renovate[bot]
418ddb9d7f
fix(deps): update dependency pg to v8.13.1 (develop) ( #5978 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-03 14:06:12 +00:00
renovate[bot]
15f5225206
fix(deps): update dependency openid-client to v5.7.1 (develop) ( #5977 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-03 04:46:58 +00:00
renovate[bot]
f9e29df4bd
fix(deps): update dependency minio to v8.0.4 (develop) ( #5976 )
...
Docker / build-and-push (backend) (push) Waiting to run
Docker / build-and-push (frontend) (push) Waiting to run
E2E Tests / backend-sqlite (push) Waiting to run
E2E Tests / backend-mariadb (push) Waiting to run
E2E Tests / frontend-cypress (3) (push) Blocked by required conditions
E2E Tests / backend-postgres (push) Waiting to run
E2E Tests / Build test build of frontend (push) Waiting to run
E2E Tests / frontend-cypress (1) (push) Blocked by required conditions
E2E Tests / frontend-cypress (2) (push) Blocked by required conditions
Lint and check format / Lint files and check formatting (push) Waiting to run
REUSE Compliance Check / reuse (push) Waiting to run
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Static Analysis / Njsscan code scanning (push) Waiting to run
Static Analysis / CodeQL analysis (push) Waiting to run
Run tests & build / Test and build with NodeJS 20 (push) Waiting to run
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-03 01:33:52 +00:00
renovate[bot]
4097f029d6
fix(deps): update dependency cookie to v1.0.2 (develop) ( #5970 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-02 21:22:23 +00:00
renovate[bot]
1cd5b2f984
fix(deps): update dependency @node-rs/argon2 to v2.0.2 (develop) ( #5965 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-02 19:09:03 +00:00
renovate[bot]
2ced96b106
chore(deps): update yarn to v4.5.3 (develop) ( #5963 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-02 17:57:02 +00:00
renovate[bot]
4084076a1e
chore(deps): update linters (develop) (patch) ( #5961 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-02 12:55:31 +00:00
renovate[bot]
c34254eb8a
chore(deps): update dependency @types/jest to v29.5.14 (develop) ( #5956 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-02 05:48:12 +00:00
renovate[bot]
778da4bad9
chore(deps): update dependency @darraghor/eslint-plugin-nestjs-typed to v5.0.32 (develop) ( #5954 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-01 22:46:36 +00:00
renovate[bot]
53e92517e9
chore(deps): pin node.js (develop) ( #5941 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2025-02-01 21:16:06 +00:00
Erik Michelson
fd1795f941
feat(auth): allow to disable OIDC user registration
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-12-18 20:02:19 +01:00
Erik Michelson
b24f8b0a76
refactor(auth): rename identity-module to auth-module
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-12-18 20:02:19 +01:00
renovate[bot]
ff3e34261e
chore(deps): update definitelytyped
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2024-12-18 18:58:06 +00:00
renovate[bot]
75db195559
chore(deps): update node.js to d20da4a (develop) ( #5869 )
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-11-12 20:37:16 +00:00
Erik Michelson
90508c15ff
fix(backend/auth/oidc): add log message when user identifier is missing
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-12 20:58:09 +01:00
Erik Michelson
71658aecff
chore(deps): upgrade eslint-plugins
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-12 20:58:09 +01:00
Erik Michelson
b796f1c6f2
chore(deps): upgrade yarn to 4.5.1
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-12 20:58:09 +01:00
Erik Michelson
b194f3433c
chore(deps): upgrade openid-client to 5.7.0
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-12 20:58:09 +01:00
Erik Michelson
a039a97446
chore(deps): upgrade @nestjs/swagger to 8.0.5
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-12 20:58:09 +01:00
Erik Michelson
9cd6003619
chore(deps): upgrade cookie to 1.0.1
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-12 20:58:09 +01:00
Erik Michelson
e65cbd95d9
chore(deps): upgrade diff to 7.0.0
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-12 20:58:09 +01:00
Erik Michelson
0bb09a1597
chore(deps): upgrade uuid to 11.0.3
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-12 20:58:09 +01:00
Erik Michelson
932ecac326
fix(deps): use non-breaking versions
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-01 17:31:27 +01:00
Erik Michelson
a15ece1e7f
chore(deps): upgrade dependencies for backend + lint fixes
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-01 17:31:27 +01:00
Erik Michelson
e7d81c5cdf
refactor(oidc): simplify callback statement
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-01 14:36:35 +01:00
Erik Michelson
f71bf7a974
enhancement(oidc): refetch discovery documents regularly
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-11-01 14:36:35 +01:00
Ivan Li
19f4baf79b
feat(auth): add OIDC state parameter
...
