letro/letro-authentication-service
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity
6,117 Commits 2 Branches 1 Tag
db54d90a321e4ea3ca3035f2f214d83bd9c2bb5e
Commit Graph

6117 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Olivier 'reivilibre
db54d90a32 Add helper function to count user sessions for limiting 2025-11-06 10:12:14 +00:00
Olivier 'reivilibre
1c056bfdad Add SessionCounts struct for use in policy 2025-11-06 10:12:14 +00:00
Olivier 'reivilibre
dc535d7451 Add configuration for session limiting 2025-11-06 10:12:14 +00:00
reivilibre
c2ea8f7fa1 Add basic documentation for personal sessions (#5187) 2025-11-05 16:19:10 +00:00
reivilibre
e4e3c6720b Only allow C-S device scopes when the C-S API scope has been requested (#5215) 2025-11-05 15:47:03 +00:00
reivilibre
5bbc26cb16 Update docs/development/contributing.md 
Co-authored-by: Quentin Gliech <quenting@element.io>
 2025-11-05 15:40:12 +00:00
Quentin Gliech
9a5d53a042 build(deps): bump react-i18next from 16.1.4 to 16.1.5 in /frontend in the i18next group (#5192) 2025-11-05 14:41:53 +01:00
Quentin Gliech
047f9bace2 build(deps): bump rustls from 0.23.32 to 0.23.34 (#5193) 2025-11-05 14:41:28 +01:00
Quentin Gliech
38510ccefe build(deps-dev): bump the vite group across 1 directory with 2 updates (#5199) 2025-11-05 14:40:59 +01:00
Quentin Gliech
d26ca9d534 build(deps): bump actions/download-artifact from 5 to 6 (#5203) 2025-11-05 14:40:43 +01:00
Quentin Gliech
671918dffa build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 (#5204) 2025-11-05 14:40:27 +01:00
Quentin Gliech
08e1c0ebf4 build(deps-dev): bump knip from 5.64.2 to 5.66.4 in /frontend (#5211) 2025-11-05 14:40:11 +01:00
Quentin Gliech
e9e963608f build(deps-dev): bump @biomejs/biome from 2.2.5 to 2.3.2 in /frontend (#5213) 2025-11-05 14:39:57 +01:00
Quentin Gliech
d64116caf3 build(deps): bump docker/metadata-action from 5.8.0 to 5.9.0 (#5220) 2025-11-05 14:38:19 +01:00
dependabot[bot]
e863b89b74 build(deps): bump docker/metadata-action from 5.8.0 to 5.9.0 
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5.8.0 to 5.9.0.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/v5.8.0...v5.9.0)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-version: 5.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-05 13:14:13 +00:00
dependabot[bot]
f06f9204a0 build(deps-dev): bump the vite group across 1 directory with 2 updates 
Bumps the vite group with 2 updates in the /frontend directory: [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) and [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite).


Updates `@vitejs/plugin-react` from 5.0.4 to 5.1.0
- [Release notes](https://github.com/vitejs/vite-plugin-react/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@5.1.0/packages/plugin-react)

Updates `vite` from 7.1.11 to 7.1.12
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.1.12/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.1.12/packages/vite)

---
updated-dependencies:
- dependency-name: "@vitejs/plugin-react"
  dependency-version: 5.1.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: vite
- dependency-name: vite
  dependency-version: 7.1.12
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: vite
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-04 13:14:11 +00:00
dependabot[bot]
0e0ab1ff9e build(deps): bump react-i18next in /frontend in the i18next group 
Bumps the i18next group in /frontend with 1 update: [react-i18next](https://github.com/i18next/react-i18next).


Updates `react-i18next` from 16.1.4 to 16.1.5
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/react-i18next/compare/v16.1.4...v16.1.5)

---
updated-dependencies:
- dependency-name: react-i18next
  dependency-version: 16.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: i18next
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-04 13:14:10 +00:00
matrixbot
3fb52edcef Automatic merge back to main (#5218) 2025-11-04 13:43:29 +01:00
github-actions[bot]
cad067b809 1.6.0-rc.0 2025-11-04 12:35:57 +00:00
matrixbot
7ddd5ac76a Translations updates for main (#5217) 2025-11-04 13:31:00 +01:00
github-actions[bot]
294f0e69b7 Translations updates 2025-11-04 12:19:44 +00:00
Olivier 'reivilibre
aeabc9cbf2 Only allow C-S device scopes when the C-S API scope has been requested 
It'd be weird for a client to request a device on the client-server API but yet not request any client-server API scopes to use it with.

By adding this restriction, we can then create a partial index on the oauth2_sessions table to quickly identify sessions that have C-S API scopes and use this as a proxy metric for how many sessions may have device scopes.
This in turn makes it feasible to efficiently limit the number of 'devices' a user has, or more precisely: the number of sessions with client-server API access.

We can't do the same for device scopes themselves because, other than nastiness like parsing the JSON stringification of the scope list, it's not feasible to identify device scopes within a Postgres index predicate.

