huanld/speckle-server
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
3,156 Commits 2 Branches 0 Tags
d402837f9aefcd1555d1032060698cfac2c8bd4e
Commit Graph

3156 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dimitrie Stefanescu d402837f9a fix(server): prettier saves the day as always (snark) 2023-04-15 12:46:02 +01:00
Dimitrie Stefanescu 6cc1046a86 fix(server): logging ipv6 catches 2023-04-15 12:39:24 +01:00
Iain Sproat 43c339bccf fix(logging): use broadcast address to mask logged ip (#1532) 2023-04-13 19:43:54 +01:00
Iain Sproat 8bc04f97d9 fix(logging): hash ip for all requests with an ip (#1531) 2023-04-13 17:38:17 +01:00
Iain Sproat c6e36cdfce fix(logging): log level for graphql errors (#1530) 2023-04-13 16:47:31 +01:00
Iain Sproat 6f718d8d91 fix(logging): should log headers in request; add missing return statement (#1529) 2023-04-13 15:30:34 +01:00
Iain Sproat 1515e2fee6 revert(ratelimit): defaults should remain as was prior to 2a35fe6 (#1528) 
* Revert "fix(ratelimit): reduce /graphql limit based on incident (#1505)"
This reverts commit 2a35fe6178.
* Revert helm chart defaults to value in code
- fix typo
 2023-04-13 15:24:51 +01:00
Iain Sproat 122f4c731f feat(log): log the ip address if a user is not logged in (#1527) 
- we do not log both the ip if the user is signed in, as this may be a privacy issue
- the ip is only logged if there is no associated user information
 2023-04-13 14:57:07 +01:00
Iain Sproat 477fc109d0 fix(logging): redact email values from graphql log messages (#1523) 2023-04-13 11:24:01 +01:00
Iain Sproat 271888ccd6 fix(log): graphql logger should log everything (#1521) 
- improve log field naming
- remove duplicated configuring of log fields
 2023-04-12 18:30:29 +01:00
Gergő Jedlicska 84ea2b1043 fix(server): make sure apollo logging works and it doesn't leak sensitive stuff (#1520) 2023-04-12 13:39:03 +01:00
Iain Sproat d61138e157 feat(log): logs all headers, except authorization and cookie (#1517) 
* feat(log): logs all headers, except authorization and cookie
* fix(logging): print headers for raw response
 2023-04-11 20:11:56 +01:00
Iain Sproat 4c723781b5 feat(server): authentication middleware should log auth context creation status (#1508) 
* feat(server): authentication middleware should log auth context creation status
- this uses the pino http logger provided via prior express middleware, ensuring a request ID is associated with the log messages
- userID, scopes and roles will be logged
* Appends the authContext to the req.log, which makes it available on all subsequent calls
 2023-04-11 18:43:46 +01:00
Iain Sproat 6c66049248 feat(logging): log apollo (graphql) requests and responses (#1509) 
* feat(logging): log apollo (graphql) requests and responses
 2023-04-11 18:42:40 +01:00
Snyk bot ead926dea6 [Snyk] Security upgrade numpy from 1.21.3 to 1.22.2 (#1512) 
* fix: packages/fileimport-service/requirements.txt to reduce vulnerabilities


The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970

* chore(deps): file-import python requirements should include required peers

* Improve comment on requirement

---------

Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com>
 2023-04-10 15:25:26 +01:00
Iain Sproat f4ce7a2a5d chore(deps): remove unused aws-sdk (#1510) 
* Remove aws-sdk as it does not appear to be used
 2023-04-10 11:00:44 +01:00
dependabot[bot] ed005f8e89 build(deps-dev): bump vite from 2.9.8 to 3.1.0 (#975) 
* build(deps-dev): bump vite from 2.9.8 to 2.9.13

Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 2.9.8 to 2.9.13.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v2.9.13/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bumps viewer-sandbox vite to match frontend version

