add
 _course

---
 api/test/controllers/media.ts | 39 +++++++++++++----------------------
 1 file changed, 14 insertions(+), 25 deletions(-)

diff --git a/api/test/controllers/media.ts b/api/test/controllers/media.ts
index eef79e2ea..e804214d9 100644
--- a/api/test/controllers/media.ts
+++ b/api/test/controllers/media.ts
@@ -19,23 +19,33 @@ describe('Media', async () => {
   beforeEach(() => testHelper.resetForNextTest());
 
   describe(`GET ${BASE_URL}`, async () => {
-    it('should get a directory', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
+    async function commonGetSetup () {
+      const course = await FixtureUtils.getRandomCourse();
+      const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
 
       const file = await new File({
+        _course: course._id.toString(),
         name: 'root',
         link: 'test/a',
         size: 129
       }).save();
       const subDirectory = await new Directory({
+        _course: course._id.toString(),
         name: 'sub'
       }).save();
       const rootDirectory = await new Directory({
+        _course: course._id.toString(),
         name: 'root',
         subDirectories: [subDirectory],
         files: [file]
       }).save();
 
+      return {course, teacher, file, subDirectory, rootDirectory};
+    }
+
+    it('should get a directory', async () => {
+      const {teacher, file, subDirectory, rootDirectory} = await commonGetSetup();
+
       const result = await testHelper.commonUserGetRequest(teacher, `/directory/${rootDirectory.id}`);
       result.status.should.be.equal(200,
         'could not get directory' +
@@ -50,22 +60,7 @@ describe('Media', async () => {
     });
 
     it('should get a populated directory', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
-
-      const file = await new File({
-        name: 'root',
-        link: 'test/a',
-        size: 129
-      }).save();
-      const subDirectory = await new Directory({
-        name: 'sub'
-      }).save();
-      const rootDirectory = await new Directory({
-        name: 'root',
-        subDirectories: [subDirectory],
-        files: [file]
-      }).save();
-
+      const {teacher, file, subDirectory, rootDirectory} = await commonGetSetup();
 
       const result = await testHelper.commonUserGetRequest(teacher, `/directory/${rootDirectory.id}/lazy`);
       result.status.should.be.equal(200,
@@ -90,13 +85,7 @@ describe('Media', async () => {
     });
 
     it('should get a file', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
-
-      const file = await new File({
-        name: 'root',
-        link: 'test/a',
-        size: 129
-      }).save();
+      const {teacher, file} = await commonGetSetup();
 
       const result = await testHelper.commonUserGetRequest(teacher, `/file/${file.id}`);
       result.status.should.be.equal(200,

From d4b77277121b0410ff49874e98b771b78a4da09b Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 00:48:43 +0100
Subject: [PATCH 179/207] Factor out shared MediaController uni test setups

And set the _course properties.
---
 api/test/controllers/media.ts | 173 ++++++++++++++++++----------------
 1 file changed, 94 insertions(+), 79 deletions(-)

diff --git a/api/test/controllers/media.ts b/api/test/controllers/media.ts
index e804214d9..da26bfc3c 100644
--- a/api/test/controllers/media.ts
+++ b/api/test/controllers/media.ts
@@ -15,13 +15,21 @@ const app = new Server().app;
 const BASE_URL = '/api/media';
 const testHelper = new TestHelper(BASE_URL);
 
+/**
+ * Common unit test setup helper function.
+ */
+async function commonSetup () {
+  const course = await FixtureUtils.getRandomCourse();
+  const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
+  return {course, teacher};
+}
+
 describe('Media', async () => {
   beforeEach(() => testHelper.resetForNextTest());
 
   describe(`GET ${BASE_URL}`, async () => {
-    async function commonGetSetup () {
-      const course = await FixtureUtils.getRandomCourse();
-      const teacher = await FixtureUtils.getRandomTeacherForCourse(course);
+    async function commonGetSetup (withDirectories = true) {
+      const {course, teacher} = await commonSetup();
 
       const file = await new File({
         _course: course._id.toString(),
@@ -29,11 +37,11 @@ describe('Media', async () => {
         link: 'test/a',
         size: 129
       }).save();
-      const subDirectory = await new Directory({
+      const subDirectory = withDirectories && await new Directory({
         _course: course._id.toString(),
         name: 'sub'
       }).save();
-      const rootDirectory = await new Directory({
+      const rootDirectory = withDirectories && await new Directory({
         _course: course._id.toString(),
         name: 'root',
         subDirectories: [subDirectory],
@@ -44,7 +52,7 @@ describe('Media', async () => {
     }
 
     it('should get a directory', async () => {
-      const {teacher, file, subDirectory, rootDirectory} = await commonGetSetup();
+      const {teacher, file, subDirectory, rootDirectory} = await commonGetSetup(true);
 
       const result = await testHelper.commonUserGetRequest(teacher, `/directory/${rootDirectory.id}`);
       result.status.should.be.equal(200,
@@ -60,7 +68,7 @@ describe('Media', async () => {
     });
 
     it('should get a populated directory', async () => {
-      const {teacher, file, subDirectory, rootDirectory} = await commonGetSetup();
+      const {teacher, file, subDirectory, rootDirectory} = await commonGetSetup(true);
 
       const result = await testHelper.commonUserGetRequest(teacher, `/directory/${rootDirectory.id}/lazy`);
       result.status.should.be.equal(200,
@@ -85,7 +93,7 @@ describe('Media', async () => {
     });
 
     it('should get a file', async () => {
-      const {teacher, file} = await commonGetSetup();
+      const {teacher, file} = await commonGetSetup(false);
 
       const result = await testHelper.commonUserGetRequest(teacher, `/file/${file.id}`);
       result.status.should.be.equal(200,
@@ -99,13 +107,23 @@ describe('Media', async () => {
   });
 
   describe(`POST ${BASE_URL}`, async () => {
-    it('should create a root directory', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
+    async function commonPostSetup () {
+      const {course, teacher} = await commonSetup();
 
+      const subDirectory = await new Directory({
+        name: 'sub'
+      });
       const rootDirectory = new Directory({
+        _course: course._id.toString(),
         name: 'root'
       });
 
+      return {course, teacher, subDirectory, rootDirectory};
+    }
+
+    it('should create a root directory', async () => {
+      const {teacher, rootDirectory} = await commonPostSetup();
+
       const result = await testHelper.commonUserPostRequest(teacher, '/directory', rootDirectory);
       result.status.should.be.equal(200,
         'could not create root' +
@@ -118,15 +136,8 @@ describe('Media', async () => {
     });
 
     it('should create a sub directory', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
-
-      const rootDirectory = await new Directory({
-        name: 'root'
-      }).save();
-
-      const subDirectory = await new Directory({
-        name: 'sub'
-      });
+      const {teacher, rootDirectory, subDirectory} = await commonPostSetup();
+      await rootDirectory.save();
 
       const result = await testHelper.commonUserPostRequest(teacher, `/directory/${rootDirectory._id}`, subDirectory);
       result.status.should.be.equal(200,
@@ -146,11 +157,8 @@ describe('Media', async () => {
     });
 
     it('should upload a file', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
-
-      const rootDirectory = await new Directory({
-        name: 'root'
-      }).save();
+      const {teacher, rootDirectory} = await commonPostSetup();
+      await rootDirectory.save();
 
       const testFileName = 'test_file.txt';
       const testFile = fs.readFileSync('./test/resources/' + testFileName);
@@ -179,11 +187,8 @@ describe('Media', async () => {
 
 
     it('should upload a file without extension', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
-
-      const rootDirectory = await new Directory({
-        name: 'root'
-      }).save();
+      const {teacher, rootDirectory} = await commonPostSetup();
+      await rootDirectory.save();
 
       const testFileName = 'test_file_without_extension';
       const testFile = fs.readFileSync('./test/resources/' + testFileName);
@@ -212,12 +217,30 @@ describe('Media', async () => {
   });
 
   describe(`PUT ${BASE_URL}`, async () => {
-    it('should rename a directory', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
+    async function commonPutSetup () {
+      const {course, teacher} = await commonSetup();
 
-      const rootDirectory = await new Directory({
+      const file = new File({
+        _course: course._id.toString(),
+        name: 'file',
+        link: 'test/a',
+        size: 129
+      });
+      const subDirectory = await new Directory({
+        _course: course._id.toString(),
+        name: 'sub'
+      });
+      const rootDirectory = new Directory({
+        _course: course._id.toString(),
         name: 'root'
-      }).save();
+      });
+
+      return {course, teacher, file, subDirectory, rootDirectory};
+    }
+
+    it('should rename a directory', async () => {
+      const {teacher, rootDirectory} = await commonPutSetup();
+      await rootDirectory.save();
 
       const renamedDirectory = rootDirectory;
       renamedDirectory.name = 'renamedRoot';
@@ -235,13 +258,8 @@ describe('Media', async () => {
     });
 
     it('should rename a file', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
-
-      const file = await new File({
-        name: 'file',
-        link: 'test/a',
-        size: 129
-      }).save();
+      const {teacher, file} = await commonPutSetup();
+      await file.save();
 
       const renamedFile = file;
       file.name = 'renamedFile';
@@ -258,17 +276,48 @@ describe('Media', async () => {
   });
 
   describe(`DELETE ${BASE_URL}`, async () => {
-    it('should delete a directory', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
+    async function commonDeleteSetup () {
+      const {course, teacher} = await commonSetup();
 
       const subDirectory = await new Directory({
+        _course: course._id.toString(),
         name: 'sub'
       }).save();
       const rootDirectory = await new Directory({
+        _course: course._id.toString(),
         name: 'root',
         subDirectories: [subDirectory],
       }).save();
 
+      return {course, teacher, subDirectory, rootDirectory};
+    }
+
+    async function commonDeleteFileSetup (withRootDirectory = true) {
+      const {course, teacher} = await commonSetup();
+
+      const testFileName = fs.readdirSync('./')[0];
+      const testFile = fs.readFileSync(testFileName);
+      fs.copyFileSync(testFileName, config.uploadFolder + '/test.file');
+
+      const file = await new File({
+        _course: course._id.toString(),
+        name: 'root',
+        physicalPath: config.uploadFolder + '/test.file',
+        link: testFileName,
+        size: testFile.length
+      }).save();
+      const rootDirectory = withRootDirectory && await new Directory({
+        _course: course._id.toString(),
+        name: 'root',
+        files: [file]
+      }).save();
+
+      return {course, teacher, file, rootDirectory};
+    }
+
+    it('should delete a directory', async () => {
+      const {teacher, rootDirectory} = await commonDeleteSetup();
+
       const result = await testHelper.commonUserDeleteRequest(teacher, `/directory/${rootDirectory._id}`);
       result.status.should.be.equal(200,
         'could not delete directory' +
@@ -277,15 +326,7 @@ describe('Media', async () => {
     });
 
     it('should delete a directory and its subdirectories', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
-
-      const subDirectory = await new Directory({
-        name: 'sub'
-      }).save();
-      const rootDirectory = await new Directory({
-        name: 'root',
-        subDirectories: [subDirectory],
-      }).save();
+      const {teacher, subDirectory, rootDirectory} = await commonDeleteSetup();
 
       const result = await testHelper.commonUserDeleteRequest(teacher, `/directory/${rootDirectory._id}`);
       result.status.should.be.equal(200,
@@ -297,22 +338,7 @@ describe('Media', async () => {
 
 
     it('should delete a directory and its files', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
-
-      const testFileName = fs.readdirSync('./')[0];
-      const testFile = fs.readFileSync(testFileName);
-      fs.copyFileSync(testFileName, config.uploadFolder + '/test.file');
-
-      const file = await new File({
-        name: 'root',
-        physicalPath: config.uploadFolder + '/test.file',
-        link: testFileName,
-        size: testFile.length
-      }).save();
-      const rootDirectory = await new Directory({
-        name: 'root',
-        files: [file]
-      }).save();
+      const {teacher, file, rootDirectory} = await commonDeleteFileSetup(true);
 
       const result = await testHelper.commonUserDeleteRequest(teacher, `/directory/${rootDirectory._id}`);
       result.status.should.be.equal(200,
@@ -323,18 +349,7 @@ describe('Media', async () => {
     });
 
     it('should delete a file', async () => {
-      const teacher = await FixtureUtils.getRandomTeacher();
-
-      const testFileName = fs.readdirSync('./')[0];
-      const testFile = fs.readFileSync(testFileName);
-      fs.copyFileSync(testFileName, config.uploadFolder + '/test.file');
-
-      const file = await new File({
-        name: 'root',
-        physicalPath: config.uploadFolder + '/test.file',
-        link: testFileName,
-        size: testFile.length
-      }).save();
+      const {teacher, file} = await commonDeleteFileSetup(false);
 
       const result = await testHelper.commonUserDeleteRequest(teacher, `/file/${file._id}`);
       result.status.should.be.equal(200,

