Jens L
8eb73d3a16
security: fix CVE 2022 46172 ( #4275 )
...
* fallback to current user in user_write, add flag to disable user creation
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update api and web ui
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* update default flows
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add cve post to website
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* add tests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-23 14:18:09 +01:00
Jens Langhammer
83f46f6ff1
release: 2022.10.3
2022-12-02 23:01:17 +02:00
Jens Langhammer
0e7cc6da4c
web: bump API version
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-02 22:51:09 +02:00
Jens Langhammer
a262171671
release: 2022.10.2
2022-12-01 10:40:58 +02:00
Jens Langhammer
87b8ca7be4
*: backport CVE-2022-46145 fix
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-12-01 10:40:51 +02:00
Jens Langhammer
f3a72761c0
release: 2022.10.1
2022-10-29 17:24:55 +02:00
dependabot[bot]
8a50279142
web: bump @sentry/browser from 7.16.0 to 7.17.2 in /web ( #3897 )
2022-10-28 15:03:40 +02:00
dependabot[bot]
f1e1911788
web: bump @babel/plugin-proposal-decorators from 7.19.6 to 7.20.0 in /web ( #3893 )
2022-10-28 14:53:22 +02:00
dependabot[bot]
0b712d22a8
web: bump @sentry/tracing from 7.16.0 to 7.17.1 in /web ( #3894 )
2022-10-28 14:53:05 +02:00
dependabot[bot]
4e2ba8c916
web: bump pyright from 1.1.276 to 1.1.277 in /web ( #3881 )
2022-10-26 08:46:23 +02:00
dependabot[bot]
98666cc5e9
web: bump @codemirror/lang-python from 6.0.3 to 6.0.4 in /web ( #3867 )
...
Bumps [@codemirror/lang-python](https://github.com/codemirror/lang-python ) from 6.0.3 to 6.0.4.
- [Release notes](https://github.com/codemirror/lang-python/releases )
- [Changelog](https://github.com/codemirror/lang-python/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/lang-python/compare/6.0.3...6.0.4 )
---
updated-dependencies:
- dependency-name: "@codemirror/lang-python"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-25 10:02:30 +02:00
dependabot[bot]
dbaad90c3e
web: bump @typescript-eslint/eslint-plugin from 5.40.1 to 5.41.0 in /web ( #3866 )
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 5.40.1 to 5.41.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.41.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-25 10:00:50 +02:00
dependabot[bot]
63b5656cca
web: bump @codemirror/lang-javascript from 6.1.0 to 6.1.1 in /web ( #3871 )
...
Bumps [@codemirror/lang-javascript](https://github.com/codemirror/lang-javascript ) from 6.1.0 to 6.1.1.
- [Release notes](https://github.com/codemirror/lang-javascript/releases )
- [Changelog](https://github.com/codemirror/lang-javascript/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/lang-javascript/compare/6.1.0...6.1.1 )
---
updated-dependencies:
- dependency-name: "@codemirror/lang-javascript"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-25 10:00:37 +02:00
dependabot[bot]
96713a82dd
web: bump @typescript-eslint/parser from 5.40.1 to 5.41.0 in /web ( #3869 )
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 5.40.1 to 5.41.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.41.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-25 09:59:35 +02:00
dependabot[bot]
2b20b89c80
web: bump @codemirror/legacy-modes from 6.1.0 to 6.2.0 in /web ( #3870 )
...
Bumps [@codemirror/legacy-modes](https://github.com/codemirror/legacy-modes ) from 6.1.0 to 6.2.0.
- [Release notes](https://github.com/codemirror/legacy-modes/releases )
- [Changelog](https://github.com/codemirror/legacy-modes/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/legacy-modes/compare/6.1.0...6.2.0 )
---
updated-dependencies:
- dependency-name: "@codemirror/legacy-modes"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-25 09:59:13 +02:00
dependabot[bot]
cbb24dfddd
web: bump @codemirror/lang-html from 6.1.2 to 6.1.3 in /web ( #3868 )
...