* It was complaining about some html tags thing. Fixed it

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com>
Co-authored-by: AlexandruPopovici <alexandrupopoviciioan@gmail.com>
 2023-04-10 10:59:48 +01:00
Iain Sproat 59c0b7ada0 feat(helm): rate limits are configurable via helm chart (#1507) 
* feat(helm): rate limits are configurable via helm chart
* Document server.monitoring.mp
* Update schema.json
 2023-04-07 15:17:03 +01:00
Iain Sproat 2a35fe6178 fix(ratelimit): reduce /graphql limit based on incident (#1505) 2023-04-07 12:49:45 +01:00
Iain Sproat cff0fa8e31 chore(deps): bump node images to 18.15.0 (#1500) 2023-04-05 12:15:26 +01:00
Kristaps Fabians Geikins 483a28c211 fix(server): correct server_id format (#1495) 2023-03-30 16:37:24 +03:00
Kristaps Fabians Geikins 5d5c0e012f feat(server): awaitable track calls (#1493) 2023-03-30 15:54:24 +03:00
Iain Sproat aee6de9ee0 fix(helm): network policy should allow egress to analytics.speckle.sy… (#1494) 
* fix(helm): network policy should allow egress to analytics.speckle.systems
- previously only allowed DNS lookup

* matchName not matchPattern on analytics.speckle.systems
 2023-03-30 14:52:02 +02:00
Kristaps Fabians Geikins 9f50a11188 feat(server): extra server tracking props + better logging (#1492) 2023-03-30 15:04:11 +03:00
Iain Sproat ca0c0437f1 Fix network policies (#1491) 
* fix(helm): fix logic in networkpolicies to check for existence of object
- object must exist before we can query its parameters
- if the 'mp' object is set and it is explicitly set to 'false' then the endpoint is blocked, otherwise it is allowed.

* fix(helm chart): accessing an unset object in the second part of an and statement breaks helm

* fix(helm): cilium network policy updated to put mp within monitoring object
 2023-03-30 11:23:29 +01:00
Iain Sproat 03bc5a4ead fix(helm): fix logic in networkpolicies to check for existence of object (#1490) 
- object must exist before we can query its parameters
- if the 'mp' object is set and it is explicitly set to 'false' then the endpoint is blocked, otherwise it is allowed.
 2023-03-30 10:52:03 +01:00
Kristaps Fabians Geikins 5d0fceaaf3 feat: proper sign up tracking (#1489) 
* feat: register flag passed to fe

* feat: mixpanel tracking for all sign ups

* feat: utm first touch & last touch tracking

* feat(helm): Allows Environment Variable for MP to be configured
- default is enabled
- renames environment variable to ENABLE_MP

* feat(helm network policy): allowlist analytics.speckle.systems

---------

Co-authored-by: Iain Sproat <68657+iainsproat@users.noreply.github.com>
 2023-03-30 12:21:59 +03:00
Alexandru Popovici 9b6be5ba52 Disabled rendering of line-based geometry in the shadowcatcher pass (#1476) 2023-03-23 14:04:05 +02:00
dependabot[bot] 4ebb776feb chore(deps-dev): bump webpack from 5.72.0 to 5.76.0 (#1456) 
Bumps [webpack](https://github.com/webpack/webpack) from 5.72.0 to 5.76.0.
- [Release notes](https://github.com/webpack/webpack/releases)
- [Commits](https://github.com/webpack/webpack/compare/v5.72.0...v5.76.0)

---
updated-dependencies:
- dependency-name: webpack
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-16 12:27:44 +00:00
Iain Sproat 3bec105c03 ci(version number): fix version number to have build number before commit number (#1458) 
- helm charts are sorted in descending order. As the commit sha is not an incremented value and is effectively random, it was breaking the Helm Chart index
 2023-03-15 16:40:49 +00:00
Gergő Jedlicska 0be2d5ee54 fix: (server password reset): email mjml was missing mj tags (#1452) 2023-03-14 10:41:00 +01:00
Iain Sproat 05838ac479 chore(server/fileimports): add more logging around file import failures (#1429) 2023-03-13 14:43:49 +00:00
Gergő Jedlicska c4454c2ede refactor(server email templates): use the mjml ejs rendering for all emails (#1448) 
* refactor(server email templates): use the mjml ejs rendering for all emails