Docker / build-and-push (frontend) (push) Has been cancelled
E2E Tests / backend-sqlite (push) Has been cancelled
E2E Tests / backend-mariadb (push) Has been cancelled
Run tests & build / Test and build with NodeJS 20 (push) Has been cancelled
Docker / build-and-push (backend) (push) Has been cancelled
E2E Tests / backend-postgres (push) Has been cancelled
E2E Tests / Build test build of frontend (push) Has been cancelled
Lint and check format / Lint files and check formatting (push) Has been cancelled
REUSE Compliance Check / reuse (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Static Analysis / Njsscan code scanning (push) Has been cancelled
Static Analysis / CodeQL analysis (push) Has been cancelled
E2E Tests / frontend-cypress (1) (push) Has been cancelled
E2E Tests / frontend-cypress (2) (push) Has been cancelled
E2E Tests / frontend-cypress (3) (push) Has been cancelled
Signed-off-by: Ivan Li <ivanli2048@gmail.com>
2024-10-21 17:45:43 +02:00
yamashu
8b6bedab39
refactor(test): Replace inline snapshot with file snapshot ( #5830 )
Docker / build-and-push (backend) (push) Has been cancelled
Docker / build-and-push (frontend) (push) Has been cancelled
E2E Tests / backend-sqlite (push) Has been cancelled
E2E Tests / backend-mariadb (push) Has been cancelled
E2E Tests / backend-postgres (push) Has been cancelled
E2E Tests / Build test build of frontend (push) Has been cancelled
Lint and check format / Lint files and check formatting (push) Has been cancelled
REUSE Compliance Check / reuse (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Static Analysis / Njsscan code scanning (push) Has been cancelled
Static Analysis / CodeQL analysis (push) Has been cancelled
Run tests & build / Test and build with NodeJS 20 (push) Has been cancelled
E2E Tests / frontend-cypress (1) (push) Has been cancelled
E2E Tests / frontend-cypress (2) (push) Has been cancelled
E2E Tests / frontend-cypress (3) (push) Has been cancelled
2024-10-08 21:13:27 +00:00
renovate[bot]
3a1ad565cb
chore(deps): update dependency @darraghor/eslint-plugin-nestjs-typed to v5.0.25
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-26 16:51:19 +00:00
Erik Michelson
b44f395852
fix(tests): fix tests and linting
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-26 18:39:37 +02:00
renovate[bot]
4250f4458b
fix(deps): update dependency ws to v8.18.0 [security]
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-26 18:39:37 +02:00
yamashu
4fce422bdb
feat(backend revision): add clean-up note revisions job ( #5349 )
2024-09-26 17:24:24 +02:00
Philip Molares
81a9058347
chore: increase version of all relevant files
...
Run tests & build / Test and build with NodeJS 20 (push) Has been cancelled
E2E Tests / backend-sqlite (push) Has been cancelled
E2E Tests / backend-mariadb (push) Has been cancelled
E2E Tests / backend-postgres (push) Has been cancelled
E2E Tests / Build test build of frontend (push) Has been cancelled
Docker / build-and-push (backend) (push) Has been cancelled
Docker / build-and-push (frontend) (push) Has been cancelled
Deploy HD2 docs to Netlify / Deploys to netlify (push) Has been cancelled
Lint and check format / Lint files and check formatting (push) Has been cancelled
REUSE Compliance Check / reuse (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Static Analysis / Njsscan code scanning (push) Has been cancelled
Static Analysis / CodeQL analysis (push) Has been cancelled
E2E Tests / frontend-cypress (1) (push) Has been cancelled
E2E Tests / frontend-cypress (2) (push) Has been cancelled
E2E Tests / frontend-cypress (3) (push) Has been cancelled
We release Alpha v3 of HedgeDoc 2.0 and need to make sure that all
version are changed accordingly.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2024-09-18 21:30:14 +02:00
renovate[bot]
ddc5f07faa
chore(deps): update node.js to 2d07db0
...
Docker / build-and-push (backend) (push) Waiting to run
Docker / build-and-push (frontend) (push) Waiting to run
Deploy HD2 docs to Netlify / Deploys to netlify (push) Waiting to run
E2E Tests / backend-sqlite (push) Waiting to run
E2E Tests / backend-mariadb (push) Waiting to run
E2E Tests / backend-postgres (push) Waiting to run
E2E Tests / Build test build of frontend (push) Waiting to run
E2E Tests / frontend-cypress (1) (push) Blocked by required conditions
E2E Tests / frontend-cypress (2) (push) Blocked by required conditions
E2E Tests / frontend-cypress (3) (push) Blocked by required conditions
Lint and check format / Lint files and check formatting (push) Waiting to run
REUSE Compliance Check / reuse (push) Waiting to run
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Static Analysis / Njsscan code scanning (push) Waiting to run
Static Analysis / CodeQL analysis (push) Waiting to run
Run tests & build / Test and build with NodeJS 20 (push) Waiting to run
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-18 19:01:05 +00:00
Erik Michelson
2c6717e1ee
refactor(api-token): drop passport, rename to ApiToken
...
