github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-10-22 15:12:08 -04:00
Code Issues Projects Releases Packages Wiki Activity
4415 commits 40 branches 47 tags 110 MiB
Commit graph

4415 commits

This branch
This branch
All branches
Author SHA1 Message Date
renovate[bot]
439417def8
chore(deps): update dependency eslint-plugin-import to v2.25.4 (#1959) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-08 04:15:52 +00:00
renovate[bot]
71fd021d80
chore(deps): update dependency @types/node to v16.11.19 (#1958) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-08 02:03:41 +00:00
Yannick Bungers
f3899f3afd Update error types for checkLocalPassword and updateLocalPassword to InvalidCredentialsError and NoLocalIdentityError in tests 
Signed-off-by: Yannick Bungers <git@innay.de>
 2022-01-06 22:01:39 +01:00
Yannick Bungers
29f60f8140 Change error types in checkLocalPassword and updateLocalPassword to InvalidCredentialsError and NoLocalIdentityError 
Signed-off-by: Yannick Bungers <git@innay.de>
 2022-01-06 21:59:46 +01:00
Yannick Bungers
9ecf7ba2be
Merge pull request #1935 from hedgedoc/feature/verify-password-change 2022-01-04 10:36:09 +01:00
David Mehren
85e7643b95
Merge pull request #1934 from hedgedoc/refactor/frontend-config/auth-providers 2022-01-04 10:08:58 +01:00
Erik Michelson
f581eeae79
Rename local password check method 
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2022-01-03 23:45:43 +01:00
Erik Michelson
53f86919e3
refactor(frontend-config): return auth providers as array 
This change removes the customAuthNames property and redefines the
authProviders property of the frontend-config DTO. Instead of an
map from auth providers to their enabled-state (boolean), there is
now an array that just includes the configured auth providers while
also having the identifier and providerName of custom auth providers.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2022-01-03 22:22:45 +01:00
David Mehren
745a1078f1
Merge pull request #1827 from hedgedoc/enhancement/lazy_load_relations 2022-01-03 19:51:39 +01:00
renovate[bot]
cbd2d3236a
chore(deps): update dependency mkdocs-material to v8.1.4 (#1948) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-02 14:07:03 +00:00
David Mehren
eceddb062a
Merge pull request #1943 from hedgedoc/renovate/develop-linters 2022-01-02 11:33:09 +01:00
David Mehren
cde3d43e4c
Merge pull request #1944 from hedgedoc/renovate/develop-rxjs-7.x 2022-01-02 11:32:38 +01:00
David Mehren
331bb572c5
Merge pull request #1942 from hedgedoc/renovate/develop-test-packages 2022-01-02 11:32:07 +01:00
Renovate Bot
34f56d0aa4
fix(deps): update dependency rxjs to v7.5.1 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-01-02 00:15:16 +00:00
Renovate Bot
6bf2493e17
chore(deps): update dependency eslint to v8.6.0 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-01-02 00:14:55 +00:00
Renovate Bot
74be984f9e
chore(deps): update dependency @types/jest to v27.4.0 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2022-01-02 00:14:36 +00:00
renovate[bot]
810afafe15
chore(deps): update dependency eslint-plugin-jest to v25.3.4 (#1946) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-02 00:13:03 +00:00
renovate[bot]
8d3c76560b
chore(deps): update dependency eslint-plugin-jest to v25.3.3 (#1941) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2022-01-01 08:32:54 +00:00
Erik Michelson
eda6835403
feat(auth): password change requires old password 
By checking the "old" password of the user prior to a password change, the
password change function is more secured against abuse.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
 2021-12-28 02:09:05 +01:00
David Mehren
149369d19a
Merge pull request #1932 from hedgedoc/renovate/develop-lock-file-maintenance 2021-12-27 20:34:36 +01:00
Renovate Bot
76a6518eb0
chore(deps): lock file maintenance 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2021-12-27 19:28:45 +00:00
David Mehren
6dafb102d6
Merge pull request #1930 from hedgedoc/renovate/develop-linters 2021-12-27 20:22:41 +01:00
Renovate Bot
3aee96051b
chore(deps): update linters to v5.8.1 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2021-12-27 19:15:06 +00:00
renovate[bot]
a343151b6d
chore(deps): update definitelytyped (#1929) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-25 02:49:05 +00:00
David Mehren
b469050f57
Merge pull request #1795 from Chasethechicken/docs/dev-getting-started 2021-12-21 17:24:47 +01:00
Chasethechicken
146523b5b4 Correct documentation on how to access Hedgedoc 
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
 2021-12-21 10:37:48 +01:00
Chasethechicken
a0cfc2bc06 Apply suggestions from code review 
Use real backend by default.
Start server with NODE_ENV set to development mode.

