sascha
/
Notes
mirror of https://github.com/TriliumNext/Notes
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,141 Commits
21 Branches
339 Tags
369 MiB
Commit Graph

10141 Commits (ec19ccd7a7287fbefdec306aae3266e79150b5c8)
 

Author SHA1 Message Date
Panagiotis Papadopoulos ec19ccd7a7 fix(csrf): stop leaking the CSRF token in the server logs 
As per OWASP:
"A CSRF token must not be leaked in the server logs or in the URL.", see:
https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#transmissing-csrf-tokens-in-synchronized-patterns
 2025-01-16 21:16:33 +07:00
Elian Doran 283a12b0d5
Merge pull request #960 from pano9000/fix_csrf-csrf_existing_cookie 
fix(csrf): fix handling of existing _csrf cookies
 2025-01-16 21:53:09 +07:00
Panagiotis Papadopoulos 139bf3dcdf fix(csrf): use generateCsrfToken with more "user friendly" settings 
fixes the case, where existing TriliumNext users, will get
a "Invalid CSRF Token" Message, when they have an older
_csrf token in their cookies from a previous installation/visit.
the settings now will handle these cases in the background automatically.

also fixes #950
 2025-01-16 20:14:23 +07:00
Panagiotis Papadopoulos 6dd8ab31d5 refactor(csrf): export generateToken utility 2025-01-16 20:14:23 +07:00
Panagiotis Papadopoulos e3d89ce2a5 refactor(csrf): move csrf to own file 2025-01-16 20:14:23 +07:00
Elian Doran edc6b983ac
Merge remote-tracking branch 'origin/master' into develop 2025-01-16 18:36:35 +07:00
Elian Doran d684440c1f
fix(client): undefined entity in some cases 2025-01-16 18:36:29 +07:00
Elian Doran 1e182f5820
chore(client/ts): port mermaid 2025-01-16 18:20:23 +07:00
Elian Doran 5ca876ca62
fix(mobile): force grouping in editing toolbar 2025-01-16 16:41:52 +07:00
Elian Doran 187ef60350
feat(mobile): disable overscroll for toolbar 2025-01-16 16:32:47 +07:00
Elian Doran 706b011b23
feat(mobile): enforce classic editor 2025-01-16 16:29:51 +07:00
Elian Doran 6f2538a070
feat(mobile): hide editing toolbar on non-text note 2025-01-16 16:14:37 +07:00
Elian Doran 6caddc8004
fix(mobile): position of editing toolbar on tablet mode 2025-01-16 16:09:11 +07:00
Elian Doran 0cab891d2e
chore(client/ts): port classic_editor_toolbar 2025-01-16 15:51:58 +07:00
Elian Doran 1d6e3af9aa
fix(mobile): position of editing toolbar 2025-01-16 15:48:56 +07:00
Elian Doran c8b745bc6a
Merge pull request #952 from TriliumNext/renovate/node-22.x 
chore(deps): update dependency @types/node to v22.10.7
 2025-01-16 10:49:07 +07:00
Elian Doran d1be673763
Merge pull request #953 from TriliumNext/renovate/better-sqlite3-11.x-lockfile 
fix(deps): update dependency better-sqlite3 to v11.8.0
 2025-01-16 10:45:59 +07:00
Elian Doran 2fbfc9d668
Merge pull request #946 from TriliumNext/renovate/electron-34.x 
chore(deps): update dependency electron to v34
 2025-01-16 10:43:33 +07:00
renovate[bot] b77f8aeb43
fix(deps): update dependency better-sqlite3 to v11.8.0 2025-01-16 00:56:43 +07:00
renovate[bot] 01b88c52ef
chore(deps): update dependency @types/node to v22.10.7 2025-01-16 00:56:32 +07:00
Elian Doran 4c451753bc
chore(build): remove redundant npx 2025-01-15 19:11:26 +07:00
Elian Doran 7076c4cbd6
chore(deps): update better-sqlite3 to 11.8.0 2025-01-15 19:11:05 +07:00
renovate[bot] 0eab68e8d1
chore(deps): update dependency electron to v34 2025-01-15 02:07:18 +07:00
Elian Doran 7dfeb20678
Merge pull request #936 from pano9000/fix_views-deprecated-meta-tag 
fix(views): replace deprecated meta tag
