letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
6,861 Commits 2 Branches 1 Tag
b15626a4ce904ae691ce309dfd95689a851d7c19
Commit Graph

6861 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Letro Bot
b15626a4ce Merge pull request #1 from p-num/fix/build-docker-name 
fix: rename docker repo name
 2026-04-02 17:43:15 +03:30
Letro Bot
2e163af910 fix: rename docker repo name 2026-04-02 16:52:25 +03:30
Quentin Gliech
10870eb334 Automatic merge back to main (#5593) 2026-03-31 19:01:43 +02:00
github-actions[bot]
66471ef3f1 1.15.0-rc.0 2026-03-31 11:54:23 +00:00
Quentin Gliech
89909ccd9c Update command to list admin users in CLI docs (#5589) 2026-03-31 13:53:13 +02:00
Quentin Gliech
c129fbc613 build(deps): bump the opentelemetry group across 1 directory with 2 updates (#5567) 2026-03-31 13:18:52 +02:00
Quentin Gliech
ede4ae6450 Use get_otel_context instead of accessing OtelData directly 
`OtelData` is going to become private in a future version of
`tracing-opentelemetry`. Use the new `get_otel_context` function
introduced in 0.32.1 to extract the trace ID from the span context.
 2026-03-31 12:24:08 +02:00
Quentin Gliech
e3909fccd4 build(deps-dev): bump the graphql-codegen group in /frontend with 3 updates (#5549) 2026-03-31 12:20:05 +02:00
Quentin Gliech
b70bad3120 build(deps-dev): bump happy-dom from 20.5.0 to 20.8.9 in /frontend (#5590) 2026-03-31 12:16:04 +02:00
Quentin Gliech
f6e1fdd927 build(deps): bump codecov/codecov-action from 5.5.2 to 6.0.0 (#5585) 2026-03-31 12:08:09 +02:00
Quentin Gliech
a0ccf27ce9 build(deps): bump picomatch in /frontend (#5581) 2026-03-31 12:07:48 +02:00
Quentin Gliech
ff4e5449e8 build(deps): bump sigstore/cosign-installer from 4.1.0 to 4.1.1 (#5584) 2026-03-31 12:06:41 +02:00
Quentin Gliech
a0d0d07dc5 build(deps): bump actions/deploy-pages from 4.0.5 to 5.0.0 (#5583) 2026-03-31 12:06:31 +02:00
Quentin Gliech
1225439acc Fix scheduled jobs automatic cleanup not working in some conditions (#5574) 2026-03-31 12:05:33 +02:00
Quentin Gliech
2ed7c3529b Enable the tls-provider-agnostic feature of opentelemetry-otlp 2026-03-31 12:03:55 +02:00
dependabot[bot]
b0d11e75db build(deps-dev): bump happy-dom from 20.5.0 to 20.8.9 in /frontend 
Bumps [happy-dom](https://github.com/capricorn86/happy-dom) from 20.5.0 to 20.8.9.
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v20.5.0...v20.8.9)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.8.9
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-31 10:03:53 +00:00
dependabot[bot]
dcf9ecdbce build(deps-dev): bump the graphql-codegen group 
Bumps the graphql-codegen group in /frontend with 3 updates: [@graphql-codegen/cli](https://github.com/dotansimha/graphql-code-generator/tree/HEAD/packages/graphql-codegen-cli), [@graphql-codegen/client-preset](https://github.com/dotansimha/graphql-code-generator/tree/HEAD/packages/presets/client) and [@graphql-codegen/typescript-msw](https://github.com/dotansimha/graphql-code-generator-community/tree/HEAD/packages/plugins/typescript/msw).