Bumps [@codemirror/lang-html](https://github.com/codemirror/lang-html ) from 6.1.2 to 6.1.3.
- [Release notes](https://github.com/codemirror/lang-html/releases )
- [Changelog](https://github.com/codemirror/lang-html/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/lang-html/compare/6.1.2...6.1.3 )
---
updated-dependencies:
- dependency-name: "@codemirror/lang-html"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-25 09:59:03 +02:00
dependabot[bot]
056ff5ff59
web: bump @codemirror/lang-xml from 6.0.0 to 6.0.1 in /web ( #3865 )
2022-10-25 09:35:29 +02:00
Jens Langhammer
3da7fcfc1d
web/common: disable API Drawer by default in user interface
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-24 22:08:47 +02:00
dependabot[bot]
c7ea4b5a7f
web: bump @rollup/plugin-node-resolve from 15.0.0 to 15.0.1 in /web ( #3855 )
2022-10-24 10:05:18 +02:00
dependabot[bot]
c2933f0681
web: bump @rollup/plugin-typescript from 9.0.1 to 9.0.2 in /web ( #3854 )
2022-10-24 10:05:10 +02:00
dependabot[bot]
27636cc49f
web: bump @rollup/plugin-commonjs from 23.0.1 to 23.0.2 in /web ( #3856 )
2022-10-24 09:56:55 +02:00
dependabot[bot]
42196f554e
web: bump @rollup/plugin-replace from 5.0.0 to 5.0.1 in /web ( #3853 )
2022-10-24 09:56:24 +02:00
dependabot[bot]
ad5fc139eb
web: bump eslint from 8.25.0 to 8.26.0 in /web ( #3857 )
2022-10-24 09:54:43 +02:00
dependabot[bot]
93984b35b3
web: bump @rollup/plugin-babel from 6.0.0 to 6.0.2 in /web ( #3858 )
2022-10-24 09:53:36 +02:00
github-actions[bot]
e67464b8a0
web: bump API Client version ( #3846 )
...
Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-10-21 22:35:21 +02:00
Jens Langhammer
89dc46a7ff
release: 2022.10.0
2022-10-21 19:42:38 +02:00
dependabot[bot]
b4a8a5cd32
web: bump @babel/plugin-transform-runtime from 7.19.1 to 7.19.6 in /web ( #3837 )
2022-10-21 09:09:27 +02:00
dependabot[bot]
81a05e901c
web: bump @babel/core from 7.19.3 to 7.19.6 in /web ( #3834 )
2022-10-21 09:08:48 +02:00
dependabot[bot]
f5ef92ca6f
web: bump @webcomponents/webcomponentsjs from 2.6.0 to 2.7.0 in /web ( #3835 )
2022-10-21 09:07:32 +02:00
dependabot[bot]
b479fa7d78
web: bump @rollup/plugin-commonjs from 23.0.0 to 23.0.1 in /web ( #3836 )
2022-10-21 09:07:25 +02:00
dependabot[bot]
70372834ef
web: bump @trivago/prettier-plugin-sort-imports from 3.3.1 to 3.4.0 in /web ( #3838 )
2022-10-21 09:07:12 +02:00
dependabot[bot]
b1f9b0b215
web: bump @babel/plugin-proposal-decorators from 7.19.3 to 7.19.6 in /web ( #3839 )
2022-10-21 09:06:59 +02:00
Jens Langhammer
f1b143606e
web/admin: fix scrolling in remaning modals
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-20 10:20:32 +02:00
dependabot[bot]
d191c2ed7d
web: bump @sentry/browser from 7.15.0 to 7.16.0 in /web ( #3825 )
...
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript ) from 7.15.0 to 7.16.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.15.0...7.16.0 )
---
updated-dependencies:
- dependency-name: "@sentry/browser"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-20 10:14:09 +02:00
dependabot[bot]
5dde3b8096
web: bump @codemirror/lang-python from 6.0.2 to 6.0.3 in /web ( #3826 )
...
