Docker/planka
Docker/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-07-24 07:39:44 +02:00
Code Issues Releases Activity
603 commits 2 branches 41 tags 48 MiB
Commit graph

197 commits

Author SHA1 Message Date
Ken
4841a65c77
feat: Add Traditional Chinese translation (#846) 2024-08-13 12:53:42 +02:00
Maksim Eltyshev
12f05adde7 fix: Fix styles, refactoring 2024-08-12 23:17:17 +02:00
Arkadiusz Dzięgiel
c594e8bd71
feat: Colorize due date and make it toggleable (#845) 2024-08-12 18:29:50 +02:00
dependabot[bot]
e6b8538863
chore(deps): Bump ws, engine.io and socket.io-adapter in /server (#830) 
Bumps [ws](https://github.com/websockets/ws), [engine.io](https://github.com/socketio/engine.io) and [socket.io-adapter](https://github.com/socketio/socket.io-adapter). These dependencies needed to be updated together.

Updates `ws` from 8.11.0 to 8.17.1
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/8.11.0...8.17.1)

Updates `engine.io` from 6.5.4 to 6.5.5
- [Release notes](https://github.com/socketio/engine.io/releases)
- [Changelog](https://github.com/socketio/engine.io/blob/6.5.5/CHANGELOG.md)
- [Commits](https://github.com/socketio/engine.io/compare/6.5.4...6.5.5)