We don't need a library that requires as much boilerplate code as
writing the AuthGuard ourselves, especially since the token validation
was already custom code by us.
The previous name PublicAuthToken was a bit misleading, since PublicAuth
could also be interpreted as being used for the public frontend in
contrast to the API. The old name before that (AuthToken) wasn't better
since it wasn't clear what type of auth is meant. I know, this is the
second renaming of the same module in less than a month. However, I
would say the name ApiToken seems rather reasonable and understandable.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-18 19:14:32 +02:00
Erik Michelson
1c73e99b0a
enhancement(note-deletion): allow to keep uploads
...
This adds support for keeping the uploads attached to a note when
deleting the same note. This is done by a simple checkbox that can be
clicked in the DeletionModal.
To do this, some parts of the note deletion had to be refactored,
especially in the case of the history page. Both the note deletion and
history removal methods used the same modal, which isn't applicable now
anymore. Additionally, there was a bug that the modal checked for
ownership in the frontend before allowing the note deletion. However, in
the context of the history page, the ownership couldn't be evaluated
since the backend API didn't include that information. This is now fixed
as well.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-18 18:37:39 +02:00
Erik Michelson
603ad8088c
enhancement(auth/oidc): allow manual defining end_session_endpoint URL
...
For non-OIDC compliant OAuth2 providers it was only possible to define
the authorize, token and userinfo URLs but not the end_session_endpoint.
This commit adds that functionality.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-18 18:03:22 +02:00
Erik Michelson
53409825d4
fix(config/auth): error message mappings for manual OIDC attributes
...
Error messages for manual OIDC attributes such as overriding the scope
resulted in wrong error messages when misconfigured.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-18 18:03:22 +02:00
Erik Michelson
88cfd6a974
fix(auth/oidc): clean-up oidcIdToken session variable
...
When the OIDC login flow for a new user is cancelled, the oidcIdToken
session variable should be cleared as well.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-18 18:03:22 +02:00
Erik Michelson
c4c5cbd5d0
fix(auth/oidc): string "undefined" for missing userinfo response fields
...
The userinfo response endpoint from the OIDC provider should not be
trusted to return what we expect. Fields could be undefined. In that
case HedgeDoc would have written "undefined" into the fields for
profile picture or email address.
This fix checks for fields being undefined and returns a default value
in that case.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-18 18:03:22 +02:00
Emmanuel Ferdman
3e0d84f031
fix(docker): update docker documentation reference
...
Docker / build-and-push (backend) (push) Has been cancelled
Docker / build-and-push (frontend) (push) Has been cancelled
E2E Tests / backend-sqlite (push) Has been cancelled
E2E Tests / backend-mariadb (push) Has been cancelled
E2E Tests / backend-postgres (push) Has been cancelled
E2E Tests / Build test build of frontend (push) Has been cancelled
Lint and check format / Lint files and check formatting (push) Has been cancelled
REUSE Compliance Check / reuse (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Static Analysis / Njsscan code scanning (push) Has been cancelled
Static Analysis / CodeQL analysis (push) Has been cancelled
Run tests & build / Test and build with NodeJS 20 (push) Has been cancelled
E2E Tests / frontend-cypress (1) (push) Has been cancelled
E2E Tests / frontend-cypress (2) (push) Has been cancelled
E2E Tests / frontend-cypress (3) (push) Has been cancelled
Signed-off-by: Emmanuel Ferdman <emmanuelferdman@gmail.com>
2024-09-17 01:35:45 +02:00
Erik Michelson
3e17edf95d
fix(types): typecast ldap options due to wrong types in ldapjs
...
