f0524b53db
fix: various security alert fixes ( #1202 )
...
* fix: some extra param validation for some API endpoints
* fix(server): potentially leaking internal error details
* fix: secure session cookie for ssl servers
* fix(server): fixing tests
2022-11-15 12:30:13 +02:00
3d6653f73b
hotfix/2.9.2 ( #1175 )
...
* Update to new specklepy (#1173 )
* Publish images for all branches but limit tagging
* only tag 'latest' and '2' when 'SHOULD_PUBLISH' variable is 'true'
* Publishing helm chart should check for `SHOULD_PUBLISH`
* Move blocking step to publish-helm chart, and allow images to be published
* Pin python requirements and bump to latest versions
* Fix EOL whitespace
* use valid version for psycopg2-binary (the clue is in the 2!)
* fix(fileimports): add exception printing to file imports
* fix(fileimports): bump specklepy version
move to a specklepy version that contains a fix for send without writing to disk
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com >
* Fixes liveness and readiness checks to prevent CSRF error message (#1169 )
- provides content-type header
- check that status code is 200
* Fixes broken helm template by adding quotation marks around liveness probe command (#1171 )
* fix(server activities): make sure the stream events are properly dispatched
* feat(server webhooks): add scheduled orphaned webhook cleanup
* test(server webhooks): add test to webhook cleanup service
* feat(server webhooks): drop foreign key reference for webhooks schema to streams
* refactor(server req context): refactor req context to have the ip attribute for all requests
* feat(server objects rest api): add ratelimits to objects rest api endpoints
* fix(server rest api): properly handle returning 419
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com >
2022-11-09 13:23:32 +01:00
564b5dc5fb
Bump docker images ( #1148 )
2022-10-25 16:12:24 +01:00
8aa7f51d27
Revert "chore(dockerfile): bump Dockerfile base image versions ( #974 )" ( #1146 )
...
This reverts commit 6d6264c779
2022-10-25 15:43:29 +01:00
9860be7fd8
fix: various dependabot vulnerability fixes ( #1143 )
...
* fix: updating minimist to resolve vulnerability
* fix: upgrade mocha to fix minimatch vuln
* fix: terser vuln fix
* fix: moment.js vuln fix
* fix: getting rid of perfect toolbar (which resolves vulns)
2022-10-25 17:01:20 +03:00
6d6264c779
chore(dockerfile): bump Dockerfile base image versions ( #974 )
2022-10-25 14:35:43 +01:00
ce2624760c
chore(deps): bump undici from 5.5.1 to 5.8.2 ( #1142 )
...
Bumps [undici](https://github.com/nodejs/undici ) from 5.5.1 to 5.8.2.
- [Release notes](https://github.com/nodejs/undici/releases )
- [Commits](https://github.com/nodejs/undici/compare/v5.5.1...v5.8.2 )
---
updated-dependencies:
- dependency-name: undici
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-25 11:47:40 +01:00
5f48ae8086
feat(server): optimized command for importing commits from other servers ( #1113 )
2022-10-17 10:32:01 +03:00
0379d370d5
fix(frontend): viewer activity broadcast request volume greatly reduced ( #1107 )
...
* fix(frontend): viewer activity broadcast request volume greatly reduced
* fix(frontend): app being loaded twice when running viewer in vite hmr
2022-10-12 17:44:33 +03:00
718e0d6081
chore: securing apollo server cache against DDoS attacks ( #1099 )
...
* chore: securing apollo server cache against DDoS attacks
* enabling csrf protection
2022-10-11 13:35:00 +03:00
a9f2f629a7
Merge pull request #845 from specklesystems/dim/blobs-sdk-harmony
...
Blobs API SDK Driven Changes
2022-10-10 16:58:48 +03:00
0a58381174
feat: @speckle/shared & some comments fixes ( #997 )
2022-10-10 16:32:23 +03:00
051929b23c
Merge branch 'main' into dim/blobs-sdk-harmony
2022-10-10 11:16:10 +03:00
8e59ee7243
refactor: moving away from 'user' query ( #1046 )
...
