jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity
19,609 Commits 33 Branches 583 Tags
ec15f29e405e0e8d2d6dc655bfb0273966776671
Commit Graph

230 Commits

Author SHA1 Message Date
Elias Hackradt 0b968b6a98 Use branding.getCloudronName(); for totp secret name metadata 2026-02-18 13:19:27 +00:00
Johannes Zellner cb5ccd8166 Also auth against mailPasswords in ldapserver.js 2026-02-18 10:12:34 +01:00
Johannes Zellner 9bac099339 Add mailPassword table 
This table stores email credentials for users using apps which use the
email addon
 2026-02-18 10:12:34 +01:00
Girish Ramakrishnan 4ed6fbbd74 eslint: add no-shadow 2026-02-18 08:18:37 +01:00
Girish Ramakrishnan 319360f8d0 lint 2026-02-17 19:51:09 +01:00
Johannes Zellner 7bc19e8185 Cleanup passkeys on user deletion 2026-02-16 13:52:04 +01:00
Girish Ramakrishnan b5a1554631 Fix various linter errors 2026-02-15 19:37:30 +01:00
Girish Ramakrishnan 36aa641cb9 migrate to "export default" 
also, set no-use-before-define in linter
 2026-02-14 15:43:24 +01:00
Girish Ramakrishnan 96dc79cfe6 Migrate codebase from CommonJS to ES Modules 
- Convert all require()/module.exports to import/export across 260+ files
- Add "type": "module" to package.json to enable ESM by default
- Add migrations/package.json with "type": "commonjs" to keep db-migrate compatible
- Convert eslint.config.js to ESM with sourceType: "module"
- Replace __dirname/__filename with import.meta.dirname/import.meta.filename
- Replace require.main === module with process.argv[1] === import.meta.filename
- Remove 'use strict' directives (implicit in ESM)
- Convert dynamic require() in switch statements to static import lookup maps
  (dns.js, domains.js, backupformats.js, backupsites.js, network.js)
- Extract self-referencing exports.CONSTANT patterns into standalone const
  declarations (apps.js, services.js, locks.js, users.js, mail.js, etc.)
- Lazify SERVICES object in services.js to avoid circular dependency TDZ issues
- Add clearMailQueue() to mailer.js for ESM-safe queue clearing in tests
- Add _setMockApp() to ldapserver.js for ESM-safe test mocking
- Add _setMockResolve() wrapper to dig.js for ESM-safe DNS mocking in tests
- Convert backupupload.js to use dynamic imports so --check exits before
  loading the module graph (which requires BOX_ENV)
- Update check-install to use ESM import for infra_version.js
- Convert scripts/ (hotfix, release, remote_hotfix.js, find-unused-translations)
- All 1315 tests passing

Migration stats (AI-assisted using Cursor with Claude):
- Wall clock time: ~3-4 hours
- Assistant completions: ~80-100
- Estimated token usage: ~1-2M tokens

Co-authored-by: Cursor <cursoragent@cursor.com>
 2026-02-14 15:11:45 +01:00
Johannes Zellner 5724ca73b4 Add passkey support 2026-02-13 17:18:56 +01:00
Girish Ramakrishnan e9c3e42aa6 appPassword: add expiry 2026-02-12 16:23:31 +01:00
Girish Ramakrishnan 2b362d8eaf users: add note about invitationToken 
this is a one time token that is valid until the account is set up.
this is the reason it has no expiry time.
 2026-01-17 09:44:43 +01:00
Girish Ramakrishnan bbefca71e5 profile: add hasAvatar 2025-12-10 18:57:02 +01:00
Girish Ramakrishnan 02fd52e366 Remove any deleted group and user from operators and accessRestriction 
part of #857
 2025-10-20 16:51:23 +02:00
Girish Ramakrishnan 43e426ab9f Revert "Add no-use-before-define linter rule" 
This reverts commit fdcc5d68a2.

