Erik Michelson
2225057ebe
misc(apidocs): move URL route of API docs
...
This makes the Swagger UI route more consistent to the real API routes.
Especially, the "private" prefix of the private API docs was irritating.
Additionally, this commit adds a rule to the Caddyfile for proxying the API docs to the backend.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-15 18:20:25 +01:00
Erik Michelson
d52fc55ef3
feat(apidocs): use real version number
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-15 18:20:25 +01:00
Philip Molares
8ee2d809c7
test(backend): add regression test for issue #3135
...
When a PasswordTooWeakError is encountered the newly created user should be removed again. This should prevent registration error from "burning" usernames for further use.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:15:28 +01:00
Philip Molares
47d1765b12
refactor(backend): don't create local user if password is too weak
...
This prevents the previous problem that the backend created a user that was then not correctly removed again
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:15:28 +01:00
Philip Molares
45e70434c4
refactor(frontend): error handling in the auth/local api route
...
This now uses the new error code for a disabled registration (403) and also handles error where the password is too weak (400).
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
Philip Molares
0ec9edc07d
test(backend): change registration disabled error code
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
Philip Molares
c39a9430a2
feat(backend): add RegistrationDisabledError
...
This error is thrown by RegistrationEnabledGuard instead of directly throwing an http error.
The new RegistrationDisabledError is mapped to the Forbidden HTTP code 403, since this better represents the actual error.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
renovate[bot]
50e3452574
chore(deps): update actions/cache action to v3.2.3
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:55:58 +01:00
renovate[bot]
9a1e33fdc4
chore(deps): update dependency eslint-config-next to v13.1.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 20:54:26 +00:00
renovate[bot]
e3edae8d64
chore(deps): update node.js to ab3603c
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:20:17 +01:00
renovate[bot]
aa3d666fa8
chore(deps): update actions/upload-artifact digest to 65d8626
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:19:49 +01:00
renovate[bot]
74cdbadd96
chore(deps): update actions/download-artifact digest to e9ef242
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:18:09 +01:00
Erik Michelson
69d625188c
fix(tests): syntax for loop in console-logger service
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-09 20:09:56 +01:00
Erik Michelson
f16b3c0fe6
fix(redux): avoid state mutation in history redux
...
When updating the data of a note in the redux, the old state element gets manipulated and will be dispatched again into the state.
Redux is not optimized for external state-mutations and has some weird side-effects in that case and sometimes throws an error.
This commit fixes the problem by using a clone of the entry.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-09 19:52:21 +01:00
renovate[bot]
84ee805c56
chore(deps): update actions/checkout action to v3.3.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 14:18:41 +01:00
renovate[bot]
7428da7a6c
chore(deps): update ossf/scorecard-action action to v2.1.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 14:18:04 +01:00
Erik Michelson
8588cbbf21
misc(ci): pin dependencies of GitHub actions
...
This is recommended by the OpenSSF scorecard tool
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-09 12:47:00 +01:00
renovate[bot]
4d4c2e90df
chore(deps): update github/codeql-action action to v2.1.37
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 09:27:42 +00:00
renovate[bot]
9b95318d96
chore(deps): lock file maintenance
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 06:59:13 +00:00
renovate[bot]
15b0f084a6
chore(deps): update actions/upload-artifact action to v3.1.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 04:06:18 +00:00
Philip Molares
29fd1f39ea
fix(frontend): import type from the correct file
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-08 22:41:41 +01:00
Sheogorath
7bb6570c2b
ci: Add OpenSSF scorecard setup
...
This patch enables a new github action that runs on each commit and
updates the HedgeDoc OpenSSF scorecard score, which is a combination of
various project best practices that are actively worked on. This should
help to stay on top of current best practices and provide transparency
for users of HedgeDoc.