Co-authored-by: David Mehren <git@herrmehren.de>
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
 2021-12-20 13:16:01 +01:00
Falk Rehse
eaa4d45d23 Improve wording 
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
 2021-12-20 13:16:01 +01:00
Chasethechicken
fca8aa1777 Remove paragraph about development setup 
As this is documented in dev/getting-started.md

Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
 2021-12-20 13:15:58 +01:00
Chasethechicken
b813a19614 Add note about proxy 
Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
 2021-12-20 13:14:29 +01:00
Chasethechicken
954c751cca Remove section about production deployments 
As this is meant to document a development setup.

Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
 2021-12-20 13:14:29 +01:00
Chasethechicken
a3a2ffea6d Add Docs for getting started with 2.0 
This page describes how to set up HedgeDoc 2 for local development.

Signed-off-by: Falk Rehse <neuringe1234@gmail.com>
 2021-12-20 13:14:29 +01:00
renovate[bot]
d5fdd5c5b4
chore(deps): lock file maintenance (#1925) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-20 02:40:27 +00:00
renovate[bot]
2c62572379
chore(deps): update dependency mkdocs-material to v8.1.3 (#1922) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-19 15:10:41 +00:00
David Mehren
87a92726a3
Merge pull request #1917 from hedgedoc/renovate/develop-swagger-ui-express-4.x 2021-12-18 13:00:27 +01:00
David Mehren
41f160bace
Merge pull request #1916 from hedgedoc/renovate/develop-linters 2021-12-18 12:59:59 +01:00
Renovate Bot
2a429ed991
fix(deps): update dependency swagger-ui-express to v4.3.0 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2021-12-18 11:11:02 +00:00
Renovate Bot
643ee76b48
chore(deps): update linters 
Signed-off-by: Renovate Bot <bot@renovateapp.com>
 2021-12-18 11:10:45 +00:00
renovate[bot]
5b94ff612e
fix(deps): update dependency passport to v0.5.2 (#1915) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-18 11:09:08 +00:00
renovate[bot]
1eef128ca2
chore(deps): update test packages (#1914) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-18 10:46:31 +00:00
renovate[bot]
fbe330a30a
chore(deps): update nestjs packages (#1913) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-18 10:33:51 +00:00
renovate[bot]
51c823cd41
chore(deps): update dependency typescript to v4.5.4 (#1912) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-18 08:50:08 +00:00
renovate[bot]
d41057efa1
chore(deps): update dependency mkdocs-material to v8.1.2 (#1911) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-18 05:33:39 +00:00
renovate[bot]
124acd5073
chore(deps): update dependency @types/node to v16.11.14 (#1910) 
Signed-off-by: Renovate Bot <bot@renovateapp.com>

Co-authored-by: Renovate Bot <bot@renovateapp.com>
 2021-12-18 03:48:12 +00:00
David Mehren
9de7f5ea21
Merge pull request #1882 from hedgedoc/fix/auth_token_hash 2021-12-14 19:41:36 +01:00
David Mehren
1957a39356
docs: explain the choice of sha-512 for auth tokens 
Signed-off-by: David Mehren <git@herrmehren.de>
 2021-12-14 19:37:15 +01:00
David Mehren
3e074d1879
fix(auth): use sha-512 for auth tokens 
Bcrypt hashes are too slow to be validated on every request.
As our tokens are random and have a fixed length, it is reasonable
to use SHA-512 instead.

SHA-512 is recommended as cryptographically strong by the BSI:
https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TG02102/BSI-TR-02102-1.pdf?__blob=publicationFile

Fixes https://github.com/hedgedoc/hedgedoc/issues/1881

Signed-off-by: David Mehren <git@herrmehren.de>
 2021-12-13 22:44:38 +01:00
David Mehren
e21b5e695d
refactor(identity): lazy-load relations 
Signed-off-by: David Mehren <git@herrmehren.de>
 2021-12-13 21:45:03 +01:00
David Mehren
977ed4b9fa
refactor(user): lazy-load relations 
Signed-off-by: David Mehren <git@herrmehren.de>
 2021-12-13 21:45:03 +01:00
David Mehren
4483d2b898
refactor(session): lazy-load relations 
Signed-off-by: David Mehren <git@herrmehren.de>
 2021-12-13 21:45:03 +01:00