Unfortunately, this requires us to move exports to the bottom.
This in turn causes circular dep issues and also access of
exports.GLOBAL_VAR in the global context
 2025-10-08 21:17:52 +02:00
Girish Ramakrishnan a6355e1945 remove spammy log 2025-10-03 11:49:40 +02:00
Girish Ramakrishnan 5dd5a20fc1 code -> sqlCode 2025-09-29 12:18:26 +02:00
Girish Ramakrishnan 942e595444 Fix profile test 2025-08-14 16:02:54 +05:30
Girish Ramakrishnan 12e073e8cf use node: prefix for requires 
mostly because code is being autogenerated by all the AI stuff using
this prefix. it's also used in the stack trace.
 2025-08-14 12:55:35 +05:30
Johannes Zellner 3ea9192f79 Validate user account input during account setup 2025-08-08 10:07:14 +02:00
Girish Ramakrishnan e390a56f05 users: ensure all user objects have groupIds 
this prevents ldap/sftp code from detecting user groups
and thus fails to detect membership of a user via operator groups.
 2025-08-07 12:32:21 +02:00
Girish Ramakrishnan c184f1e42e mailer: handle error at the caller instead 
the send test email logic breaks if we disable throwing error in send
 2025-08-06 10:18:09 +02:00
Girish Ramakrishnan cbc73f5c9a remove uuid module 
built into node.js now
 2025-07-28 12:54:09 +02:00
Girish Ramakrishnan 622aecfd6d users: add unset route for avatar 
also add missing tests for avatar and profile locking
 2025-07-15 10:06:26 +02:00
Girish Ramakrishnan 22e23e1e65 auth: add logs when auth fails or succeeds 2025-07-11 18:14:27 +02:00
Girish Ramakrishnan 6ac0cd421a use the @cloudron/superagent module 2025-07-10 10:56:05 +02:00
Girish Ramakrishnan 1672217dd9 replace mysql module with mysql2 
mysql is deprecated since years now
 2025-06-19 12:41:49 +02:00
Girish Ramakrishnan f48231e309 oidc: do not notify login of ghost users 2025-06-12 00:25:28 +02:00
Girish Ramakrishnan d112d6308c move tokens.ID_ into oidcClients.ID_ 2025-06-12 00:25:28 +02:00
Girish Ramakrishnan 8fc9685a1b test: make it work again 2025-06-11 15:14:15 +02:00
Johannes Zellner af75060001 Reimplement fallback email dialog 2025-06-11 10:22:09 +02:00
Girish Ramakrishnan a93c85ebc9 profile: drop gravatar support 
gravatar is owned by an external entity (Automattic) and we have an
unnecessary dep to this service. users can just upload a profile pic
 2025-06-08 18:12:40 +02:00
Girish Ramakrishnan 5342dae5b3 tokens: add ip restriction 2025-03-07 17:50:50 +01:00
Girish Ramakrishnan f0848e23c7 replace validator module 2025-03-07 12:32:50 +01:00
Girish Ramakrishnan 8e58349bfa replace with custom superagent based on fetch API 2025-02-15 15:14:09 +01:00
Girish Ramakrishnan 5459a540e7 users: do nothing when nothing to update 2025-02-13 17:28:10 +01:00
Girish Ramakrishnan dd5e4adc73 replace underscore with our own 
we only need like 5 simple functions
 2025-02-13 14:14:34 +01:00
Girish Ramakrishnan b43fa38350 username: only ending with .app is reserved 2025-01-25 16:03:19 +01:00
Girish Ramakrishnan 47729e3e43 notifications: add update failure in defaults 2025-01-24 18:51:04 +01:00
Girish Ramakrishnan 701c25d07a notifications: add back app down and app oom mails 2024-12-11 20:56:15 +01:00
Girish Ramakrishnan 6004cd17bf notifications: per user email prefs 2024-12-11 19:12:20 +01:00
Girish Ramakrishnan 3b9d617e37 groups: add events to eventlog 2024-12-04 11:30:30 +01:00
Girish Ramakrishnan 61341b8380 boxerror: always pass second error string 2024-10-30 17:32:12 +01:00
Girish Ramakrishnan bcf497b460 translation.js -> translations.js 
kept confusing my why i can't find this file! this is in line
with the rest of our code
 2024-07-05 12:45:27 +02:00
Girish Ramakrishnan 649c06b641 notification: do not send login notification for external users 2024-06-13 16:55:35 +02:00
Girish Ramakrishnan b4e7e394c3 split routes and model code into user-directory.js 2024-06-12 10:49:01 +02:00
Girish Ramakrishnan e1f87161a8 mandatory 2fa: revoke oidc sessions of non-2fa users 2024-06-12 10:16:49 +02:00
Girish Ramakrishnan 9054f30aef lint 2024-05-25 13:42:44 +02:00
Girish Ramakrishnan 126587ba82 lint: constness 2024-04-26 20:09:36 +02:00
Girish Ramakrishnan 6525504923 profile: store preferred language in the database 2024-02-26 13:30:35 +01:00