From f40bf938ec0407f428bfd0e4f3ce67a72b924aad Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 16:43:08 +0100
Subject: [PATCH 180/207] Add MediaController 403 unit tests for all 10 routes

These will fail until the routes are sufficiently secured.
---
 api/test/controllers/media.ts | 98 +++++++++++++++++++++++++++++++++++
 1 file changed, 98 insertions(+)

diff --git a/api/test/controllers/media.ts b/api/test/controllers/media.ts
index da26bfc3c..645b55791 100644
--- a/api/test/controllers/media.ts
+++ b/api/test/controllers/media.ts
@@ -67,6 +67,14 @@ describe('Media', async () => {
         .and.contains(file.id);
     });
 
+    it('should fail to get a directory for an unauthorized user', async () => {
+      const {course, rootDirectory} = await commonGetSetup(true);
+      const unauthorizedUser = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const result = await testHelper.commonUserGetRequest(unauthorizedUser, `/directory/${rootDirectory.id}`);
+      result.status.should.be.equal(403);
+    });
+
     it('should get a populated directory', async () => {
       const {teacher, file, subDirectory, rootDirectory} = await commonGetSetup(true);
 
@@ -92,6 +100,14 @@ describe('Media', async () => {
       result.body.files[0].link.should.be.equal(file.link);
     });
 
+    it('should fail to get a populated directory for an unauthorized user', async () => {
+      const {course, rootDirectory} = await commonGetSetup(true);
+      const unauthorizedUser = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const result = await testHelper.commonUserGetRequest(unauthorizedUser, `/directory/${rootDirectory.id}/lazy`);
+      result.status.should.be.equal(403);
+    });
+
     it('should get a file', async () => {
       const {teacher, file} = await commonGetSetup(false);
 
@@ -104,6 +120,14 @@ describe('Media', async () => {
       result.body.size.should.be.equal(file.size);
       result.body.link.should.be.equal(file.link);
     });
+
+    it('should fail to get a file for an unauthorized user', async () => {
+      const {course, file} = await commonGetSetup(false);
+      const unauthorizedUser = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const result = await testHelper.commonUserGetRequest(unauthorizedUser, `/file/${file.id}`);
+      result.status.should.be.equal(403);
+    });
   });
 
   describe(`POST ${BASE_URL}`, async () => {
@@ -135,6 +159,14 @@ describe('Media', async () => {
       result.body.files.should.be.instanceOf(Array).and.lengthOf(0);
     });
 
+    it('should fail to create a root directory for an unauthorized teacher', async () => {
+      const {course, rootDirectory} = await commonPostSetup();
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const result = await testHelper.commonUserPostRequest(unauthorizedTeacher, '/directory', rootDirectory);
+      result.status.should.be.equal(403);
+    });
+
     it('should create a sub directory', async () => {
       const {teacher, rootDirectory, subDirectory} = await commonPostSetup();
       await rootDirectory.save();
@@ -156,6 +188,15 @@ describe('Media', async () => {
         .and.contains(result.body._id);
     });
 
+    it('should fail to create a sub directory for an unauthorized teacher', async () => {
+      const {course, rootDirectory, subDirectory} = await commonPostSetup();
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      await rootDirectory.save();
+
+      const result = await testHelper.commonUserPostRequest(unauthorizedTeacher, `/directory/${rootDirectory._id}`, subDirectory);
+      result.status.should.be.equal(403);
+    });
+
     it('should upload a file', async () => {
       const {teacher, rootDirectory} = await commonPostSetup();
       await rootDirectory.save();
@@ -214,6 +255,23 @@ describe('Media', async () => {
         .and.have.lengthOf(1)
         .and.contains(result.body._id);
     });
+
+    it('should fail to upload a file for an unauthorized teacher', async () => {
+      const {course, rootDirectory} = await commonPostSetup();
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      await rootDirectory.save();
+
+      const testFileName = 'test_file.txt';
+      const testFile = fs.readFileSync('./test/resources/' + testFileName);
+
+      const result = await chai.request(app)
+        .post(`${BASE_URL}/file/${rootDirectory._id}`)
+        .set('Cookie', `token=${JwtUtils.generateToken(unauthorizedTeacher)}`)
+        .attach('file', testFile, testFileName)
+        .catch((err) => err.response);
+
+      result.status.should.be.equal(403);
+    });
   });
 
   describe(`PUT ${BASE_URL}`, async () => {
@@ -257,6 +315,18 @@ describe('Media', async () => {
         .and.lengthOf(rootDirectory.files.length);
     });
 
+    it('should fail to update a directory for an unauthorized teacher', async () => {
+      const {course, rootDirectory} = await commonPutSetup();
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      await rootDirectory.save();
+
+      const renamedDirectory = rootDirectory;
+      renamedDirectory.name = 'renamedRoot';
+
+      const result = await testHelper.commonUserPutRequest(unauthorizedTeacher, `/directory/${rootDirectory._id}`, renamedDirectory);
+      result.status.should.be.equal(403);
+    });
+
     it('should rename a file', async () => {
       const {teacher, file} = await commonPutSetup();
       await file.save();
@@ -273,6 +343,18 @@ describe('Media', async () => {
       result.body.link.should.equal(file.link);
       result.body.size.should.equal(file.size);
     });
+
+    it('should fail to update a file for an unauthorized teacher', async () => {
+      const {course, file} = await commonPutSetup();
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      await file.save();
+
+      const renamedFile = file;
+      file.name = 'renamedFile';
+
+      const result = await testHelper.commonUserPutRequest(unauthorizedTeacher, `/file/${file._id}`, renamedFile);
+      result.status.should.be.equal(403);
+    });
   });
 
   describe(`DELETE ${BASE_URL}`, async () => {
@@ -359,6 +441,22 @@ describe('Media', async () => {
       fs.existsSync(config.uploadFolder + '/test.file').should.be.equal(false);
     });
 
+    it('should fail to delete a directory for an unauthorized teacher', async () => {
+      const {course, rootDirectory} = await commonDeleteSetup();
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const result = await testHelper.commonUserDeleteRequest(unauthorizedTeacher, `/directory/${rootDirectory._id}`);
+      result.status.should.be.equal(403);
+    });
+
+    it('should fail to delete a file for an unauthorized teacher', async () => {
+      const {course, file} = await commonDeleteFileSetup(false);
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+
+      const result = await testHelper.commonUserDeleteRequest(unauthorizedTeacher, `/file/${file._id}`);
+      result.status.should.be.equal(403);
+    });
+
     it('should fail when directory not found', async () => {
       const teacher = await FixtureUtils.getRandomTeacher();
 

From 926bb06f1b8923d9f0fd478e48f1298f1fe6328a Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 17:04:14 +0100
Subject: [PATCH 181/207] Add _course property to IDirectory & IFile

---
 shared/models/mediaManager/IDirectory.ts | 1 +
 shared/models/mediaManager/IFile.ts      | 1 +
 2 files changed, 2 insertions(+)

diff --git a/shared/models/mediaManager/IDirectory.ts b/shared/models/mediaManager/IDirectory.ts
index fb00f14b5..e246e4bfe 100644
--- a/shared/models/mediaManager/IDirectory.ts
+++ b/shared/models/mediaManager/IDirectory.ts
@@ -2,6 +2,7 @@ import {IFile} from './IFile';
 
 export interface IDirectory {
   _id: any;
+  _course: any;
   name: string;
   subDirectories: IDirectory[];
   files: IFile[];
diff --git a/shared/models/mediaManager/IFile.ts b/shared/models/mediaManager/IFile.ts
index ed832d571..c4afdf9d5 100644
--- a/shared/models/mediaManager/IFile.ts
+++ b/shared/models/mediaManager/IFile.ts
@@ -1,5 +1,6 @@
 export interface IFile {
   _id: any;
+  _course: any;
   name: string;
   link: string;
   size: number;

From 7f37fe4eef7181d504882e01ec4d98184b8feb93 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 17:05:23 +0100
Subject: [PATCH 182/207] Secure all 10 MediaController routes via
 course.checkPrivileges

---
 api/src/controllers/MediaController.ts | 59 ++++++++++++++++++++------
 1 file changed, 46 insertions(+), 13 deletions(-)

diff --git a/api/src/controllers/MediaController.ts b/api/src/controllers/MediaController.ts
index c54a1a7b0..007e765d4 100644
--- a/api/src/controllers/MediaController.ts
+++ b/api/src/controllers/MediaController.ts
@@ -1,12 +1,15 @@
 import {
-  Authorized, UseBefore, Body, Delete, Get, JsonController, NotFoundError, Param, Post, Put,
+  Authorized, UseBefore, Body, CurrentUser, Delete, Get, JsonController, NotFoundError, ForbiddenError, Param, Post, Put,
   UploadedFile
 } from 'routing-controllers';
 import passportJwtMiddleware from '../security/passportJwtMiddleware';
 import {Directory} from '../models/mediaManager/Directory';
 import {File} from '../models/mediaManager/File';
+import {Course} from '../models/Course';
 import {IDirectory} from '../../../shared/models/mediaManager/IDirectory';
 import {IFile} from '../../../shared/models/mediaManager/IFile';
+import {IUser} from '../../../shared/models/IUser';
+import {extractSingleMongoId} from '../utilities/ExtractMongoId';
 import crypto = require('crypto');
 import config from '../config/main';
 
@@ -31,39 +34,45 @@ const uploadOptions = {
 export class MediaController {
   @Authorized(['student', 'teacher', 'admin'])
   @Get('/directory/:id')
-  async getDirectory(@Param('id') directoryId: string) {
+  async getDirectory(@Param('id') directoryId: string, @CurrentUser() currentUser: IUser) {
     const directory = await Directory.findById(directoryId);
+    await this.checkCoursePrivilegesFor(directory, currentUser, 'userCanViewCourse');
     return directory.toObject();
   }
 
   @Authorized(['student', 'teacher', 'admin'])
   @Get('/directory/:id/lazy')
-  async getDirectoryLazy(@Param('id') directoryId: string) {
+  async getDirectoryLazy(@Param('id') directoryId: string, @CurrentUser() currentUser: IUser) {
     const directory = await Directory.findById(directoryId)
       .populate('subDirectories')
       .populate('files');
+    await this.checkCoursePrivilegesFor(directory, currentUser, 'userCanViewCourse');
     return directory.toObject();
   }
 
