Merge requests · funkwhale / funkwhale · GitLab

Resolves reuse of invitation code

!2173 · created Nov 20, 2022 by Marcos Peña 1.2.9 stable
AreaBackend AreaSecurity StatusReady TypeBug
- Merged
- Approved
- 1
- 11
updated Nov 24, 2022
Fix X-Frame-Options HTTP header for embed and force it to SAMEORIGIN value for other pages 1 of 2 checklist items completed

!1388 · created Oct 20, 2021 by JuniorJPDJ 1.2.0
AreaDeployment AreaSecurity ComponentDocker StatusReady
- Merged
- 1 left
- 3
updated Oct 21, 2021
Resolve "prevent open redirect on login"

!1352 · created Jul 26, 2021 by Ciarán Ainsworth 1.1.3
AreaFrontend AreaSecurity StatusReady
- Merged
- 1 left
- 0
updated Jul 26, 2021
Add beforeRouteEnter guards for moderation pages

!1351 · created Jul 22, 2021 by Ciarán Ainsworth 1.1.3
AreaSecurity StatusReady
- Merged
- 1 left
- 8
updated Jul 26, 2021
Update backend dependencies 0 of 2 checklist items completed

!1303 · created Apr 25, 2021 by Georg Krause 1.2.0
AreaBackend AreaSecurity StatusReady
- Merged
- 1 left
- 2
updated Apr 30, 2021
Resolve "Remove JWT and switch to OAuth for UI auth"

!1302 · created Apr 24, 2021 by Georg Krause 1.2.0
AreaBackend AreaFrontend AreaSecurity ComponentAuth SeverityCritical StatusReview wanted
- Closed
- Approved
- 3
updated Apr 28, 2021
Upgraded dependencies

!1165 · created Jul 11, 2020 by Agate 1.0
AreaBackend AreaSecurity TypeEnhancement
- Merged
- 1 left
- 0
updated Jul 18, 2020
See #1108: support using OAuth instead of JWT in front when logging in to a different domain 4 of 4 checklist items completed

!1127 · created May 18, 2020 by Agate 1.0
AreaBackend AreaFrontend AreaSecurity ComponentAuth SeverityCritical
- Merged
- 1 left
- 0
updated May 18, 2020
Support session/cookie based auth, see #1108 4 of 4 checklist items completed

!1126 · created May 18, 2020 by Agate 1.0
AreaBackend AreaFrontend AreaSecurity ComponentAuth SeverityCritical
- Merged
- 1 left
- 0
updated May 18, 2020
Use scoped tokens to load <audio> urls instead of JWT

!1124 · created May 08, 2020 by Agate 1.0
AreaBackend AreaFrontend AreaSecurity ComponentAuth SeverityCritical
- Merged
- 1 left
- 0
updated May 11, 2020
See #170: switch to PKCS#8 for public key serialization

!1064 · created Mar 24, 2020 by Agate 0.21
AreaBackend AreaSecurity ComponentFederation
- Merged
- 1 left
- 0
updated Mar 25, 2020
Dependency care - upgrade to django 3

!1037 · created Feb 25, 2020 by Agate backlog
AreaBackend AreaSecurity TypeEnhancement
- Merged
- 1 left
- 0
updated Feb 25, 2020
WIP: Added Snyk dependency testing to API 0 of 2 checklist items completed

!947 · created Nov 04, 2019 by Agate
AreaCI/CD AreaSecurity TypeEnhancement
- Closed
- 1 left
- 1
updated Nov 06, 2019
Fix #883: Prevent usage of too weak passwords 4 of 4 checklist items completed

!901 · created Sep 20, 2019 by Agate 0.20
AreaBackend AreaSecurity TypeEnhancement
- Merged
- 1 left
- 2
- 2
updated Sep 21, 2019
Updated to django 2.2.4

!849 · created Aug 01, 2019 by Agate 0.20
AreaBackend AreaSecurity TypeEnhancement
- Merged
- 1 left
- 0
updated Aug 01, 2019
Increase the security of JWT token generation by using DJANGO_SECRET_KEY as...

!828 · created Jul 13, 2019 by Agate 0.20
AreaBackend AreaSecurity TypeEnhancement
- Merged
- 1 left
- 1
updated Jul 16, 2019
Resolve "Improve the security via HTTP headers" 4 of 4 checklist items completed

!826 · created Jul 10, 2019 by Agate 0.20
AreaBackend AreaFrontend AreaSecurity StatusReview wanted TypeEnhancement
- Merged
- 1 left
- 5
updated Aug 15, 2019
Resolve "Hide an artist in the UI" 1 of 1 checklist item completed

!618 · created Feb 13, 2019 by Agate 0.19
AreaBackend AreaFrontend AreaSecurity SizeL StatusInput wanted TypeNew feature TypeUX/UI
- Merged
- 1 left
- 0
updated Feb 20, 2019
Fix #678: Removed potential BREACH exploit because of Gzip compression

!572 · created Jan 29, 2019 by Agate 0.18.1 master
AreaBackend AreaDeployment AreaSecurity DifficultyEasy-pick
- Merged
- 1 left
- 0
updated Jan 29, 2019
Fix #658: Support blind key rotation in HTTP Signatures 1 of 1 checklist item completed

!530 · created Jan 11, 2019 by Agate 0.18
AreaBackend AreaSecurity ComponentFederation StatusReady TypeEnhancement
- Merged
- 1 left
- 1
updated Jan 14, 2019