Bumps [@codemirror/lang-python](https://github.com/codemirror/lang-python ) from 6.0.2 to 6.0.3.
- [Release notes](https://github.com/codemirror/lang-python/releases )
- [Changelog](https://github.com/codemirror/lang-python/blob/main/CHANGELOG.md )
- [Commits](https://github.com/codemirror/lang-python/compare/6.0.2...6.0.3 )
---
updated-dependencies:
- dependency-name: "@codemirror/lang-python"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-20 10:04:36 +02:00
dependabot[bot]
6677196baf
web: bump @sentry/tracing from 7.15.0 to 7.16.0 in /web ( #3824 )
...
Bumps [@sentry/tracing](https://github.com/getsentry/sentry-javascript ) from 7.15.0 to 7.16.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/master/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.15.0...7.16.0 )
---
updated-dependencies:
- dependency-name: "@sentry/tracing"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-20 10:04:21 +02:00
github-actions[bot]
2a7639cb01
web: bump API Client version ( #3830 )
...
Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-10-20 10:03:41 +02:00
Jens Langhammer
0b6dd49f36
web/admin: show oauth2 docs on oauth2 provider view page
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-19 10:11:15 +02:00
dependabot[bot]
fac3d8b8c9
web: bump pyright from 1.1.275 to 1.1.276 in /web ( #3815 )
2022-10-19 09:31:32 +02:00
github-actions[bot]
8385dd77cc
web: bump API Client version ( #3812 )
...
Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-10-19 00:10:55 +02:00
Jens L
b06a3a8f9f
admin: add authorisations metric ( #3811 )
...
add authorizations metric
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-19 00:06:45 +02:00
Jens Langhammer
a8bca5edd0
web: fix linting
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-18 22:29:28 +02:00
github-actions[bot]
ea12715e01
web: bump API Client version ( #3809 )
...
Signed-off-by: GitHub <noreply@github.com>
Signed-off-by: GitHub <noreply@github.com>
Co-authored-by: BeryJu <BeryJu@users.noreply.github.com>
2022-10-18 22:07:43 +02:00
Jens L
0efee2a660
flows: improved import ( #3807 )
...
* return logs when importing flow
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
* improve error handling, show logs
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-18 22:01:42 +02:00
dependabot[bot]
e9eede5a80
web: bump @typescript-eslint/parser from 5.40.0 to 5.40.1 in /web ( #3805 )
2022-10-18 09:49:08 +02:00
dependabot[bot]
ebfd6e1fe6
web: bump @typescript-eslint/eslint-plugin from 5.40.0 to 5.40.1 in /web ( #3804 )
2022-10-18 09:31:02 +02:00
dependabot[bot]
fa63c06394
web: bump @trivago/prettier-plugin-sort-imports from 3.3.0 to 3.3.1 in /web ( #3795 )
...
web: bump @trivago/prettier-plugin-sort-imports in /web
Bumps [@trivago/prettier-plugin-sort-imports](https://github.com/trivago/prettier-plugin-sort-imports ) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/trivago/prettier-plugin-sort-imports/releases )
- [Changelog](https://github.com/trivago/prettier-plugin-sort-imports/blob/master/CHANGELOG.md )
- [Commits](https://github.com/trivago/prettier-plugin-sort-imports/commits/v3.3.1 )
---
updated-dependencies:
- dependency-name: "@trivago/prettier-plugin-sort-imports"
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-17 10:09:16 +02:00
Jens Langhammer
96a30af0eb
sources/oauth: allow overriding of all scopes
...
closes #3747
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 21:21:43 +02:00
Jens Langhammer
d6a14019c6
web/admin: rework scrolling in modals, ensure overlay covers everything
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 16:02:51 +02:00
Jens Langhammer
b515126061
web: use drawSelection to workaround cursor bug when using CodeMirror with ShadowDOM in firefox
...
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2022-10-16 13:55:53 +02:00