   @Authorized(['student', 'teacher', 'admin'])
   @Get('/file/:id')
-  async getFile(@Param('id') fileId: string) {
+  async getFile(@Param('id') fileId: string, @CurrentUser() currentUser: IUser) {
     const file = await File.findById(fileId);
+    await this.checkCoursePrivilegesFor(file, currentUser, 'userCanViewCourse');
     return file.toObject();
   }
 
   @Authorized(['teacher', 'admin'])
   @Post('/directory')
-  async createRootDirectory(@Body() directory: IDirectory) {
+  async createRootDirectory(@Body() directory: IDirectory, @CurrentUser() currentUser: IUser) {
+    await this.checkCoursePrivilegesFor(directory, currentUser, 'userCanEditCourse');
     const savedDirectory = await new Directory(directory).save();
     return savedDirectory.toObject();
   }
   @Authorized(['teacher', 'admin'])
   @Post('/directory/:parent')
-  async createDirectory(@Param('parent') parentDirectoryId: string, @Body() directory: IDirectory) {
+  async createDirectory(@Param('parent') parentDirectoryId: string, @Body() directory: IDirectory, @CurrentUser() currentUser: IUser) {
+    const parent = await Directory.findById(parentDirectoryId);
+    await this.checkCoursePrivilegesFor(parent, currentUser, 'userCanEditCourse');
+    directory._course = parent._course;
     const savedDirectory = await new Directory(directory).save();
 
-    const parent = await Directory.findById(parentDirectoryId);
     parent.subDirectories.push(savedDirectory);
     await parent.save();
 
@@ -72,8 +81,13 @@ export class MediaController {
 
   @Authorized(['teacher', 'admin'])
   @Post('/file/:parent')
-  async createFile(@Param('parent') parentDirectoryId: string, @UploadedFile('file', {options: uploadOptions}) uploadedFile: any) {
+  async createFile(@Param('parent') parentDirectoryId: string,
+                   @UploadedFile('file', {options: uploadOptions}) uploadedFile: any,
+                   @CurrentUser() currentUser: IUser) {
+    const parent = await Directory.findById(parentDirectoryId);
+    await this.checkCoursePrivilegesFor(parent, currentUser, 'userCanEditCourse');
     const file: IFile = new File({
+      _course: parent._course,
       name: uploadedFile.originalname,
       physicalPath: uploadedFile.path,
       link: uploadedFile.filename,
@@ -82,7 +96,6 @@ export class MediaController {
     });
     const savedFile = await new File(file).save();
 
-    const parent = await Directory.findById(parentDirectoryId);
     parent.files.push(savedFile);
     await parent.save();
 
@@ -91,8 +104,12 @@ export class MediaController {
 
   @Authorized(['teacher', 'admin'])
   @Put('/directory/:id')
-  async updateDirectory(@Param('id') directoryId: string, @Body() updatedDirectory: IDirectory) {
+  async updateDirectory(@Param('id') directoryId: string, @Body() updatedDirectory: IDirectory, @CurrentUser() currentUser: IUser) {
     const directory = await Directory.findById(directoryId);
+    await this.checkCoursePrivilegesFor(directory, currentUser, 'userCanEditCourse');
+    if (extractSingleMongoId(directory._course) !== extractSingleMongoId(updatedDirectory._course)) {
+      await this.checkCoursePrivilegesFor(updatedDirectory, currentUser, 'userCanEditCourse');
+    }
     directory.set(updatedDirectory);
     const savedDirectory = await directory.save();
     return savedDirectory.toObject();
@@ -100,8 +117,12 @@ export class MediaController {
 
   @Authorized(['teacher', 'admin'])
   @Put('/file/:id')
-  async updateFile(@Param('id') fileId: string, @Body() updatedFile: IFile) {
+  async updateFile(@Param('id') fileId: string, @Body() updatedFile: IFile, @CurrentUser() currentUser: IUser) {
     const file = await File.findById(fileId);
+    await this.checkCoursePrivilegesFor(file, currentUser, 'userCanEditCourse');
+    if (extractSingleMongoId(file._course) !== extractSingleMongoId(updatedFile._course)) {
+      await this.checkCoursePrivilegesFor(updatedFile, currentUser, 'userCanEditCourse');
+    }
     file.set(updatedFile);
     const savedFile = await file.save();
     return savedFile.toObject();
@@ -109,11 +130,12 @@ export class MediaController {
 
   @Authorized(['teacher', 'admin'])
   @Delete('/directory/:id')
-  async deleteDirectory(@Param('id') directoryId: string) {
+  async deleteDirectory(@Param('id') directoryId: string, @CurrentUser() currentUser: IUser) {
     const directoryToDelete = await Directory.findById(directoryId);
     if (!directoryToDelete) {
       throw new NotFoundError();
     }
+    await this.checkCoursePrivilegesFor(directoryToDelete, currentUser, 'userCanEditCourse');
     await directoryToDelete.remove();
 
     return {success: true};
@@ -121,13 +143,24 @@ export class MediaController {
 
   @Authorized(['teacher', 'admin'])
   @Delete('/file/:id')
-  async deleteFile(@Param('id') fileId: string) {
+  async deleteFile(@Param('id') fileId: string, @CurrentUser() currentUser: IUser) {
     const fileToDelete = await File.findById(fileId);
     if (!fileToDelete) {
       throw new NotFoundError();
     }
+    await this.checkCoursePrivilegesFor(fileToDelete, currentUser, 'userCanEditCourse');
     await fileToDelete.remove();
 
     return {success: true};
   }
+
+  private async checkCoursePrivilegesFor (
+      directoryOrFile: IDirectory | IFile,
+      currentUser: IUser,
+      privilege: 'userCanViewCourse' | 'userCanEditCourse') {
+    const course = await Course.findById(directoryOrFile._course);
+    if (!course.checkPrivileges(currentUser)[privilege]) {
+      throw new ForbiddenError();
+    }
+  }
 }

From bfdac56b85ad45fe0d10a4029e6ef079cecd7856 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 17:09:50 +0100
Subject: [PATCH 183/207] Refactor MediaController delete routes with .orFail

---
 api/src/controllers/MediaController.ts | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/api/src/controllers/MediaController.ts b/api/src/controllers/MediaController.ts
index 007e765d4..ab37fd674 100644
--- a/api/src/controllers/MediaController.ts
+++ b/api/src/controllers/MediaController.ts
@@ -131,10 +131,7 @@ export class MediaController {
   @Authorized(['teacher', 'admin'])
   @Delete('/directory/:id')
   async deleteDirectory(@Param('id') directoryId: string, @CurrentUser() currentUser: IUser) {
-    const directoryToDelete = await Directory.findById(directoryId);
-    if (!directoryToDelete) {
-      throw new NotFoundError();
-    }
+    const directoryToDelete = await Directory.findById(directoryId).orFail(new NotFoundError());
     await this.checkCoursePrivilegesFor(directoryToDelete, currentUser, 'userCanEditCourse');
     await directoryToDelete.remove();
 
@@ -144,10 +141,7 @@ export class MediaController {
   @Authorized(['teacher', 'admin'])
   @Delete('/file/:id')
   async deleteFile(@Param('id') fileId: string, @CurrentUser() currentUser: IUser) {
-    const fileToDelete = await File.findById(fileId);
-    if (!fileToDelete) {
-      throw new NotFoundError();
-    }
+    const fileToDelete = await File.findById(fileId).orFail(new NotFoundError());
     await this.checkCoursePrivilegesFor(fileToDelete, currentUser, 'userCanEditCourse');
     await fileToDelete.remove();
 

From bb41d0f2e4f78afbf67920404df37a58c9f1dd94 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 17:12:11 +0100
Subject: [PATCH 184/207] Empty the MediaController delete route responses

---
 api/src/controllers/MediaController.ts | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/api/src/controllers/MediaController.ts b/api/src/controllers/MediaController.ts
index ab37fd674..5e65a52cf 100644
--- a/api/src/controllers/MediaController.ts
+++ b/api/src/controllers/MediaController.ts
@@ -134,8 +134,7 @@ export class MediaController {
     const directoryToDelete = await Directory.findById(directoryId).orFail(new NotFoundError());
     await this.checkCoursePrivilegesFor(directoryToDelete, currentUser, 'userCanEditCourse');
     await directoryToDelete.remove();
-
-    return {success: true};
+    return {};
   }
 
   @Authorized(['teacher', 'admin'])
@@ -144,8 +143,7 @@ export class MediaController {
     const fileToDelete = await File.findById(fileId).orFail(new NotFoundError());
     await this.checkCoursePrivilegesFor(fileToDelete, currentUser, 'userCanEditCourse');
     await fileToDelete.remove();
-
-    return {success: true};
+    return {};
   }
 
   private async checkCoursePrivilegesFor (

From e293899ad077e7c3474c86e087e3416c1bb1d2fa Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 17:17:57 +0100
Subject: [PATCH 185/207] Add missing newline in MediaController

---
 api/src/controllers/MediaController.ts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/api/src/controllers/MediaController.ts b/api/src/controllers/MediaController.ts
index 5e65a52cf..2e731cf21 100644
--- a/api/src/controllers/MediaController.ts
+++ b/api/src/controllers/MediaController.ts
@@ -65,6 +65,7 @@ export class MediaController {
     const savedDirectory = await new Directory(directory).save();
     return savedDirectory.toObject();
   }
+
   @Authorized(['teacher', 'admin'])
   @Post('/directory/:parent')
   async createDirectory(@Param('parent') parentDirectoryId: string, @Body() directory: IDirectory, @CurrentUser() currentUser: IUser) {

From 3b6bf708a4e3d98f5f10dfcc26659a14afd40429 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 17:23:08 +0100
Subject: [PATCH 186/207] Set _course in MediaService.createRootDir

---
 .../course/course-edit/course-media/course-media.component.ts | 2 +-
 app/webFrontend/src/app/shared/services/data.service.ts       | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/webFrontend/src/app/course/course-edit/course-media/course-media.component.ts b/app/webFrontend/src/app/course/course-edit/course-media/course-media.component.ts
index 2016dc5c9..509b5e4ce 100644
--- a/app/webFrontend/src/app/course/course-edit/course-media/course-media.component.ts
+++ b/app/webFrontend/src/app/course/course-edit/course-media/course-media.component.ts
@@ -85,7 +85,7 @@ export class CourseMediaComponent implements OnInit {
       // Check if course has root dir
       if (this.course.media === undefined) {
         // Root dir does not exist, add one
-        this.course.media = await this.mediaService.createRootDir(this.course.name);
+        this.course.media = await this.mediaService.createRootDir(this.course, this.course.name);
         // Update course
         await this.courseService.updateItem<ICourse>(this.course);
         // Reload course
diff --git a/app/webFrontend/src/app/shared/services/data.service.ts b/app/webFrontend/src/app/shared/services/data.service.ts
index f07a68229..7da9ea983 100644
--- a/app/webFrontend/src/app/shared/services/data.service.ts
+++ b/app/webFrontend/src/app/shared/services/data.service.ts
@@ -168,8 +168,8 @@ export class MediaService extends DataService {
     super('media/', backendService);
   }
 
-  createRootDir(rootDirName: string): Promise<IDirectory> {
-    return this.backendService.post(this.apiPath + 'directory', JSON.stringify({name: rootDirName}))
+  createRootDir(course: ICourse, rootDirName: string): Promise<IDirectory> {
+    return this.backendService.post(this.apiPath + 'directory', JSON.stringify({_course: course._id, name: rootDirName}))
       .toPromise();
   }
 

