11147 Commits

Author SHA1 Message Date
Panagiotis Papadopoulos
ea621ef8e1 chore(prettier): fix code style 2025-01-12 13:30:02 +01:00
Panagiotis Papadopoulos
4cd18441e4 deps: Update package-lock 2025-01-12 13:16:26 +01:00
Panagiotis Papadopoulos
d1bd2d2812 refactor(routes/login): remove unused rendering of HTML 2025-01-12 13:13:59 +01:00
Panagiotis Papadopoulos
59ecc614c2 refactor: call logout route via JS
required for csrf-csrf to correctly protect against
CSRF, as it required the _csrf cookie AND the
x-csrf-token HTTP header, the latter cannot be set
via simple Form POST action

using "../login" here, because "server" method is automatically prepending all paths with "/api",
which we don't want here, as we want "/login"
2025-01-12 11:43:41 +01:00
Panagiotis Papadopoulos
c36085e580 chore: fix TS warning by type narrowing
`req.csrfToken` might be undefined according to `csrf-csrf`
provided types, so use type narrowing to make sure it exists,
before calling it
2025-01-12 10:22:05 +01:00
Panagiotis Papadopoulos
d20a3bab2a fix(csrfMiddleware): use sessionSecret instead
since `cookie-parser` is not configured with a secret,
req.secret is not set and hence is `undefined`,
which then is used as literal 'undefined' in the hashing function – making it less secure.

