renovate[bot]
b1c1f320ea
chore(deps): update github/codeql-action action to v2.1.39
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-21 23:05:26 +01:00
renovate[bot]
6b3da367be
chore(deps): update dependency mkdocs-material to v9.0.6
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-21 21:07:38 +00:00
Philip Molares
a36d2d2db6
fix: typo in SECURITY.md
...
Also moved all links to the bottom for easier changing of urls
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-21 13:06:27 +01:00
renovate[bot]
cb946e0a3a
chore(deps): update dependency @types/jest to v29.2.6
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-21 11:31:12 +01:00
renovate[bot]
faa8da8204
chore(deps): update nextjs monorepo to v13.1.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-17 22:47:12 +01:00
renovate[bot]
9356651684
chore(deps): update dependency ts-jest to v29.0.5
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-17 19:30:31 +01:00
renovate[bot]
3915a05e24
chore(deps): update typescript-eslint monorepo to v5.48.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-17 19:29:22 +01:00
renovate[bot]
cb1058c915
fix(deps): update dependency node-fetch to v2.6.8
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-17 18:35:46 +01:00
renovate[bot]
aa59f57856
chore(deps): update dependency @codemirror/language to v6.4.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-17 18:35:22 +01:00
renovate[bot]
90a1d45f82
chore(deps): update github/codeql-action action to v2.1.38
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-16 16:00:07 +00:00
renovate[bot]
cf9131c06e
chore(deps): update dependency prettier to v2.8.3
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-16 11:54:32 +00:00
renovate[bot]
e39cf83377
chore(deps): update codemirror
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-16 07:05:57 +00:00
renovate[bot]
200d4ccab1
chore(deps): update node.js to fda9816
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-16 03:24:49 +00:00
Philip Molares
16b1065a51
feat(frontend): add fork awesome linter
...
This linter will tell users that their fork awesome icon is deprecated and will stop working in the future and that they should replace it with a new bootstrap icon.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-16 00:05:33 +01:00
Philip Molares
e2c4e2eccf
feat(frontend): add fork awesome linter
...
This linter will tell users that their fork awesome icon is deprecated and will stop working in the future and that they should replace it with a new bootstrap icon.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-16 00:05:33 +01:00
Philip Molares
eacd81cb9c
fix(frontend): verify that callback could be run in create-non-existing-note-hint.test.tsx
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 22:38:45 +01:00
Philip Molares
5f238e9651
docs(frontend): expand CreateNonExistingNoteHint docs
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 22:38:45 +01:00
renovate[bot]
13316d3e1a
chore(deps): update dependency pymdown-extensions to v9.9.1
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-15 19:00:31 +01:00
renovate[bot]
788d7377a2
chore(deps): update dependency mkdocs-material to v9.0.5
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-15 18:37:20 +01:00
Erik Michelson
2225057ebe
misc(apidocs): move URL route of API docs
...
This makes the Swagger UI route more consistent to the real API routes.
Especially, the "private" prefix of the private API docs was irritating.
Additionally, this commit adds a rule to the Caddyfile for proxying the API docs to the backend.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-15 18:20:25 +01:00
Erik Michelson
d52fc55ef3
feat(apidocs): use real version number
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-15 18:20:25 +01:00
Philip Molares
8ee2d809c7
test(backend): add regression test for issue #3135
...
When a PasswordTooWeakError is encountered the newly created user should be removed again. This should prevent registration error from "burning" usernames for further use.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:15:28 +01:00
Philip Molares
47d1765b12
refactor(backend): don't create local user if password is too weak
...
This prevents the previous problem that the backend created a user that was then not correctly removed again
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:15:28 +01:00
Philip Molares
45e70434c4
refactor(frontend): error handling in the auth/local api route
...
This now uses the new error code for a disabled registration (403) and also handles error where the password is too weak (400).
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
Philip Molares
0ec9edc07d
test(backend): change registration disabled error code
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
Philip Molares
c39a9430a2
feat(backend): add RegistrationDisabledError
...