From 367f7e2e983e905965a76575b0b80d235d9d67f2 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 17:23:35 +0100
Subject: [PATCH 187/207] Remove unused import

---
 api/src/migrations/scripts/20181030-course.ts | 1 -
 1 file changed, 1 deletion(-)

diff --git a/api/src/migrations/scripts/20181030-course.ts b/api/src/migrations/scripts/20181030-course.ts
index 88da3974e..09757d0cf 100644
--- a/api/src/migrations/scripts/20181030-course.ts
+++ b/api/src/migrations/scripts/20181030-course.ts
@@ -3,7 +3,6 @@ import * as mongoose from 'mongoose';
 import {ObjectId, ObjectID} from 'bson';
 import {IUser} from '../../../../shared/models/IUser';
 import {IUserModel} from '../../models/User';
-import {extractMongoId} from '../../utilities/ExtractMongoId';
 import {ICourseModel} from '../../models/Course';
 
 const brokenChatRoomSchema = new mongoose.Schema({

From 1945d689a613a28a4c6102f46fcdfc9ce262f543 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 19:53:08 +0100
Subject: [PATCH 188/207] Create 20190323-course-media CourseMediaMigration

---
 .../scripts/20190323-course-media.ts          | 50 +++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 api/src/migrations/scripts/20190323-course-media.ts

diff --git a/api/src/migrations/scripts/20190323-course-media.ts b/api/src/migrations/scripts/20190323-course-media.ts
new file mode 100644
index 000000000..4f5bdff49
--- /dev/null
+++ b/api/src/migrations/scripts/20190323-course-media.ts
@@ -0,0 +1,50 @@
+// tslint:disable:no-console
+import {Course, ICourseModel} from '../../models/Course';
+import {Directory, IDirectoryModel} from '../../models/mediaManager/Directory';
+import {File} from '../../models/mediaManager/File';
+import {extractSingleMongoId} from '../../utilities/ExtractMongoId';
+
+async function propagateMediaCourse (directory: IDirectoryModel, course: ICourseModel) {
+  for (const fileId of directory.files) {
+    const file = await File.findById(fileId);
+    file._course = course;
+    await file.save();
+  }
+
+  for (const subDirectoryId of directory.subDirectories) {
+    const subDirectory = await Directory.findById(subDirectoryId);
+    await propagateMediaCourse(subDirectory, course);
+  }
+
+  // Fix the own _course property at the end, so that the migration won't be disabled in case of an error during propagation.
+  // (If this were set first, the top-level course directory would be fixed first, whereby the migration won't be
+  // triggered on a subsequent run, yet the propagation could technically still fail for subdirectories / files.)
+  directory._course = course;
+  await directory.save();
+}
+
+class CourseMediaMigration {
+
+  async up() {
+    console.log('CourseMediaMigration: up was called');
+    try {
+      const courses = await Course.find();
+      await Promise.all(courses.map(async (course: ICourseModel) => {
+        const courseMsg = '"' + course.name + '" (' + extractSingleMongoId(course._id) + ')';
+        const directory = await Directory.findById(course.media);
+        if (directory && (extractSingleMongoId(directory._course) !== extractSingleMongoId(course._id))) {
+          console.log('CourseMediaMigration: Fixing media _course property for course ' + courseMsg + ' ...');
+          await propagateMediaCourse(directory, course);
+          console.log('CourseMediaMigration: Successfully fixed media _course property for course ' + courseMsg + '!');
+        } else {
+          console.log('CourseMediaMigration: Course ' + courseMsg + ' doesn\'t require fixing.');
+        }
+      }));
+    } catch (error) {
+      console.log('CourseMediaMigration: ' + error);
+    }
+    return true;
+  }
+}
+
+export = CourseMediaMigration;

From 3d7889cb45f78f6609a0f6f0442affd389dfa0b7 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 19:57:49 +0100
Subject: [PATCH 189/207] Add _course to front-end Directory & File

---
 app/webFrontend/src/app/models/mediaManager/Directory.ts | 1 +
 app/webFrontend/src/app/models/mediaManager/File.ts      | 1 +
 2 files changed, 2 insertions(+)

diff --git a/app/webFrontend/src/app/models/mediaManager/Directory.ts b/app/webFrontend/src/app/models/mediaManager/Directory.ts
index c061fc7ff..e69c874ce 100644
--- a/app/webFrontend/src/app/models/mediaManager/Directory.ts
+++ b/app/webFrontend/src/app/models/mediaManager/Directory.ts
@@ -3,6 +3,7 @@ import {IFile} from '../../../../../../shared/models/mediaManager/IFile';
 
 export class Directory implements IDirectory {
   _id: any;
+  _course: any;
   name: string;
   subDirectories: IDirectory[];
   files: IFile[];
diff --git a/app/webFrontend/src/app/models/mediaManager/File.ts b/app/webFrontend/src/app/models/mediaManager/File.ts
index 82533ec87..11f4c54ae 100644
--- a/app/webFrontend/src/app/models/mediaManager/File.ts
+++ b/app/webFrontend/src/app/models/mediaManager/File.ts
@@ -2,6 +2,7 @@ import {IFile} from '../../../../../../shared/models/mediaManager/IFile';
 
 export class File implements IFile {
   _id: any;
+  _course: any;
   name: string;
   link: string;
   size: number;

From ec746736650d1d0ee86677fa7810816fc979728f Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 20:13:48 +0100
Subject: [PATCH 190/207] CHANGELOG: Add entries for 1196 (MediaController
 vulns)

---
 CHANGELOG.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 95ebb40e9..cc6ed7173 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -16,11 +16,15 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `ProgressController` `GET` unit tests & access denial tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - `UnitController` `GET` & `DELETE` route unit tests for status code `200`. [#1190](https://github.com/geli-lms/geli/issues/1190)
 - `UnitController` status code `403` (not authorized to view / edit course) unit tests for all routes. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- `MediaController` status code `403` (not authorized to view / edit course) unit tests for all routes. [#1196](https://github.com/geli-lms/geli/issues/1196)
+- `CourseMediaMigration` to patch the `_course` properties of a `Course`'s `Directory` / `File` tree. [#1196](https://github.com/geli-lms/geli/issues/1196)
 
 ### Changed
 - Extend `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - Refactor `ProgressController` unit tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Refactor `MediaController` unit tests in general using the `TestHelper`. [#1196](https://github.com/geli-lms/geli/issues/1196)
 - Instead of a list of progress data, the `ProgressController` `GET` route now responds with a single progress object or an empty object if no data can be found. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- `Directory` / `File` schemata and the corresponding interfaces now reference their `Course` as `_course` (analogous to the `Unit` schema). [#1196](https://github.com/geli-lms/geli/issues/1196)
 
 ### Removed
 - Unused `ProgressController` `GET` routes for `/courses/` & `/users/`. [#1116](https://github.com/geli-lms/geli/issues/1116)
@@ -33,6 +37,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Security
 - Close `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - Close `UnitController` vulnerabilities. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- Close `MediaController` vulnerabilities. [#1196](https://github.com/geli-lms/geli/issues/1196)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From 06274688445b2ce672ba1e3f4892c6cf9c74bbf5 Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sat, 23 Mar 2019 20:25:35 +0100
Subject: [PATCH 191/207] CHANGELOG: Add 1196 code order entry

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 332748071..989b19c89 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -35,6 +35,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Fixed
 - `TaskUnitComponent.validate` `validationMode` reset. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - `CodeKataComponent` `progress.code` loading. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Code order in the `MediaController`'s `createDirectory` & `createFile`. [#1196](https://github.com/geli-lms/geli/issues/1196)
 
 ### Security
 - Close `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)

From 487e00db5554d669a446daec4327a9978ded270a Mon Sep 17 00:00:00 2001
From: Torsten Schlett <37229901+torss@users.noreply.github.com>
Date: Sun, 24 Mar 2019 18:52:18 +0100
Subject: [PATCH 192/207] CHANGELOG: Adjust 1189 entry line position

---
 CHANGELOG.md | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index eff1a683a..d4e80375b 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -27,6 +27,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Unused `ProgressController` `GET` routes for `/courses/` & `/users/`. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - `ProgressController` `POST` route _(obviated by extended `PUT` route)_. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - Unused `WhitelistController` `PUT` route. [#1192](https://github.com/geli-lms/geli/issues/1192)
+- Dependency `migrate-mongoose`. [#1189](https://github.com/geli-lms/geli/pull/1189)
 
 ### Fixed
 - `TaskUnitComponent.validate` `validationMode` reset. [#1116](https://github.com/geli-lms/geli/issues/1116)
@@ -37,9 +38,6 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Close `UnitController` vulnerabilities. [#1190](https://github.com/geli-lms/geli/issues/1190)
 - Close `WhitelistController` vulnerabilities. [#1192](https://github.com/geli-lms/geli/issues/1192)
 
-### Removed
-- Dependency `migrate-mongoose`. [#1189](https://github.com/geli-lms/geli/pull/1189)
-
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added
 - Export PDF with styled free text units. [#997](https://github.com/geli-lms/geli/issues/997) [#1047](https://github.com/geli-lms/geli/pull/1047)

From 0fcf1c69c7d1fde7a027126848dbf1393bad8cc0 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Sun, 24 Mar 2019 20:09:37 +0100
Subject: [PATCH 193/207] Fix: module bson not found

---
 api/src/migrations/scripts/20180102-unit.ts   |  5 ++-
 .../migrations/scripts/20180324-taskUnit.ts   |  8 ++---
 .../migrations/scripts/20180324-videoUnit.ts  |  5 ++-
 .../migrations/scripts/20180331-fileUnit.ts   | 33 +++++++++----------
 api/src/migrations/scripts/20180821-course.ts |  5 ++-
 api/src/migrations/scripts/20180821-unit.ts   |  3 +-
 api/src/migrations/scripts/20181030-course.ts | 12 +++----
 7 files changed, 31 insertions(+), 40 deletions(-)

diff --git a/api/src/migrations/scripts/20180102-unit.ts b/api/src/migrations/scripts/20180102-unit.ts
index f2b3d8034..264b533e9 100644
--- a/api/src/migrations/scripts/20180102-unit.ts
+++ b/api/src/migrations/scripts/20180102-unit.ts
@@ -1,6 +1,5 @@
 // tslint:disable:no-console
 import * as mongoose from 'mongoose';
-import {ObjectID} from 'bson';
 import {IUnit} from '../../../../shared/models/units/IUnit';
 import {IUnitModel} from '../../models/units/Unit';
 
@@ -42,7 +41,7 @@ class UnitMigration {
   async up() {
     console.log('Unit up was called');
     try {
-      const oldUnits: IUnitModel[] = await Unit.find({'__t': { $exists: false }});
+      const oldUnits: IUnitModel[] = await Unit.find({'__t': {$exists: false}});
       const updatedUnitObjs: IUnit[] = await Promise.all(oldUnits.map(async (oldUnit: IUnitModel) => {
         const oldUnitObj: IUnit = <IUnit>oldUnit.toObject();
         oldUnitObj.__t = oldUnitObj.type;
@@ -55,7 +54,7 @@ class UnitMigration {
           return updatedUnit._id === oldUnit._id.toString();
         });
 
