torsten/harheimertc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
189 Commits 1 Branch 0 Tags
f05d47be4c73bc9e325cdcf07cde0d991407d7dd
Commit Graph

189 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Torsten Schulz (local)
f05d47be4c Enhance deployment script with build validation checks
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 49s
Details 
Add checks to verify the success of the build process in deploy-production.sh. Implement error messages for missing critical files and directories, improving error handling and providing clear feedback during deployment. This update aims to ensure a successful build before proceeding with production data restoration.
 2026-01-08 07:47:27 +01:00
Torsten Schulz (local)
f1cf06ca48 Add debug information display for component loading in registration page
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 49s
Details 
Introduce a visible debug section in the registrieren.vue component to confirm the loading status and the definition of the handleFormSubmit method. This addition aims to enhance visibility during development and assist in troubleshooting component behavior.
 2026-01-07 22:37:46 +01:00
Torsten Schulz (local)
62115ff1d1 Add debug logging for component lifecycle in registration page
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 44s
Details 
Introduce console log statements to track the loading and setup phases of the registrieren.vue component. This enhancement aims to improve visibility into the component's lifecycle, aiding in debugging and troubleshooting during development.
 2026-01-07 22:34:03 +01:00
Torsten Schulz (local)
8e398778ce Refactor form submission handling and enhance debug logging for registration process
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 45s
Details 
Update the form submission method to a unified handler, improving code clarity and maintainability. Add detailed debug logging to track form submission events and registration method calls, aiding in troubleshooting and providing better insights during the registration process.
 2026-01-07 22:24:18 +01:00
Torsten Schulz (local)
c1e93f8989 Add debug information display for passkey registration process
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 49s
Details 
Introduce a debug information section in the passkey registration flow, providing insights into the challenge, RP-ID, and origin when debugging is enabled. Enhance logging to capture detailed options and cross-device authentication information, improving troubleshooting capabilities and user guidance during the registration process.
 2026-01-07 22:13:50 +01:00
Torsten Schulz (local)
a16838ff47 Enhance debug logging and validation in passkey registration process
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 50s
Details 
Add detailed debug logging to track the verification parameters and errors during the passkey registration flow. Implement validation to ensure the expected origin does not include port 3100, improving error handling and providing clear guidance for configuration issues. This update aims to enhance troubleshooting and the overall robustness of the registration process.
 2026-01-07 22:05:24 +01:00
Torsten Schulz (local)
994aabfb85 Enhance WebAuthn origin handling and debug logging for passkey registration
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 48s
Details 
Refine the WebAuthn configuration to ensure that HTTPS origins do not include ports, improving compliance with standards. Add additional debug logging in the passkey registration process to verify the webauthnOrigin and provide guidance for configuration issues, aiding in troubleshooting and enhancing the clarity of the registration flow.
 2026-01-07 22:01:28 +01:00
Torsten Schulz (local)
83a2166399 Refine WebAuthn configuration and enhance debug logging for origin verification
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 45s
Details 
Update the WebAuthn configuration to ensure HTTPS origins do not include ports, improving compliance with standards. Add detailed debug logging in the passkey registration process to verify the actual origin from the client response, aiding in troubleshooting and enhancing the clarity of the registration flow.
 2026-01-07 21:54:02 +01:00
Torsten Schulz (local)
c40780ef89 Enhance passkey registration process with detailed debug logging and validation checks
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 48s
Details 
Add comprehensive debug logging throughout the passkey registration flow, including request handling, option generation, and verification steps. Implement validation for incoming requests and responses to ensure required fields are present, improving error handling and clarity. This update aims to facilitate troubleshooting and enhance the overall robustness of the registration process.
 2026-01-07 21:36:41 +01:00
Torsten Schulz (local)
bb985ddc8f Improve passkey registration error handling and options serialization
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 44s
Details 
Enhance the registration process by adding error handling for the WebAuthn startRegistration method and ensuring the presence of required options. Include debug logging for received options and serialize the options correctly before returning them in the API response, improving robustness and clarity in the registration flow.
 2026-01-07 21:30:13 +01:00
Torsten Schulz (local)
b34a6fc155 Enhance passkey registration handling with error checks and CORS support
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 49s
Details 
Add validation for server response in the registration process, ensuring the presence of necessary options. Implement CORS headers for cross-device authentication and increase the timeout for registration to 5 minutes. Include debug logging for options structure to aid in troubleshooting.
 2026-01-07 21:24:11 +01:00
Torsten Schulz (local)
e7e9d7815c Refactor CORS header handling in authentication endpoints
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 50s
Details 
Update the CORS header variable name from 'origin' to 'requestOrigin' in both login and registration API endpoints for improved clarity and consistency. This change enhances the readability of the code while maintaining support for cross-device authentication.
