Commit graph

534 commits

Author SHA1 Message Date
Renaud Chaput bcf5d30e01
Add OpenTelemetry VCS attributes (#32904) 2024-11-18 08:41:09 +00:00
Claire f5f6273d2b
Move ALLOWED_PRIVATE_ADDRESSES parsing to an initializer (#32850) 2024-11-12 13:00:52 +00:00
David Roetzel d60ef3f17e
Disable httplog gem in production (#32776) 2024-11-05 08:55:34 +00:00
Matt Jankowski a139dac18e
Remove cookie rotator (#32289) 2024-11-04 09:11:00 +00:00
Emelia Smith e1b7382ea6
Add userinfo oauth endpoint (#32548) 2024-10-30 14:38:10 +00:00
Claire 6ff1954bdb
Change Active Record Encryption variable check to check for emptiness (#32537) 2024-10-16 08:43:45 +00:00
Claire ffa1032381
Add further warnings about encryption secrets (#32476) 2024-10-14 13:00:20 +00:00
Emelia Smith 454d21ab5a
Remove OAuth Password Grant Type support (#30960) 2024-10-01 09:56:58 +00:00
Claire e22eff8900
Remove regexp timeout feature (#32169) 2024-09-30 09:41:06 +00:00
David Roetzel cfb8fc6222
Increase regexp timeout and allow override (#32056) 2024-09-24 13:16:58 +00:00
Tim Campbell 11eae691ba
Feature more otel customization (#31998) 2024-09-23 08:55:35 +00:00
Matt Jankowski 5405bdd344
Remove unused E2EE messaging code (#31193) 2024-09-18 09:27:43 +00:00
Claire d5cf27e667
Add global Regexp timeout (#31928) 2024-09-16 09:40:18 +00:00
Claire a496aeabcb
Change form-action Content-Security-Policy directive to be more restrictive (#26897) 2024-09-12 13:24:19 +00:00
Eugen Rochko 24ef8255b3
Change design of embed modal in web UI (#31801) 2024-09-12 12:54:16 +00:00
Matt Jankowski b530fc5267
Update rails to version 7.1.4 (#31563) 2024-09-06 15:22:35 +00:00
Claire ee55d20fd5
Allow POST /oauth/revoke through CORS (#31743) 2024-09-04 10:46:28 +00:00
David Roetzel 388d5473e1
Refactor (ruby) redis configuration (#31694) 2024-09-02 14:19:55 +00:00
Matt Jankowski 85e8d1f285
Use rails configuration storage for paperclip path (#31651) 2024-08-30 09:46:09 +00:00
Matt Jankowski 6ec768668e
Remove nsa statsd integration (replaced by OpenTelemetry) (#30240) 2024-08-22 20:28:54 +00:00
Matt Jankowski 02df1b4e4a
Finish email allow/deny list naming migration (#30530) 2024-08-13 07:37:32 +00:00
Emelia Smith a1f723a6a4
Add support for PKCE Extension in OmniAuth OIDC (#31131) 2024-08-12 14:32:52 +00:00
Claire eaedd52def
Fix incorrect rate limit on PUT requests (#31356) 2024-08-09 14:48:05 +00:00
Adam Niedzielski 887e64efd4
Allow @ at the end of an URL (#31124) 2024-07-25 15:02:58 +00:00
Renaud Chaput 36592d10aa
Change Sidekiq readiness file to use an environment variable (#30988) 2024-07-10 12:57:25 +00:00
Renaud Chaput 7542a134d5
Add a file for Sidekiq to signal it is ready to process jobs (#30971) 2024-07-09 10:47:08 +00:00
Claire 8de5df225e
Change instructions to use bundle exec rails instead of rake (#30917) 2024-07-05 08:54:45 +00:00
Matt Jankowski bc3737f0c3
Add detail about running version on vips error failure (#30858) 2024-06-27 16:27:42 +00:00
Claire b15a3614dc
Stub Vips::Error when not using libvips (#30857) 2024-06-27 15:25:27 +00:00
Renaud Chaput 845fe1c693
Add the Interlingua locale (#30828) 2024-06-25 14:05:24 +00:00
Tim Rogers f6e466058a
Added check for STATSD_ADDR setting to emit a warning and proceed rather than crashing if the address is unreachable (#30691) 2024-06-24 14:41:04 +00:00
Matt Jankowski 980034e2e1
Fix Style/NilLambda cop in paperclip initializer (#30695) 2024-06-14 09:50:50 +00:00
Matt Jankowski 0e1110c947
Use SECRET_KEY_BASE_DUMMY feature as placeholder during asset compilation (#30505) 2024-06-10 20:08:04 +00:00
Matt Jankowski 0cf91213c9
Opt in to remaining Rails 7.1 defaults (#30332)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-10 06:32:20 +00:00
Claire 80cd001e0a
Fix linting issue (#30595) 2024-06-07 14:32:29 +00:00
Isa S 773283ffb9
Make S3's retry limit a ENV variable (#23215) 2024-06-07 13:54:55 +00:00
Victor Dyotte 299ae9bf92
Add S3_KEY_PREFIX environment variable (#30181) 2024-06-07 12:29:30 +00:00
Emelia Smith e02d23b549
Change read:me scope to profile scope (#30357)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-06 07:30:10 +00:00
Eugen Rochko 5f15a892fa
Add support for libvips in addition to ImageMagick (#30090)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-06-05 19:15:39 +00:00
Matt Jankowski 4d3748ac44
Fix rack attack match_type value typo in logging config (#30514) 2024-06-03 07:16:01 +00:00
Matt Jankowski a22865a352
Add :email to filter parameter logging config (#30492) 2024-05-31 09:35:56 +00:00
Claire 73a78cc19d
Fix rate-limiting incorrectly triggering a session cookie on most endpoints (#30483) 2024-05-30 12:56:18 +00:00
Claire 3fa0dd0b88
Merge pull request from GHSA-c2r5-cfqr-c553
* Add hardening monkey-patch to prevent IP spoofing on misconfigured installations

* Remove rack-attack safelist
2024-05-30 14:24:29 +02:00
Claire 16249946ae
Merge pull request from GHSA-q3rg-xx5v-4mxh 2024-05-30 14:14:04 +02:00
Emelia Smith d20a5c3ec9
Fix: remove broken OAuth Application vacuuming & throttle OAuth Application registrations (#30316)
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
2024-05-29 14:00:05 +00:00
Nick Schonning 87156f57b5
Enable Style/StringConcatenation (#30428) 2024-05-27 09:41:45 +00:00
Renaud Chaput acc77c3836
Add instrumentation to the search services (#30350) 2024-05-24 13:13:23 +00:00
Renaud Chaput 9658d3e580
Use the job class as span name for Sidekiq root spans (#30353) 2024-05-20 08:01:04 +00:00
Claire 12472e7f40
Add emphasis on ActiveRecord Encryption configuration values being secret (#30340) 2024-05-17 09:28:40 +00:00
Matt Jankowski 1b6eb2c7f0
Enable YJIT when available (#30310) 2024-05-16 09:56:48 +00:00