-        updatedUnitObj._id = new ObjectID(updatedUnitObj._id);
+        updatedUnitObj._id = mongoose.Types.ObjectId(updatedUnitObj._id);
 
         const unitAfterReplace = await mongoose.connection.collection('units')
           .findOneAndReplace({'_id': oldUnit._id}, updatedUnitObj);
diff --git a/api/src/migrations/scripts/20180324-taskUnit.ts b/api/src/migrations/scripts/20180324-taskUnit.ts
index ac3e81039..d9b3c9280 100644
--- a/api/src/migrations/scripts/20180324-taskUnit.ts
+++ b/api/src/migrations/scripts/20180324-taskUnit.ts
@@ -1,6 +1,5 @@
 // tslint:disable:no-console
 import * as mongoose from 'mongoose';
-import {ObjectID} from 'bson';
 import {IUnitModel} from '../../models/units/Unit';
 import {ITaskUnitModel} from '../../models/units/TaskUnit';
 import {ITaskUnit} from '../../../../shared/models/units/ITaskUnit';
@@ -87,13 +86,12 @@ class TaskUnitMigration {
       const updatedUnitObjs: IUnit[] = await Promise.all(oldUnits.map(async (oldUnit: ITaskUnitModel) => {
         const oldUnitObj: ITaskUnit = <ITaskUnit>oldUnit.toObject();
         oldUnitObj.tasks = <ITask[]>(await Promise.all(oldUnitObj.tasks.map(async (task) => {
-          if (task instanceof ObjectID) {
+          if (task instanceof mongoose.Types.ObjectId) {
             const taskData = await Task.findById(task).exec();
             if (taskData === null) {
               return null;
             }
-            const taskDataObj = taskData.toObject();
-            return taskDataObj;
+            return taskData.toObject();
           } else {
             return task;
           }
@@ -107,7 +105,7 @@ class TaskUnitMigration {
           return updatedUnit._id === oldUnit._id.toString();
         });
 
-        updatedUnitObj._id = new ObjectID(updatedUnitObj._id);
+        updatedUnitObj._id = mongoose.Types.ObjectId(updatedUnitObj._id);
 
         const unitAfterReplace = await mongoose.connection.collection('units')
           .findOneAndReplace({'_id': oldUnit._id}, updatedUnitObj);
diff --git a/api/src/migrations/scripts/20180324-videoUnit.ts b/api/src/migrations/scripts/20180324-videoUnit.ts
index 5c6819853..80a3aae57 100644
--- a/api/src/migrations/scripts/20180324-videoUnit.ts
+++ b/api/src/migrations/scripts/20180324-videoUnit.ts
@@ -1,6 +1,5 @@
 // tslint:disable:no-console
 import * as mongoose from 'mongoose';
-import {ObjectID} from 'bson';
 import {IUnitModel} from '../../models/units/Unit';
 import {IFileUnit} from '../../../../shared/models/units/IFileUnit';
 
@@ -42,11 +41,11 @@ class VideoUnitMigration {
     console.log('VideoUnit up was called');
     try {
       const videoUnits = await Unit.find({'__t': 'video'}).exec();
-      const updatedFileUnits = await Promise.all(videoUnits.map(async(videoUnit) => {
+      const updatedFileUnits = await Promise.all(videoUnits.map(async (videoUnit) => {
         const videoUnitObj: IFileUnit = <IFileUnit>videoUnit.toObject();
         videoUnitObj.fileUnitType = videoUnitObj.__t;
         videoUnitObj.__t = 'file';
-        videoUnitObj._id = new ObjectID(videoUnitObj._id);
+        videoUnitObj._id = mongoose.Types.ObjectId(videoUnitObj._id);
 
         const unitsAfterReplace = await mongoose.connection.collection('units')
           .findOneAndReplace({'_id': videoUnit._id}, videoUnitObj);
diff --git a/api/src/migrations/scripts/20180331-fileUnit.ts b/api/src/migrations/scripts/20180331-fileUnit.ts
index d49b649c2..ba4874d73 100644
--- a/api/src/migrations/scripts/20180331-fileUnit.ts
+++ b/api/src/migrations/scripts/20180331-fileUnit.ts
@@ -1,13 +1,12 @@
 // tslint:disable:no-console
 import * as mongoose from 'mongoose';
 import {IUnitModel} from '../../models/units/Unit';
-import {ObjectID} from 'bson';
 import {IFileUnit} from '../../../../shared/models/units/IFileUnit';
-import fs = require('fs');
 import {File} from '../../models/mediaManager/File';
 import {Course} from '../../models/Course';
 import {Directory} from '../../models/mediaManager/Directory';
 import {ICourse} from '../../../../shared/models/ICourse';
+import fs = require('fs');
 
 const unitSchema = new mongoose.Schema({
     _course: {
@@ -90,20 +89,20 @@ class FileUnitMigration {
         const courseObj: ICourse = <ICourse>course.toObject();
         const returnObj: any = {};
         if (!courseObj.hasOwnProperty('media')) {
-         const directoryObj: any = {
-           name: courseObj.name,
-           subDirectories: [],
-           files: []
-         };
+          const directoryObj: any = {
+            name: courseObj.name,
+            subDirectories: [],
+            files: []
+          };
 
-         const createdDirectory: any = await Directory.create(directoryObj);
-         courseObj.media = createdDirectory._id;
-         const updatedCourse = await Course.findOneAndUpdate({'_id': courseObj._id}, courseObj, {new: true}).exec();
+          const createdDirectory: any = await Directory.create(directoryObj);
+          courseObj.media = createdDirectory._id;
+          const updatedCourse = await Course.findOneAndUpdate({'_id': courseObj._id}, courseObj, {new: true}).exec();
 
-         directories[createdDirectory._id] = await createdDirectory.toObject();
+          directories[createdDirectory._id] = await createdDirectory.toObject();
 
-         updatedCoursesMap[courseObj._id] = await updatedCourse.toObject();
-         return updatedCourse;
+          updatedCoursesMap[courseObj._id] = await updatedCourse.toObject();
+          return updatedCourse;
         } else {
           const directory = await Directory.findById(courseObj.media).exec();
           directories[directory._id] = await directory.toObject();
@@ -113,10 +112,10 @@ class FileUnitMigration {
       }));
       const fileUnits = await Unit.find({'__t': 'file'}).exec();
       const updatedFileUnits = await Promise.all(fileUnits.map(async (fileUnit) => {
-        if (fileUnit._id instanceof ObjectID) {
+        if (fileUnit._id instanceof mongoose.Types.ObjectId) {
           const fileUnitObj: IFileUnit = <IFileUnit>fileUnit.toObject();
           fileUnitObj.files = await Promise.all(fileUnitObj.files.map(async (file) => {
-            if (file instanceof ObjectID) {
+            if (file instanceof mongoose.Types.ObjectId) {
               return file;
             }
 
@@ -161,8 +160,8 @@ class FileUnitMigration {
           });
 
           const directoryId = updatedCoursesMap[fileUnitObj._course].media.toString();
-          fileUnitObj._id = new ObjectID(fileUnitObj._id);
-          fileUnitObj._course = new ObjectID(fileUnitObj._course);
+          fileUnitObj._id = mongoose.Types.ObjectId(fileUnitObj._id);
+          fileUnitObj._course = mongoose.Types.ObjectId(fileUnitObj._course);
           directories[directoryId].files = directories[directoryId].files.concat(fileUnitObj.files);
 
           const unitAfterReplace = await mongoose.connection.collection('units')
diff --git a/api/src/migrations/scripts/20180821-course.ts b/api/src/migrations/scripts/20180821-course.ts
index fcbe90660..7d5ee3246 100644
--- a/api/src/migrations/scripts/20180821-course.ts
+++ b/api/src/migrations/scripts/20180821-course.ts
@@ -2,7 +2,6 @@
 import * as mongoose from 'mongoose';
 import {Course, ICourseModel} from '../../models/Course';
 import {ChatRoom, IChatRoomModel} from '../../models/ChatRoom';
-import {ObjectId} from 'bson';
 
 
 class CourseV2Migration {
@@ -10,7 +9,7 @@ class CourseV2Migration {
   async up() {
     console.log('Course Chatroom Migration up was called');
     try {
-      const oldCourses: ICourseModel[] = await Course.find({$or: [{'chatRooms': { $exists: false}}, {'chatRooms': {$size: 0}} ]});
+      const oldCourses: ICourseModel[] = await Course.find({$or: [{'chatRooms': {$exists: false}}, {'chatRooms': {$size: 0}}]});
       await Promise.all(oldCourses.map(async (course: ICourseModel) => {
         const courseObj = course.toObject();
         const newChatRoom: IChatRoomModel = await ChatRoom.create({
@@ -24,7 +23,7 @@ class CourseV2Migration {
 
         courseObj.chatRooms = [newChatRoom._id];
 
-        courseObj._id = new ObjectId(courseObj._id);
+        courseObj._id = mongoose.Types.ObjectId(courseObj._id);
 
         return await mongoose.connection.collection('courses')
           .findOneAndReplace({'_id': courseObj._id}, courseObj);
diff --git a/api/src/migrations/scripts/20180821-unit.ts b/api/src/migrations/scripts/20180821-unit.ts
index c3da57add..5e8174cd3 100644
--- a/api/src/migrations/scripts/20180821-unit.ts
+++ b/api/src/migrations/scripts/20180821-unit.ts
@@ -2,7 +2,6 @@
 import * as mongoose from 'mongoose';
 import {IUnitModel, Unit} from '../../models/units/Unit';
 import {ChatRoom} from '../../models/ChatRoom';
-import {ObjectID} from 'bson';
 
 class UnitV2Migration {
 
@@ -21,7 +20,7 @@ class UnitV2Migration {
         const chatRoomObj = chatRoom.toObject();
 
         unitObj.chatRoom = chatRoomObj._id;
-        unitObj._id  = new ObjectID(unitObj._id);
+        unitObj._id = mongoose.Types.ObjectId(unitObj._id);
 
         await mongoose.connection.collection('units')
           .findOneAndReplace({'_id': unit._id}, unitObj);
diff --git a/api/src/migrations/scripts/20181030-course.ts b/api/src/migrations/scripts/20181030-course.ts
index 88da3974e..1f1ca124b 100644
--- a/api/src/migrations/scripts/20181030-course.ts
+++ b/api/src/migrations/scripts/20181030-course.ts
@@ -1,9 +1,7 @@
 // tslint:disable:no-console
 import * as mongoose from 'mongoose';
-import {ObjectId, ObjectID} from 'bson';
 import {IUser} from '../../../../shared/models/IUser';
 import {IUserModel} from '../../models/User';
-import {extractMongoId} from '../../utilities/ExtractMongoId';
 import {ICourseModel} from '../../models/Course';
 
 const brokenChatRoomSchema = new mongoose.Schema({
@@ -99,7 +97,7 @@ const brokenCourseSchema = new mongoose.Schema({
           ret._id = ret._id.toString();
         }
 
-        if (ret.hasOwnProperty('courseAdmin') && ret.courseAdmin !== null && (ret.courseAdmin instanceof ObjectID)) {
+        if (ret.hasOwnProperty('courseAdmin') && ret.courseAdmin !== null && (ret.courseAdmin instanceof mongoose.Types.ObjectId)) {
           ret.courseAdmin = ret.courseAdmin.toString();
         }
         ret.hasAccessKey = false;
@@ -127,21 +125,21 @@ class BrokenCourseMigration {
   async up() {
     console.log('BrokenCourse up was called');
     try {
-      const brokenCourses: ICourseModel[] = await BrokenCourse.find({'chatRooms': { $exists: true }});
+      const brokenCourses: ICourseModel[] = await BrokenCourse.find({'chatRooms': {$exists: true}});
       await Promise.all(brokenCourses.map(async (brokenCourse: ICourseModel) => {
         const courseObj = brokenCourse.toObject();
 
         const fixedChatRooms = courseObj.chatRooms.map((chatRoom: any) => {
-          if (chatRoom instanceof ObjectID) {
+          if (chatRoom instanceof mongoose.Types.ObjectId) {
             return chatRoom;
           } else {
-            return new ObjectID(chatRoom._id);
+            return mongoose.Types.ObjectId(chatRoom._id);
           }
         });
 
         courseObj.chatRooms = fixedChatRooms;
 
