dependabot[bot]
bee35549f1
chore(deps-dev): bump typescript from 4.3.2 to 4.3.4
...
Bumps [typescript](https://github.com/Microsoft/TypeScript ) from 4.3.2 to 4.3.4.
- [Release notes](https://github.com/Microsoft/TypeScript/releases )
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.3.2...v4.3.4 )
---
updated-dependencies:
- dependency-name: typescript
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-18 11:03:23 +00:00
Joe Previte
5f7e9b7361
Merge pull request #3630 from janiversen/patch-1
...
docs: Update CONTRIBUTING.md
2021-06-17 16:05:27 -07:00
jan iversen
ece5de699a
Update CONTRIBUTING.md
...
Node needs be v14.x not greater. If installing the standard version ‘brew install node’, both ‘yarn’ and ‘code-server’ (release version) complains.
Newest version is v16.x so we are pretty far behind.
2021-06-17 20:57:00 +02:00
dependabot[bot]
bf45e7ca15
chore(deps-dev): bump @types/ws from 7.4.4 to 7.4.5 ( #3627 )
...
Bumps [@types/ws](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/ws ) from 7.4.4 to 7.4.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/ws )
---
updated-dependencies:
- dependency-name: "@types/ws"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-17 23:49:14 +05:30
dependabot[bot]
9dae4fec25
chore(deps): bump ws from 7.4.6 to 7.5.0 ( #3625 )
...
Bumps [ws](https://github.com/websockets/ws ) from 7.4.6 to 7.5.0.
- [Release notes](https://github.com/websockets/ws/releases )
- [Commits](https://github.com/websockets/ws/compare/7.4.6...7.5.0 )
---
updated-dependencies:
- dependency-name: ws
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-17 23:49:03 +05:30
Joe Previte
83701f9f6d
Merge pull request #3626 from cdr/dependabot/npm_and_yarn/wtfnode-0.9.0
...
chore(deps-dev): bump wtfnode from 0.8.4 to 0.9.0
2021-06-17 10:49:40 -07:00
jan iversen
4e14c11fa4
Allow development on any architecture ( #3598 )
2021-06-17 12:28:54 -05:00
dependabot[bot]
79f372c1a0
chore(deps-dev): bump wtfnode from 0.8.4 to 0.9.0
...
Bumps [wtfnode](https://github.com/myndzi/wtfnode ) from 0.8.4 to 0.9.0.
- [Release notes](https://github.com/myndzi/wtfnode/releases )
- [Commits](https://github.com/myndzi/wtfnode/commits )
---
updated-dependencies:
- dependency-name: wtfnode
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-17 11:04:04 +00:00
Joe Previte
cbe3192971
Merge pull request #3617 from cdr/dependabot/npm_and_yarn/audit-ci-4.1.0
...
chore(deps-dev): bump audit-ci from 4.0.0 to 4.1.0
2021-06-16 10:03:35 -07:00
Joe Previte
ddbff58eec
Merge pull request #3602 from patrickcylai/patrickcylai/fix-docs-hashed-password
...
fix: placeholder password in hashed password example
2021-06-16 09:49:53 -07:00
dependabot[bot]
18c0f32c24
chore(deps-dev): bump audit-ci from 4.0.0 to 4.1.0
...
Bumps [audit-ci](https://github.com/IBM/audit-ci ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/IBM/audit-ci/releases )
- [Commits](https://github.com/IBM/audit-ci/compare/v4.0.0...v4.1.0 )
---
updated-dependencies:
- dependency-name: audit-ci
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-16 11:02:59 +00:00
Asher
b59b3936d0
Fix incorrect logout base ( #3611 )
...
Fixes #3608 .
2021-06-15 15:11:01 -05:00
dependabot[bot]
3241a4f521
chore(deps-dev): bump @typescript-eslint/parser from 4.26.1 to 4.27.0 ( #3609 )
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 4.26.1 to 4.27.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.27.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-15 21:46:00 +05:30
dependabot[bot]
5c9b625acb
chore(deps-dev): bump @typescript-eslint/eslint-plugin ( #3610 )
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 4.26.1 to 4.27.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/master/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v4.27.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-06-15 21:34:56 +05:30
Patrick Lai
5fae520ebe
fix: placeholder password in hashed password example
2021-06-13 01:25:05 +10:00
Joe Previte
4bb7a8ddb9
Merge pull request #3590 from mxschmitt/chore/upgrade-to-latest-playwright
...
chore: upgrade to Playwright 1.12 with its new test-runner
2021-06-10 11:15:41 -07:00
Joe Previte
2c818e3855
Merge pull request #3589 from cdr/dependabot/npm_and_yarn/argon2-0.28.2
...
chore(deps): bump argon2 from 0.28.0 to 0.28.2
2021-06-10 09:36:45 -07:00
Max Schmitt
dbb34ad710
chore: upgrade to Playwright 1.12 with its new test-runner
2021-06-10 15:09:38 +02:00
dependabot[bot]
fda44240c9
chore(deps): bump argon2 from 0.28.0 to 0.28.2
...
Bumps [argon2](https://github.com/ranisalt/node-argon2 ) from 0.28.0 to 0.28.2.
