Tools/Notes
1
0
Fork 0
mirror of https://github.com/TriliumNext/Notes.git synced 2025-07-29 11:02:28 +08:00
Code Issues Packages Projects Releases Wiki Activity
10,161 Commits 21 Branches 339 Tags
Commit Graph

10161 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
renovate[bot]
32c4d7350c
fix(deps): update dependency force-graph to v1.49.0 2025-01-17 17:52:23 +00:00
Elian Doran
af1d6540bc
Merge pull request #955 from TriliumNext/renovate/fs-extra-11.x 
fix(deps): update dependency fs-extra to v11.3.0
 2025-01-17 19:51:42 +02:00
Elian Doran
54bf2ad9ff
feat(e2e): test standard flowchart rendering 2025-01-17 19:19:24 +02:00
Elian Doran
751adf474f
feat(e2e): check ELK flowchart 2025-01-17 19:09:19 +02:00
Elian Doran
a1b660cfcd
fix(e2e): mindmap test not being run 2025-01-17 18:49:22 +02:00
Elian Doran
66c367fe21
Merge pull request #947 from TriliumNext/bugfix/dump-db-ivlength 
Fix default ivLength in dump-db tool
 2025-01-17 18:39:30 +02:00
Elian Doran
3abe5a348f
Merge pull request #965 from pano9000/chore_replace-ts-node 
chore: get rid of ts-node
 2025-01-17 18:38:35 +02:00
Elian Doran
467852191d
Merge pull request #966 from pano9000/fix_csrf-electron-httpOnly 
fix(csrf): add exception for electron for httpOnly cookie
 2025-01-17 18:36:02 +02:00
Panagiotis Papadopoulos
9382c278b3 fix(csrf): add exception for electron for httpOnly cookie 
it does not seem to like having httpOnly set in electron
 2025-01-17 17:26:52 +01:00
Panagiotis Papadopoulos
0e33395c47 chore(deps): remove now unused ts-node 2025-01-17 08:09:42 +01:00
Panagiotis Papadopoulos
00bdcfa803 chore(mermaid-elk): replace loader-register with tsx 
unnecessary "cross-env" also removed, as it wasn't even
used to set any env variables
 2025-01-17 08:05:42 +01:00
Panagiotis Papadopoulos
331dae4eb0 chore: delete unused loader-register file 2025-01-17 08:02:26 +01:00
Panagiotis Papadopoulos
748e30b63c chore(scripts): use tsx for webpack 2025-01-16 23:52:51 +01:00
Panagiotis Papadopoulos
76a0bffcc3 chore(scripts): remove unnecessary cross-env 2025-01-16 23:08:57 +01:00
Elian Doran
b2e1a3e97a
Merge pull request #961 from pano9000/fix-csrf-settings 
fix(csrf): set more secure csrf related settings
 2025-01-16 23:03:43 +02:00
Panagiotis Papadopoulos
5f605b3a91 fix(csrf): set more secure cookieOptions settings 
- `sameSite` - previous setting inherited from csurf was to simply not set it at all, which makes all browser nag in their dev console output.
They will default to "Lax" for these type of cookies in the future.
We can even use "strict" here though for our use case:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value

- `httpOnly`: should be enabled for the csrf cookie as well
for the session cookie it already is enabled.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#httponly
 2025-01-16 21:40:12 +01:00
Panagiotis Papadopoulos
ec19ccd7a7 fix(csrf): stop leaking the CSRF token in the server logs 
As per OWASP:
"A CSRF token must not be leaked in the server logs or in the URL.", see:
https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#transmissing-csrf-tokens-in-synchronized-patterns
 2025-01-16 21:16:33 +01:00
Elian Doran
283a12b0d5
Merge pull request #960 from pano9000/fix_csrf-csrf_existing_cookie 
fix(csrf): fix handling of existing _csrf cookies
 2025-01-16 21:53:09 +02:00
Panagiotis Papadopoulos
139bf3dcdf fix(csrf): use generateCsrfToken with more "user friendly" settings 
fixes the case, where existing TriliumNext users, will get
a "Invalid CSRF Token" Message, when they have an older
_csrf token in their cookies from a previous installation/visit.
the settings now will handle these cases in the background automatically.

