dependabot[bot]
3241a4f521
chore(deps-dev): bump @typescript-eslint/parser from 4.26.1 to 4.27.0 ( #3609 )
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 4.26.1 to 4.27.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.27.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-15 21:46:00 +05:30
dependabot[bot]
5c9b625acb
chore(deps-dev): bump @typescript-eslint/eslint-plugin ( #3610 )
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 4.26.1 to 4.27.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.27.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-15 21:34:56 +05:30
Joe Previte
4bb7a8ddb9
Merge pull request #3590 from mxschmitt/chore/upgrade-to-latest-playwright
...
chore: upgrade to Playwright 1.12 with its new test-runner
2021-06-10 11:15:41 -07:00
Joe Previte
2c818e3855
Merge pull request #3589 from cdr/dependabot/npm_and_yarn/argon2-0.28.2
...
chore(deps): bump argon2 from 0.28.0 to 0.28.2
2021-06-10 09:36:45 -07:00
Max Schmitt
dbb34ad710
chore: upgrade to Playwright 1.12 with its new test-runner
2021-06-10 15:09:38 +02:00
dependabot[bot]
fda44240c9
chore(deps): bump argon2 from 0.28.0 to 0.28.2
...
Bumps [argon2](https://github.com/ranisalt/node-argon2 ) from 0.28.0 to 0.28.2.
- [Release notes](https://github.com/ranisalt/node-argon2/releases )
- [Commits](https://github.com/ranisalt/node-argon2/compare/v0.28.0...v0.28.2 )
---
updated-dependencies:
- dependency-name: argon2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-10 11:01:38 +00:00
Joe Previte
9fc9c041ad
Merge pull request #3588 from cdr/dependabot/npm_and_yarn/lib/vscode/normalize-url-4.5.1
...
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode
2021-06-09 15:06:08 -07:00
Joe Previte
a802a920ac
Merge pull request #3587 from cdr/dependabot/npm_and_yarn/lib/vscode/build/normalize-url-4.5.1
...
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode/build
2021-06-09 15:05:54 -07:00
dependabot[bot]
54684c0ad2
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode
...
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url ) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases )
- [Commits](https://github.com/sindresorhus/normalize-url/commits )
---
updated-dependencies:
- dependency-name: normalize-url
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 21:32:56 +00:00
dependabot[bot]
2594aa3e41
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode/build
...
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url ) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases )
- [Commits](https://github.com/sindresorhus/normalize-url/commits )
---
updated-dependencies:
- dependency-name: normalize-url
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 21:32:42 +00:00
Joe Previte
717eaa6470
Merge pull request #3422 from cdr/jsjoeio/fix-password-hash
...
fix: use sufficient computational effort for password hash
2021-06-09 14:32:05 -07:00
Joe Previte
1e55a648a5
feat: check for empty str in isHashMatch
2021-06-08 15:10:59 -07:00
Joe Previte
3b50bfc17d
fix: sanitize password and cookie key
2021-06-08 14:33:17 -07:00
Joe Previte
deaa2242ca
feat: add npm_config_build_from_source to build scripts
...
This is necessary due to argon2 being added and an upstream issue where it uses
a Linux build that is too new for CentOS 7.
2021-06-08 14:33:17 -07:00
Joe Previte
8c2bb61af9
refactor: parse options with multiple = in cli
...
There was a case with the hashed-password which had multiple equal signs in the
value and it wasn't being parsed correctly. This uses a new function and adds a
few tests.
2021-06-08 14:33:17 -07:00
Joe Previte
531b7c0c25
feat: add splitOnFirstEquals function
2021-06-08 14:33:16 -07:00
Joe Previte
517aaf71c5
docs: update FAQ with new hashing instructions
2021-06-08 14:33:16 -07:00
Joe Previte
923761cd78
refactor: password logic in http w/ isCookieValid
2021-06-08 14:33:16 -07:00
Joe Previte
6020480b30
feat: add isCookieValid function and tests
2021-06-08 14:33:16 -07:00
Joe Previte
409b473c82
refactor: rewrite password logic at /login
2021-06-08 14:33:15 -07:00
Joe Previte
a14ea39c4a
feat: add handlePasswordValidation + tests
2021-06-08 14:33:15 -07:00
Joe Previte
7ff4117531
feat: add getPasswordMethod & test for it
2021-06-08 14:33:15 -07:00
Joe Previte
ffa5c16e51
feat: update cli and test for hashed-password
2021-06-08 14:33:15 -07:00
Joe Previte
788b958e20
refactor: update hash fn in test config
2021-06-08 14:33:14 -07:00
Joe Previte
1134780b8b
refactor: make wsProxy async
2021-06-08 14:33:14 -07:00
Joe Previte
91303d4e40
refactor: make ensureAuthenticated async
2021-06-08 14:33:14 -07:00
Joe Previte
0cdbd33b46
refactor: make authenticated async everywhere
...