Updates `@graphql-codegen/cli` from 6.1.2 to 6.1.3
- [Release notes](https://github.com/dotansimha/graphql-code-generator/releases)
- [Changelog](https://github.com/dotansimha/graphql-code-generator/blob/master/packages/graphql-codegen-cli/CHANGELOG.md)
- [Commits](https://github.com/dotansimha/graphql-code-generator/commits/@graphql-codegen/typed-document-node@6.1.3/packages/graphql-codegen-cli)

Updates `@graphql-codegen/client-preset` from 5.2.3 to 5.2.4
- [Release notes](https://github.com/dotansimha/graphql-code-generator/releases)
- [Changelog](https://github.com/dotansimha/graphql-code-generator/blob/master/packages/presets/client/CHANGELOG.md)
- [Commits](https://github.com/dotansimha/graphql-code-generator/commits/HEAD/packages/presets/client)

Updates `@graphql-codegen/typescript-msw` from 3.0.1 to 4.0.0
- [Release notes](https://github.com/dotansimha/graphql-code-generator-community/releases)
- [Changelog](https://github.com/dotansimha/graphql-code-generator-community/blob/main/packages/plugins/typescript/msw/CHANGELOG.md)
- [Commits](https://github.com/dotansimha/graphql-code-generator-community/commits/@graphql-codegen/typescript-msw@4.0.0/packages/plugins/typescript/msw)

---
updated-dependencies:
- dependency-name: "@graphql-codegen/cli"
  dependency-version: 6.1.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: graphql-codegen
- dependency-name: "@graphql-codegen/client-preset"
  dependency-version: 5.2.4
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: graphql-codegen
- dependency-name: "@graphql-codegen/typescript-msw"
  dependency-version: 4.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: graphql-codegen
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-31 10:02:25 +00:00
Quentin Gliech
651619562a build(deps): bump minimatch in /frontend (#5534) 2026-03-31 11:59:10 +02:00
Quentin Gliech
92c5aca937 build(deps-dev): bump the vitest group in /frontend with 2 updates (#5576) 2026-03-31 11:58:41 +02:00
Quentin Gliech
e60cbd8298 build(deps-dev): bump the storybook group in /frontend with 3 updates (#5561) 2026-03-31 11:58:04 +02:00
beposec
0efa7f19f6 Update command to list admin users in CLI docs 
There was a wrong example in the Codeblock.
 2026-03-27 18:20:13 +01:00
dependabot[bot]
76d79ba589 build(deps): bump the opentelemetry group across 1 directory with 2 updates 
Bumps the opentelemetry group with 2 updates in the / directory: [opentelemetry-otlp](https://github.com/open-telemetry/opentelemetry-rust) and [tracing-opentelemetry](https://github.com/tokio-rs/tracing-opentelemetry).


Updates `opentelemetry-otlp` from 0.31.0 to 0.31.1
- [Release notes](https://github.com/open-telemetry/opentelemetry-rust/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-rust/blob/main/docs/release_0.30.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-rust/compare/v0.31.0...opentelemetry-otlp-0.31.1)

Updates `tracing-opentelemetry` from 0.32.0 to 0.32.1
- [Release notes](https://github.com/tokio-rs/tracing-opentelemetry/releases)
- [Changelog](https://github.com/tokio-rs/tracing-opentelemetry/blob/v0.1.x/CHANGELOG.md)
- [Commits](https://github.com/tokio-rs/tracing-opentelemetry/compare/v0.32.0...v0.32.1)

---
updated-dependencies:
- dependency-name: opentelemetry-otlp
  dependency-version: 0.31.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
- dependency-name: tracing-opentelemetry
  dependency-version: 0.32.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: opentelemetry
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-26 14:04:44 +00:00
dependabot[bot]
37ae3e7a10 build(deps-dev): bump the vitest group in /frontend with 2 updates 
Bumps the vitest group in /frontend with 2 updates: [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `@vitest/coverage-v8` from 4.1.0 to 4.1.1
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.1/packages/coverage-v8)

Updates `vitest` from 4.1.0 to 4.1.1
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.1/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vitest
- dependency-name: vitest
  dependency-version: 4.1.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vitest
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-26 14:04:01 +00:00
dependabot[bot]
6e0002a8ee build(deps-dev): bump the storybook group in /frontend with 3 updates 
Bumps the storybook group in /frontend with 3 updates: [@storybook/addon-docs](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs), [@storybook/react-vite](https://github.com/storybookjs/storybook/tree/HEAD/code/frameworks/react-vite) and [storybook](https://github.com/storybookjs/storybook/tree/HEAD/code/core).


