Dan Milne
|
fed7c3cedb
|
Some beta-checklist updates
|
2026-01-02 11:53:41 +11:00 |
|
Dan Milne
|
7f834fb7fa
|
Version bump
|
2026-01-01 15:27:19 +11:00 |
|
Dan Milne
|
93a0edb0a2
|
StandardRB fixes
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2026-01-01 13:29:44 +11:00 |
|
Dan Milne
|
364e6e21dd
|
Fixes for tests and AR Encryption
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-12-31 16:08:05 +11:00 |
|
Dan Milne
|
9d352ab8ec
|
Fix tests - add missing files
|
2025-12-31 16:01:31 +11:00 |
|
Dan Milne
|
d1d4ac745f
|
Version bump
|
2025-12-31 15:48:52 +11:00 |
|
Dan Milne
|
9530c8284f
|
Version bump
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-12-31 10:35:27 +11:00 |
|
Dan Milne
|
bb5aa2e6d6
|
Add rails encryption for totp - allow configuration of encryption secrets from env, or derive them from SECRET_KEY_BASE. Don't leak email address via web_authn, rate limit web_authn, escape oidc state value, require password for changing email address, allow settings the hmac secret for token prefix generation
|
2025-12-31 10:33:56 +11:00 |
|
Dan Milne
|
cc7beba9de
|
PKCE is now default enabled. You can now create public / no-secret apps OIDC apps
|
2025-12-31 09:22:18 +11:00 |
|
Dan Milne
|
32235f9647
|
version bump
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-12-30 11:58:31 +11:00 |
|
Dan Milne
|
71d59e7367
|
Remove plain text token from everywhere
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-12-30 11:58:11 +11:00 |
|
Dan Milne
|
99c3ac905f
|
Add a token prefix column, generate the token_prefix and the token_digest, removing the plaintext token from use.
|
2025-12-30 09:45:16 +11:00 |
|
Dan Milne
|
898fd69a5d
|
Add permissions initializer and missing image paste controller
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-12-29 13:27:30 +11:00 |
|
Dan Milne
|
9cf01f7c7a
|
Bump versoin
|
2025-12-28 14:43:26 +11:00 |
|
Dan Milne
|
283feea175
|
Update depenencies, bump versoin
|
2025-11-30 23:13:25 +11:00 |
|
Dan Milne
|
f8543f98cc
|
Add a subdirectory for active storage
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-27 19:12:09 +11:00 |
|
Dan Milne
|
6be23c2c37
|
Add backchannel logout, per application logout.
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-27 16:38:27 +11:00 |
|
Dan Milne
|
67d86e5835
|
Add Icons for apps
|
2025-11-25 19:11:22 +11:00 |
|
Dan Milne
|
67f28faaca
|
Improve some front end views. More descriptive error condition reporting. Updates to CLINCH_HOST for better WEBAUTHN
|
2025-11-12 16:24:05 +11:00 |
|
Dan Milne
|
8e0b2c28eb
|
CSP fixes
|
2025-11-08 20:01:07 +11:00 |
|
Dan Milne
|
631b2b53bb
|
Fix CSP reporting endpoitn. Fix the SER for CSP
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 23:22:15 +11:00 |
|
Dan Milne
|
6049429a41
|
Fix mobile view menu popout. Add an option SENTRY_DSN support, which uses rails event reporting
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 23:16:28 +11:00 |
|
Dan Milne
|
2b15aa2c40
|
Add sentry, set csp reporting API
|
2025-11-04 22:58:32 +11:00 |
|
Dan Milne
|
044b9239d6
|
Ok - this time add the new controllers we stripped out of inline and add back the csp
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 18:55:20 +11:00 |
|
Dan Milne
|
fb14ce032f
|
Strip out more inline javascript code. Encrypt backup codes and treat the backup codes attribute as a json array
|
2025-11-04 18:46:11 +11:00 |
|
Dan Milne
|
57abc0b804
|
Add webauthn
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-11-04 16:20:11 +11:00 |
|
Dan Milne
|
ddcb297c74
|
Add comprhensive csp polices and reporting endpoint. Add environment support require for protecting against rebinding attacks on ip addresses
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-10-29 15:37:53 +11:00 |
|
Dan Milne
|
1ff0a95392
|
First commit
CI / scan_ruby (push) Has been cancelled
CI / scan_js (push) Has been cancelled
CI / lint (push) Has been cancelled
CI / test (push) Has been cancelled
CI / system-test (push) Has been cancelled
|
2025-10-23 16:19:56 +11:00 |
|