Instead we can use the existing sessionSecret:
the `csrf-csrf` developer confirmed in their Discord chat,
that it would be ok to use the same secret here.
2025-01-12 10:22:05 +01:00
Panagiotis Papadopoulos
b787610717 refactor: replace csurf with csrf-csrf
I've kept the identical same settings as before –
however they are not *ideal* from what I read.
More secure settings will need to be tested a bit more thoroughly first and will be a separate PR.
2025-01-12 10:22:05 +01:00
Panagiotis Papadopoulos
5268aaee4f deps: replace csurf with csrf-csrf 2025-01-12 10:22:05 +01:00
renovate[bot]
e3b8de8843
fix(deps): update dependency ts-loader to v9.5.2 2025-01-12 02:27:20 +00:00
renovate[bot]
0cf13ca559
fix(deps): update dependency mind-elixir to v4.3.6 2025-01-12 02:27:09 +00:00
Elian Doran
cdf4a7385d
Merge pull request #927 from pano9000/chore_package-lock
deps: update package-lock.json
2025-01-11 22:17:09 +02:00
Elian Doran
c2dedc24af
fix(build): webpack config for electron-forge 2025-01-11 18:58:51 +02:00
Elian Doran
d8f775608c
feat(editor): enable list styles 2025-01-11 18:26:28 +02:00
Elian Doran
d25812cc3b
fix(docker): not running due to missing file on Alpine 2025-01-11 18:14:23 +02:00
Elian Doran
b2ca87d7e8
fix(docker): not running due to missing file 2025-01-11 17:59:41 +02:00
Elian Doran
25e0dc3355
fix(electron): copy dist not working due to missing lib 2025-01-11 17:04:07 +02:00
Elian Doran
a8051b06fd
chore(e2e): disable webkit for now 2025-01-11 16:36:24 +02:00
Elian Doran
e442906265
chore(e2e): fix flaky tests 2025-01-11 16:22:09 +02:00
Panagiotis Papadopoulos
6885cc1399 deps: update package-lock.json 2025-01-11 14:57:37 +01:00
Elian Doran
9db9d412d9
feat(import/markdown): preserve language tags when possible 2025-01-11 15:22:36 +02:00
Elian Doran
0e67078256
feat(export/md): rewrite JavaScript code block languages 2025-01-11 14:11:18 +02:00
Elian Doran
09f36cac00
chore(e2e): add basic test for highlights list 2025-01-11 13:52:30 +02:00
Elian Doran
1530a09dc8
chore(e2e): check katex is rendered in ToC 2025-01-11 13:41:25 +02:00
Elian Doran
b44f4e0f74
chore(e2e): add basic test for table of contents 2025-01-11 13:36:56 +02:00
Elian Doran
74b2643c28
chore(e2e): test eslint errors 2025-01-11 12:54:43 +02:00
Elian Doran
db66998107
chore(e2e): test eslint warnings 2025-01-11 12:50:36 +02:00
Elian Doran
dcc0e76e57
chore(e2e): add backend scripts with lint errors/warnings 2025-01-11 12:22:50 +02:00
Elian Doran
3f6b604b4e
chore(e2e): set TriliumNext as default theme 2025-01-11 12:20:16 +02:00
Elian Doran
703a70056b
feat(code_notes): reintroduce ESLint for server notes 2025-01-11 12:18:16 +02:00
Elian Doran
05529b84ab
chore(client/ts): port options 2025-01-11 11:45:06 +02:00
Elian Doran
7e61af1cc3
chore(client/ts): port options/text_notes 2025-01-11 11:21:14 +02:00
Elian Doran
677760282c
chore(client/ts): port options/other 2025-01-11 11:18:50 +02:00
Elian Doran
03241a8967
chore(client/ts): port options/images 2025-01-11 11:13:11 +02:00
Elian Doran
6665a8d97f
chore(client/ts): port options/codeNotes 2025-01-11 11:11:57 +02:00
Elian Doran
552cc2753f
chore(client/ts): port options/appearance 2025-01-11 11:02:22 +02:00
Elian Doran
5bfcf88acd
chore(client/ts): port options/advanced 2025-01-11 10:51:35 +02:00
Elian Doran
fcb7d9754f
Merge pull request #908 from pano9000/fix_printthis_#901
fix(styles): fix ck-editor checkboxes not showing checkmark while printing
2025-01-11 01:51:51 +02:00
Elian Doran
c94346c6b9
chore(client/ts): port widgets/buttons/launcher 2025-01-11 01:46:04 +02:00
Elian Doran
7e00b889a0
chore(client/ts): port api_log 2025-01-11 01:46:04 +02:00
Elian Doran
25cd18f6c8
Merge pull request #913 from TriliumNext/renovate/node-22.x
chore(deps): update node.js to v22.13.0
2025-01-11 01:39:33 +02:00
Elian Doran
4829d7eb14
Merge pull request #915 from TriliumNext/renovate/draggabilly-3.x
fix(deps): update dependency draggabilly to v3
2025-01-11 01:19:01 +02:00
Elian Doran
0494d4f046
Merge pull request #912 from TriliumNext/renovate/electron-33.x
chore(deps): update dependency electron to v33.3.1
2025-01-11 01:13:57 +02:00
Elian Doran
138d9a07a5
Merge branch 'develop' into renovate/draggabilly-3.x 2025-01-11 01:13:30 +02:00
Elian Doran
6ad7792ef3
fix(ci): fix authentication error in playwright 2025-01-11 01:04:20 +02:00
Elian Doran
963247f013
chore(playwright): set up server 2025-01-11 00:55:48 +02:00
Elian Doran
67bfd1dde6
Merge branch 'develop' into renovate/draggabilly-3.x 2025-01-11 00:50:58 +02:00
Elian Doran
ab2a4d741d
chore(ci): change playwright triggering conditions 2025-01-11 00:50:18 +02:00
renovate[bot]
c7bc24ad02
fix(deps): update dependency draggabilly to v3 2025-01-10 22:46:40 +00:00
Elian Doran
497b6e0e2d
Merge branch 'develop' of https://github.com/TriliumNext/Notes into develop 2025-01-11 00:45:52 +02:00
Elian Doran
2bad89533f
Merge pull request #914 from TriliumNext/renovate/draggabilly-2.x
fix(deps): update dependency draggabilly to v2.4.1
2025-01-11 00:45:43 +02:00