* refactor: moving away from 'user' query + various fixes
* fix: linting issue in stream tests
* fix(server): some tests broken after rebase onto main
2022-10-06 12:08:08 +03:00
db6a3e9367
refactor(server): apollo server v2 -> v3 migration ( #1071 )
2022-10-06 11:12:16 +03:00
2fef8b7de3
refactor(frontend): vue cli v4 -> vite ( #1000 )
2022-10-05 15:59:11 +03:00
a98c2c53da
fix(server digest emails): add styling fixes to weekly digest emails ( #1075 )
2022-10-05 12:23:44 +02:00
393a192940
gergo/emailDigestFixes ( #1074 )
...
* feat(server task scheduler): sketch out core task scheduler implementation
* feat(server weekly activity digests): add function lock duration to the weekly digest execution
* feat(server scheduled tasks): add scheduled tasks type definition, db schema and migration
* feat(server scheduled tasks): add scheduled tasks repository
* feat(server task scheduler): add task scheduler service implementation
* chore(server deps): add mocha type definitions
* refactor(server scheduled tasks): refactor scheduled tasks migration
* refactor(server scheduled tasks): refactor scheduled task db schema and type definitions
* feat(server scheduled tasks): implement db side lock acquire
* refactor(server scheduled tasks): refactor task scheduler with lock on query mechanism
* test(server scheduled tasks): add tests for scheduled tasks implementation
* refactor(server weekly activity digests): refactor to new task scheduler implementation
* feat(server weekly activity digest): switch to a 1000 seconds trigger period for testing purposes
* fix(server task scheduler): fix not catching lock acquire function errors
* feat(server weekly digest): switch weekly digest cron trigger to the prod ready value
* fix(nginx configs): fix missing static route proxy to backend
* fix(server email template): fix footer anchor tags not pointing to the right places
2022-10-05 10:09:24 +02:00
8b386ff078
gergo/weeklyDigestProdConfig ( #1072 )
...
* feat(server task scheduler): sketch out core task scheduler implementation
* feat(server weekly activity digests): add function lock duration to the weekly digest execution
* feat(server scheduled tasks): add scheduled tasks type definition, db schema and migration
* feat(server scheduled tasks): add scheduled tasks repository
* feat(server task scheduler): add task scheduler service implementation
* chore(server deps): add mocha type definitions
* refactor(server scheduled tasks): refactor scheduled tasks migration
* refactor(server scheduled tasks): refactor scheduled task db schema and type definitions
* feat(server scheduled tasks): implement db side lock acquire
* refactor(server scheduled tasks): refactor task scheduler with lock on query mechanism
* test(server scheduled tasks): add tests for scheduled tasks implementation
* refactor(server weekly activity digests): refactor to new task scheduler implementation
* feat(server weekly activity digest): switch to a 1000 seconds trigger period for testing purposes
* fix(server task scheduler): fix not catching lock acquire function errors
* feat(server weekly digest): switch weekly digest cron trigger to the prod ready value
2022-10-04 16:55:08 +02:00
1351b6b82a
feat(server): fixing double summary emails per week ( #1054 )
...
* feat(server task scheduler): sketch out core task scheduler implementation
* feat(server weekly activity digests): add function lock duration to the weekly digest execution
* feat(server scheduled tasks): add scheduled tasks type definition, db schema and migration
* feat(server scheduled tasks): add scheduled tasks repository
* feat(server task scheduler): add task scheduler service implementation
* chore(server deps): add mocha type definitions
* refactor(server scheduled tasks): refactor scheduled tasks migration
* refactor(server scheduled tasks): refactor scheduled task db schema and type definitions
* feat(server scheduled tasks): implement db side lock acquire
* refactor(server scheduled tasks): refactor task scheduler with lock on query mechanism
* test(server scheduled tasks): add tests for scheduled tasks implementation
* refactor(server weekly activity digests): refactor to new task scheduler implementation
* feat(server weekly activity digest): switch to a 1000 seconds trigger period for testing purposes
* fix(server task scheduler): fix not catching lock acquire function errors
Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com >
2022-10-04 16:11:01 +02:00
c7e4c9981c
fix(server): streamUpdatePermission wont allow adding new users to streams ( #1032 )
...
