|
|
bd54d900aa
|
separate-codegen-fix2
Deploy on push / deploy (push) Failing after 32s
|
2025-09-27 13:56:10 +03:00 |
|
|
|
eab0ba7b42
|
separate-codegen-fix
Deploy on push / deploy (push) Failing after 30s
|
2025-09-27 13:53:00 +03:00 |
|
|
|
2ac983d81e
|
nodiag
Deploy on push / deploy (push) Failing after 36s
|
2025-09-27 13:47:26 +03:00 |
|
|
|
853ed77083
|
ci-diagnostic
Deploy on push / deploy (push) Failing after 34s
|
2025-09-27 13:28:51 +03:00 |
|
|
|
03626ec20d
|
panelfix
Deploy on push / deploy (push) Failing after 31s
|
2025-09-27 13:20:56 +03:00 |
|
|
|
05c188df62
|
[0.9.29] - 2025-09-26
Deploy on push / deploy (push) Failing after 39s
### 🚨 CRITICAL Security Fixes
- **🔒 Open Redirect Protection**: Добавлена строгая валидация redirect_uri против whitelist доменов
- **🔒 Rate Limiting**: Защита OAuth endpoints от брутфорса (10 попыток за 5 минут на IP)
- **🔒 Logout Endpoint**: Критически важный endpoint для безопасного отзыва httpOnly cookies
- **🔒 Provider Validation**: Усиленная валидация OAuth провайдеров с логированием атак
- **🚨 GlitchTip Alerts**: Автоматические алерты безопасности в GlitchTip при критических событиях
### 🛡️ Security Modules
- **auth/oauth_security.py**: Модуль безопасности OAuth с валидацией и rate limiting + GlitchTip алерты
- **auth/logout.py**: Безопасный logout с поддержкой JSON API и browser redirect
- **tests/test_oauth_security.py**: Комплексные тесты безопасности (11 тестов)
- **tests/test_oauth_glitchtip_alerts.py**: Тесты интеграции с GlitchTip (8 тестов)
### 🔧 OAuth Improvements
- **Minimal Flow**: Упрощен до минимума - только httpOnly cookie, нет JWT в URL
- **Simple Logic**: Нет error параметра = успех, максимальная простота
- **DRY Refactoring**: Устранено дублирование кода в logout и валидации
### 🎯 OAuth Endpoints
- **Старт**: `v3.dscrs.site/oauth/{provider}` - с rate limiting и валидацией
- **Callback**: `v3.dscrs.site/oauth/{provider}/callback` - безопасный redirect_uri
- **Logout**: `v3.dscrs.site/auth/logout` - отзыв httpOnly cookies
- **Финализация**: `testing.discours.io/oauth?redirect_url=...` - минимальная схема
### 📊 Security Test Coverage
- ✅ Open redirect attack prevention
- ✅ Rate limiting protection
- ✅ Provider validation
- ✅ Safe fallback mechanisms
- ✅ Cookie security (httpOnly + Secure + SameSite)
- ✅ GlitchTip integration (8 тестов алертов)
### 📝 Documentation
- Создан `docs/oauth-minimal-flow.md` - полное описание минимального flow
- Обновлена документация OAuth в `docs/auth/oauth.md`
- Добавлены security best practices
|
2025-09-26 21:03:45 +03:00 |
|
|
|
9d6ac671d5
|
mypy-ci-fix2
Deploy on push / deploy (push) Failing after 7m30s
|
2025-09-16 12:08:42 +03:00 |
|
|
|
37d502801a
|
mypy-ci-fix
Deploy on push / deploy (push) Failing after 3m59s
|
2025-09-16 11:59:57 +03:00 |
|
|
|
4ea32e3b83
|
panel minor fixes
Deploy on push / deploy (push) Failing after 4m20s
|
2025-09-16 11:49:24 +03:00 |
|
|
|
69102bb908
|
cifix
Deploy on push / deploy (push) Failing after 3m15s
|
2025-09-03 13:01:38 +03:00 |
|
|
|
43f0114769
|
deploy-fixed
Deploy on push / deploy (push) Successful in 7m11s
|
2025-08-28 21:02:20 +03:00 |
|
|
|
e6f9b877f4
|
deploy-fix2
Deploy on push / deploy (push) Successful in 6m53s
|
2025-08-28 20:53:31 +03:00 |
|
|
|
b0d60bb836
|
deploy-fix
Deploy on push / deploy (push) Failing after 3m36s
|
2025-08-28 20:48:15 +03:00 |
|
|
|
d677d6547c
|
debug-improved
Deploy on push / deploy (push) Failing after 3m44s
|
2025-08-28 20:19:30 +03:00 |
|
|
|
e78e12eeee
|
circular-fix
Deploy on push / deploy (push) Failing after 17s
|
2025-08-17 16:33:54 +03:00 |
|
|
|
81b2ec41fa
|
ci-tests-frontend-e2e-fix
Deploy on push / deploy (push) Has been cancelled
|
2025-08-12 14:45:59 +03:00 |
|
|
|
31376b3dac
|
headless-tests-ci-fix3
Deploy on push / deploy (push) Failing after 33s
|
2025-08-12 14:31:25 +03:00 |
|
|
|
3f212992a0
|
headless-tests-ci-fix2
Deploy on push / deploy (push) Failing after 1m51s
|
2025-08-12 14:07:02 +03:00 |
|
|
|
a2177bc35a
|
headless-tests-ci-fix
Deploy on push / deploy (push) Failing after 11s
|
2025-08-12 14:03:56 +03:00 |
|
|
|
16d911bf1e
|
headless
Deploy on push / deploy (push) Has been cancelled
|
2025-08-12 14:00:12 +03:00 |
|
|
|
2eeabae847
|
