fix: disable csp (is this ok?)

src/electron/electron/utils.js

@@ -5,21 +5,31 @@ import fs from 'fs';
 // We set an intercept on incoming requests to disable x-frame-options
 // headers.
 
+// Should we do this? Does this make evil sites doing danagerous things?
 export const disableXFrameOptions = (win) => {
-  win.webContents.session.webRequest.onHeadersReceived({ urls: ['*://*/*'] },
+  win.webContents.session.webRequest.onHeadersReceived(
     (d, c) => {
       if (d.responseHeaders['X-Frame-Options']) {
         delete d.responseHeaders['X-Frame-Options']
       } else if (d.responseHeaders['x-frame-options']) {
         delete d.responseHeaders['x-frame-options']
       }
+      
+      if (d.responseHeaders['Content-Security-Policy']) {
+        delete d.responseHeaders['Content-Security-Policy']
+      }
+
+      if (d.responseHeaders['content-security-policy']) {
+        delete d.responseHeaders['content-security-policy']
+      }
+
 
       c({ cancel: false, responseHeaders: d.responseHeaders })
     }
   )
 }
 
-export async function getAllFiles (dir, exts) {
+export async function getAllFiles(dir, exts) {
   const dirents = await readdir(dir, { withFileTypes: true })
 
   if (exts) {

tldraw/apps/tldraw-logseq/package.json

@@ -25,10 +25,10 @@
     "@types/react-dom": "^17.0.0",
     "autoprefixer": "^10.4.7",
     "concurrently": "^7.2.1",
-    "esbuild": "^0.15.6",
-    "mobx": "^6.6.0",
+    "esbuild": "^0.15.7",
+    "mobx": "^6.6.2",
     "mobx-react-lite": "^3.4.0",
-    "perfect-freehand": "^1.1.0",
+    "perfect-freehand": "^1.2.0",
     "polished": "^4.0.0",
     "postcss": "^8.4.14",
     "react": "^17.0.0",

tldraw/demo/package.json

@@ -7,13 +7,13 @@
     "autoprefixer": "^10.4.7",
     "postcss": "^8.4.13",
     "tailwindcss": "^3.0.24",
-    "vite": "^3.0.9"
+    "vite": "^3.1.2"
   },
   "scripts": {
     "dev": "vite"
   },
   "dependencies": {
-    "@vitejs/plugin-react": "^2.0.0",
+    "@vitejs/plugin-react": "^2.1.0",
     "react": "^17",
     "react-dom": "^17"
   }

tldraw/package.json

@@ -30,9 +30,9 @@
     "@types/react-dom": "^17.0.0",
     "@typescript-eslint/eslint-plugin": "^5.36.1",
     "@typescript-eslint/parser": "^5.36.1",
-    "eslint": "^8.23.0",
+    "eslint": "^8.23.1",
     "init-package-json": "^3.0.2",
-    "lerna": "^5.5.0",
+    "lerna": "^5.5.1",
     "lint-staged": "^13.0.1",
     "prettier": "^2.6.2",
     "prettier-plugin-jsdoc": "^0.3.38",

tldraw/packages/core/package.json

@@ -37,14 +37,15 @@
   "dependencies": {
     "@tldraw/intersect": "2.0.0-alpha.1",
     "@tldraw/vec": "2.0.0-alpha.1",
-    "@use-gesture/react": "^10.2.19",
+    "@use-gesture/react": "^10.2.20",
     "fast-copy": "^2.1.3",
     "fast-deep-equal": "^3.1.3",
-    "hotkeys-js": "^3.9.5",
+    "hotkeys-js": "^3.10.0",
     "is-plain-object": "^5.0.0",
-    "mobx": "^6.6.0",
+    "mobx": "^6.6.2",
     "mobx-react-lite": "^3.4.0",
     "mousetrap": "^1.6.5",
+    "proxy-compare": "^2.3.0",
     "rbush": "^3.0.1",
     "uuid": "^8.0.0"
   },

tldraw/packages/core/src/utils/cache.ts

@@ -0,0 +1,30 @@
+export class SimpleCache<T extends object, K> {
+  items = new WeakMap<T, K>()
+
+  get<P extends T>(item: P, cb: (item: P) => K) {
+    if (!this.items.has(item)) {
+      this.items.set(item, cb(item))
+    }
+    return this.items.get(item)!
+  }
+
+  access(item: T) {
+    return this.items.get(item)
+  }
+
+  set(item: T, value: K) {
+    this.items.set(item, value)
+  }
+
+  has(item: T) {
+    return this.items.has(item)
+  }
+
+  invalidate(item: T) {
+    this.items.delete(item)
+  }
+
+  bust() {
+    this.items = new WeakMap()
+  }
+}

tldraw/packages/core/src/utils/index.ts

@@ -9,6 +9,7 @@ export * from './BindingUtils'
 export * from './DataUtils'
 export * from './TextUtils'
 export * from './getTextSize'
+export * from './cache'
 
 export function uniqueId() {
   return uuid.v1()

tldraw/packages/react/package.json

@@ -35,10 +35,10 @@
     "@tldraw/core": "2.0.0-alpha.1",
     "@tldraw/intersect": "2.0.0-alpha.1",
     "@tldraw/vec": "2.0.0-alpha.1",
-    "@use-gesture/react": "^10.2.19",
-    "hotkeys-js": "^3.9.5",
+    "@use-gesture/react": "^10.2.20",
+    "hotkeys-js": "^3.10.0",
     "is-plain-object": "^5.0.0",
-    "mobx": "^6.6.0",
+    "mobx": "^6.6.2",
     "mobx-react-lite": "^3.4.0",
     "mousetrap": "^1.6.5",
     "rbush": "^3.0.1",