References:
https://github.com/ossf/scorecard
https://securityscorecards.dev/
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2023-01-08 22:08:45 +01:00
renovate[bot]
8ea17fe454
fix(deps): update dependency i18next to v22.4.9
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-08 20:08:23 +01:00
renovate[bot]
51090d19c1
chore(deps): update dependency mkdocs-material to v9
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-08 16:27:49 +01:00
Tamotsu Takahashi
396050c6cf
Set the session cookie after registering
...
Fix https://github.com/hedgedoc/react-client/issues/2524
Signed-off-by: Tamotsu Takahashi <ttakah+github@gmail.com>
2023-01-08 14:31:34 +01:00
Tilman Vatteroth
35f7274b7f
fix: reformat frontend code
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-01-07 23:50:17 +01:00
renovate[bot]
1c73c89d45
fix(deps): update dependency ws to v8.12.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 23:50:17 +01:00
renovate[bot]
cd875b6402
chore(deps): update dependency prettier to v2.8.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:57:48 +01:00
renovate[bot]
021ec535dd
chore(deps): update typescript-eslint monorepo to v5.48.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:45:24 +01:00
renovate[bot]
6692356eb1
chore(deps): update dependency cypress to v12.3.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:45:00 +01:00
renovate[bot]
8a77f24e52
fix(deps): update i18next
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:44:33 +01:00
renovate[bot]
1f9492cce2
fix(deps): update dependency luxon to v3.2.1
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:44:22 +01:00
renovate[bot]
f8fea8e5e1
fix(deps): update dependency dompurify to v2.4.3
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 20:56:42 +00:00
renovate[bot]
960ea6eb19
chore(deps): update dependency @types/passport-local to v1.0.35
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 18:51:27 +00:00
renovate[bot]
6149bc9373
chore(deps): update dependency tsconfig-paths to v4.1.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 15:50:56 +00:00
renovate[bot]
43c3d04f46
chore(deps): update dependency eslint-plugin-jest to v27.2.1
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 12:32:08 +00:00
renovate[bot]
af5c60729a
chore(deps): update dependency @codemirror/view to v6.7.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 09:58:09 +00:00
renovate[bot]
ad4495c87a
chore(deps): update node.js to b3f383c
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 07:33:19 +00:00
renovate[bot]
ae17ba2aef
chore(deps): update node.js to 88e1842
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 04:09:42 +00:00
renovate[bot]
387c7df12a
chore(deps): lock file maintenance
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-06 12:35:27 +01:00
renovate[bot]
47ba755db0
chore(deps): update linters
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-06 11:53:24 +01:00
renovate[bot]
151c1e5b38
chore(deps): update dependency @types/luxon to v3.2.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-06 11:50:57 +01:00
renovate[bot]
ea535d6be0
fix(deps): update dependency yjs to v13.5.44
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-01 20:16:54 +00:00
renovate[bot]
45799627ad
chore(deps): update dependency eslint to v8.31.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-12-31 11:02:30 +01:00
renovate[bot]
6dccd3a235
chore(deps): update dependency @types/jest to v29.2.5
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-12-31 05:15:29 +00:00
renovate[bot]
98eec1e0c9
chore(deps): update dependency @nestjs/cli to v9.1.8
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-12-31 02:49:13 +00:00
David Mehren
dc1d5b5192
fix(caddy-config) Proxy /uploads to backend
...
Signed-off-by: David Mehren <git@herrmehren.de>
2022-12-30 11:02:56 +01:00
David Mehren
be7983b9be
fix(media-api): don't send Content-Type header
...
Apparently, multer gets confused by a content-type header: https://stackoverflow.com/questions/49692745/express-using-multer-error-multipart-boundary-not-found-request-sent-by-pos
Signed-off-by: David Mehren <git@herrmehren.de>
2022-12-30 11:02:56 +01:00
David Mehren
b311265762
fix(media-controller): throw if no file was uploaded
...
Signed-off-by: David Mehren <git@herrmehren.de>
2022-12-30 11:02:56 +01:00
renovate[bot]
9d8d5e8d55
chore(deps): update dependency @types/ws to v8.5.4
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-12-30 11:01:28 +01:00