Docker / build-and-push (backend) (push) Has been cancelled
Docker / build-and-push (frontend) (push) Has been cancelled
E2E Tests / backend-sqlite (push) Has been cancelled
E2E Tests / backend-mariadb (push) Has been cancelled
E2E Tests / backend-postgres (push) Has been cancelled
E2E Tests / Build test build of frontend (push) Has been cancelled
Lint and check format / Lint files and check formatting (push) Has been cancelled
REUSE Compliance Check / reuse (push) Has been cancelled
Scorecard supply-chain security / Scorecard analysis (push) Has been cancelled
Static Analysis / Njsscan code scanning (push) Has been cancelled
Static Analysis / CodeQL analysis (push) Has been cancelled
Run tests & build / Test and build with NodeJS 20 (push) Has been cancelled
E2E Tests / frontend-cypress (1) (push) Has been cancelled
E2E Tests / frontend-cypress (2) (push) Has been cancelled
E2E Tests / frontend-cypress (3) (push) Has been cancelled
The provided types by ldapauth-fork are re-exported from ldapjs. ldapjs
is unmaintained by now but since their last update, the
ConnectionOptions type seems to not contain the mandatory parameter
`url` anymore. Therefore this typecast is needed.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-13 13:56:02 +02:00
Erik Michelson
3261929a2a
fix(types): move and remove unused types
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-13 13:56:02 +02:00
renovate[bot]
7b66965014
fix(deps): update dependency ldapauth-fork to v6
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-13 13:56:02 +02:00
Erik Michelson
21dcf0eb49
fix(tests): minio upload type is not exported anymore
...
Deploy HD2 docs to Netlify / Deploys to netlify (push) Has been cancelled
Docker / build-and-push (backend) (push) Waiting to run
Docker / build-and-push (frontend) (push) Waiting to run
E2E Tests / backend-sqlite (push) Waiting to run
E2E Tests / backend-mariadb (push) Waiting to run
E2E Tests / backend-postgres (push) Waiting to run
E2E Tests / Build test build of frontend (push) Waiting to run
E2E Tests / frontend-cypress (1) (push) Blocked by required conditions
E2E Tests / frontend-cypress (2) (push) Blocked by required conditions
E2E Tests / frontend-cypress (3) (push) Blocked by required conditions
Lint and check format / Lint files and check formatting (push) Waiting to run
REUSE Compliance Check / reuse (push) Waiting to run
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Static Analysis / Njsscan code scanning (push) Waiting to run
Static Analysis / CodeQL analysis (push) Waiting to run
Run tests & build / Test and build with NodeJS 20 (push) Waiting to run
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-12 16:55:41 +02:00
renovate[bot]
57cba653e3
fix(deps): update dependency minio to v8
...
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
2024-09-12 16:55:41 +02:00
Erik Michelson
62eb4b6d2b
fix(packages): backend was missing uuid package
...
Due to failing docker builds it was brought to our attention,
that the backend relied on the uuid package without declaring
it as dependency. This worked in all development and build
scenarios as the frontend declares uuid as dependency already
and top-level `yarn install` installs all dependencies from all
workspaces. However as the docker build only runs for either
the backend or the frontend, this failed.
This commit adds the dependency to the backend as well.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-12 15:45:14 +02:00
Erik Michelson
157a0fe278
refactor(media): store filenames, use pre-signed s3/azure URLs, UUIDs
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-12 14:49:17 +02:00
Erik Michelson
4132833b5d
refactor(api-docs): move api docs to /api/doc/
...
The API documentation belongs strictly to the API itself.
Due to the usage of version-prefixed API endpoints, there is no conflict
with existing or future endpoints.
The reason behind this is that we already have enough exceptions in the
routing (default everything to react-frontend, exceptions for backend)
and it is hard to keep it synchronized throughout all relevant places.
This came to attention as the dev setup didn't proxy the API docs to the
backend.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-12 14:49:17 +02:00
Erik Michelson
7f665fae4b
feat(auth): refactor auth, add oidc
...
Docker / build-and-push (frontend) (push) Waiting to run
Docker / build-and-push (backend) (push) Waiting to run
Deploy HD2 docs to Netlify / Deploys to netlify (push) Waiting to run
E2E Tests / backend-sqlite (push) Waiting to run
E2E Tests / backend-mariadb (push) Waiting to run
E2E Tests / backend-postgres (push) Waiting to run
E2E Tests / Build test build of frontend (push) Waiting to run
E2E Tests / frontend-cypress (1) (push) Blocked by required conditions
E2E Tests / frontend-cypress (2) (push) Blocked by required conditions
E2E Tests / frontend-cypress (3) (push) Blocked by required conditions
Lint and check format / Lint files and check formatting (push) Waiting to run
REUSE Compliance Check / reuse (push) Waiting to run
Scorecard supply-chain security / Scorecard analysis (push) Waiting to run
Static Analysis / Njsscan code scanning (push) Waiting to run
Static Analysis / CodeQL analysis (push) Waiting to run
Run tests & build / Test and build with NodeJS 20 (push) Waiting to run
Thanks to all HedgeDoc team members for the time discussing,
helping with weird Nest issues, providing feedback
and suggestions!
Co-authored-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2024-09-11 21:29:49 +02:00