* fix(server): fixing streamUpdatePermissions allowing to add new users to stream
* fix(server): fixing tests to better test streamUpdatePermission
2022-09-26 16:40:17 +02:00
61a2caaae9
feat: batch commit actions improvements (list view support, batch delete in 'your commits')
...
* feat(frontend): batch commit action support in list view
* feat(frontend): batch delete in 'your commits' page
* fix(server): authorizeResolver isPublic check always failed
* fix(server): fixing tests
2022-09-26 13:16:44 +03:00
908bbfb937
Gergo/file imports hotfix ( #1025 )
...
* fix(server): fix 'speckle:error(s)' mismatching naming
* fix(frontend): add mtl as documented file import format, fix missing computed prop
* fix(fileimports): specklepy operations.send shouldn't use local cache for sending
fixes #1017
* obj import skip using default cache
2022-09-23 13:20:53 +02:00
84c6ea68a2
fix(server): hopefully fixing some flaky tests ( #1021 )
2022-09-22 17:16:34 +03:00
05f11a26da
feat: batch commit delete/move ( #1016 )
...
* feat: batch delete/move commits
* fix: ts linter issue
2022-09-22 16:49:18 +03:00
3da39a7b11
refactor(server): User.streams only returns discoverable streams for non-owners ( #1002 )
2022-09-22 12:21:06 +03:00
d1d5984e30
gergo/summaryEmails ( #979 )
...
* refactor(server emails): email transports module refactor to TypeScript
* refactor(docker-compose deps): move local email server to common dev compose file
* chore(server launch.json): add ts-node script running example
* chore(server deps): add nodemailer types package
* refactor(server activitystream): add strongly typed activity definitions
* feat(server activitystream): add activity repository
* feat(server info): add canonical url on the service level
* feat(server): add static file serving route to server core
* feat(server): add dependencies for periodical email digests
* feat(server activity stream): call the initialization step from the activity stream module
* feat(server activity digest): add WIP weekly email digest implementation
* feat(server digest email): smul upgrades and fixes to the email template and its contents
* just for Fabs to test
* chore(root package.json): remove deleted docker-compose references
* feat(frontend profile): add notification preferences panel
* feat(server digest emails): set prod ready cron tab and timespan
* refactor(server email digest): move templates into the email module
* refactor(server activity digests): refactor to use notifications infrastructure
* test(server activities): add tests and some refactor to activities and notification preferences
* refactor(notification preferences): fix minor issues
* test(server notification preferences test): fix describe nesting
* fix(server activities): add missing action types
* fix(server activities): fix errors after merging main
* test(server activity notifications): add test coverage for activity notifications service
* refactor(server activities): fixing tests and some cleanup
* feat(server cli): add summary notification command to cli
* chore(dev env db versions): upgrade local dev env versions
* chore(server deps): upgrade local dev db to pg 14
* fix(docker-compose): bind maildev to localhost
* process-scoped notifications test queues
* test(activity tests): add sleep to fix flaky CI
* feat(activity digests): add demo date for digest trigger
* feat(activity digest): add UK timezone trigger date
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com >
Co-authored-by: Fabians <fabis94@live.com >
2022-09-09 12:46:57 +02:00
f991504932
feat: stream access requests ( #976 )
2022-09-06 11:10:38 +03:00
9f84464837
fix(server prometheus metrics): speckle_server_apollo_calls prometheus metric should be published ( #980 )
...
The move from app.js to app.ts had broken speckle_server_apollo_calls prometheus metric. This PR
reverts the import of apolloPlugin to use the previous inline require.
