letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
2,698 Commits 2 Branches 1 Tag
52b260fdcf080c99eeeb2d1f34c74da5f5e9dbf8
Commit Graph

2698 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin Gliech
52b260fdcf Deprecate the ProvisionDeviceJob and DeleteDeviceJob jobs 2024-07-16 09:32:07 +02:00
Quentin Gliech
16d309fff4 Provision the devices synchronously 
This means Synapse won't have to provision them on the fly anymore
 2024-07-16 09:32:07 +02:00
Quentin Gliech
fa218d2cac Don't hold the database connection for too long 2024-07-16 09:32:07 +02:00
Quentin Gliech
f5e189304e Fully sync the devices with the homeserver 2024-07-16 09:32:07 +02:00
reivilibre
a4891fa9ef Backend work to support minimum password complexity (#2965) 
* config: Add minimum password complexity option

* PasswordManager: add function for checking if complexity is sufficient

* Enforce password complexity on registration, change and recovery

* cli: Use exit code 1 for weak passwords

This seems preferable to exit code 0, but ideally we should choose one
and document it.

* Expose minimum password complexity score over GraphQL
 2024-07-11 10:17:39 +01:00
dependabot[bot]
5a4ed20733 build(deps): bump matrix-org/done-action from 2 to 3 
Bumps [matrix-org/done-action](https://github.com/matrix-org/done-action) from 2 to 3.
- [Release notes](https://github.com/matrix-org/done-action/releases)
- [Commits](https://github.com/matrix-org/done-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: matrix-org/done-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-08 23:19:27 +02:00
Quentin Gliech
09ddf8de7c graphql: users query to list users with a few filters 2024-07-05 13:44:14 +02:00
Quentin Gliech
210d35b29b graphql: move the users queries to their own module 2024-07-05 13:44:14 +02:00
Quentin Gliech
b597292d6f storage: methods to list and count users with filters and pagination 2024-07-05 13:44:14 +02:00
dependabot[bot]
b8e6ca2f5a build(deps): bump serde_with from 3.8.2 to 3.8.3 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.8.2 to 3.8.3.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.8.2...v3.8.3)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-05 10:29:10 +02:00
Christian Tramnitz
b52342cee5 Fix RFC1918 network in default proxy configuration (#2908) 2024-07-05 08:22:39 +00:00
dependabot[bot]
88c020f6ce build(deps): bump docker/bake-action from 5.2.0 to 5.3.0 
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 5.2.0 to 5.3.0.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](https://github.com/docker/bake-action/compare/v5.2.0...v5.3.0)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-05 10:22:30 +02:00
dependabot[bot]
4cd3675e96 build(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v3.3.0...v3.4.0)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-05 10:22:21 +02:00
dependabot[bot]
01e9eeec43 build(deps-dev): bump typescript from 5.5.2 to 5.5.3 in /frontend 
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.5.2 to 5.5.3.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.5.2...v5.5.3)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-05 10:21:03 +02:00
dependabot[bot]
fe9e04b71d build(deps): bump @vector-im/compound-web in /frontend 
Bumps [@vector-im/compound-web](https://github.com/vector-im/compound-web) from 5.1.1 to 5.2.2.
- [Release notes](https://github.com/vector-im/compound-web/releases)
- [Commits](https://github.com/vector-im/compound-web/compare/v5.1.1...v5.2.2)

---
updated-dependencies:
- dependency-name: "@vector-im/compound-web"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-05 10:20:52 +02:00
Quentin Gliech
d42f09cd45 Fix a reference in a doc comment 2024-07-05 10:07:40 +02:00
Quentin Gliech
2296d240c2 Initialize the crypto backend in the mas-oidc-client tests 2024-07-05 10:07:40 +02:00
Quentin Gliech
6ec7469123 Update the schema 2024-07-05 10:07:40 +02:00
Quentin Gliech
488cc564b9 Update some dependencies and the cargo-deny allowlist 2024-07-05 10:07:40 +02:00
Quentin Gliech
85186682d7 Fix mas-cli 
This does a few things:

