Commit graph

7868 commits

Author SHA1 Message Date
Sadie Powell
e44bed1758 Fix showing multiple certificate fingerprints on InspIRCd v4. 2024-10-14 18:04:14 +01:00
Reto Brunner
3d33ef8083 Merge branch 'topic' 2024-09-29 14:46:21 +02:00
Reto Brunner
0c57694c00 bump irc-framework to 4.14 2024-09-29 14:38:53 +02:00
Reto Brunner
834b12218e Merge branch 'actualUsername' into frameWork 2024-09-29 14:27:18 +02:00
dependabot[bot]
e81273148b
build(deps): bump braces from 3.0.2 to 3.0.3
Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-09-29 12:07:53 +00:00
Reto Brunner
6d6179c69d update dependency @types/ws to v8.5.12 2024-09-29 13:58:53 +02:00
Reto Brunner
6f09b6fd70 update dependency postcss to v8.4.47 2024-09-29 13:58:00 +02:00
Reto Brunner
a016db68bb update dependency mime-types to v2.1.35 2024-09-29 13:55:13 +02:00
Reto Brunner
2962b07c1f update dependency webpack to v5.94.0 2024-09-29 13:52:53 +02:00
Reto Brunner
e7aff2862a update dependency cheerio to v1.0.0 2024-09-29 13:49:00 +02:00
Reto Brunner
ca2c231eec update dependency node-forge to v1.3.1 2024-09-29 13:46:20 +02:00
Reto Brunner
a196b1ad95 update dependency express to v4.20.0 2024-09-29 13:45:01 +02:00
renovate[bot]
05a87130ee
fix(deps): update dependency express to v4.20.0 [security] 2024-09-21 10:53:24 +00:00
renovate[bot]
a6af6bb45c
chore(deps): update dependency postcss to v8.4.47 2024-09-15 15:58:39 +00:00
arminius-smh
ac485c483b
server: fix loading themes from scoped packages
Scoped packages have slashes in them, that led to them being loaded at
the wrong path. Encoding the name fixes this.
2024-09-04 12:25:48 +02:00
arminius-smh
0a4adc4592
server: fix scoped package install
Installing a scoped npm package with thelounge install lead to an error,
because the original split that was used to split the version from the
package, split at the first @ from scoped packages.
2024-09-04 12:25:48 +02:00
renovate[bot]
8ed898846c
chore(deps): update dependency webpack to v5.94.0 [security] 2024-09-04 02:03:07 +00:00
renovate[bot]
374c6a9b04
fix(deps): update dependency node-forge to v1.3.1 2024-09-01 00:52:03 +00:00
renovate[bot]
6b30b07fc5
fix(deps): update dependency cheerio to v1.0.0 2024-09-01 00:51:51 +00:00
Reto Brunner
e42ad91e04 whois: support actual_username field
Some servers (e.g. InspIRCd v4) support the concept of a real username,
i.e. the username that was originally sent as distinct from their virtual
username set by services.

Closes: https://github.com/thelounge/thelounge/issues/4900
2024-08-19 07:34:18 +02:00
renovate[bot]
22388087df
fix(deps): update dependency mime-types to v2.1.35 2024-08-01 03:43:04 +00:00
renovate[bot]
f89288414a
chore(deps): update dependency @types/ws to v8.5.12 2024-08-01 00:53:42 +00:00
Reto Brunner
a61bc14456 remove dns resolution order override
This is the default for node 18.
2024-07-24 19:42:01 +02:00
Reto Brunner
718db3ae88 client: use topic command in topic change
A user on IRC reported a bug where the topic would change to ":hello"
when the topic was modified to "hello" via the channel topic edit field.

The reason is that irc-framework also sanitizes /RAW commands
and hence our manually escaped trailing param gets another ":"
(which I'm not exactly sure it should be doing... /raw means raw
in my world, but oh well).