 2026-01-07 21:02:58 +01:00
Torsten Schulz (local)
ad21534862 Add CORS support for Cross-Device Authentication in passkey handling
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 45s
Details 
Enhance authentication options in the server API by adding CORS headers to support cross-device authentication. Implement handling for preflight OPTIONS requests and increase timeout for registration and authentication processes to 5 minutes, improving user experience and compatibility across devices.
 2026-01-07 20:59:48 +01:00
Torsten Schulz (local)
3d9b6b57dc Refactor authentication handling in Navigation and registration components to support lazy store access, improving resilience against Pinia initialization issues. Enhance registration logic to include optional password fallback for passkey users, with validation checks for password strength and confirmation. Update server-side registration to handle optional password securely, ensuring consistent user experience across different authentication methods.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 49s
Details
2026-01-07 20:16:17 +01:00
Torsten Schulz (local)
4c7ae87c70 Remove deprecated data files including configuration, gallery metadata, members, news, sessions, users, and membership applications to streamline the server data structure and improve maintainability.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Has been cancelled
Details
2026-01-07 20:16:03 +01:00
Torsten Schulz (local)
8bdebf6a73 Implement passkey support checks in registration page, including user feedback for unsupported scenarios. Update logic to determine passkey availability based on secure context and browser compatibility, enhancing user experience during registration.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 50s
Details
2026-01-07 18:46:45 +01:00
Torsten Schulz (local)
fde25d92c5 Implement passkey recovery feature, including email link requests and registration options. Update login and registration pages to support passkey authentication, with UI enhancements for user experience. Add server-side handling for passkey registration and login, including account activation checks. Update environment configuration for passkey recovery TTL settings.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 48s
Details
2026-01-07 18:37:01 +01:00
Torsten Schulz (local)
a8423f9c39 Enhance deployment script to conditionally symlink data directories based on git tracking status, improving error handling for uncommitted changes. Implement cleanup of untracked files while preserving essential directories, ensuring a smoother deployment process.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 42s
Details
2026-01-07 18:08:07 +01:00
Torsten Schulz (local)
946e5fadb0 Refactor deployment script to handle symlinking of public data conditionally based on git tracking status, improving error handling for uncommitted changes. Update PM2 configuration to directly start the Node server for Nuxt 4 production builds in both harheimertc.config.cjs and harheimertc.simple.cjs. Modify user ID handling in registration options to use Uint8Array for compatibility with @simplewebauthn/server.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 43s
Details
2026-01-07 18:06:09 +01:00
Torsten Schulz (local)
4864c80da3 Update package-lock.json to remove deprecated @peculiar/x509 version and add a new dependency entry for @simplewebauthn/server. Modify package.json to include an override for @peculiar/x509 version 1.13.0, ensuring compatibility across the project.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 44s
Details
2026-01-07 17:58:38 +01:00
Torsten Schulz (local)
9bae707473 Refactor deployment script to improve data management by introducing configurable backup and restore paths, enhancing error handling, and ensuring persistent data storage. Update backup processes to create timestamped directories for better organization.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 49s
Details
2026-01-07 17:54:49 +01:00
Torsten Schulz (local)
225e930e4c Update deployment script to ensure persistent data management, enhance backup and restore processes, and improve error handling. Modify .gitignore to exclude sensitive production data and update deployment documentation to reflect changes. Add environment variable loading for production secrets in configuration files.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 48s
Details
2026-01-07 17:42:04 +01:00
Torsten Schulz (local)
371fef25d7 Refactor authentication middleware to remove dependency on Pinia, implementing direct API calls for authentication status checks. Update member API documentation to escape JWT token placeholder for clarity. Update session and user data formats for improved security and consistency.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 53s
Details
2026-01-07 17:26:22 +01:00
Torsten Schulz (local)
673c34ac9d Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 51s
Details
2026-01-05 11:50:57 +01:00
Torsten Schulz (local)
8bd7ed76cd Remove gitleaks binary and archive files, and update .gitignore to exclude security tooling artifacts, enhancing project cleanliness and security management.