 - move `bytes` to workspace dependencies
 - write an hyper-based transport for Sentry
 - ignore OTEL errors related to propagations
 - fix everything else in mas-cli
 2024-07-05 10:07:40 +02:00
Quentin Gliech
cb3477dd52 Move Sentry to the workspace dependencies and upgrade 2024-07-05 10:07:40 +02:00
Quentin Gliech
5162e1d5ef Write an adapter for opentelemetry-http 2024-07-05 10:07:40 +02:00
Quentin Gliech
6cece5a3f6 mas-iana-codegen: use rustls not the native TLS stack 2024-07-05 10:07:40 +02:00
Quentin Gliech
4eed3b1efd Upgrade async-graphql, fix mas-handlers & mas-axum-utils tests 
This also replaces the init_tracing test helper with a general setup
test helper, so that it also initializes the rustls crypto backend.
 2024-07-05 10:07:40 +02:00
Quentin Gliech
cd899abed9 Move tower-http dep to the workspace and adapt mas-axum-utils 
We removed here the Timeout layer on the HTTP client service, because it
required the body to be Default, which isn't the case anymore. Not sure
what to do about it.
 2024-07-05 10:07:40 +02:00
Quentin Gliech
1e2d2a5139 Fix the mas-http tests 2024-07-05 10:07:40 +02:00
Quentin Gliech
623ae96dce Remove the client features from mas-oidc-client and replace it in tests 2024-07-05 10:07:40 +02:00
Quentin Gliech
f46f55a05b Upgrade rustls and update mas-http client bits 2024-07-05 10:07:40 +02:00
Quentin Gliech
391fc5c235 Update mas-iana-codegen to use reqwest 2024-07-05 10:07:40 +02:00
Quentin Gliech
064d28c35f Upgrade headers and adapt mas-tower tracer context utils 2024-07-05 10:07:40 +02:00
Quentin Gliech
16b953cfe4 Upgrade most HTTP/Hyper crates and make mas-listener work 2024-07-05 10:07:40 +02:00
Quentin Gliech
dd79a2afd2 Support SSL postgres connections in syn2mas 2024-07-05 09:54:18 +02:00
Quentin Gliech
5448515388 Document the new SSL options 2024-07-05 09:54:18 +02:00
Quentin Gliech
cb92ef9df6 Box the CLI command futures to reduce the size of the try_main future 2024-07-05 09:54:18 +02:00
Quentin Gliech
65c416ff2e New config options to set the database certificates 2024-07-05 09:54:18 +02:00
Quentin Gliech
4dffeaca30 Update locked dependencies 2024-07-01 17:09:28 +02:00
Quentin Gliech
0c147735d7 Bump hyper 0.14.28 -> 0.14.29 2024-07-01 17:09:28 +02:00
dependabot[bot]
b6f8c22dae build(deps-dev): bump typescript from 5.4.5 to 5.5.2 in /frontend 
Bumps [typescript](https://github.com/Microsoft/TypeScript) from 5.4.5 to 5.5.2.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v5.4.5...v5.5.2)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 15:45:16 +02:00
dependabot[bot]
29ae66feae build(deps-dev): bump prettier from 3.2.5 to 3.3.2 in /frontend 
Bumps [prettier](https://github.com/prettier/prettier) from 3.2.5 to 3.3.2.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/3.2.5...3.3.2)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 13:41:16 +02:00
dependabot[bot]
f77a3b2c35 build(deps): bump @vector-im/compound-web in /frontend 
Bumps [@vector-im/compound-web](https://github.com/vector-im/compound-web) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/vector-im/compound-web/releases)
- [Commits](https://github.com/vector-im/compound-web/compare/v5.1.0...v5.1.1)