This error is thrown by RegistrationEnabledGuard instead of directly throwing an http error.
The new RegistrationDisabledError is mapped to the Forbidden HTTP code 403, since this better represents the actual error.
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
renovate[bot]
50e3452574
chore(deps): update actions/cache action to v3.2.3
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:55:58 +01:00
renovate[bot]
9a1e33fdc4
chore(deps): update dependency eslint-config-next to v13.1.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 20:54:26 +00:00
renovate[bot]
e3edae8d64
chore(deps): update node.js to ab3603c
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:20:17 +01:00
renovate[bot]
aa3d666fa8
chore(deps): update actions/upload-artifact digest to 65d8626
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:19:49 +01:00
renovate[bot]
74cdbadd96
chore(deps): update actions/download-artifact digest to e9ef242
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:18:09 +01:00
Erik Michelson
69d625188c
fix(tests): syntax for loop in console-logger service
...
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-09 20:09:56 +01:00
Erik Michelson
f16b3c0fe6
fix(redux): avoid state mutation in history redux
...
When updating the data of a note in the redux, the old state element gets manipulated and will be dispatched again into the state.
Redux is not optimized for external state-mutations and has some weird side-effects in that case and sometimes throws an error.
This commit fixes the problem by using a clone of the entry.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-09 19:52:21 +01:00
renovate[bot]
84ee805c56
chore(deps): update actions/checkout action to v3.3.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 14:18:41 +01:00
renovate[bot]
7428da7a6c
chore(deps): update ossf/scorecard-action action to v2.1.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 14:18:04 +01:00
Erik Michelson
8588cbbf21
misc(ci): pin dependencies of GitHub actions
...
This is recommended by the OpenSSF scorecard tool
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-09 12:47:00 +01:00
renovate[bot]
4d4c2e90df
chore(deps): update github/codeql-action action to v2.1.37
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 09:27:42 +00:00
renovate[bot]
9b95318d96
chore(deps): lock file maintenance
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 06:59:13 +00:00
renovate[bot]
15b0f084a6
chore(deps): update actions/upload-artifact action to v3.1.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 04:06:18 +00:00
Philip Molares
29fd1f39ea
fix(frontend): import type from the correct file
...
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-08 22:41:41 +01:00
Sheogorath
7bb6570c2b
ci: Add OpenSSF scorecard setup
...
This patch enables a new github action that runs on each commit and
updates the HedgeDoc OpenSSF scorecard score, which is a combination of
various project best practices that are actively worked on. This should
help to stay on top of current best practices and provide transparency
for users of HedgeDoc.
References:
https://github.com/ossf/scorecard
https://securityscorecards.dev/
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2023-01-08 22:08:45 +01:00
renovate[bot]
8ea17fe454
fix(deps): update dependency i18next to v22.4.9
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-08 20:08:23 +01:00
renovate[bot]
51090d19c1
chore(deps): update dependency mkdocs-material to v9
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-08 16:27:49 +01:00
Tamotsu Takahashi
396050c6cf
Set the session cookie after registering
...
Fix https://github.com/hedgedoc/react-client/issues/2524
Signed-off-by: Tamotsu Takahashi <ttakah+github@gmail.com>
2023-01-08 14:31:34 +01:00
Tilman Vatteroth
35f7274b7f
fix: reformat frontend code
...
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-01-07 23:50:17 +01:00
renovate[bot]
1c73c89d45
fix(deps): update dependency ws to v8.12.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 23:50:17 +01:00
renovate[bot]
cd875b6402
chore(deps): update dependency prettier to v2.8.2
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:57:48 +01:00
renovate[bot]
021ec535dd
chore(deps): update typescript-eslint monorepo to v5.48.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:45:24 +01:00
renovate[bot]
6692356eb1
chore(deps): update dependency cypress to v12.3.0
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:45:00 +01:00
renovate[bot]
8a77f24e52
fix(deps): update i18next
...
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:44:33 +01:00