Commit Graph

1323 Commits (93f8c1d06dacc3c79b6a577ce5230bf21653f101)

Author SHA1 Message Date
Valentin Höbel a20faec1fb
[BUGFIX] Fix indenting on lite compose bundle (#851)
docker-compose up -d no longer complains about the public service because of wrong indentation
2020-04-11 00:12:21 +10:00
James Elliott bb1158b91e
[DOCS] Fix Password Hashing Example Spacing (#847) 2020-04-10 10:08:42 +10:00
dependabot-preview[bot] 91d2b75b64
[MISC] (deps): Bump @types/react from 16.9.33 to 16.9.34 in /web (#844)
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 16.9.33 to 16.9.34.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-09 22:49:42 +02:00
Amir Zarrinkafsh 3de1827b21
[Buildkite] Control clean builds with agent metadata (#840)
This is to optimise build times at the sacrifice of disk space/clean up tasks.
2020-04-09 14:46:04 +10:00
Amir Zarrinkafsh 49ac65eb41
[RELEASE] v4.13.0 (#839) 2020-04-09 11:50:34 +10:00
Amir Zarrinkafsh de2c5836fd
[Buildkite] Introduce CI linting with golangci-lint and reviewdog (#832)
* [Buildkite] Introduce CI linting with golangci-lint and reviewdog

* Initial pass of golangci-lint

* Add gosimple (megacheck) recommendations

* Add golint recommendations

* [BUGFIX] Migrate authentication traces from v3 mongodb

* Add deadcode recommendations

* [BUGFIX] Fix ShortTimeouts suite when run in dev workflow

* Add unused recommendations

* Add unparam recommendations

* Disable linting on unfixable errors instead of skipping files

* Adjust nolint notation for unparam

* Fix ineffectual assignment to err raised by linter.

* Export environment variable in agent hook

* Add ineffassign recommendations

* Add staticcheck recommendations

* Add gocyclo recommendations

* Adjust ineffassign recommendations

Co-authored-by: Clement Michaud <clement.michaud34@gmail.com>
2020-04-09 11:05:17 +10:00
James Elliott 2fed503e5e
[FEATURE] Customizable Email Subject (#830)
* [FEATURE] Customizable Email Subject

* allow users to optionally change email subject
* this is so they can more easily communicate the source of the email

* Update docs/configuration/notifier/smtp.md

Co-Authored-By: Amir Zarrinkafsh <nightah@me.com>

Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-04-09 10:21:28 +10:00
jess aae665eff2
[MISC] Activating Open Collective (#601)
* Added financial contributors to the README