Updates `@storybook/addon-docs` from 10.2.19 to 10.3.0
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.3.0/code/addons/docs)

Updates `@storybook/react-vite` from 10.2.19 to 10.3.0
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.3.0/code/frameworks/react-vite)

Updates `storybook` from 10.2.19 to 10.3.0
- [Release notes](https://github.com/storybookjs/storybook/releases)
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md)
- [Commits](https://github.com/storybookjs/storybook/commits/v10.3.0/code/core)

---
updated-dependencies:
- dependency-name: "@storybook/addon-docs"
  dependency-version: 10.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: storybook
- dependency-name: "@storybook/react-vite"
  dependency-version: 10.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: storybook
- dependency-name: storybook
  dependency-version: 10.3.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: storybook
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-26 14:03:31 +00:00
dependabot[bot]
9f97a54219 build(deps): bump codecov/codecov-action from 5.5.2 to 6.0.0 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.2 to 6.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v5.5.2...v6.0.0)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-26 14:02:32 +00:00
dependabot[bot]
fd683e7e5c build(deps): bump sigstore/cosign-installer from 4.1.0 to 4.1.1 
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/v4.1.0...v4.1.1)

---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
  dependency-version: 4.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-26 14:02:19 +00:00
dependabot[bot]
014d705959 build(deps): bump actions/deploy-pages from 4.0.5 to 5.0.0 
Bumps [actions/deploy-pages](https://github.com/actions/deploy-pages) from 4.0.5 to 5.0.0.
- [Release notes](https://github.com/actions/deploy-pages/releases)
- [Commits](https://github.com/actions/deploy-pages/compare/v4.0.5...v5.0.0)

---
updated-dependencies:
- dependency-name: actions/deploy-pages
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-26 14:02:16 +00:00
dependabot[bot]
72f455009b build(deps): bump picomatch in /frontend 
Bumps  and [picomatch](https://github.com/micromatch/picomatch). These dependencies needed to be updated together.

Updates `picomatch` from 2.3.1 to 2.3.2
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2)

Updates `picomatch` from 4.0.3 to 4.0.4
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2)

---
updated-dependencies:
- dependency-name: picomatch
  dependency-version: 2.3.2
  dependency-type: indirect
- dependency-name: picomatch
  dependency-version: 4.0.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-26 07:24:03 +00:00
Eric Eastwood
9b5a03d2d3 Convert ViolationCode into ViolationVariant to allow adding fields on each variant (#5553) 
Concretely, for the [device](https://github.com/element-hq/matrix-authentication-service/issues/4339) [limiting](https://github.com/element-hq/backend-internal/issues/199) stuff, we'll need the policy to be able to tell MAS how many sessions should be removed before the user can log in.
This way the UI will be able to guide the user through it.

Intended to look something like:
```rust
ViolationVariant::TooManySessions {
    /// How many devices to remove
    need_to_remove: u32
}
```
 2026-03-25 17:23:29 -05:00
Eric Eastwood
3bd6172d54 Add warning/note when removing devices (#5580) 
Part of https://github.com/element-hq/matrix-authentication-service/issues/4339 / https://github.com/element-hq/backend-internal/issues/199 tracking work to limit number of devices.
 2026-03-25 17:20:31 -05:00
Eric Eastwood
e4b08f9006 Explain code being splatted 
See https://github.com/element-hq/matrix-authentication-service/pull/5553#discussion_r2984636426
 2026-03-25 13:12:15 -05:00
Eric Eastwood
84e51ef62b Don't touch non-source languages 
See https://github.com/element-hq/matrix-authentication-service/pull/5580#discussion_r2988616667
 2026-03-25 13:08:47 -05:00
Eric Eastwood
2ea96309dd Explain how to enable account registration for local dev (#5579) 
Spawning from developing MAS for the first time and wondering how to get things to work.
 2026-03-25 09:26:25 -05:00
Eric Eastwood
f3d04eedac Merge branch 'main' into rei/violations_are_tagged 2026-03-24 16:42:47 -05:00
Eric Eastwood
da38c28622 Run lints 2026-03-24 16:38:35 -05:00
Eric Eastwood
c74f1cf4fe Add warning/note when removing devices 2026-03-24 16:31:10 -05:00
Eric Eastwood
f449900e4c Explain how to enable account registration 2026-03-24 16:30:56 -05:00
Quentin Gliech
44235144ed Merge branch 'main' into quenting/fix-jobs-cleanup 2026-03-24 16:07:16 +01:00
matrixbot
5e16be87d1 Automatic merge back to main (#5578) 2026-03-24 16:06:04 +01:00
github-actions[bot]
82e49e5cd7 1.14.0 2026-03-24 14:09:16 +00:00
Quentin Gliech
0479570f96 Update aws-lc-rs and rustls-webpki to resolve security advisories. 
Update aws-lc-rs 1.14.0 -> 1.16.2 (aws-lc-sys 0.31.0 -> 0.39.0) and
rustls-webpki 0.103.6 -> 0.103.10 to resolve security advisories.