devgroup
Deploy on push / deploy (push) Failing after 14s
|
2025-08-12 13:19:55 +03:00 |
|
|
|
663942c41e
|
feat: migrate to uv package manager
- Add pyproject.toml with project configuration
- Update requirements.txt and requirements.dev.txt with versions
- Add .uv configuration file
- Update .gitignore for uv
- Update README with uv instructions
- Configure hatchling build system
- Add mypy configuration
- Test uv sync and pytest integration
|
2025-08-12 13:12:39 +03:00 |
|
|
|
333dc19020
|
ci-upgrade3
Deploy on push / deploy (push) Failing after 4s
|
2025-08-12 13:06:53 +03:00 |
|
|
|
573fa29aa6
|
ci-upgrade2
Deploy on push / deploy (push) Failing after 5s
|
2025-08-12 13:05:41 +03:00 |
|
|
|
8b93ce0f63
|
ci-upgrade
Deploy on push / deploy (push) Failing after 5s
|
2025-08-12 13:04:12 +03:00 |
|
|
|
047d7e658f
|
ci: update workflow to use dokku action for dev branch deployment
|
2025-08-12 12:57:05 +03:00 |
|
|
|
6f7be9e38c
|
fix-deploy
Deploy on push / deploy (push) Failing after 5s
|
2025-08-12 12:49:48 +03:00 |
|
|
|
2b1c3c2569
|
chore: remove pre-commit configuration and dependencies
|
2025-08-12 12:48:09 +03:00 |
|
|
|
cb946fb30e
|
roles-editor-fix
|
2025-07-25 10:09:01 +03:00 |
|
|
|
fed6d51af0
|
deploy-fix2
Deploy on push / deploy (push) Failing after 5s
|
2025-07-25 01:17:23 +03:00 |
|
|
|
ff2e5b6735
|
deploy-fix
Deploy on push / deploy (push) Failing after 4s
|
2025-07-25 01:08:03 +03:00 |
|
|
|
1710fce600
|
nochecks1
Deploy on push / deploy (push) Successful in 7s
|
2025-06-03 01:14:51 +03:00 |
|
|
|
6ab76a9754
|
nochecks
Deploy on push / deploy (push) Blocked by required conditions
|
2025-06-03 01:13:51 +03:00 |
|
|
|
6689847c0e
|
img
Deploy on push / type-check (push) Waiting to run
Deploy on push / deploy (push) Blocked by required conditions
|
2025-06-03 01:13:13 +03:00 |
|
|
|
17b6069fb2
|
dplfix
Deploy on push / type-check (push) Failing after 7s
Deploy on push / deploy (push) Has been skipped
|
2025-06-03 01:11:28 +03:00 |
|
|
|
f00eea2c31
|
тщмук
Deploy on push / type-check (push) Failing after 8s
Deploy on push / deploy (push) Has been skipped
|
2025-06-03 01:09:29 +03:00 |
|
|
|
9555cc3125
|
311-str
Deploy on push / type-check (push) Failing after 7s
Deploy on push / deploy (push) Has been skipped
|
2025-06-03 01:08:26 +03:00 |
|
|
|
b97912c3c4
|
311
Deploy on push / type-check (push) Failing after 7s
Deploy on push / deploy (push) Has been skipped
|
2025-06-03 01:06:09 +03:00 |
|
|
|
8d410fcac3
|
312
Deploy on push / type-check (push) Failing after 34s
Deploy on push / deploy (push) Has been skipped
|
2025-06-03 01:03:58 +03:00 |
|
|
|
5e370eef95
|
3133
Deploy on push / type-check (push) Failing after 6s
Deploy on push / deploy (push) Has been skipped
|
2025-06-03 01:02:46 +03:00 |
|
|
|
b905ba59e4
|
311
Deploy on push / type-check (push) Failing after 8s
Deploy on push / deploy (push) Has been skipped
|
2025-06-03 01:01:45 +03:00 |
|
|
|
ba21a4b920
|
deply-fix
Deploy on push / type-check (push) Failing after 14s
Deploy on push / deploy (push) Has been skipped
|
2025-06-03 00:58:07 +03:00 |
|
|
|
3327976586
|
Improve topic sorting: add popular sorting by publications and authors count
|
2025-06-02 02:56:11 +03:00 |
|
Stepan Vladovskiy
|
59e71c8144
|
debug: fixed workflows gitea
Deploy on push / deploy (push) Successful in 4m41s
|
2025-03-05 20:17:34 +00:00 |
|
Stepan Vladovskiy
|
e6a416383d
|
debug: fixed workflows gitea
Deploy on push / deploy (push) Successful in 15s
|
2025-03-05 20:16:32 +00:00 |
|
Stepan Vladovskiy
|
d55448398d
|
feat(search.py): change to txtai server, with ai model. And fix granian workers
|
2025-03-05 20:08:21 +00:00 |
|
Stepan Vladovskiy
|
a218d1309b
|
debug: no force optins and simpl regexp logic
Deploy on push / deploy (push) Successful in 59s
|
2025-01-28 18:24:10 -03:00 |
|
Stepan Vladovskiy
|
113d4807b2
|
feat:sv with force flag
Deploy on push / deploy (push) Successful in 1m2s
|
2025-01-28 17:55:41 -03:00 |
|
Stepan Vladovskiy
|
04a0a6ddf4
|
debug: Sigil back to map with only discours.io domain
Deploy on push / deploy (push) Successful in 56s
|
2024-12-20 14:35:59 -03:00 |
|
|
|
dd60d1a1c4
|
deployfix
Deploy on push / deploy (push) Successful in 5s
|
2024-11-01 14:33:34 +03:00 |
|