* Update README.md

* Update README.md

* Add logos to README.md

* Update README.md

Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-04-09 00:10:33 +02:00
dependabot-preview[bot] 410c1a3530
[MISC] (deps): Bump @types/react from 16.9.32 to 16.9.33 in /web (#838)
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 16.9.32 to 16.9.33.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-08 23:43:56 +02:00
dependabot-preview[bot] f05bce66f0
[MISC] (deps): Bump go.mongodb.org/mongo-driver from 1.3.1 to 1.3.2 (#836)
Bumps [go.mongodb.org/mongo-driver](https://github.com/mongodb/mongo-go-driver) from 1.3.1 to 1.3.2.
- [Release notes](https://github.com/mongodb/mongo-go-driver/releases)
- [Commits](https://github.com/mongodb/mongo-go-driver/compare/v1.3.1...v1.3.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-04-08 22:56:01 +02:00
dependabot-preview[bot] f7c5611c47
[MISC] (deps): Bump @types/node from 13.11.0 to 13.11.1 in /web (#837)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.11.0 to 13.11.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-08 22:29:23 +02:00
Amir Zarrinkafsh 13712d0f36
[Buildkite] Fine-grained control of build steps for agent allocation (#835) 2020-04-08 11:31:33 +10:00
Amir Zarrinkafsh bb07f432ab
[BUGFIX] Fix indenting on local compose bundle (#833) 2020-04-07 19:32:18 +10:00
dependabot-preview[bot] a1f9a4ecd7
[MISC] (deps): Bump query-string from 6.11.1 to 6.12.0 in /web (#831)
Bumps [query-string](https://github.com/sindresorhus/query-string) from 6.11.1 to 6.12.0.
- [Release notes](https://github.com/sindresorhus/query-string/releases)
- [Commits](https://github.com/sindresorhus/query-string/compare/v6.11.1...v6.12.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-06 22:32:13 +10:00
Amir Zarrinkafsh b692aa73d3
[MISC] Fix dev workflow for Standalone suite (#811)
Since the TLS change was implemented, the Standalone suite attempts to reach authelia-frontend:3001. This only works for the dist/CI based workflow as nginx is run in place of node and the respective ports are exposed.
This change will attempt authelia-frontend:3001 initially for the Standalone suite but given the server is unreachable in the dev workflow, it will mark authelia-frontend:3001 as unavailable for 180s and route all requests to authelia-frontend:3000 instead.
2020-04-06 10:15:05 +10:00
James Elliott 670eeb2879
[RELEASE] v4.12.0 (#828) 2020-04-05 22:53:26 +10:00
James Elliott 8aade7f40e
[MISC] Update durations to notation format and housekeeping (#824)
* added regulation validator
* made regulations find_time and ban_time values duration notation strings
* added DefaultRegulationConfiguration for the validator
* made session expiration and inactivity values duration notation strings
* TOTP period does not need to be converted because adjustment should be discouraged
* moved TOTP defaults to DefaultTOTPConfiguration and removed the consts
* arranged the root config validator in configuration file order
* adjusted tests for the changes
* moved duration notation docs to root of configuration
* added references to duration notation where applicable
* project wide gofmt and goimports:
* run gofmt
* run goimports -local github.com/authelia/authelia -w on all files
* Make jwt_secret error uniform and add tests
* now at 100% coverage for internal/configuration/validator/configuration.go
2020-04-05 22:37:21 +10:00
James Elliott 9800421b88
[FEATURE] Disable Reset Password (#823)
* [FEATURE] Disable Reset Password
* add configuration key to authentication_backend called disable_reset_password
* disable_reset_password prevents the API handler for the functionality and the UI element
* disable_reset_password is a boolean
* adjust RememberMeEnabled to be RememberMe instead as it's just unnecessary
* add docs for security measures and in the authentication docs
* updated config.template.yml
* add flexEnd style to align reset password when remember me disabled
* add todo items for ldap user/password validation relating to this
2020-04-05 09:28:09 +10:00
dependabot-preview[bot] a6308d72c3
[MISC] (deps): Bump @material-ui/core from 4.9.8 to 4.9.9 in /web (#825)
Bumps [@material-ui/core](https://github.com/mui-org/material-ui/tree/HEAD/packages/material-ui) from 4.9.8 to 4.9.9.
- [Release notes](https://github.com/mui-org/material-ui/releases)
- [Changelog](https://github.com/mui-org/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui-org/material-ui/commits/v4.9.9/packages/material-ui)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-05 02:37:11 +10:00
James Elliott 626f5d2949
[FEATURE] Remember Me Configuration (#813)
* [FEATURE] Remember Me Configuration
* allow users to specify the duration of remember me using remember_me_duration in session config
* setting the duration to 0 disables remember me
* only render the remember me element if remember me is enabled
* prevent malicious users from faking remember me functionality in the backend
* add string to duration helper called ParseDurationString to parse a string into a duration
* added tests to the helper function
* use the SessionProvider to store the time.Duration instead of parsing it over and over again
* add sec doc, adjust month/min, consistency
* renamed internal/utils/constants.go to internal/utils/const.go to be consistent
* added security measure docs
* adjusted default remember me duration to be 1 month instead of 1 year
* utilize default remember me duration in the autheliaCtx mock
* adjust order of keys in session configuration examples
* add notes on session security measures secret only being redis 
* add TODO items for duration notation for both Expiration and Inactivity (will be removed soon)
* fix error text for Inactivity in the validator 
* add session validator tests
* deref check bodyJSON.KeepMeLoggedIn and derive the value based on conf and user input and store it (DRY)
* remove unnecessary regex for the simplified ParseDurationString utility
* ParseDurationString only accepts decimals without leading zeros now
* comprehensively test all unit types
* remove unnecessary type unions in web
* add test to check sanity of time duration consts, this is just so they can't be accidentally changed
* simplify deref check and assignment
* fix reset password padding/margins
* adjust some doc wording
* adjust the handler configuration suite test
* actually run the handler configuration suite test (whoops)
* reduce the number of regex's used by ParseDurationString to 1, thanks to Clement
* adjust some error wording
2020-04-04 10:11:33 +11:00
dependabot-preview[bot] 4fcaff7c4b
[MISC] (deps): Bump @types/jest from 25.2.0 to 25.2.1 in /web (#821)
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 25.2.0 to 25.2.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-04 00:38:45 +02:00
dependabot-preview[bot] 0e712344c3
[MISC] (deps): Bump @types/jest from 25.1.5 to 25.2.0 in /web (#820)
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 25.1.5 to 25.2.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-03 23:42:27 +02:00
Amir Zarrinkafsh 580152b40b
[FEATURE] Include darwin based binaries for OSX (#814)
Build and publish binary artifacts for Authelia which can be run directly from OSX.
2020-04-03 16:13:24 +11:00
dependabot-preview[bot] ed62d23e3f
[MISC] (deps): Bump @types/jest from 25.1.4 to 25.1.5 in /web (#818)
Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 25.1.4 to 25.1.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-04-03 10:14:09 +11:00
dependabot-preview[bot] 44eb73e62d
[MISC] (deps): Bump @types/react from 16.9.31 to 16.9.32 in /web (#819)
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 16.9.31 to 16.9.32.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-04-02 23:19:04 +02:00
dependabot-preview[bot] 1dafe596e9
[MISC] (deps): Bump @types/node from 13.9.8 to 13.11.0 in /web (#817)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.9.8 to 13.11.0.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-02 21:37:19 +02:00
dependabot-preview[bot] 8405b4fee1
[MISC] (deps): Bump github.com/go-ldap/ldap/v3 from 3.1.7 to 3.1.8 (#812)
Bumps [github.com/go-ldap/ldap/v3](https://github.com/go-ldap/ldap) from 3.1.7 to 3.1.8.
- [Release notes](https://github.com/go-ldap/ldap/releases)
- [Commits](https://github.com/go-ldap/ldap/compare/v3.1.7...v3.1.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 22:06:25 +02:00
Amir Zarrinkafsh a71ca1903d
[RELEASE] v4.11.0 (#810) 2020-04-01 10:53:48 +11:00
Amir Zarrinkafsh d82b46a3ec
[FEATURE] Autofocus on authentication and OTP pages (#806)
* [FEATURE] Autofocus on authentication and OTP pages
This change sets the input focus on the first factor authentication and OTP pages.