 2025-01-14 23:51:46 +07:00
Elian Doran 155900929f
Merge pull request #945 from hasecilu/i18n/Spanish 
Update Spanish translation
 2025-01-14 23:19:46 +07:00
hasecilu 3486e566ae
chore(code): be more explicit on config for json files 
To avoid changing end line character of translation files
 2025-01-14 13:26:40 +07:00
hasecilu 7f9e42abbd
chore(i18n): update Spanish translation 2025-01-14 13:26:39 +07:00
Elian Doran c1211647ab
Merge pull request #940 from pano9000/chore_npm-script-start-test-server 
chore(scripts): update `start-test-server` script
 2025-01-14 21:26:09 +07:00
Elian Doran 8a7a607fcb
Merge pull request #926 from pano9000:refactor_backend_log 
refactor(backend_log): improve `getBackendLog`
 2025-01-14 20:41:29 +07:00
Elian Doran 3f612a1b70
Merge pull request #864 from pano9000/refactor_replace-csurf 
refactor: replace csurf with csrf-csrf
 2025-01-14 20:33:29 +07:00
Elian Doran c8c501d717
Merge branch 'develop' into refactor_replace-csurf 2025-01-14 20:32:52 +07:00
Elian Doran 7dabe33eb2
chore(git): mark root package-lock as auto-generated 2025-01-14 20:32:30 +07:00
Elian Doran eb1af98830
Merge pull request #880 from pano9000/refactor_data_dir 
refactor(data_dir): simplify logic and make code robust and testable
 2025-01-14 20:20:32 +07:00
Elian Doran 3c0e4b842a
Merge pull request #941 from process/ck-logging 
Add server logging for CKEditor state changes
 2025-01-14 20:18:06 +07:00
Elian Doran 73053a8728
Merge pull request #928 from TriliumNext/renovate/mind-elixir-4.x 
fix(deps): update dependency mind-elixir to v4.3.6
 2025-01-14 20:15:24 +07:00
Elian Doran f478985761
chore(ci): define relations between dev jobs 2025-01-14 20:09:16 +07:00
Elian Doran 0221039ebe
fix(client/ts): fix build errors & define command to event bridge 2025-01-14 20:08:57 +07:00
Elian Doran ef28445de6
Merge pull request #935 from pano9000/fix_deps-update-deprecated-electron 
fix(deps): update deprecated electron packages
 2025-01-14 19:23:44 +07:00
Elian Doran acf34addf4
Merge pull request #937 from TriliumNext/renovate/node-22.x 
chore(deps): update dependency @types/node to v22.10.6
 2025-01-14 19:22:57 +07:00
Elian Doran cf2535cb92
Merge branch 'develop' into renovate/mind-elixir-4.x 2025-01-14 19:22:34 +07:00
Elian Doran 73719407ba
Merge pull request #929 from TriliumNext/renovate/ts-loader-9.x 
fix(deps): update dependency ts-loader to v9.5.2
 2025-01-14 19:22:18 +07:00
Elian Doran 331b2252f2
chore(e2e): rename incorrect test suite 2025-01-14 19:19:46 +07:00
Elian Doran 580bebb4a3
chore(client/ts): port mind_map 2025-01-14 19:18:44 +07:00
Elian Doran e16f4a1a71
chore(client/ts): port type_widget 2025-01-14 19:12:29 +07:00
Elian Doran 353156e625
fix(mindmap): not working due to dependency change 2025-01-14 18:47:42 +07:00
Elian Doran 62fbf3ffd0
Merge branch 'develop' into renovate/mind-elixir-4.x 2025-01-14 12:38:34 +07:00
Elian Doran 2dfac783ce
fix(ci): conflict in name of playwright report artifact 2025-01-14 11:55:04 +07:00
Justin Chines b173429dc5 Add more logging of CKEditor crashes 2025-01-14 15:39:04 +07:00
Justin Chines 7768511fe6 Add server logging for CKEditor state changes 2025-01-14 15:38:13 +07:00
Panagiotis Papadopoulos 0572f22121 chore(scripts): replace ts-node with nodemon in `start-test-server` 
keep the same structure as the other scripts, which all use nodemon.
`ts-node` wasn't even working before, it was throwing an "unknown file extension […] for main.ts" error
 2025-01-14 08:31:07 +07:00