Part of: #4339
 2025-10-31 15:17:39 +00:00
Olivier 'reivilibre
f45d9c1291 Update tests to prepare for needing C-S API scope 2025-10-31 15:12:45 +00:00
Olivier 'reivilibre
c8184fd5aa Drive-by podman Makefile fix 2025-10-31 15:07:29 +00:00
Olivier 'reivilibre
1262a2b2a8 Drive-by contributing doc update for policies makefile 2025-10-31 15:07:19 +00:00
reivilibre
19679faa2c templates check command: Allow saving rendered samples (#5202) 2025-10-30 14:00:01 +00:00
Olivier 'reivilibre
c69bae3311 Merge branch 'main' into rei/templatecheck_todisk 2025-10-30 13:52:33 +00:00
Olivier 'reivilibre
12b7524232 Fix comment and change delimiter to = 2025-10-30 13:51:33 +00:00
reivilibre
67db74f31a templates: Be strict about undefined variables (#5201) 2025-10-30 12:24:54 +00:00
Olivier 'reivilibre
c60de0d7a8 Change the format of SampleIdentifiers and don't make a subdir per locale 2025-10-30 12:06:09 +00:00
dependabot[bot]
e08011308f build(deps-dev): bump @biomejs/biome from 2.2.5 to 2.3.2 in /frontend 
Bumps [@biomejs/biome](https://github.com/biomejs/biome/tree/HEAD/packages/@biomejs/biome) from 2.2.5 to 2.3.2.
- [Release notes](https://github.com/biomejs/biome/releases)
- [Changelog](https://github.com/biomejs/biome/blob/main/packages/@biomejs/biome/CHANGELOG.md)
- [Commits](https://github.com/biomejs/biome/commits/@biomejs/biome@2.3.2/packages/@biomejs/biome)

---
updated-dependencies:
- dependency-name: "@biomejs/biome"
  dependency-version: 2.3.2
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-29 13:17:21 +00:00
Olivier 'reivilibre
00e051e67a Downgrade to SemiStrict in production 2025-10-28 17:20:49 +00:00
Olivier 'reivilibre
81e2f9a628 Clarify some more conditions in the templates 2025-10-28 16:52:18 +00:00
Olivier 'reivilibre
1803f2b0ac For branding: use none instead of undefined 2025-10-28 15:51:34 +00:00
dependabot[bot]
d2e389586d build(deps-dev): bump knip from 5.64.2 to 5.66.4 in /frontend 
Bumps [knip](https://github.com/webpro-nl/knip/tree/HEAD/packages/knip) from 5.64.2 to 5.66.4.
- [Release notes](https://github.com/webpro-nl/knip/releases)
- [Changelog](https://github.com/webpro-nl/knip/blob/main/packages/knip/.release-it.json)
- [Commits](https://github.com/webpro-nl/knip/commits/5.66.4/packages/knip)

---
updated-dependencies:
- dependency-name: knip
  dependency-version: 5.66.4
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-28 13:17:59 +00:00
matrixbot
eb97815863 Automatic merge back to main (#5210) 2025-10-28 13:57:36 +01:00
github-actions[bot]
f6d537f35d 1.5.0 2025-10-28 12:50:11 +00:00
matrixbot
73e7b9d4cd Translations updates for v1.5 (#5209) 2025-10-28 13:49:11 +01:00
github-actions[bot]
25e6a6bfc4 Translations updates 2025-10-28 12:42:38 +00:00
Olivier 'reivilibre
ef73828361 Make clear that owners are the ones to regenerate 2025-10-28 12:22:24 +00:00
reivilibre
b71bbc54e2 Add mas-maintainers github team to CODEOWNERS (#5188) 2025-10-27 17:31:23 +00:00
dependabot[bot]
a48b739ab9 build(deps): bump actions/upload-artifact from 4.6.2 to 5.0.0 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.2 to 5.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4.6.2...v5.0.0)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-27 14:08:02 +00:00
dependabot[bot]
e7a51698ce build(deps): bump actions/download-artifact from 5 to 6 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 5 to 6.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-27 14:07:58 +00:00
Olivier 'reivilibre
97f4caf904 Introduce SampleIdentifiers to stably track samples 
and use these in output filenames
 2025-10-24 17:14:00 +01:00
Olivier 'reivilibre
0013101623 cli: templates check: allow rendering to --out-dir 2025-10-24 15:43:19 +01:00
Olivier 'reivilibre
cabc005ad4 template macro: generate function for all checks 2025-10-24 15:03:22 +01:00
Olivier 'reivilibre
3bc4cbcc02 template macro: return rendered samples 2025-10-24 14:47:02 +01:00
Olivier 'reivilibre
7356047f27 templates: Be strict about undefined variables 
We shouldn't have any reason to use undefined variables in MAS, so
silently printing as empty strings (etc) seems undesirable.

This will also be helpful for operators with custom templates, since
then they will notice their templates being broken.
 2025-10-24 14:27:35 +01:00
Olivier 'reivilibre
f8a1a362cb templates: fix reliance on lax undefined behaviour 2025-10-24 14:27:35 +01:00
matrixbot
7c67af9156 Automatic merge back to main (#5197) 2025-10-24 13:36:48 +02:00