-        courseObj._id = new ObjectId(courseObj._id);
+        courseObj._id = mongoose.Types.ObjectId(courseObj._id);
 
         return await mongoose.connection.collection('courses')
           .findOneAndReplace({'_id': courseObj._id}, courseObj);

From 7ab1f40fddc1817755bb98b183d0e0febd65169e Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sun, 24 Mar 2019 22:26:24 +0100
Subject: [PATCH 194/207] Add MediaController PUT 403 _course change unit tests

---
 api/test/controllers/media.ts | 29 +++++++++++++++++++++++++++++
 1 file changed, 29 insertions(+)

diff --git a/api/test/controllers/media.ts b/api/test/controllers/media.ts
index 645b55791..9efa7bf1b 100644
--- a/api/test/controllers/media.ts
+++ b/api/test/controllers/media.ts
@@ -6,6 +6,7 @@ import {FixtureUtils} from '../../fixtures/FixtureUtils';
 import {JwtUtils} from '../../src/security/JwtUtils';
 import {Directory} from '../../src/models/mediaManager/Directory';
 import {File} from '../../src/models/mediaManager/File';
+import {Course} from '../../src/models/Course';
 import config from '../../src/config/main';
 import * as fs from 'fs';
 
@@ -327,6 +328,20 @@ describe('Media', async () => {
       result.status.should.be.equal(403);
     });
 
+    it('should fail to change the course of a directory to an unauthorized one', async () => {
+      const {course, rootDirectory} = await commonPutSetup();
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      await rootDirectory.save();
+      const otherCourse = new Course({name: 'Unauthorized Test Course'});
+      await otherCourse.save();
+
+      const changedDirectory = rootDirectory;
+      changedDirectory._course = otherCourse._id.toString();
+
+      const result = await testHelper.commonUserPutRequest(unauthorizedTeacher, `/directory/${rootDirectory._id}`, changedDirectory);
+      result.status.should.be.equal(403);
+    });
+
     it('should rename a file', async () => {
       const {teacher, file} = await commonPutSetup();
       await file.save();
@@ -355,6 +370,20 @@ describe('Media', async () => {
       const result = await testHelper.commonUserPutRequest(unauthorizedTeacher, `/file/${file._id}`, renamedFile);
       result.status.should.be.equal(403);
     });
+
+    it('should fail to change the course of a file to an unauthorized one', async () => {
+      const {course, file} = await commonPutSetup();
+      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      await file.save();
+      const otherCourse = new Course({name: 'Unauthorized Test Course'});
+      await otherCourse.save();
+
+      const changedFile = file;
+      changedFile._course = otherCourse._id.toString();
+
+      const result = await testHelper.commonUserPutRequest(unauthorizedTeacher, `/file/${file._id}`, changedFile);
+      result.status.should.be.equal(403);
+    });
   });
 
   describe(`DELETE ${BASE_URL}`, async () => {

From 472e743bbfcd9f8e71e3cb24b5fee94357ee56be Mon Sep 17 00:00:00 2001
From: torss <37229901+torss@users.noreply.github.com>
Date: Sun, 24 Mar 2019 22:43:27 +0100
Subject: [PATCH 195/207] Fix MediaController PUT 403 _course change unit tests

---
 api/test/controllers/media.ts | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/api/test/controllers/media.ts b/api/test/controllers/media.ts
index 9efa7bf1b..9ba380b26 100644
--- a/api/test/controllers/media.ts
+++ b/api/test/controllers/media.ts
@@ -329,8 +329,7 @@ describe('Media', async () => {
     });
 
     it('should fail to change the course of a directory to an unauthorized one', async () => {
-      const {course, rootDirectory} = await commonPutSetup();
-      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      const {teacher, rootDirectory} = await commonPutSetup();
       await rootDirectory.save();
       const otherCourse = new Course({name: 'Unauthorized Test Course'});
       await otherCourse.save();
@@ -338,7 +337,7 @@ describe('Media', async () => {
       const changedDirectory = rootDirectory;
       changedDirectory._course = otherCourse._id.toString();
 
-      const result = await testHelper.commonUserPutRequest(unauthorizedTeacher, `/directory/${rootDirectory._id}`, changedDirectory);
+      const result = await testHelper.commonUserPutRequest(teacher, `/directory/${rootDirectory._id}`, changedDirectory);
       result.status.should.be.equal(403);
     });
 
@@ -372,8 +371,7 @@ describe('Media', async () => {
     });
 
     it('should fail to change the course of a file to an unauthorized one', async () => {
-      const {course, file} = await commonPutSetup();
-      const unauthorizedTeacher = await FixtureUtils.getUnauthorizedTeacherForCourse(course);
+      const {teacher, file} = await commonPutSetup();
       await file.save();
       const otherCourse = new Course({name: 'Unauthorized Test Course'});
       await otherCourse.save();
@@ -381,7 +379,7 @@ describe('Media', async () => {
       const changedFile = file;
       changedFile._course = otherCourse._id.toString();
 
-      const result = await testHelper.commonUserPutRequest(unauthorizedTeacher, `/file/${file._id}`, changedFile);
+      const result = await testHelper.commonUserPutRequest(teacher, `/file/${file._id}`, changedFile);
       result.status.should.be.equal(403);
     });
   });

From 7ad7c424ba0d53670f0372bd7e00f4e63b29a3bc Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Mon, 25 Mar 2019 05:19:48 +0000
Subject: [PATCH 196/207] Bump app-root-path from 2.1.0 to 2.2.0 in /api

Bumps [app-root-path](https://github.com/inxilpro/node-app-root-path) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/inxilpro/node-app-root-path/releases)
- [Commits](https://github.com/inxilpro/node-app-root-path/commits/2.2.0)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 47 ++++++++++++++++++++++++++++++-------------
 api/package.json      |  2 +-
 2 files changed, 34 insertions(+), 15 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 274b445b9..0e59bfdb9 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -607,9 +607,9 @@
       }
     },
     "app-root-path": {
-      "version": "2.1.0",
-      "resolved": "https://registry.npmjs.org/app-root-path/-/app-root-path-2.1.0.tgz",
-      "integrity": "sha1-mL9lmTJ+zqGZMJhm6BQDaP0uZGo="
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/app-root-path/-/app-root-path-2.2.0.tgz",
+      "integrity": "sha512-qbXcJgmuLGNwO7FH2WrtoJpA0mpcm0ZFQZPm6RV7ZLfA0QR3bQFpoij33x74+u3Zn58JDy5Jc/Z/LXKxTvh1Rw=="
     },
     "append-buffer": {
       "version": "1.0.2",
@@ -3137,7 +3137,8 @@
         "ansi-regex": {
           "version": "2.1.1",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "aproba": {
           "version": "1.2.0",
@@ -3158,12 +3159,14 @@
         "balanced-match": {
           "version": "1.0.0",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "brace-expansion": {
           "version": "1.1.11",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "balanced-match": "^1.0.0",
             "concat-map": "0.0.1"
@@ -3178,17 +3181,20 @@
         "code-point-at": {
           "version": "1.1.0",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "concat-map": {
           "version": "0.0.1",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "console-control-strings": {
           "version": "1.1.0",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "core-util-is": {
           "version": "1.0.2",
@@ -3305,7 +3311,8 @@
         "inherits": {
           "version": "2.0.3",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "ini": {
           "version": "1.3.5",
@@ -3317,6 +3324,7 @@
           "version": "1.0.0",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "number-is-nan": "^1.0.0"
           }
@@ -3331,6 +3339,7 @@
           "version": "3.0.4",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "brace-expansion": "^1.1.7"
           }
@@ -3338,12 +3347,14 @@
         "minimist": {
           "version": "0.0.8",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "minipass": {
           "version": "2.2.4",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "safe-buffer": "^5.1.1",
             "yallist": "^3.0.0"
@@ -3362,6 +3373,7 @@
           "version": "0.5.1",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "minimist": "0.0.8"
           }
@@ -3442,7 +3454,8 @@
         "number-is-nan": {
           "version": "1.0.1",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "object-assign": {
           "version": "4.1.1",
@@ -3454,6 +3467,7 @@
           "version": "1.4.0",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "wrappy": "1"
           }
@@ -3539,7 +3553,8 @@
         "safe-buffer": {
           "version": "5.1.1",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "safer-buffer": {
           "version": "2.1.2",
@@ -3575,6 +3590,7 @@
           "version": "1.0.2",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "code-point-at": "^1.0.0",
             "is-fullwidth-code-point": "^1.0.0",
@@ -3594,6 +3610,7 @@
           "version": "3.0.1",
           "bundled": true,
           "dev": true,
+          "optional": true,
           "requires": {
             "ansi-regex": "^2.0.0"
           }
@@ -3637,12 +3654,14 @@
         "wrappy": {
           "version": "1.0.2",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         },
         "yallist": {
           "version": "3.0.2",
           "bundled": true,
-          "dev": true
+          "dev": true,
+          "optional": true
         }
       }
     },
diff --git a/api/package.json b/api/package.json
index 4cc8c157a..8d9a9f750 100644
--- a/api/package.json
+++ b/api/package.json
@@ -35,7 +35,7 @@
     "@types/node-sass": "^4.11.0",
     "@types/sharp": "^0.22.0",
     "@types/socket.io": "^2.1.2",
-    "app-root-path": "^2.1.0",
+    "app-root-path": "^2.2.0",
     "archiver": "^3.0.0",
     "bcrypt": "^3.0.5",
     "body-parser": "^1.18.2",

From a2773aa82186edb83ec0a1a22cec347a98667c42 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Mon, 25 Mar 2019 11:29:21 +0100
Subject: [PATCH 197/207] Update CHANGELOG.md

Co-Authored-By: Gargamil <Gargamil@users.noreply.github.com>
---
 CHANGELOG.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index a988f6af5..de75375a8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,7 +13,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ## [Unreleased]
 ### Added
 - Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
-- Sticky header course view. [#1115](https://github.com/geli-lms/geli/issues/1115)
+- Sticky header for course view. [#1115](https://github.com/geli-lms/geli/issues/1115)
 
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added

From a2257be5ad648deb00c66677c3ad6e5bb7fd431f Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Mon, 25 Mar 2019 11:31:26 +0100
Subject: [PATCH 198/207] added changelog

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d4e80375b..38304fb72 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -17,6 +17,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `UnitController` `GET` & `DELETE` route unit tests for status code `200`. [#1190](https://github.com/geli-lms/geli/issues/1190)
 - `UnitController` status code `403` (not authorized to view / edit course) unit tests for all routes. [#1190](https://github.com/geli-lms/geli/issues/1190)
 - `WhitelistController` status code `403` unit tests for all routes. [#1192](https://github.com/geli-lms/geli/issues/1192)
+- Sticky header for course view. [#1115](https://github.com/geli-lms/geli/issues/1115)
 
 ### Changed
 - Extend `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)

From 9fce799c78baaab86612dd40c2457bb7456379e6 Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Mon, 25 Mar 2019 11:32:13 +0100
Subject: [PATCH 199/207] removed sticky-toolbar.component.spec.ts

