Commit graph

4307 commits

Author SHA1 Message Date
Erik Michelson
2225057ebe misc(apidocs): move URL route of API docs
This makes the Swagger UI route more consistent to the real API routes.
Especially, the "private" prefix of the private API docs was irritating.
Additionally, this commit adds a rule to the Caddyfile for proxying the API docs to the backend.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-15 18:20:25 +01:00
Erik Michelson
d52fc55ef3 feat(apidocs): use real version number
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-15 18:20:25 +01:00
Philip Molares
8ee2d809c7 test(backend): add regression test for issue #3135
When a PasswordTooWeakError is encountered the newly created user should be removed again. This should prevent registration error from "burning" usernames for further use.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:15:28 +01:00
Philip Molares
47d1765b12 refactor(backend): don't create local user if password is too weak
This prevents the previous problem that the backend created a user that was then not correctly removed again

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:15:28 +01:00
Philip Molares
45e70434c4 refactor(frontend): error handling in the auth/local api route
This now uses the new error code for a disabled registration (403) and also handles error where the password is too weak (400).

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
Philip Molares
0ec9edc07d test(backend): change registration disabled error code
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
Philip Molares
c39a9430a2 feat(backend): add RegistrationDisabledError
This error is thrown by RegistrationEnabledGuard instead of directly throwing an http error.
The new RegistrationDisabledError is mapped to the Forbidden HTTP code 403, since this better represents the actual error.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-15 18:14:01 +01:00
renovate[bot]
50e3452574 chore(deps): update actions/cache action to v3.2.3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:55:58 +01:00
renovate[bot]
9a1e33fdc4 chore(deps): update dependency eslint-config-next to v13.1.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 20:54:26 +00:00
renovate[bot]
e3edae8d64 chore(deps): update node.js to ab3603c
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:20:17 +01:00
renovate[bot]
aa3d666fa8 chore(deps): update actions/upload-artifact digest to 65d8626
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:19:49 +01:00
renovate[bot]
74cdbadd96 chore(deps): update actions/download-artifact digest to e9ef242
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-14 21:18:09 +01:00
Erik Michelson
69d625188c fix(tests): syntax for loop in console-logger service
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-09 20:09:56 +01:00
Erik Michelson
f16b3c0fe6 fix(redux): avoid state mutation in history redux
When updating the data of a note in the redux, the old state element gets manipulated and will be dispatched again into the state.
Redux is not optimized for external state-mutations and has some weird side-effects in that case and sometimes throws an error.
This commit fixes the problem by using a clone of the entry.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-09 19:52:21 +01:00
renovate[bot]
84ee805c56 chore(deps): update actions/checkout action to v3.3.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 14:18:41 +01:00
renovate[bot]
7428da7a6c chore(deps): update ossf/scorecard-action action to v2.1.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 14:18:04 +01:00
Erik Michelson
8588cbbf21 misc(ci): pin dependencies of GitHub actions
This is recommended by the OpenSSF scorecard tool

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2023-01-09 12:47:00 +01:00
renovate[bot]
4d4c2e90df chore(deps): update github/codeql-action action to v2.1.37
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 09:27:42 +00:00
renovate[bot]
9b95318d96 chore(deps): lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 06:59:13 +00:00
renovate[bot]
15b0f084a6 chore(deps): update actions/upload-artifact action to v3.1.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-09 04:06:18 +00:00
Philip Molares
29fd1f39ea fix(frontend): import type from the correct file
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2023-01-08 22:41:41 +01:00
Sheogorath
7bb6570c2b ci: Add OpenSSF scorecard setup
This patch enables a new github action that runs on each commit and
updates the HedgeDoc OpenSSF scorecard score, which is a combination of
various project best practices that are actively worked on. This should
help to stay on top of current best practices and provide transparency
for users of HedgeDoc.