2022-09-02 11:34:21 +01:00
ecb9f825bb
refactor: email verification flow & email template ( #967 )
2022-08-31 17:11:19 +03:00
3150763ddc
fix(server): put emails behind elevated privileges ( #971 )
2022-08-27 11:28:38 +02:00
651dee0977
feat(server): stream discoverability flag & queries ( #948 )
2022-08-24 13:46:24 +03:00
774176246e
feat: pretty password reset email + bugfixes ( #939 )
2022-08-24 11:59:30 +03:00
af45fc2742
feat(server): notify on comment mention + notifications API ( #933 )
2022-08-19 10:27:48 +03:00
7aa21e88bd
chore: cleaning up suuid usages ( #943 )
2022-08-18 15:29:05 +03:00
f4693714b9
fix: line heights in basic email template
2022-08-18 11:08:18 +03:00
44bd5919f8
Revert "perf(Docker images): production images are based on distroless ( #899 )" ( #934 )
...
This reverts commit 7fe41b1fb2
2022-08-16 16:42:59 +01:00
7fe41b1fb2
perf(Docker images): production images are based on distroless ( #899 )
...
- perf(server, webhook-service): production images are based on distroless
Reduces image file size by >40% for images which can use distroless base image. As
well as improving boot-up & restart time (via smaller download & load size), Distroless reduces the
attack surface area by removing almost all binaries & packages (e.g. shell, chown) that are not
necessary to run node.
- ensures distroless node images run tini
- removes fonts-dejavu-core and fontconfig from speckle-server
- Remove man and doc files if they exist
- args hoisted to top of Dockerfile and consolidated
- env vars consolidated to prevent additional layers
address https://github.com/specklesystems/speckle-server/issues/883
2022-08-16 16:17:07 +01:00
259e8ec829
fix formatting caused by accepting changes on the github UI
2022-08-16 14:59:25 +02:00
43596e4509
refactor(server authz): refactor authz module to TypeScript ( #907 )
...
* refactor(server authz): refactor authz module to TypeScript
* improved roles types
* Update packages/server/modules/shared/errors/base.ts
Co-authored-by: Kristaps Fabians Geikins <fabis94@live.com >
* refactor(server authz): fix PR comments
Co-authored-by: Fabians <fabis94@live.com >
2022-08-16 14:45:13 +02:00
72d27b9a7c
Allow save object to S3 in different region ( #910 )
...
* Allow save object to S3 in different region
* feat(helm & docker-compose): adds S3_REGION to helm chart & docker-compose
Explicitly adding the environment variable to deployment configuration files provides system operators with documentation of its existence.
Set to empty by default, which will result in the default value being used.
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com >
2022-08-15 14:24:30 +02:00
0427f5cfd1
feat(server): new base email template + implementation for invites emails ( #903 )
...
Co-authored-by: Dimitrie Stefanescu <didimitrie@gmail.com >
2022-08-11 11:00:01 +03:00
1c5964fc41
Add Hadolint to pre-commit ( #848 )
...
* Adds hadolint as pre-commit step
* Addresses all hadolint comments
* Use noninteractive apt-get frontend and clean after install
* dockerfile RUN statements are consolidated to prevent additional layers
* installed packages have pinned versions
* build(circleci): use speckle pre-commit runner with built-in hadolint
* Integrate pre-commit with husky bash script for git pre-commit hooks
* catches errors in bash
* if pre-commit is installed, it is run
* if optional additional binaries are installed, further pre-commit steps are run
* Update README with revised developer instructions
* Adds a pre-commit yarn script
2022-08-09 13:47:02 +01:00
39ff677e10
fix(server dockerfile): fix wait not available in the final runtime image
2022-08-05 10:45:06 +02:00
b966f20fdb
refactor(server): typescript support ( #874 )
...
Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com >
2022-08-04 14:21:39 +02:00
214db9a9bb
fix(frontend container): add default value for FILE_SIZE_LIMIT_MB ( #880 )
...
this prevents breaking the existing deployments which do not provide this env variable
2022-08-04 11:59:57 +02:00
93a9384328
tests(blobs): removes superflous length check on blobids
2022-07-31 11:17:50 +03:00
d45c51a1f0
feat(blobs): diff endpoint cleanup
2022-07-31 10:22:36 +03:00
20e98fb49a
feat(blobs): diffing endpoint wip
2022-07-31 10:16:46 +03:00
52f6b7f141
feat(blobs): failsafe for dupe blobs & adds service for retrieving all blob ids
2022-07-31 10:16:02 +03:00
Kristaps Fabians Geikins