Since this checks if they are authenticated using the hash/password and it's
async, we need to update authenticated to be async, which means we have to
update it everywhere it's used.
2021-06-08 14:33:14 -07:00
Joe Previte
fcc3f0d951
refactor: update login logic with new async hashing
...
This adds the proper await logic for the hashing of passwords.
2021-06-08 14:33:13 -07:00
Joe Previte
fd3cb6cfa0
refactor: update unit tests for hash fns
...
Since the hash and isHashMatch are now async, I had to update the tests
accordingly. Now everything is working.
2021-06-08 14:33:13 -07:00
Joe Previte
70197bb2a5
refactor: use argon2 instead of bcrypt
...
This uses argon2 instead of bcrypt.
Note: this means the hash functions are now async which means we have to
refactor a lot of other code around auth.
2021-06-08 14:33:13 -07:00
Joe Previte
51f8341959
chore: update to argon2 in test
2021-06-08 14:33:13 -07:00
Joe Previte
dc2db5c62d
chore: add argon2 package
2021-06-08 14:33:13 -07:00
Joe Previte
fc3326f1f2
feat: add tests using real hashes
2021-06-08 14:33:12 -07:00
Joe Previte
aaf044728f
refactor: add functions to check hash password
2021-06-08 14:33:12 -07:00
Joe Previte
f35120c0a3
feat: add unit test for hash function
2021-06-08 14:33:12 -07:00
Joe Previte
17be8c5cd3
refactor: use bcrypt in e2e setup
2021-06-08 14:33:12 -07:00
Joe Previte
cac667317e
refactor: use bcrypt in hash function
2021-06-08 14:33:11 -07:00
Joe Previte
dd2cb1649a
chore: update CHANGELOG
2021-06-08 14:32:16 -07:00
dependabot[bot]
d8c3ba6a17
chore(deps): bump glob-parent in /lib/vscode/build/lib/watch ( #3570 )
...
Bumps [glob-parent](https://github.com/gulpjs/glob-parent ) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases )
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md )
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2 )
---
updated-dependencies:
- dependency-name: glob-parent
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-09 00:25:30 +05:30
dependabot[bot]
4cd0456103
chore(deps-dev): bump @typescript-eslint/parser from 4.26.0 to 4.26.1 ( #3567 )
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 4.26.0 to 4.26.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.26.1/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-09 00:23:42 +05:30
dependabot[bot]
38647836bb
chore(deps-dev): bump doctoc from 2.0.0 to 2.0.1 ( #3568 )
...
Bumps [doctoc](https://github.com/thlorenz/doctoc ) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/thlorenz/doctoc/releases )
- [Commits](https://github.com/thlorenz/doctoc/compare/v2.0.0...v2.0.1 )
---
updated-dependencies:
- dependency-name: doctoc
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-09 00:23:11 +05:30
dependabot[bot]
9288b02f0a
chore(deps): bump trim-newlines from 3.0.0 to 3.0.1 ( #3571 )
...
Bumps [trim-newlines](https://github.com/sindresorhus/trim-newlines ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/sindresorhus/trim-newlines/releases )
- [Commits](https://github.com/sindresorhus/trim-newlines/commits )
---
updated-dependencies:
- dependency-name: trim-newlines
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-09 00:22:16 +05:30
Joe Previte
9052a1364a
Merge pull request #3557 from cuining/main
...
chore: update .gitignore
2021-06-08 10:54:56 -07:00
dependabot[bot]
3edbd09ddb
chore(deps-dev): bump @typescript-eslint/eslint-plugin ( #3569 )
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 4.26.0 to 4.26.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.26.1/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-08 21:55:01 +05:30
cuining
eadd194677
Update CHANGELOG.md
2021-06-08 10:46:30 +08:00
cuining
1cd736db81
Update CHANGELOG.md
2021-06-08 10:46:14 +08:00
cuining
8252e4460b
Merge branch 'cdr:main' into main
2021-06-08 10:33:14 +08:00
Joe Previte
ecbef27981
Merge pull request #3559 from cdr/dependabot/npm_and_yarn/prettier-2.3.1
...
chore(deps-dev): bump prettier from 2.3.0 to 2.3.1
2021-06-07 11:13:19 -07:00
dependabot[bot]
635170c7ed
chore(deps-dev): bump prettier from 2.3.0 to 2.3.1
...
Bumps [prettier](https://github.com/prettier/prettier ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/prettier/prettier/releases )
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prettier/prettier/compare/2.3.0...2.3.1 )
---
updated-dependencies:
- dependency-name: prettier
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-07 18:08:25 +00:00
Joe Previte
0659a2ea73
Merge pull request #3558 from cdr/dependabot/npm_and_yarn/eslint-7.28.0
...
chore(deps-dev): bump eslint from 7.27.0 to 7.28.0
2021-06-07 11:05:12 -07:00