References:
https://github.com/ossf/scorecard
https://securityscorecards.dev/

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2023-01-08 22:08:45 +01:00
renovate[bot]
8ea17fe454 fix(deps): update dependency i18next to v22.4.9
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-08 20:08:23 +01:00
renovate[bot]
51090d19c1 chore(deps): update dependency mkdocs-material to v9
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-08 16:27:49 +01:00
Tamotsu Takahashi
396050c6cf Set the session cookie after registering
Fix https://github.com/hedgedoc/react-client/issues/2524

Signed-off-by: Tamotsu Takahashi <ttakah+github@gmail.com>
2023-01-08 14:31:34 +01:00
Tilman Vatteroth
35f7274b7f fix: reformat frontend code
Signed-off-by: Tilman Vatteroth <git@tilmanvatteroth.de>
2023-01-07 23:50:17 +01:00
renovate[bot]
1c73c89d45 fix(deps): update dependency ws to v8.12.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 23:50:17 +01:00
renovate[bot]
cd875b6402 chore(deps): update dependency prettier to v2.8.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:57:48 +01:00
renovate[bot]
021ec535dd chore(deps): update typescript-eslint monorepo to v5.48.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:45:24 +01:00
renovate[bot]
6692356eb1 chore(deps): update dependency cypress to v12.3.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:45:00 +01:00
renovate[bot]
8a77f24e52 fix(deps): update i18next
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:44:33 +01:00
renovate[bot]
1f9492cce2 fix(deps): update dependency luxon to v3.2.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 22:44:22 +01:00
renovate[bot]
f8fea8e5e1 fix(deps): update dependency dompurify to v2.4.3
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 20:56:42 +00:00
renovate[bot]
960ea6eb19 chore(deps): update dependency @types/passport-local to v1.0.35
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 18:51:27 +00:00
renovate[bot]
6149bc9373 chore(deps): update dependency tsconfig-paths to v4.1.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 15:50:56 +00:00
renovate[bot]
43c3d04f46 chore(deps): update dependency eslint-plugin-jest to v27.2.1
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 12:32:08 +00:00
renovate[bot]
af5c60729a chore(deps): update dependency @codemirror/view to v6.7.2
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 09:58:09 +00:00
renovate[bot]
ad4495c87a chore(deps): update node.js to b3f383c
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 07:33:19 +00:00
renovate[bot]
ae17ba2aef chore(deps): update node.js to 88e1842
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-07 04:09:42 +00:00
renovate[bot]
387c7df12a chore(deps): lock file maintenance
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-06 12:35:27 +01:00
renovate[bot]
47ba755db0 chore(deps): update linters
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-06 11:53:24 +01:00
renovate[bot]
151c1e5b38 chore(deps): update dependency @types/luxon to v3.2.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-06 11:50:57 +01:00
renovate[bot]
ea535d6be0 fix(deps): update dependency yjs to v13.5.44
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2023-01-01 20:16:54 +00:00
renovate[bot]
45799627ad chore(deps): update dependency eslint to v8.31.0
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-12-31 11:02:30 +01:00
renovate[bot]
6dccd3a235 chore(deps): update dependency @types/jest to v29.2.5
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-12-31 05:15:29 +00:00
renovate[bot]
98eec1e0c9 chore(deps): update dependency @nestjs/cli to v9.1.8
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-12-31 02:49:13 +00:00
David Mehren
dc1d5b5192 fix(caddy-config) Proxy /uploads to backend
Signed-off-by: David Mehren <git@herrmehren.de>
2022-12-30 11:02:56 +01:00
David Mehren
be7983b9be fix(media-api): don't send Content-Type header
Apparently, multer gets confused by a content-type header: https://stackoverflow.com/questions/49692745/express-using-multer-error-multipart-boundary-not-found-request-sent-by-pos

Signed-off-by: David Mehren <git@herrmehren.de>
2022-12-30 11:02:56 +01:00
David Mehren
b311265762 fix(media-controller): throw if no file was uploaded
Signed-off-by: David Mehren <git@herrmehren.de>
2022-12-30 11:02:56 +01:00
renovate[bot]
9d8d5e8d55 chore(deps): update dependency @types/ws to v8.5.4
Signed-off-by: Renovate Bot <bot@renovateapp.com>
2022-12-30 11:01:28 +01:00