a556237963
Ensure we start with a default features set if features file cannot be loaded/parsed
2025-06-10 09:34:15 +02:00
e8488eb406
Update frontend lock file
2025-06-09 22:20:40 +02:00
5363842c4d
Update frontend dependencies
2025-06-09 22:18:15 +02:00
4c5d783699
trim() ipv4/6 input values
2025-06-09 21:02:56 +02:00
64d067d5a1
Fixup app packaging link
2025-06-09 20:56:53 +02:00
1845a65085
Remove distinct support view
2025-06-09 20:54:52 +02:00
86bad5cb3e
fix ipv6 address label and clear errors always on submit
2025-06-09 20:52:37 +02:00
ad4c88b535
Fix missing usage of safe()
2025-06-09 10:18:01 +02:00
55dde26aae
profile: add fallback when no avatar set
2025-06-09 09:35:54 +02:00
a93c85ebc9
profile: drop gravatar support
...
gravatar is owned by an external entity (Automattic) and we have an
unnecessary dep to this service. users can just upload a profile pic
2025-06-08 18:12:40 +02:00
cd45046724
test: fix tasks test
2025-06-08 15:55:00 +02:00
804be6d5e4
cloudron-support: typo
2025-06-08 11:06:56 +02:00
344782099f
add explicit unset for the image routes
...
the initial motivation was to fix up the profile avatar rule which
had a mix of json or multipart. this style does not work well with
express 5
2025-06-06 18:58:49 +02:00
4ffff84540
test: fix dockerproxy test
2025-06-06 18:07:03 +02:00
dffa3b7986
do not mix multipart and json
2025-06-06 17:18:39 +02:00
0f7bc9be52
GET requests should not use json middleware
2025-06-06 17:18:39 +02:00
05fc8ed5db
Fix crash with express 5
...
express.json does not enforce json. this means it will pass it through
but let req.body be undefined. this causes all our asserts to crash
2025-06-06 16:30:43 +02:00
74a8779c49
Fix oidc upgrade crash
...
they keys object format has changed
2025-06-06 16:23:11 +02:00
40631a753f
Fix express 5 crashes
2025-06-06 16:23:07 +02:00
5cf266c5be
test: fix nock usage
...
by default, nock intercepts and redirects everything to 127.0.0.1:80
this is regardless of any http request is mocked or not
nock.isActive() - is interceptor active
nock.restore() removes the interceptor
nock.activate() - enables interceptor again
nock.cleanAll() - deletes all mocks. nothing to do with interceptor
nock.activeMock() - to get the active mocks
nock.persist(true/false) - the mock will reply once and set isDone(). but you can persist(true)
2025-06-06 15:49:07 +02:00
0f3eb42332
test: fix provision test
2025-06-06 15:48:21 +02:00
1fa8395847
test: remove support ticket test
2025-06-06 15:45:43 +02:00
1b6e283ac1
appstore: better error message
2025-06-06 13:45:23 +02:00
7b9504c5b4
test: add provision test
2025-06-06 13:39:30 +02:00
2b52e21ccf
test: fix appstore test
2025-06-06 13:39:30 +02:00
c49050ea69
appstore: removed old route and rename to reset_cloudron_id
2025-06-06 13:39:30 +02:00
53037c96cf
Update lock file
2025-06-06 13:26:18 +02:00
000e5fa105
Use distinct translation strings for mail and user directory settings menu entries
2025-06-06 11:29:16 +02:00
3ccad9ada9
cloudron-setup: remove --generate-setup-token
...
this code path is hardly ever tested and seems unnecesary
2025-06-06 10:22:06 +02:00
73bd3e513c
appstore: fix response fields from register_cloudron3
2025-06-06 10:19:37 +02:00
2c2a24c31b
support: remove createTicket
...
there is no form to create tickets anymore since a while
2025-06-06 09:51:07 +02:00
28a1c254d9
activation: move registration into provision model code
2025-06-06 09:31:31 +02:00
203ad6b565
major upgrade of express
2025-06-06 08:39:57 +02:00
0969bb9824
test: fix storage test
2025-06-06 08:34:21 +02:00
c6ae7729d1
Fix package.json version
2025-06-06 08:26:21 +02:00
af719dd8c2
major package changes
2025-06-06 08:24:45 +02:00
f87e257233
update modules
2025-06-06 08:16:57 +02:00
83d7535d84
turn: add outbound ratelimit
...
coturn will send 401 when receiving UDP packets with forged source IP.
this can cause a flood of 401s at the victim. the primary concern appears
to be that these packets are quite large compared to handshake packets
below.
TCP is also affected but effects are minimal because they will get
discarded at the connection handshake level.
UDP/TLS (DTLS) has similar handshake mechanism of TCP and effects are
minimal.
https://forum.cloudron.io/topic/13855/reflection-attack-via-stun-turn
https://github.com/coturn/coturn/pull/1588
2025-06-04 14:15:45 +02:00
811cc9c028
turn: reduce the exposed ports to 100
2025-06-04 13:23:47 +02:00
f14fbfe087
turn: verbose logs in debug mode
2025-06-04 13:22:25 +02:00
446099b1f9
turn: add note on why we still use host mode
2025-06-04 13:11:12 +02:00
bad927e283
Update pankow
2025-06-04 11:08:52 +02:00
ccbb3dca9f
Try some sidebar hover indicator
2025-06-04 10:59:27 +02:00
d47b947acf
Bring back possibility to disable 2fa for a user from the users view
2025-06-04 10:48:57 +02:00
6332db8e86
Pankow now has the dashboard primary colors
2025-06-03 13:48:39 +02:00
d829d43f2f
Update pankow
2025-06-03 12:51:22 +02:00
8944698df1
Remove main UI loading animation
2025-06-03 12:43:14 +02:00
ccf5f2f60e
Fix sshfs volume mounting
2025-06-03 11:05:50 +02:00
d381f579d3
Only show NotificationSettings for admins or owners
2025-06-03 10:57:38 +02:00
995c0a7afc
Update frontend dependencies
2025-06-02 22:54:46 +02:00
Johannes Zellner