---
 .../sticky-toolbar.component.spec.ts          | 25 -------------------
 1 file changed, 25 deletions(-)
 delete mode 100644 app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.spec.ts

diff --git a/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.spec.ts b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.spec.ts
deleted file mode 100644
index 7ec8a2dc0..000000000
--- a/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.spec.ts
+++ /dev/null
@@ -1,25 +0,0 @@
-import { async, ComponentFixture, TestBed } from '@angular/core/testing';
-
-import { StickyToolbarComponent } from './sticky-toolbar.component';
-
-describe('StickyToolbarComponent', () => {
-  let component: StickyToolbarComponent;
-  let fixture: ComponentFixture<StickyToolbarComponent>;
-
-  beforeEach(async(() => {
-    TestBed.configureTestingModule({
-      declarations: [ StickyToolbarComponent ]
-    })
-    .compileComponents();
-  }));
-
-  beforeEach(() => {
-    fixture = TestBed.createComponent(StickyToolbarComponent);
-    component = fixture.componentInstance;
-    fixture.detectChanges();
-  });
-
-  it('should create', () => {
-    expect(component).toBeTruthy();
-  });
-});

From bcebc5c1aa448d14413f1dcfd36d1639f5498ccf Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Mon, 25 Mar 2019 11:44:55 +0100
Subject: [PATCH 200/207] fixed overlay bug

---
 .../components/sticky-toolbar/sticky-toolbar.component.scss     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.scss b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.scss
index 3ca3f5ea8..a498323bf 100644
--- a/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.scss
+++ b/app/webFrontend/src/app/shared/components/sticky-toolbar/sticky-toolbar.component.scss
@@ -4,7 +4,7 @@
   top: 0;
   left: 0;
   right: 0;
-  z-index: 2;
+  z-index: 5;
   display: none;
   visibility: hidden;
 

From 78c5ada06df6803f3d2a5e9f18a4c8440bfe295e Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Mon, 25 Mar 2019 22:13:39 +0100
Subject: [PATCH 201/207] added scrolling

---
 .../course-detail.component.html              |  9 +++---
 .../course-detail.component.scss              | 28 ++++++++++++++++++-
 2 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.component.html b/app/webFrontend/src/app/course/course-detail/course-detail.component.html
index 83ab884dc..2f5f43f20 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.component.html
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.component.html
@@ -1,10 +1,11 @@
 <app-sticky-toolbar
   [anchor]="stickyAnchor">
+
   <div class="header-line">
-    <h2>
+    <h2 class="headings">
       <span>{{course?.name}}</span>
-      <span *ngIf="lectureScrollEmitter|async as lecture"> > {{lecture?.name}}</span>
-      <span *ngIf="unitScrollEmitter|async as unit"> > {{unit?.name}}</span>
+      <span *ngIf="lectureScrollEmitter|async as lecture">{{lecture?.name}}</span>
+      <span *ngIf="unitScrollEmitter|async as unit">{{unit?.name}}</span>
     </h2>
     <ng-template [ngTemplateOutlet]="headerAdminButtons"></ng-template>
   </div>
@@ -72,5 +73,5 @@ <h1>{{course?.name}}</h1>
   </nav>
 </div>
 
-<router-outlet ></router-outlet>
+<router-outlet></router-outlet>
 <app-course-forum [chatRoom]="course?.chatRooms[0]"></app-course-forum>
diff --git a/app/webFrontend/src/app/course/course-detail/course-detail.component.scss b/app/webFrontend/src/app/course/course-detail/course-detail.component.scss
index b7496a335..50a1769e0 100644
--- a/app/webFrontend/src/app/course/course-detail/course-detail.component.scss
+++ b/app/webFrontend/src/app/course/course-detail/course-detail.component.scss
@@ -77,5 +77,31 @@
   display: flex;
   justify-content: space-between;
   align-items: center;
-  flex-wrap: wrap;
+  flex-wrap: nowrap;
+
+  .headings {
+    overflow-x: scroll;
+    overflow-y: hidden;
+    white-space: nowrap;
+
+    span {
+      height: 48px;
+      box-sizing: border-box;
+      text-align: center;
+      display: inline-flex;
+      justify-content: center;
+      align-items: center;
+      white-space: nowrap;
+      vertical-align: top;
+      text-decoration: none;
+      position: relative;
+      overflow: hidden;
+    }
+
+    span+span:before {
+      content: ">";
+      padding: 0 0.5rem;
+    }
+  }
+
 }

From ee863341b5a1c709ca92dff1b492eee05647fe16 Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Mon, 25 Mar 2019 22:24:04 +0100
Subject: [PATCH 202/207] Chg: Remove empty removed section

---
 CHANGELOG.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 702cbfd4e..15706c022 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -41,8 +41,6 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Fixed
 - Notification scroll bug. [#1082](https://github.com/geli-lms/geli/issues/1082)
 
-### Removed
-
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added
 - Export PDF with styled free text units. [#997](https://github.com/geli-lms/geli/issues/997) [#1047](https://github.com/geli-lms/geli/pull/1047)

From b07e01f853304cbc764b5f579b359aee85a214ef Mon Sep 17 00:00:00 2001
From: Tobias Neumann <gargamil@gmail.com>
Date: Mon, 25 Mar 2019 22:25:32 +0100
Subject: [PATCH 203/207] updated changelog

---
 CHANGELOG.md | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index de75375a8..38304fb72 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -13,8 +13,32 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ## [Unreleased]
 ### Added
 - Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
+- `ProgressController` `GET` unit tests & access denial tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- `UnitController` `GET` & `DELETE` route unit tests for status code `200`. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- `UnitController` status code `403` (not authorized to view / edit course) unit tests for all routes. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- `WhitelistController` status code `403` unit tests for all routes. [#1192](https://github.com/geli-lms/geli/issues/1192)
 - Sticky header for course view. [#1115](https://github.com/geli-lms/geli/issues/1115)
 
+### Changed
+- Extend `ProgressController` `PUT` route to handle both creation and updates. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Refactor `ProgressController` unit tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Instead of a list of progress data, the `ProgressController` `GET` route now responds with a single progress object or an empty object if no data can be found. [#1116](https://github.com/geli-lms/geli/issues/1116)
+
+### Removed
+- Unused `ProgressController` `GET` routes for `/courses/` & `/users/`. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- `ProgressController` `POST` route _(obviated by extended `PUT` route)_. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Unused `WhitelistController` `PUT` route. [#1192](https://github.com/geli-lms/geli/issues/1192)
+- Dependency `migrate-mongoose`. [#1189](https://github.com/geli-lms/geli/pull/1189)
+
+### Fixed
+- `TaskUnitComponent.validate` `validationMode` reset. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- `CodeKataComponent` `progress.code` loading. [#1116](https://github.com/geli-lms/geli/issues/1116)
+
+### Security
+- Close `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
+- Close `UnitController` vulnerabilities. [#1190](https://github.com/geli-lms/geli/issues/1190)
+- Close `WhitelistController` vulnerabilities. [#1192](https://github.com/geli-lms/geli/issues/1192)
+
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added
 - Export PDF with styled free text units. [#997](https://github.com/geli-lms/geli/issues/997) [#1047](https://github.com/geli-lms/geli/pull/1047)

From 941c22feb22f7e4a30f0e0faf24ac8c0d51b5cb0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 26 Mar 2019 05:55:07 +0000
Subject: [PATCH 204/207] Bump app-root-path from 2.2.0 to 2.2.1 in /api

Bumps [app-root-path](https://github.com/inxilpro/node-app-root-path) from 2.2.0 to 2.2.1.
- [Release notes](https://github.com/inxilpro/node-app-root-path/releases)
- [Commits](https://github.com/inxilpro/node-app-root-path/compare/2.2.0...2.2.1)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 0e59bfdb9..7146a323b 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -607,9 +607,9 @@
       }
     },
     "app-root-path": {
-      "version": "2.2.0",
-      "resolved": "https://registry.npmjs.org/app-root-path/-/app-root-path-2.2.0.tgz",
-      "integrity": "sha512-qbXcJgmuLGNwO7FH2WrtoJpA0mpcm0ZFQZPm6RV7ZLfA0QR3bQFpoij33x74+u3Zn58JDy5Jc/Z/LXKxTvh1Rw=="
+      "version": "2.2.1",
+      "resolved": "https://registry.npmjs.org/app-root-path/-/app-root-path-2.2.1.tgz",
+      "integrity": "sha512-91IFKeKk7FjfmezPKkwtaRvSpnUc4gDwPAjA1YZ9Gn0q0PPeW+vbeUsZuyDwjI7+QTHhcLen2v25fi/AmhvbJA=="
     },
     "append-buffer": {
       "version": "1.0.2",
diff --git a/api/package.json b/api/package.json
index 8d9a9f750..f310b558f 100644
--- a/api/package.json
+++ b/api/package.json
@@ -35,7 +35,7 @@
     "@types/node-sass": "^4.11.0",
     "@types/sharp": "^0.22.0",
     "@types/socket.io": "^2.1.2",
-    "app-root-path": "^2.2.0",
+    "app-root-path": "^2.2.1",
     "archiver": "^3.0.0",
     "bcrypt": "^3.0.5",
     "body-parser": "^1.18.2",

From 0d44fdedfb97998193246ec232b157d6449a5849 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 26 Mar 2019 06:44:03 +0000
Subject: [PATCH 205/207] Bump mongoose from 5.4.19 to 5.4.20 in /api