---
updated-dependencies:
- dependency-name: "@vector-im/compound-web"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 13:41:04 +02:00
dependabot[bot]
25726e6e43 build(deps-dev): bump tailwindcss from 3.4.3 to 3.4.4 in /frontend 
Bumps [tailwindcss](https://github.com/tailwindlabs/tailwindcss) from 3.4.3 to 3.4.4.
- [Release notes](https://github.com/tailwindlabs/tailwindcss/releases)
- [Changelog](https://github.com/tailwindlabs/tailwindcss/blob/v3.4.4/CHANGELOG.md)
- [Commits](https://github.com/tailwindlabs/tailwindcss/compare/v3.4.3...v3.4.4)

---
updated-dependencies:
- dependency-name: tailwindcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 13:40:50 +02:00
dependabot[bot]
12c875c66d build(deps): bump zeroize from 1.7.0 to 1.8.1 
Bumps [zeroize](https://github.com/RustCrypto/utils) from 1.7.0 to 1.8.1.
- [Commits](https://github.com/RustCrypto/utils/compare/zeroize-v1.7.0...zeroize-v1.8.1)

---
updated-dependencies:
- dependency-name: zeroize
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 13:40:43 +02:00
dependabot[bot]
a4c7a2a7ac build(deps): bump psl from 2.1.48 to 2.1.49 
Bumps [psl](https://github.com/addr-rs/psl) from 2.1.48 to 2.1.49.
- [Release notes](https://github.com/addr-rs/psl/releases)
- [Commits](https://github.com/addr-rs/psl/compare/v2.1.48...v2.1.49)

---
updated-dependencies:
- dependency-name: psl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 13:40:37 +02:00
Quentin Gliech
8acaa8a08a Add old itertools version to the cargo-deny allow list 2024-07-01 12:46:21 +02:00
dependabot[bot]
a814f6b26e build(deps): bump itertools from 0.12.1 to 0.13.0 
Bumps [itertools](https://github.com/rust-itertools/itertools) from 0.12.1 to 0.13.0.
- [Changelog](https://github.com/rust-itertools/itertools/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rust-itertools/itertools/compare/v0.12.1...v0.13.0)

---
updated-dependencies:
- dependency-name: itertools
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 12:46:21 +02:00
dependabot[bot]
7dbb68e55f build(deps-dev): bump rimraf from 5.0.5 to 5.0.7 in /frontend 
Bumps [rimraf](https://github.com/isaacs/rimraf) from 5.0.5 to 5.0.7.
- [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/rimraf/compare/v5.0.5...v5.0.7)

---
updated-dependencies:
- dependency-name: rimraf
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 12:36:11 +02:00
dependabot[bot]
e91fd211d5 build(deps-dev): bump postcss from 8.4.38 to 8.4.39 in /frontend 
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.38 to 8.4.39.
- [Release notes](https://github.com/postcss/postcss/releases)
- [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md)
- [Commits](https://github.com/postcss/postcss/compare/8.4.38...8.4.39)

---
updated-dependencies:
- dependency-name: postcss
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 12:36:03 +02:00
dependabot[bot]
36a85d86ec build(deps): bump graphql from 16.8.1 to 16.9.0 in /frontend 
Bumps [graphql](https://github.com/graphql/graphql-js) from 16.8.1 to 16.9.0.
- [Release notes](https://github.com/graphql/graphql-js/releases)
- [Commits](https://github.com/graphql/graphql-js/compare/v16.8.1...v16.9.0)

---
updated-dependencies:
- dependency-name: graphql
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 12:35:55 +02:00
dependabot[bot]
d1d64a048a build(deps): bump serde_with from 3.8.1 to 3.8.2 
Bumps [serde_with](https://github.com/jonasbb/serde_with) from 3.8.1 to 3.8.2.
- [Release notes](https://github.com/jonasbb/serde_with/releases)
- [Commits](https://github.com/jonasbb/serde_with/compare/v3.8.1...v3.8.2)

---
updated-dependencies:
- dependency-name: serde_with
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 12:35:29 +02:00
dependabot[bot]
f3eea8ba73 build(deps): bump serde_json from 1.0.118 to 1.0.119 
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.118 to 1.0.119.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.118...v1.0.119)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-01 12:35:22 +02:00