torsten/harheimertc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
213 Commits 2 Branches 0 Tags
54aee3c7874e2b7848efa0938d9f95594dc30bef
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Torsten Schulz (local) 54aee3c787 Update security headers in Apache configuration to enhance protection 
This commit removes the X-Frame-Options header in favor of using Content Security Policy (CSP) with frame-ancestors for better flexibility and modern security practices. It also adds a fallback for frame-ancestors in case CSP is not enabled. Additionally, the JavaScript middleware is updated to reflect these changes, ensuring consistent security header management across the application.
2026-01-11 20:59:42 +01:00
.gitea/workflows
Enhance code analysis workflow by adding workspace sanity checks and refining OSV-Scanner commands to ensure proper execution with package-lock.json, improving overall reliability of the analysis process.
2025-12-20 16:01:25 +01:00
assets
Initial commit: Harheimer TC Website
2025-10-21 00:41:12 +02:00
backups/users-1766060412221
Enhance Vereinsmeisterschaften and Vorstand pages with image support for players and board members. Implement lightbox functionality for player images in Vereinsmeisterschaften. Update CSV handling to include image filenames for better data management. Refactor components to utilize PersonCard for board members, improving code readability and maintainability.
2025-12-18 13:37:03 +01:00
components
Refactor authentication handling in Navigation and registration components to support lazy store access, improving resilience against Pinia initialization issues. Enhance registration logic to include optional password fallback for passkey users, with validation checks for password strength and confirmation. Update server-side registration to handle optional password securely, ensuring consistent user experience across different authentication methods.
2026-01-07 20:16:17 +01:00
composables
Enhance content sanitization across various components by integrating 'dompurify' for improved security and update package dependencies in package.json and package-lock.json.
2025-12-20 10:49:20 +01:00
middleware
Refactor authentication middleware to remove dependency on Pinia, implementing direct API calls for authentication status checks. Update member API documentation to escape JWT token placeholder for clarity. Update session and user data formats for improved security and consistency.
2026-01-07 17:26:22 +01:00
pages
Enhance newsletter subscription functionality with user profile integration
2026-01-09 09:01:23 +01:00
public
Remove deprecated Passkey-related documentation and test files
2026-01-09 08:50:26 +01:00
scripts
Update path handling comments across multiple files to enhance security against path traversal vulnerabilities, ensuring consistent use of nosemgrep annotations for better code analysis.
2025-12-20 14:49:57 +01:00
server
Update security headers in Apache configuration to enhance protection
2026-01-11 20:59:42 +01:00
stores
Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.
2026-01-05 11:50:57 +01:00
temp
Refactor navigation and game schedule components; remove 'Spielplan' links from Navigation.vue, update links to point to '/mannschaften/spielplaene' in Spielplan.vue, and enhance date and time formatting for improved display. Add PDF metadata and security headers in the API for better document handling.
2025-10-24 01:36:58 +02:00
tests
Add SMTP credentials for tests and enhance user role handling in CMS and Galerie endpoints
2025-12-20 10:32:06 +01:00
.gitignore
Update deployment script to ensure persistent data management, enhance backup and restore processes, and improve error handling. Modify .gitignore to exclude sensitive production data and update deployment documentation to reflect changes. Add environment variable loading for production secrets in configuration files.
2026-01-07 17:42:04 +01:00
.semgrepignore
Enhance security by adding DOMPurify comments in Vue components and updating path handling comments in server utilities to mitigate path traversal risks.
2025-12-20 11:15:31 +01:00
apache-config.conf
Simplify Apache config to proxy all requests to Nuxt server
2025-10-21 09:06:07 +02:00
apache-ssl-config.conf
Update security headers in Apache configuration to enhance protection
2026-01-11 20:59:42 +01:00
apache-static.conf
Update security headers in Apache configuration to enhance protection
2026-01-11 20:59:42 +01:00
app.vue
Refactor error and confirmation handling in membership application management; replace alerts with modal dialogs for improved user experience. Update application status to 'approved' for a new member and add corresponding data to JSON files.
2025-10-23 15:32:20 +02:00
AUTH_README.md
Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.
2026-01-05 11:50:57 +01:00
DATENSCHUTZ_UEBERSICHT.md
Implement passkey recovery feature, including email link requests and registration options. Update login and registration pages to support passkey authentication, with UI enhancements for user experience. Add server-side handling for passkey registration and login, including account activation checks. Update environment configuration for passkey recovery TTL settings.
2026-01-07 18:37:01 +01:00
DATENSCHUTZ.md
Update Apache SSL configuration and enhance security features across multiple files. Changed X-Frame-Options to SAMEORIGIN for better security, added optional Content Security Policy headers for testing, and improved password handling with HaveIBeenPwned checks during user registration and password reset. Implemented passkey login functionality in the authentication flow, including UI updates for user experience. Enhanced image upload processing with size limits and validation, and added rate limiting for various API endpoints to prevent abuse.
2026-01-05 11:50:57 +01:00
deploy-production.sh
Update deployment script to ensure PM2 processes start with updated environment variables. This change improves the reliability of the process startup by incorporating the --update-env flag, enhancing deployment robustness.
2026-01-08 23:28:25 +01:00
deploy.sh
Update AUTH_README.md to clarify admin password setup process and provide usage instructions for the set-admin-password script. Change file permissions for deploy.sh, production-setup.sh, and fetch-template.sh to make them executable.