We do have a proper /topic command a user could be using, so the
fix is to just do that in the input box as well.
2024-07-16 22:22:13 +02:00
Reto Brunner
e2ddabe032 update browserlist 2024-07-11 08:55:13 +02:00
Reto Brunner
6b9c2f5f58 update dependency sortablejs to v1.15.2 2024-07-11 08:36:34 +02:00
Reto Brunner
74cfff0034 update dependency got to v11.8.6 2024-07-11 08:32:38 +02:00
Reto Brunner
40a4434c8c update dependency vue-eslint-parser to v9.4.3 2024-07-11 08:32:03 +02:00
Reto Brunner
322d293f88 update dependency socket.io to v4.6.2 2024-07-11 08:31:06 +02:00
Reto Brunner
210d830fd0 update dependency postcss to v8.4.39 2024-07-11 08:29:38 +02:00
Reto Brunner
4990a6d9c6 update dependency @vue/test-utils to v2.4.6 2024-07-11 08:27:29 +02:00
Reto Brunner
f59ebc7d86 update dependency @types/ws to v8.5.10 2024-07-11 08:24:20 +02:00
renovate[bot]
1ccce14d01
fix(deps): update dependency got to v11.8.6 2024-07-01 02:25:52 +00:00
renovate[bot]
a051a70b02
chore(deps): update dependency vue-eslint-parser to v9.4.3 2024-07-01 02:25:42 +00:00
renovate[bot]
81c8db8374
chore(deps): update dependency postcss to v8.4.39 2024-06-30 19:09:15 +00:00
renovate[bot]
a900943345
fix(deps): update dependency socket.io to v4.6.2 [security] 2024-06-19 19:51:34 +00:00
renovate[bot]
f3bdec0078
chore(deps): update dependency sortablejs to v1.15.2 2024-06-01 02:14:44 +00:00
Reto Brunner
0d9c184f19 server: fix time handling
The framework may emit messages which do not have a time stamp.
We tried to unconditionally convert the time field, fix that.

The Msg constructor replaces falsey time fields with the current
date so we can also remove the duplication from that codepath.
2024-05-16 22:15:39 +02:00
Max Leiter
4de413070d
Merge pull request #4873 from thelounge/types
client: remove setAppBadge and clearAppBadge
2024-05-12 23:08:52 -07:00
Reto Brunner
0955d9df06 Identd: fix various issues
There's a bunch of sub optimal behavior from our ident server.
For one, it allows user enumeration which we don't really want and it doesn't clean up connections that don't send any data.

Fix that
2024-05-12 11:51:18 +02:00
Reto Brunner
cb4aaf6a97 client: remove setAppBadge and clearAppBadge
They already ship with typescript's lib.dom.d.ts
2024-05-10 13:21:18 +02:00
Reto Brunner
45c2fc87ee client: properly type Socket in window 2024-05-10 12:27:41 +02:00
Reto Brunner
29fcc2da05 ident: close connections if they don't send data 2024-05-09 19:01:10 +02:00
Reto Brunner
12679081c8 ident: fix write after connection end
We only respond once to data, then half-close the connection.
Hence, we should only listen to a single data event as well,
else if the remote doesn't stop sending data we keep trying to
write to the closed write end of the pipe.
2024-05-09 19:01:10 +02:00
Reto Brunner
0e48014d5a ident: only respond if the ip,port tuples match
Per RFC 1413, The uniquely identifying tuple includes not only the ports,
but also both addresses.

If multiple connections happen to use the same local port number
(which is possible if the addresses differ), the username of the first
is returned for all, resulting in the wrong ident for all but the
first.

By not checking the connection address, the information becomes
public. Because there is only relatively small number of local ports,
and the remote ports are likely to be either 6667 or 6697, it becomes
trivial to enumerate all the users.

Co-Authored-By: Juerd Waalboer <juerd@tnx.nl>
2024-05-09 19:01:10 +02:00
Reto Brunner
4819406af5 ident: order imports 2024-05-09 17:24:53 +02:00
renovate[bot]
9e6eef3020
chore(deps): update dependency @vue/test-utils to v2.4.6 2024-05-08 02:08:59 +00:00
renovate[bot]
33e08390f9
chore(deps): update dependency @types/ws to v8.5.10 2024-05-05 04:50:37 +00:00
Max Leiter
74563effa7
Merge pull request #4869 from thelounge/tsUpdate
Ts update
2024-05-04 21:49:58 -07:00
Max Leiter
cbab10f416
Merge pull request #4870 from thelounge/dts
remove unused .d.ts file
2024-05-04 21:46:54 -07:00