also fixes #950
 2025-01-16 20:14:23 +01:00
Panagiotis Papadopoulos
6dd8ab31d5 refactor(csrf): export generateToken utility 2025-01-16 20:14:23 +01:00
Panagiotis Papadopoulos
e3d89ce2a5 refactor(csrf): move csrf to own file 2025-01-16 20:14:23 +01:00
Elian Doran
edc6b983ac
Merge remote-tracking branch 'origin/master' into develop 2025-01-16 18:36:35 +02:00
Elian Doran
d684440c1f
fix(client): undefined entity in some cases 2025-01-16 18:36:29 +02:00
Elian Doran
1e182f5820
chore(client/ts): port mermaid 2025-01-16 18:20:23 +02:00
Elian Doran
5ca876ca62
fix(mobile): force grouping in editing toolbar 2025-01-16 16:41:52 +02:00
Elian Doran
187ef60350
feat(mobile): disable overscroll for toolbar 2025-01-16 16:32:47 +02:00
Elian Doran
706b011b23
feat(mobile): enforce classic editor 2025-01-16 16:29:51 +02:00
Elian Doran
6f2538a070
feat(mobile): hide editing toolbar on non-text note 2025-01-16 16:14:37 +02:00
Elian Doran
6caddc8004
fix(mobile): position of editing toolbar on tablet mode 2025-01-16 16:09:11 +02:00
Elian Doran
0cab891d2e
chore(client/ts): port classic_editor_toolbar 2025-01-16 15:51:58 +02:00
Elian Doran
1d6e3af9aa
fix(mobile): position of editing toolbar 2025-01-16 15:48:56 +02:00
Elian Doran
c8b745bc6a
Merge pull request #952 from TriliumNext/renovate/node-22.x 
chore(deps): update dependency @types/node to v22.10.7
 2025-01-16 10:49:07 +02:00
Elian Doran
d1be673763
Merge pull request #953 from TriliumNext/renovate/better-sqlite3-11.x-lockfile 
fix(deps): update dependency better-sqlite3 to v11.8.0
 2025-01-16 10:45:59 +02:00
Elian Doran
2fbfc9d668
Merge pull request #946 from TriliumNext/renovate/electron-34.x 
chore(deps): update dependency electron to v34
 2025-01-16 10:43:33 +02:00
Nriver
5ea3e67dc3 remove unused param 2025-01-16 14:18:01 +08:00
Nriver
4b7445be8e fix compatibility for old encrypted data 2025-01-16 14:01:59 +08:00
renovate[bot]
a9570965f1
fix(deps): update dependency fs-extra to v11.3.0 2025-01-16 00:57:03 +00:00
renovate[bot]
b77f8aeb43
fix(deps): update dependency better-sqlite3 to v11.8.0 2025-01-16 00:56:43 +00:00
renovate[bot]
01b88c52ef
chore(deps): update dependency @types/node to v22.10.7 2025-01-16 00:56:32 +00:00
Elian Doran
4c451753bc
chore(build): remove redundant npx 2025-01-15 19:11:26 +02:00
Elian Doran
7076c4cbd6
chore(deps): update better-sqlite3 to 11.8.0 2025-01-15 19:11:05 +02:00
Nriver
9d32cd36ee Fix default ivLength in dump-db tool 2025-01-15 10:16:04 +08:00
renovate[bot]
0eab68e8d1
chore(deps): update dependency electron to v34 2025-01-15 02:07:18 +00:00
Elian Doran
7dfeb20678
Merge pull request #936 from pano9000/fix_views-deprecated-meta-tag 
fix(views): replace deprecated meta tag
 2025-01-14 23:51:46 +02:00
Elian Doran
155900929f
Merge pull request #945 from hasecilu/i18n/Spanish 
Update Spanish translation
 2025-01-14 23:19:46 +02:00
hasecilu
3486e566ae
chore(code): be more explicit on config for json files 
To avoid changing end line character of translation files
 2025-01-14 13:26:40 -06:00
hasecilu
7f9e42abbd
chore(i18n): update Spanish translation 2025-01-14 13:26:39 -06:00
Elian Doran
c1211647ab
Merge pull request #940 from pano9000/chore_npm-script-start-test-server 
chore(scripts): update `start-test-server` script
 2025-01-14 21:26:09 +02:00
Elian Doran
8a7a607fcb
Merge pull request #926 from pano9000:refactor_backend_log 
refactor(backend_log): improve `getBackendLog`
 2025-01-14 20:41:29 +02:00
Elian Doran
3f612a1b70
Merge pull request #864 from pano9000/refactor_replace-csurf 
refactor: replace csurf with csrf-csrf
 2025-01-14 20:33:29 +02:00