* fix(server access request): await the server info pls
 2023-03-13 15:07:13 +01:00
Gergő Jedlicska 4e3e1de8d2 gergo/invalid token throw (#1444) 
* fix(server authz): make sure to forbid access with invalid tokens

fix #927

* test(server authz tests): update tests to reflect the changes in the invalid token forbidden flow
 2023-03-13 14:07:49 +01:00
Iain Sproat 87e8d08e64 chore(deps): bump node to 18.15.0 (#1446) 2023-03-10 11:01:30 +00:00
Iain Sproat c461397aa2 fix(helm): schema.json now matches values file (#1445) 
- small typo fix to values.yaml documentation
 2023-03-10 10:39:26 +00:00
Iain Sproat 0652af4033 fix(server): preview REST endpoint shall return 403 not 500 if no permissions (#1443) 2023-03-09 12:11:40 +00:00
Dimitrie Stefanescu c05f39556a Merge pull request #1441 from specklesystems/alex/instances 
Alex/instances
 2023-03-08 13:54:44 +00:00
AlexandruPopovici f187510467 Merged 2023-03-08 14:34:37 +02:00
Gergő Jedlicska 560d544daf fix(server emails): outlook doesnt support linear gradients in css (#1439) 
* fix(server emails): outlook doesnt support linear gradients in css

* using the same bg color in the default eamil template
 2023-03-07 18:26:09 +01:00
dependabot[bot] a647f72969 chore(deps): bump dns-packet from 5.3.1 to 5.4.0 (#1435) 
Bumps [dns-packet](https://github.com/mafintosh/dns-packet) from 5.3.1 to 5.4.0.
- [Release notes](https://github.com/mafintosh/dns-packet/releases)
- [Changelog](https://github.com/mafintosh/dns-packet/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mafintosh/dns-packet/compare/v5.3.1...5.4.0)

---
updated-dependencies:
- dependency-name: dns-packet
  dependency-type: indirect
...

I checked as to what depends on it, it's a part of preview-service that we shouldn't be using at all:
```
yarn why dns-packet -R
└─ @speckle/preview-service@workspace:packages/preview-service
   └─ webpack-dev-server@npm:4.9.0 [1ebc8] (via npm:^4.6.0 [1ebc8])
      └─ bonjour-service@npm:1.0.12 (via npm:^1.0.11)
         └─ multicast-dns@npm:7.2.4 (via npm:^7.2.4)
            └─ dns-packet@npm:5.3.1 (via npm:^5.2.2)
```

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-07 12:13:03 +00:00
AlexandruPopovici b2e1737617 Fixed compile error 2023-03-06 17:46:40 +02:00
Alexandru Popovici 3932a4bb93 Occlusion queries no longer report the ocluding speckle object, only it's id. This avoids walking the tree to fetch the object itself, which is unused in 99% of uses cases for occlusion testing. If the users need the object itself, they can still fetch it via the viewer API using it's id. This improves total occlusion query speed by 30-100x (#1438) 2023-03-06 17:33:34 +02:00
Gergő Jedlicska 7d8ff2048a fix(test): make sure users are created sequentially (#1437) 2023-03-06 14:40:35 +01:00
Alexandru Popovici 7bac769180 Fixed the issue with polycurve elements being conveted twice. Added the concept of nesteNodes in NodeData interface, but I'm wary of using it extensively (#1436) 2023-03-03 16:17:23 +02:00
AlexandruPopovici 06fc06adf5 Implemented hosted revit instances not stacking their host's transformation 2023-03-02 17:00:34 +02:00
AlexandruPopovici e037b310e5 Disabled tonemapping for point and point cloud materials 2023-03-02 13:13:57 +02:00
Iain Sproat cdd1a771ac fix(fileimport): should not fail if filetype is upper or mixed case (#1427) 2023-03-01 16:32:57 +00:00
Iain Sproat d8b7123ed0 chore(deps): bump node from 18.14.0 to 18.14.2 (#1426) 2023-03-01 12:16:55 +00:00
AlexandruPopovici cc2a68f6ea RevitInstances now always stack transforms 2023-03-01 11:52:39 +02:00