The behaviour for the first factor authentication page has also been amended slightly, if an incorrect username or password is provided the password field will be cleared and set as the focus.

One thing to note is that the OTP page does not focus on any re-rendering and this is because the component doesn't handle focusing. This means that the OTP input only is auto-focused when you first visit it, if you enter an incorrect OTP there will be no focus.

Ideally we should be looking for a different library or writing a component for this ourselves in future.

Closes #511.

* Add TODO markers for potential refactor
2020-04-01 10:27:54 +11:00
Amir Zarrinkafsh 6128081e1f
[Buildkite] Adjust CI bypasses (#804) 2020-04-01 09:44:57 +11:00
dependabot-preview[bot] 6652d53b8b
[MISC] (deps): Bump @types/react-dom from 16.9.5 to 16.9.6 in /web (#809)
Bumps [@types/react-dom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react-dom) from 16.9.5 to 16.9.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react-dom)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 09:27:21 +11:00
dependabot-preview[bot] 2aa43d4d25
[MISC] (deps): Bump @types/react from 16.9.30 to 16.9.31 in /web (#808)
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 16.9.30 to 16.9.31.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-04-01 09:10:46 +11:00
Amir Zarrinkafsh 8bcda073ef
[DOCS] Fix users_filter typo in docs (#805)
Co-authored-by: Clément Michaud <clement.michaud34@gmail.com>
2020-03-31 23:12:53 +02:00
dependabot-preview[bot] f1007d2f48
[MISC] (deps): Bump @types/react from 16.9.29 to 16.9.30 in /web (#807)
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 16.9.29 to 16.9.30.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 22:42:41 +02:00
dependabot-preview[bot] 452a34267b
[MISC] (deps): Bump @types/react from 16.9.27 to 16.9.29 in /web (#803)
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 16.9.27 to 16.9.29.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 12:41:22 +11:00
Amir Zarrinkafsh 5fc3b26cf5
[RELEASE] v4.10.0 (#799) 2020-03-31 12:04:22 +11:00
dependabot-preview[bot] 7ec6c42beb
[MISC] (deps): Bump @types/node from 13.9.7 to 13.9.8 in /web (#801)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.9.7 to 13.9.8.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 11:32:52 +11:00
dependabot-preview[bot] 8d98146c76
[MISC] (deps): Bump @types/node from 13.9.6 to 13.9.7 in /web (#800)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.9.6 to 13.9.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-31 10:47:28 +11:00
dependabot-preview[bot] 4470b62ae0
[MISC] (deps): Bump @types/node from 13.9.5 to 13.9.6 in /web (#798)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.9.5 to 13.9.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-31 09:55:01 +11:00
Clément Michaud 7a3e782dc0
[FEATURE][BREAKING] Allow users to sign in with email. (#792)
* [FEATURE][BREAKING] Allow users to sign in with email.