2025-12-18 12:39:22 +01:00
DEPLOYMENT.md
Update deployment script to ensure persistent data management, enhance backup and restore processes, and improve error handling. Modify .gitignore to exclude sensitive production data and update deployment documentation to reflect changes. Add environment variable loading for production secrets in configuration files.
2026-01-07 17:42:04 +01:00
env.example
Implement passkey recovery feature, including email link requests and registration options. Update login and registration pages to support passkey authentication, with UI enhancements for user experience. Add server-side handling for passkey registration and login, including account activation checks. Update environment configuration for passkey recovery TTL settings.
2026-01-07 18:37:01 +01:00
eslint.config.js
Enhance security by adding role-checking functions in ESLint configuration and updating Vue components to improve content sanitization comments, while refining error handling in API endpoints for better clarity.
2025-12-20 14:19:55 +01:00
harheimertc.config.cjs
Refactor deployment script to handle symlinking of public data conditionally based on git tracking status, improving error handling for uncommitted changes. Update PM2 configuration to directly start the Node server for Nuxt 4 production builds in both harheimertc.config.cjs and harheimertc.simple.cjs. Modify user ID handling in registration options to use Uint8Array for compatibility with @simplewebauthn/server.
2026-01-07 18:06:09 +01:00
harheimertc.simple.cjs
Refactor deployment script to handle symlinking of public data conditionally based on git tracking status, improving error handling for uncommitted changes. Update PM2 configuration to directly start the Node server for Nuxt 4 production builds in both harheimertc.config.cjs and harheimertc.simple.cjs. Modify user ID handling in registration options to use Uint8Array for compatibility with @simplewebauthn/server.
2026-01-07 18:06:09 +01:00
index.htm
Remove index-iframe.html file, eliminating the iframe integration for the Harheimer Tischtennis-Club website. This change simplifies the project structure by removing unused HTML content.
2025-11-07 10:20:05 +01:00
next-env.d.ts
Initial commit: Harheimer TC Website
2025-10-21 00:41:12 +02:00
nuxt.config.js
Update nuxt.config.js to enhance SEO and social media integration; modify title and description for clarity, add Open Graph and Twitter meta tags, and include canonical link for improved indexing. Adjust keywords for better search visibility.
2025-11-07 10:15:14 +01:00
package-lock.json
Update package-lock.json to remove deprecated @peculiar/x509 version and add a new dependency entry for @simplewebauthn/server. Modify package.json to include an override for @peculiar/x509 version 1.13.0, ensuring compatibility across the project.
2026-01-07 17:58:38 +01:00
package.json
Update package-lock.json to remove deprecated @peculiar/x509 version and add a new dependency entry for @simplewebauthn/server. Modify package.json to include an override for @peculiar/x509 version 1.13.0, ensuring compatibility across the project.
2026-01-07 17:58:38 +01:00
production-setup.sh
Update AUTH_README.md to clarify admin password setup process and provide usage instructions for the set-admin-password script. Change file permissions for deploy.sh, production-setup.sh, and fetch-template.sh to make them executable.
2025-12-18 12:39:22 +01:00
renovate.json
Add renovate.json
2025-12-19 15:58:03 +01:00
tailwind.config.js
Initial commit: Harheimer TC Website
2025-10-21 00:41:12 +02:00
test-vspace.tex
Refactor environment configuration for local development; update SMTP settings and add JWT secret, encryption key, and debug options. Enhance Nuxt configuration for development server and runtime settings. Introduce new membership application form with validation and PDF generation functionality. Update footer and navigation components to include new membership links. Revise user and session data in JSON files.
2025-10-23 01:31:45 +02:00
test.aux
Refactor environment configuration for local development; update SMTP settings and add JWT secret, encryption key, and debug options. Enhance Nuxt configuration for development server and runtime settings. Introduce new membership application form with validation and PDF generation functionality. Update footer and navigation components to include new membership links. Revise user and session data in JSON files.
2025-10-23 01:31:45 +02:00
test.pdf
Refactor environment configuration for local development; update SMTP settings and add JWT secret, encryption key, and debug options. Enhance Nuxt configuration for development server and runtime settings. Introduce new membership application form with validation and PDF generation functionality. Update footer and navigation components to include new membership links. Revise user and session data in JSON files.
2025-10-23 01:31:45 +02:00
test.tex
Refactor environment configuration for local development; update SMTP settings and add JWT secret, encryption key, and debug options. Enhance Nuxt configuration for development server and runtime settings. Introduce new membership application form with validation and PDF generation functionality. Update footer and navigation components to include new membership links. Revise user and session data in JSON files.
2025-10-23 01:31:45 +02:00
vitest.config.ts
Update dependencies in package.json and package-lock.json; add testing scripts for Vitest, and include new packages such as supertest and vitest. Refactor Navigation component to improve event handling and cleanup, ensuring better performance and user experience. Enhance error handling in various API endpoints for PDF uploads and CSV saves, ensuring robust error propagation. Update nodemailer transport configuration for consistency across API handlers.
2025-11-10 13:08:50 +01:00
Description
No description provided
49 MiB
Languages
Vue 55.3%
JavaScript 38.8%
TypeScript 3.1%
Shell 2.6%
HTML 0.1%