- [Release notes](https://github.com/ranisalt/node-argon2/releases )
- [Commits](https://github.com/ranisalt/node-argon2/compare/v0.28.0...v0.28.2 )
---
updated-dependencies:
- dependency-name: argon2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-10 11:01:38 +00:00
Joe Previte
9fc9c041ad
Merge pull request #3588 from cdr/dependabot/npm_and_yarn/lib/vscode/normalize-url-4.5.1
...
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode
2021-06-09 15:06:08 -07:00
Joe Previte
a802a920ac
Merge pull request #3587 from cdr/dependabot/npm_and_yarn/lib/vscode/build/normalize-url-4.5.1
...
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode/build
2021-06-09 15:05:54 -07:00
dependabot[bot]
54684c0ad2
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode
...
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url ) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases )
- [Commits](https://github.com/sindresorhus/normalize-url/commits )
---
updated-dependencies:
- dependency-name: normalize-url
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 21:32:56 +00:00
dependabot[bot]
2594aa3e41
chore(deps): bump normalize-url from 4.5.0 to 4.5.1 in /lib/vscode/build
...
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url ) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases )
- [Commits](https://github.com/sindresorhus/normalize-url/commits )
---
updated-dependencies:
- dependency-name: normalize-url
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 21:32:42 +00:00
Joe Previte
717eaa6470
Merge pull request #3422 from cdr/jsjoeio/fix-password-hash
...
fix: use sufficient computational effort for password hash
2021-06-09 14:32:05 -07:00
Joe Previte
1e55a648a5
feat: check for empty str in isHashMatch
2021-06-08 15:10:59 -07:00
Joe Previte
3b50bfc17d
fix: sanitize password and cookie key
2021-06-08 14:33:17 -07:00
Joe Previte
deaa2242ca
feat: add npm_config_build_from_source to build scripts
...
This is necessary due to argon2 being added and an upstream issue where it uses
a Linux build that is too new for CentOS 7.
2021-06-08 14:33:17 -07:00
Joe Previte
8c2bb61af9
refactor: parse options with multiple = in cli
...
There was a case with the hashed-password which had multiple equal signs in the
value and it wasn't being parsed correctly. This uses a new function and adds a
few tests.
2021-06-08 14:33:17 -07:00
Joe Previte
531b7c0c25
feat: add splitOnFirstEquals function
2021-06-08 14:33:16 -07:00
Joe Previte
517aaf71c5
docs: update FAQ with new hashing instructions
2021-06-08 14:33:16 -07:00
Joe Previte
923761cd78
refactor: password logic in http w/ isCookieValid
2021-06-08 14:33:16 -07:00
Joe Previte
6020480b30
feat: add isCookieValid function and tests
2021-06-08 14:33:16 -07:00
Joe Previte
409b473c82
refactor: rewrite password logic at /login
2021-06-08 14:33:15 -07:00
Joe Previte
a14ea39c4a
feat: add handlePasswordValidation + tests
2021-06-08 14:33:15 -07:00
Joe Previte
7ff4117531
feat: add getPasswordMethod & test for it
2021-06-08 14:33:15 -07:00
Joe Previte
ffa5c16e51
feat: update cli and test for hashed-password
2021-06-08 14:33:15 -07:00
Joe Previte
788b958e20
refactor: update hash fn in test config
2021-06-08 14:33:14 -07:00
Joe Previte
1134780b8b
refactor: make wsProxy async
2021-06-08 14:33:14 -07:00
Joe Previte
91303d4e40
refactor: make ensureAuthenticated async
2021-06-08 14:33:14 -07:00
Joe Previte
0cdbd33b46
refactor: make authenticated async everywhere
...
Since this checks if they are authenticated using the hash/password and it's
async, we need to update authenticated to be async, which means we have to
update it everywhere it's used.
2021-06-08 14:33:14 -07:00
Joe Previte
fcc3f0d951
refactor: update login logic with new async hashing
...
This adds the proper await logic for the hashing of passwords.
2021-06-08 14:33:13 -07:00
Joe Previte
fd3cb6cfa0
refactor: update unit tests for hash fns
...
Since the hash and isHashMatch are now async, I had to update the tests
accordingly. Now everything is working.
2021-06-08 14:33:13 -07:00
Joe Previte
70197bb2a5
refactor: use argon2 instead of bcrypt
...
This uses argon2 instead of bcrypt.
Note: this means the hash functions are now async which means we have to
refactor a lot of other code around auth.
2021-06-08 14:33:13 -07:00
Joe Previte
51f8341959
chore: update to argon2 in test
2021-06-08 14:33:13 -07:00
Joe Previte
dc2db5c62d
chore: add argon2 package
2021-06-08 14:33:13 -07:00
Joe Previte
fc3326f1f2
feat: add tests using real hashes
2021-06-08 14:33:12 -07:00
Joe Previte
aaf044728f
refactor: add functions to check hash password
2021-06-08 14:33:12 -07:00
Joe Previte
f35120c0a3
feat: add unit test for hash function
2021-06-08 14:33:12 -07:00
Joe Previte
17be8c5cd3
refactor: use bcrypt in e2e setup
2021-06-08 14:33:12 -07:00
Joe Previte
cac667317e
refactor: use bcrypt in hash function
2021-06-08 14:33:11 -07:00