Bumps [mongoose](https://github.com/Automattic/mongoose) from 5.4.19 to 5.4.20.
- [Release notes](https://github.com/Automattic/mongoose/releases)
- [Changelog](https://github.com/Automattic/mongoose/blob/master/History.md)
- [Commits](https://github.com/Automattic/mongoose/compare/5.4.19...5.4.20)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 125 ++++++++++++++++++++----------------------
 api/package.json      |   2 +-
 2 files changed, 61 insertions(+), 66 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 7146a323b..8c0e41ab8 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -1245,6 +1245,11 @@
       "integrity": "sha512-qhAVI1+Av2X7qelOfAIYwXONood6XlZE/fXaBSmW/T5SzLAmCgzi+eiWE7fUvbHaeNBQH13UftjpXxsfLkMpgw==",
       "dev": true
     },
+    "bson": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/bson/-/bson-1.1.1.tgz",
+      "integrity": "sha512-jCGVYLoYMHDkOsbwJZBCqwMHyH4c+wzgI9hG7Z6SZJRXWr+x58pdIbm2i9a/jFGCkRJqRUr8eoI7lDWa0hTkxg=="
+    },
     "buffer": {
       "version": "5.2.1",
       "resolved": "https://registry.npmjs.org/buffer/-/buffer-5.2.1.tgz",
@@ -5579,6 +5584,11 @@
         "safe-buffer": "^5.0.1"
       }
     },
+    "kareem": {
+      "version": "2.3.0",
+      "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.3.0.tgz",
+      "integrity": "sha512-6hHxsp9e6zQU8nXsP+02HGWXwTkOEw6IROhF2ZA28cYbUk4eJ6QbtZvdqZOdD9YPKghG3apk5eOCvs+tLl3lRg=="
+    },
     "kew": {
       "version": "0.7.0",
       "resolved": "https://registry.npmjs.org/kew/-/kew-0.7.0.tgz",
@@ -6478,10 +6488,30 @@
       "resolved": "https://registry.npmjs.org/moment/-/moment-2.24.0.tgz",
       "integrity": "sha512-bV7f+6l2QigeBBZSM/6yTNq4P2fNpSWj/0e7jQcy87A8e7o2nAfP/34/2ky5Vw4B9S446EtIhodAzkFCcR4dQg=="
     },
+    "mongodb": {
+      "version": "3.1.13",
+      "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.1.13.tgz",
+      "integrity": "sha512-sz2dhvBZQWf3LRNDhbd30KHVzdjZx9IKC0L+kSZ/gzYquCF5zPOgGqRz6sSCqYZtKP2ekB4nfLxhGtzGHnIKxA==",
+      "requires": {
+        "mongodb-core": "3.1.11",
+        "safe-buffer": "^5.1.2"
+      }
+    },
+    "mongodb-core": {
+      "version": "3.1.11",
+      "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.1.11.tgz",
+      "integrity": "sha512-rD2US2s5qk/ckbiiGFHeu+yKYDXdJ1G87F6CG3YdaZpzdOm5zpoAZd/EKbPmFO6cQZ+XVXBXBJ660sSI0gc6qg==",
+      "requires": {
+        "bson": "^1.1.0",
+        "require_optional": "^1.0.1",
+        "safe-buffer": "^5.1.2",
+        "saslprep": "^1.0.0"
+      }
+    },
     "mongoose": {
-      "version": "5.4.19",
-      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.19.tgz",
-      "integrity": "sha512-paRU3nbCrPIUVw1GAlxo11uIIqrYORctUx1kcLj7i2NhkxPQuy5OK2/FYj8+tglsaixycmONSyop2HQp1IUQSA==",
+      "version": "5.4.20",
+      "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-5.4.20.tgz",
+      "integrity": "sha512-CyybxMQbCaq6jvbroamS5mPfFbxTOLLpdpkQrk1cj7Az1TX+mBbcCVhz+7XElfTMIOb58ah9O+EXmZJsLPD3Lg==",
       "requires": {
         "async": "2.6.1",
         "bson": "~1.1.0",
@@ -6497,68 +6527,6 @@
         "sliced": "1.0.1"
       },
       "dependencies": {
-        "bson": {
-          "version": "1.1.1",
-          "resolved": "https://registry.npmjs.org/bson/-/bson-1.1.1.tgz",
-          "integrity": "sha512-jCGVYLoYMHDkOsbwJZBCqwMHyH4c+wzgI9hG7Z6SZJRXWr+x58pdIbm2i9a/jFGCkRJqRUr8eoI7lDWa0hTkxg=="
-        },
-        "debug": {
-          "version": "3.1.0",
-          "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz",
-          "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==",
-          "requires": {
-            "ms": "2.0.0"
-          },
-          "dependencies": {
-            "ms": {
-              "version": "2.0.0",
-              "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
-              "integrity": "sha1-VgiurfwAvmwpAd9fmGF4jeDVl8g="
-            }
-          }
-        },
-        "kareem": {
-          "version": "2.3.0",
-          "resolved": "https://registry.npmjs.org/kareem/-/kareem-2.3.0.tgz",
-          "integrity": "sha512-6hHxsp9e6zQU8nXsP+02HGWXwTkOEw6IROhF2ZA28cYbUk4eJ6QbtZvdqZOdD9YPKghG3apk5eOCvs+tLl3lRg=="
-        },
-        "mongodb": {
-          "version": "3.1.13",
-          "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-3.1.13.tgz",
-          "integrity": "sha512-sz2dhvBZQWf3LRNDhbd30KHVzdjZx9IKC0L+kSZ/gzYquCF5zPOgGqRz6sSCqYZtKP2ekB4nfLxhGtzGHnIKxA==",
-          "requires": {
-            "mongodb-core": "3.1.11",
-            "safe-buffer": "^5.1.2"
-          }
-        },
-        "mongodb-core": {
-          "version": "3.1.11",
-          "resolved": "https://registry.npmjs.org/mongodb-core/-/mongodb-core-3.1.11.tgz",
-          "integrity": "sha512-rD2US2s5qk/ckbiiGFHeu+yKYDXdJ1G87F6CG3YdaZpzdOm5zpoAZd/EKbPmFO6cQZ+XVXBXBJ660sSI0gc6qg==",
-          "requires": {
-            "bson": "^1.1.0",
-            "require_optional": "^1.0.1",
-            "safe-buffer": "^5.1.2",
-            "saslprep": "^1.0.0"
-          }
-        },
-        "mpath": {
-          "version": "0.5.1",
-          "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.5.1.tgz",
-          "integrity": "sha512-H8OVQ+QEz82sch4wbODFOz+3YQ61FYz/z3eJ5pIdbMEaUzDqA268Wd+Vt4Paw9TJfvDgVKaayC0gBzMIw2jhsg=="
-        },
-        "mquery": {
-          "version": "3.2.0",
-          "resolved": "https://registry.npmjs.org/mquery/-/mquery-3.2.0.tgz",
-          "integrity": "sha512-qPJcdK/yqcbQiKoemAt62Y0BAc0fTEKo1IThodBD+O5meQRJT/2HSe5QpBNwaa4CjskoGrYWsEyjkqgiE0qjhg==",
-          "requires": {
-            "bluebird": "3.5.1",
-            "debug": "3.1.0",
-            "regexp-clone": "0.0.1",
-            "safe-buffer": "5.1.2",
-            "sliced": "1.0.1"
-          }
-        },
         "ms": {
           "version": "2.1.1",
           "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.1.tgz",
@@ -6583,6 +6551,33 @@
         "on-headers": "~1.0.1"
       }
     },
+    "mpath": {
+      "version": "0.5.1",
+      "resolved": "https://registry.npmjs.org/mpath/-/mpath-0.5.1.tgz",
+      "integrity": "sha512-H8OVQ+QEz82sch4wbODFOz+3YQ61FYz/z3eJ5pIdbMEaUzDqA268Wd+Vt4Paw9TJfvDgVKaayC0gBzMIw2jhsg=="
+    },
+    "mquery": {
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/mquery/-/mquery-3.2.0.tgz",
+      "integrity": "sha512-qPJcdK/yqcbQiKoemAt62Y0BAc0fTEKo1IThodBD+O5meQRJT/2HSe5QpBNwaa4CjskoGrYWsEyjkqgiE0qjhg==",
+      "requires": {
+        "bluebird": "3.5.1",
+        "debug": "3.1.0",
+        "regexp-clone": "0.0.1",
+        "safe-buffer": "5.1.2",
+        "sliced": "1.0.1"
+      },
+      "dependencies": {
+        "debug": {
+          "version": "3.1.0",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-3.1.0.tgz",
+          "integrity": "sha512-OX8XqP7/1a9cqkxYw2yXss15f26NKWBpDXQd0/uK/KPqdQhxbPa994hnzjcE2VqQpDslf55723cKPUOGSmMY3g==",
+          "requires": {
+            "ms": "2.0.0"
+          }
+        }
+      }
+    },
     "ms": {
       "version": "2.0.0",
       "resolved": "https://registry.npmjs.org/ms/-/ms-2.0.0.tgz",
diff --git a/api/package.json b/api/package.json
index f310b558f..89f7724c0 100644
--- a/api/package.json
+++ b/api/package.json
@@ -52,7 +52,7 @@
     "markdown-it-emoji": "^1.4.0",
     "markdown-it-mark": "^2.0.0",
     "moment": "^2.24.0",
-    "mongoose": "~5.4.19",
+    "mongoose": "~5.4.20",
     "morgan": "^1.9.1",
     "multer": "^1.4.1",
     "node-file-cache": "^1.0.2",

From 2eb5a56d68c686e56c59726c31f5a03ada2918ee Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <support@dependabot.com>
Date: Tue, 26 Mar 2019 07:28:56 +0000
Subject: [PATCH 206/207] Bump @types/mongoose from 5.3.23 to 5.3.24 in /api

Bumps [@types/mongoose](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/mongoose) from 5.3.23 to 5.3.24.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/mongoose)

Signed-off-by: dependabot[bot] <support@dependabot.com>
---
 api/package-lock.json | 6 +++---
 api/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/api/package-lock.json b/api/package-lock.json
index 8c0e41ab8..4a45aaf6a 100644
--- a/api/package-lock.json
+++ b/api/package-lock.json
@@ -217,9 +217,9 @@
       }
     },
     "@types/mongoose": {
-      "version": "5.3.23",
-      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.23.tgz",
-      "integrity": "sha512-UZJOkFe/ShSt3iYFBiadwwCu2Y8qm/RZyAoCQI2uf88wr3NfDBpbqqoIyrchBy1y2XtvAAyktEPzvvR7up6/TQ==",
+      "version": "5.3.24",
+      "resolved": "https://registry.npmjs.org/@types/mongoose/-/mongoose-5.3.24.tgz",
+      "integrity": "sha512-Txa5C/veUJJG2o1sRbl8z1M7GhPjJz6J3JJQV76eYN0PyI9F2NO3gbVUj059ND5nlbvQjRhXuFLaqN6NH8nMNQ==",
       "dev": true,
       "requires": {
         "@types/mongodb": "*",
diff --git a/api/package.json b/api/package.json
index 89f7724c0..8caa1de63 100644
--- a/api/package.json
+++ b/api/package.json
@@ -79,7 +79,7 @@
     "@types/jsonwebtoken": "^8.3.2",
     "@types/markdown-it": "0.0.7",
     "@types/mocha": "^5.2.6",
-    "@types/mongoose": "~5.3.23",
+    "@types/mongoose": "~5.3.24",
     "@types/morgan": "1.7.35",
     "@types/nodemailer": "^4.6.6",
     "@types/passport": "^1.0.0",

From b28c87d232ede7d54f7727d7c5ba13d1d04e30be Mon Sep 17 00:00:00 2001
From: Daniel Kesselberg <mail@danielkesselberg.de>
Date: Tue, 26 Mar 2019 14:27:58 +0100
Subject: [PATCH 207/207] Add changelog 0.8.5

---
 CHANGELOG.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 319e00d72..90405a142 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 -->
 
 ## [Unreleased]
+
+## [[0.8.5](https://github.com/geli-lms/geli/releases/tag/v0.8.5)] - 2019-03-26 - WS 18/19 🎉-Release
 ### Added
 - Translatable SnackBarService. [#922](https://github.com/geli-lms/geli/issues/922)
 - `ProgressController` `GET` unit tests & access denial tests in general. [#1116](https://github.com/geli-lms/geli/issues/1116)
@@ -38,6 +40,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - `TaskUnitComponent.validate` `validationMode` reset. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - `CodeKataComponent` `progress.code` loading. [#1116](https://github.com/geli-lms/geli/issues/1116)
 - Code order in the `MediaController`'s `createDirectory` & `createFile`. [#1196](https://github.com/geli-lms/geli/issues/1196)
+- Notification scroll bug. [#1082](https://github.com/geli-lms/geli/issues/1082)
 
 ### Security
 - Close `ProgressController` vulnerabilities. [#1116](https://github.com/geli-lms/geli/issues/1116)
@@ -45,9 +48,6 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 - Close `WhitelistController` vulnerabilities. [#1192](https://github.com/geli-lms/geli/issues/1192)
 - Close `MediaController` vulnerabilities. [#1196](https://github.com/geli-lms/geli/issues/1196)
 
-### Fixed
-- Notification scroll bug. [#1082](https://github.com/geli-lms/geli/issues/1082)
-
 ## [[0.8.4](https://github.com/geli-lms/geli/releases/tag/v0.8.4)] - 2018-12-20 - WS 18/19 ❄️-Release
 ### Added
 - Export PDF with styled free text units. [#997](https://github.com/geli-lms/geli/issues/997) [#1047](https://github.com/geli-lms/geli/pull/1047)