The users_filter purpose evolved with the introduction of username_attribute
but is reverted here to allow the most flexibility. users_filter is now the
actual filter used for searching the user and not a sub-filter based on the
username_attribute anymore.

* {input} placeholder has been introduced to later deprecate {0} which has been
kept for backward compatibility.
* {username_attribute} and {mail_attribute} are new placeholders used to back
reference other configuration options.

Fix #735

* [MISC] Introduce new placeholders for groups_filter too.

* [MISC] Update BREAKING.md to mention the change regarding users_filter.

* [MISC] Fix unit and integration tests.

* Log an error message in console when U2F is not supported.

* Apply suggestions from code review

* Update BREAKING.md

Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-31 09:36:04 +11:00
Amir Zarrinkafsh 95f6c1a893
[Buildkite] Add contents of BREAKING.md for tag to releases (#797)
This will ensure that notes pertaining to a version in the BREAKING.md will be published in each of the respective github releases.

All information from:
'## Breaking in $TAG' until the next '## Breaking in $TAG' is included.
2020-03-31 08:46:23 +11:00
Amir Zarrinkafsh a15b9fe699
[Buildkite] Disable jest cache due to erratic unit test behaviour (#796)
It seems that running unit tests can result in failures if the build is not run on a clean machine, examples of this can be found at:

- https://buildkite.com/authelia/authelia/builds/1083#8916f6fc-6a53-4619-8c2e-a762f78f1de2
- https://buildkite.com/authelia/authelia/builds/1095#2206e39c-55dd-4311-8348-09f4f7c90fa1

This seems to be a pretty common issue too, just google issues with jest cache:

- https://github.com/vuejs/vue-jest/issues/56
2020-03-30 12:07:44 +11:00
dependabot-preview[bot] 376333affe
[MISC] (deps): Bump github.com/spf13/cobra from 0.0.6 to 0.0.7 (#795)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.6 to 0.0.7.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v0.0.6...0.0.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-30 10:36:39 +11:00
dependabot-preview[bot] da2570c585
[MISC] (deps): Bump @material-ui/core from 4.9.7 to 4.9.8 in /web (#793)
Bumps [@material-ui/core](https://github.com/mui-org/material-ui/tree/HEAD/packages/material-ui) from 4.9.7 to 4.9.8.
- [Release notes](https://github.com/mui-org/material-ui/releases)
- [Changelog](https://github.com/mui-org/material-ui/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mui-org/material-ui/commits/v4.9.8/packages/material-ui)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-29 11:15:56 +11:00
dependabot-preview[bot] 9e4f91ab60
[MISC] (deps): Bump @types/react from 16.9.26 to 16.9.27 in /web (#794)
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 16.9.26 to 16.9.27.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Amir Zarrinkafsh <nightah@me.com>
2020-03-29 10:25:11 +11:00
Clément Michaud 94a63edabb
[MISC] Fix comment dealing with aes implementation. (#791) 2020-03-29 10:07:05 +11:00
Amir Zarrinkafsh 6f116202f4
[RELEASE] v4.9.1 (#790) 2020-03-28 19:53:03 +11:00
Clément Michaud 4264e64f9b
[MISC] Encrypt session data in redis store. (#789)
This is a regression from v3. With this change session data is encrypted with AES-GCM using a 256-bit key derived from the provided secret.

Fixes #652.
2020-03-28 17:10:39 +11:00
Clément Michaud 537378becc
[MISC] Add .gitignore to skip temporary directories generated by local bundle. (#788) 2020-03-28 12:15:22 +11:00
dependabot-preview[bot] 0a9a83b805
[MISC] (deps): Bump @types/node from 13.9.4 to 13.9.5 in /web (#787)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 13.9.4 to 13.9.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2020-03-27 21:37:37 +01:00