All checks were successful
Code Analysis (JS/Vue) / analyze (push) Successful in 3m49s
Details
2025-12-20 16:01:40 +01:00
Torsten Schulz (local)
0afdfec33b Enhance code analysis workflow by adding workspace sanity checks and refining OSV-Scanner commands to ensure proper execution with package-lock.json, improving overall reliability of the analysis process.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Has been cancelled
Details
2025-12-20 16:01:25 +01:00
Torsten Schulz (local)
ca204e6ef9 Add gitleaks binary and archive; remove README.md
All checks were successful
Code Analysis (JS/Vue) / analyze (push) Successful in 3m51s
Details
2025-12-20 15:49:21 +01:00
Torsten Schulz (local)
e55ca48de8 Reorganize code analysis workflow to run gitleaks scan before installing dependencies, ensuring more accurate results and maintaining a cleaner environment for subsequent analysis steps.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 8s
Details
2025-12-20 15:45:02 +01:00
Torsten Schulz (local)
60257edde3 Update code analysis workflow to remove node_modules along with build artifacts before gitleaks scanning, improving security and ensuring a cleaner environment for analysis.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m50s
Details
2025-12-20 15:35:03 +01:00
Torsten Schulz (local)
111c8c239c Refactor code analysis workflow by adding gitleaks detection command and removing obsolete output files to streamline the build process and enhance security checks.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m34s
Details
2025-12-20 15:29:58 +01:00
Torsten Schulz (local)
9e5ccbe8a3 Refine gitleaks download and extraction process in code analysis workflow by implementing dynamic asset URL retrieval, enhanced error handling for invalid downloads, and improved extraction methods.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m16s
Details
2025-12-20 15:22:30 +01:00
Torsten Schulz (local)
dd21174f1d Improve gitleaks download process in code analysis workflow by adding error handling for invalid downloads and ensuring proper extraction of the archive.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m37s
Details
2025-12-20 15:12:27 +01:00
Torsten Schulz (local)
6fda6ebad0 Enhance security and error handling in various components by refining error catch blocks to ignore specific errors, improving code clarity and consistency across the application.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 4m10s
Details
2025-12-20 15:05:49 +01:00
Torsten Schulz (local)
c9037fec45 Update path handling comments across multiple files to enhance security against path traversal vulnerabilities, ensuring consistent use of nosemgrep annotations for better code analysis.
All checks were successful
Code Analysis (JS/Vue) / analyze (push) Successful in 3m19s
Details
2025-12-20 14:49:57 +01:00
Torsten Schulz (local)
e128e1a77c Enhance security by adding role-checking functions in ESLint configuration and updating Vue components to improve content sanitization comments, while refining error handling in API endpoints for better clarity.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m40s
Details
2025-12-20 14:19:55 +01:00
Torsten Schulz (local)
19024cd87e Enhance security by adding DOMPurify comments in Vue components and updating path handling comments in server utilities to mitigate path traversal risks.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 46s
Details
2025-12-20 11:15:31 +01:00
Torsten Schulz (local)
968c749fe3 Enhance security by adding DOMPurify sanitization comments in newsletter and Vereins components, and update path handling comments in server utilities to address potential path traversal vulnerabilities.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m28s
Details
2025-12-20 10:54:49 +01:00
Torsten Schulz (local)
316cce1b26 Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 4m56s
Details
2025-12-20 10:49:20 +01:00
Torsten Schulz (local)
acfa842131 Add SMTP credentials for tests and enhance user role handling in CMS and Galerie endpoints
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 3m43s
Details
2025-12-20 10:32:06 +01:00
Torsten Schulz (local)
4f453f77bc Update package dependencies to vitest v4.0.16 and enhance role management in auth utilities with new role-checking functions in tests
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 57s
Details
2025-12-20 10:25:16 +01:00
Torsten Schulz (local)
42b9a10437 Refactor error handling in various components to ignore modal display failures and improve code clarity
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 51s
Details
2025-12-20 10:19:29 +01:00
Torsten Schulz (local)
b20b89d333 Update package-lock.json and package.json to include 'globals' dependency and improve code formatting in various components for better readability.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 54s
Details
2025-12-20 10:17:16 +01:00
Torsten Schulz (local)
861802b716 Update package dependencies to include eslint-plugin-vue and vue-eslint-parser for enhanced linting support
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 33s
Details
2025-12-19 17:32:56 +01:00
Torsten Schulz (local)
164c5d9297 Update code analysis workflow to run on ubuntu-latest for improved compatibility
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Failing after 52s
Details
2025-12-19 17:28:47 +01:00
Torsten Schulz (local)
a323684f13 Update code analysis workflow to improve clarity and efficiency by renaming steps and simplifying Semgrep command execution.
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Has been cancelled
Details
2025-12-19 16:53:09 +01:00
Torsten Schulz (local)
131edc0cb1 Add linting script to package.json for improved code quality
Some checks failed
Code Analysis (JS/Vue) / analyze (push) Has been cancelled
Details
2025-12-19 16:38:29 +01:00
Torsten Schulz
6243db3020 Merge pull request 'Update dependency @babel/parser to v7.28.5' (#2) from renovate/babel-monorepo into main 
Reviewed-on: #2
 2025-12-19 16:13:11 +01:00
Torsten Schulz
97742b24bb Merge pull request 'Update dependency @pinia/nuxt to v0.11.3' (#3) from renovate/pinia-nuxt-0.x-lockfile into main 
Reviewed-on: #3
 2025-12-19 16:12:58 +01:00
Torsten Schulz
40c2139aa8 Update dependency @pinia/nuxt to v0.11.3 2025-12-19 16:11:56 +01:00
Torsten Schulz
e05eb46bc5 Update dependency @babel/parser to v7.28.5 2025-12-19 16:11:48 +01:00