Remove ring license clarification and OpenSSL license allowance from the
`cargo-deny` config since ring is no longer in the dependency tree.
 2026-03-24 13:17:29 +01:00
Quentin Gliech
bf84ab5004 build(deps-dev): bump the vitest group in /frontend with 2 updates (#5562) 2026-03-24 12:02:12 +01:00
Quentin Gliech
94eed96768 build(deps): bump docker/metadata-action from 5.10.0 to 6.0.0 (#5558) 2026-03-24 11:47:28 +01:00
Quentin Gliech
b7ef5232f9 build(deps): bump sigstore/cosign-installer from 4.0.0 to 4.1.0 (#5559) 2026-03-24 11:47:11 +01:00
Quentin Gliech
a8acd1d19b build(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1 (#5560) 2026-03-24 11:46:39 +01:00
Quentin Gliech
bdca9cc6b3 Change queue_schedules FK to ON DELETE SET NULL 
The cleanup-queue-jobs job was failing because it tried to delete
completed/failed jobs still referenced by `queue_schedules.last_scheduled_job_id`.
The FK defaulted to RESTRICT, blocking the delete.

Change it to `ON DELETE SET NULL` so cleanup can proceed, matching the
existing semantics (NULL = "never scheduled or cleaned up").

Fixes #5545
 2026-03-24 11:44:23 +01:00
dependabot[bot]
483f342e81 build(deps-dev): bump the vitest group in /frontend with 2 updates 
Bumps the vitest group in /frontend with 2 updates: [@vitest/coverage-v8](https://github.com/vitest-dev/vitest/tree/HEAD/packages/coverage-v8) and [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest).


Updates `@vitest/coverage-v8` from 4.0.18 to 4.1.0
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/coverage-v8)

Updates `vitest` from 4.0.18 to 4.1.0
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest)

---
updated-dependencies:
- dependency-name: "@vitest/coverage-v8"
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: vitest
- dependency-name: vitest
  dependency-version: 4.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: vitest
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-20 10:51:57 +00:00
Quentin Gliech
a10012278b build(deps-dev): bump the vite group in /frontend with 2 updates (#5563) 2026-03-20 11:50:39 +01:00
dependabot[bot]
e7d24c95f7 build(deps-dev): bump the vite group in /frontend with 2 updates 
Bumps the vite group in /frontend with 2 updates: [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `@vitejs/plugin-react` from 5.1.4 to 6.0.1
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.1/packages/plugin-react)

Updates `vite` from 7.3.1 to 8.0.0
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/create-vite@8.0.0/packages/vite)

---
updated-dependencies:
- dependency-name: "@vitejs/plugin-react"
  dependency-version: 6.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: vite
- dependency-name: vite
  dependency-version: 8.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: vite
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-18 13:56:02 +00:00
dependabot[bot]
96fcaabdd0 build(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1 
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.5.0 to 2.6.1.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](https://github.com/softprops/action-gh-release/compare/v2.5.0...v2.6.1)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: 2.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-18 13:54:56 +00:00