10245 Commits

Author SHA1 Message Date
Elian Doran
59d8def2c5
Merge remote-tracking branch 'origin/develop' into share-fix 2025-01-17 23:19:53 +02:00
Elian Doran
6ea8a31a22
feat(e2e): test going to share root 2025-01-17 23:13:55 +02:00
Elian Doran
f96ab6da57
Merge pull request #932 from TriliumNext/renovate/katex-0.x
fix(deps): update dependency katex to v0.16.20
2025-01-17 23:01:05 +02:00
Elian Doran
b376f090d8
fix(e2e): bring back help link tests 2025-01-17 22:58:00 +02:00
Elian Doran
b4ff765c5e
chore(e2e): use ControlOrMeta instead of Control 2025-01-17 22:58:00 +02:00
Elian Doran
423bea923c
Merge pull request #979 from perfectra1n/develop
Update build-server.sh and GitHub Actions to build ARM server
2025-01-17 22:54:01 +02:00
Jon Fuller
7e30ab2e06
Update build-server.sh and GitHub Actions to build ARM server 2025-01-17 20:45:00 +00:00
Elian Doran
6452fa123c
Merge branch 'develop' into renovate/katex-0.x 2025-01-17 22:29:58 +02:00
Elian Doran
d19e9b4681
fix(test): wrong jasmine-based context 2025-01-17 22:29:44 +02:00
Elian Doran
3f92966976
Merge pull request #938 from TriliumNext/renovate/force-graph-1.x
fix(deps): update dependency force-graph to v1.49.0
2025-01-17 22:23:13 +02:00
Elian Doran
fec0ae62b7
Merge branch 'develop' into renovate/katex-0.x 2025-01-17 22:22:53 +02:00
Elian Doran
7fc5f9ab83
Merge pull request #977 from pano9000/test_vitest
test: add vitest as test framework and port current tests
2025-01-17 22:22:00 +02:00
Elian Doran
33baf6c917
fix(e2e): bring back katex test 2025-01-17 22:16:08 +02:00
Panagiotis Papadopoulos
6401f35783 chore(deps): update vitest to v3 2025-01-17 20:33:34 +01:00
Elian Doran
4dfe2b4935
Merge branch 'develop' into renovate/force-graph-1.x 2025-01-17 21:25:56 +02:00
Elian Doran
dd3397bcbb
chore(client/ts): port note_map 2025-01-17 21:25:36 +02:00
Panagiotis Papadopoulos
8b34c149cc chore: remove unused jasmine.json file 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
fb47ecd747 test(data_dir): fix failing test due to vitest being "stricter" than jasmine 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
9f148750d4 chore(vitest): add additional folders to exclude 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
853a7abc4f test: port data_dir.spec.ts to vitest 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
8faff118b1 chore: update npm test scripts with vitest 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
33274ada65 test: port spec tests to vitest 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
6be7109ce3 test: add initial, basic vitest.config.ts 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
0ed06e76c3 test: delete now unused mini_test.ts 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
186f17ec3e chore: add "coverage" folder to gitignore 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
871ee7989e test: set attribute_parser test to "TODO"
the tests are not correctly calling the `parse` method currently
2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
3f584af171 test: port spec-es6 tests to vitest 2025-01-17 20:24:20 +01:00
Panagiotis Papadopoulos
325a3b6c83 deps: add vitest and @vitest/coverage-v8 2025-01-17 20:24:16 +01:00
Elian Doran
e7eb385b8f
refactor(deps): integrate force-graph into webpack 2025-01-17 20:21:52 +02:00
Elian Doran
8d026c8134
feat(e2e): basic test for note map rendering 2025-01-17 20:15:48 +02:00
Elian Doran
7e40200436
chore(deps): remove unnecessary iconsur 2025-01-17 19:53:10 +02:00
Elian Doran
0cee8f9f20
refactor(mermaid): use webpack import for mermaid-elk 2025-01-17 19:53:09 +02:00
renovate[bot]
32c4d7350c
fix(deps): update dependency force-graph to v1.49.0 2025-01-17 17:52:23 +00:00
Elian Doran
af1d6540bc
Merge pull request #955 from TriliumNext/renovate/fs-extra-11.x
fix(deps): update dependency fs-extra to v11.3.0
2025-01-17 19:51:42 +02:00
Elian Doran
54bf2ad9ff
feat(e2e): test standard flowchart rendering 2025-01-17 19:19:24 +02:00
Elian Doran
751adf474f
feat(e2e): check ELK flowchart 2025-01-17 19:09:19 +02:00
Elian Doran
a1b660cfcd
fix(e2e): mindmap test not being run 2025-01-17 18:49:22 +02:00
Elian Doran
66c367fe21
Merge pull request #947 from TriliumNext/bugfix/dump-db-ivlength
Fix default ivLength in dump-db tool
2025-01-17 18:39:30 +02:00
Elian Doran
3abe5a348f
Merge pull request #965 from pano9000/chore_replace-ts-node
chore: get rid of ts-node
2025-01-17 18:38:35 +02:00
Elian Doran
467852191d
Merge pull request #966 from pano9000/fix_csrf-electron-httpOnly
fix(csrf): add exception for electron for httpOnly cookie
2025-01-17 18:36:02 +02:00
Panagiotis Papadopoulos
9382c278b3 fix(csrf): add exception for electron for httpOnly cookie
it does not seem to like having httpOnly set in electron
2025-01-17 17:26:52 +01:00
Panagiotis Papadopoulos
0e33395c47 chore(deps): remove now unused ts-node 2025-01-17 08:09:42 +01:00
Panagiotis Papadopoulos
00bdcfa803 chore(mermaid-elk): replace loader-register with tsx
unnecessary "cross-env" also removed, as it wasn't even
used to set any env variables
2025-01-17 08:05:42 +01:00
Panagiotis Papadopoulos
331dae4eb0 chore: delete unused loader-register file 2025-01-17 08:02:26 +01:00
Panagiotis Papadopoulos
748e30b63c chore(scripts): use tsx for webpack 2025-01-16 23:52:51 +01:00
Panagiotis Papadopoulos
76a0bffcc3 chore(scripts): remove unnecessary cross-env 2025-01-16 23:08:57 +01:00
Caleb Norton
b8f15d2fe3
Fix parent share link 2025-01-16 15:28:30 -06:00
Elian Doran
b2e1a3e97a
Merge pull request #961 from pano9000/fix-csrf-settings
fix(csrf): set more secure csrf related settings
2025-01-16 23:03:43 +02:00
Panagiotis Papadopoulos
5f605b3a91 fix(csrf): set more secure cookieOptions settings
- `sameSite` - previous setting inherited from csurf was to simply not set it at all, which makes all browser nag in their dev console output.
They will default to "Lax" for these type of cookies in the future.
We can even use "strict" here though for our use case:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#samesitesamesite-value

- `httpOnly`: should be enabled for the csrf cookie as well
for the session cookie it already is enabled.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie#httponly
2025-01-16 21:40:12 +01:00
Panagiotis Papadopoulos
ec19ccd7a7 fix(csrf): stop leaking the CSRF token in the server logs
As per OWASP:
"A CSRF token must not be leaked in the server logs or in the URL.", see:
https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#transmissing-csrf-tokens-in-synchronized-patterns
2025-01-16 21:16:33 +01:00