Updates `socket.io-adapter` from 2.5.4 to 2.5.5
- [Release notes](https://github.com/socketio/socket.io-adapter/releases)
- [Changelog](https://github.com/socketio/socket.io-adapter/blob/2.5.5/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io-adapter/compare/2.5.4...2.5.5)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
- dependency-name: engine.io
  dependency-type: indirect
- dependency-name: socket.io-adapter
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-07-21 19:42:36 +02:00
Maksim Eltyshev
9dc38932fb feat: Languages with country codes 2024-07-21 19:33:57 +02:00
Aurélien Troncy
e9b4a4adfc
fix: Disable x-powered-by header (#829) 2024-07-21 18:27:26 +02:00
Maksim Eltyshev
aff853c602 ref: Refactoring, fix linting 2024-07-16 12:33:38 +02:00
aleb_the_flash
ad2966c5d6
feat: Improve OIDC support for strict providers (#824) 2024-07-16 12:19:27 +02:00
Αλέξανδρος
6052f8999f
fix: Fix application crashing when webhook is unavailable (#815) 2024-07-15 14:40:33 +02:00
Maksim Eltyshev
7acaec6d04 fix: Fix incorrect related data when transferring card 
Closes #431, closes #803
 2024-07-15 14:01:06 +02:00
HannesOberreiter
ba178d66fa
docs: Add types to webhook function (#796) 2024-06-18 15:41:12 +02:00
HannesOberreiter
270ce29f87
feat: Add custom user agent with base url to webhook (#799) 2024-06-18 15:36:51 +02:00
HannesOberreiter
de1ed3c784
ref: Define all possible event types in webhook module (#795) 2024-06-18 15:32:39 +02:00
NathanVss
cc1e886a31
feat: Ability to allow everyone to create projects (#787) 2024-06-14 16:38:06 +02:00
Gavin Mogan
5fcea5d651
fix: Handle WEBHOOKS env variable being unset (#785) 
Closes #784
 2024-06-12 08:59:36 +02:00
Maksim Eltyshev
c065566c15 feat: Webhooks configuration, all events support, refactoring 2024-06-12 00:51:36 +02:00
HannesOberreiter
3779bdb053
feat: Events via webhook (#771) 
Closes #215, closes #656
 2024-06-06 20:22:14 +02:00
Maksim Eltyshev
b8d7e713b9 chore: Update dependencies 2024-06-02 01:34:03 +02:00
Smiley3112
2d6666d693
feat: Add SMTP_NAME environment variable (#761) 
Closes #758
 2024-05-18 15:02:21 +02:00
Maksim Eltyshev
fff0552081 chore: Update dependencies 
Closes #726
 2024-04-23 15:45:47 +02:00
Samuel
934dcdf39b
feat: Sort cards within list (#717) 
Closes #390
 2024-04-22 21:56:07 +02:00
Maksim Eltyshev
8a8c1fee0c fix: Fix error output when sending email or message to Slack 2024-04-12 12:07:19 +02:00
Maksim Eltyshev
4e2863faa7 feat: Automatic logout when session expires
Some checks are pending
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm/v7) (push) Waiting to run
Details
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm64) (push) Waiting to run
Details
Build and push Docker DEV image / build ([self-hosted x64], linux/amd64) (push) Waiting to run
Details
Build and push Docker DEV image / merge (push) Blocked by required conditions
Details
Build and push Docker DEV image / rerun-failed-jobs (push) Blocked by required conditions
Details 
Closes #693
 2024-04-09 15:12:46 +02:00
Maksim Eltyshev
b46fb43e6f chore: Cleanup
Some checks failed
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm/v7) (push) Has been cancelled
Details
Build and push Docker DEV image / build ([self-hosted arm64], linux/arm64) (push) Has been cancelled
Details
Build and push Docker DEV image / build ([self-hosted x64], linux/amd64) (push) Has been cancelled
Details
Build and push Docker DEV image / rerun-failed-jobs (push) Has been cancelled
Details
Build and push Docker DEV image / merge (push) Has been cancelled
Details
2024-04-08 01:47:24 +02:00
Matthieu Bollot
2990ea593a feat: Slack bot notifications (#676) 2024-04-08 01:27:10 +02:00
Matthieu Bollot
b5bbf6a6a4 feat: Add ability to duplicate card (#668) 2024-04-08 01:24:50 +02:00
Edouard
bcd3ea86e8 feat: SMTP integration and email notifications (#631) 2024-04-08 01:24:50 +02:00
Maksim Eltyshev
733abccaa9 fix: Fix case sensitivity of default admin environment variables 2024-04-08 01:24:50 +02:00
Maksim Eltyshev
988e70ec40 fix: Fix nullable boolean inputs 2024-04-08 01:24:50 +02:00
Maksim Eltyshev
6d9ce56f4a fix: Include due date when importing from Trello 
Closes #598
 2024-04-08 01:24:50 +02:00
Maksim Eltyshev
6c65d135f7 feat: Add ability to enforce SSO 
Closes #543, closes #545
 2024-04-08 01:24:10 +02:00
Maksim Eltyshev
0d39a7567f feat: Add ability to map OIDC attributes and ignore username 
Closes #554
 2024-04-08 01:18:26 +02:00
Maksim Eltyshev
ce52fc5af7 fix: Fix images becoming black and white when resizing 
Closes #574, closes #585
 2024-04-08 01:18:26 +02:00
Maksim Eltyshev
0a2863a79c chore: Bump sharp version 2024-04-08 01:18:26 +02:00
GlitchWitch
273d994750
Remove unused code and comments 2023-12-28 12:01:38 -06:00
Brad Bahls
86d21d6abd
updated to use currentUser.name for messages 2023-12-28 09:03:41 -07:00
GlitchWitch
3fedc14062
Rename custom.js -> slack.js 2023-12-23 10:52:15 -06:00
GlitchWitch
9961340118
Replace plankaProdUrl with one set by environment. Remove hardcoded channel and unused variables. 2023-12-23 10:48:50 -06:00
Brad Bahls
f54bd22757
removed test webhook url 2023-12-23 08:58:22 -07:00
Brad Bahls
1043dacd67
added new custom service with slack integration helper functions; added axios package; added notifications for card create, delete, and update (move); added notifications for comment create 2023-12-23 08:52:07 -07:00
Maksim Eltyshev
28c3f28e01 fix: Add issuer to OIDC callback parameters 
Closes #562
 2023-12-09 16:28:24 +01:00
Maksim Eltyshev
f1fed3e533 build: Stop using base image 2023-12-01 18:02:19 +01:00
Maksim Eltyshev
239611ad51 chore: Update dependencies 2023-11-17 14:34:10 +01:00
Maksim Eltyshev
6dc9e4ed99 fix: Disable role change when OIDC roles are not ignored 2023-10-25 23:39:34 +02:00
Balthasar Hofer
d4b64b90fc
feat: Add ability to ignore roles when logging in with SSO (#534) 
Closes #533
 2023-10-26 02:01:35 +05:00
Maksim Eltyshev
3ef5b3ead8 fix: Make default admin environment variables optional 
Closes #526
 2023-10-20 21:52:12 +02:00
Maksim Eltyshev
40c04c35ff ref: Refactoring 2023-10-19 16:05:34 +02:00
Lorenz Brun
743f2956c8
feat: Improve OIDC SSO (#524) 
The OIDC implementation merged in https://github.com/plankanban/planka/pull/491 is flawed for multiple reasons.

It assumes that the access_token returned by the IDP has to be a JWT parseable by the RP which is not the case [1].
Many major IDPs do issue tokens which are not JWTs and RPs should not rely on the contents of these at all.
The only signed token which has a standardized format for direct RP consumption is the OIDC ID token (id_token), but this by default doesn't contain many claims, especially role claims are omitted from them by default for size reasons. To get these additional claims into the ID token, one needs an IDP with support for the "claims" parameter.

It requires manual specification of the JWKS URL which is mandatory in any OIDC discovery document and thus never needs to be manually specified.

It also makes the questionable decision to use a client-side code flow with PKCE where a normal code flow would be much more appropriate as all user data is processed in the backend which can securely hold a client secret (confidential client). This has far wider IDP support, is safer (due to direct involvement of the IDP in obtaining user information) and doesn't require working with ID tokens and claim parameters.

By using a server-side code flow we can also offload most complexity to the server alone, no longer requiring an additional OIDC library on the web client.

Also silent logout doesn't work on most IDPs for security reasons, one needs to actually redirect the user over to the IDP, which then prompts them once more if they actually want to log out.

This implementation should work with any OIDC-compliant IDP and even OAuth 2.0-only IDPs as long as they serve and OIDC discovery document.

[1] rfc-editor.org/rfc/rfc6749#section-5.1
 2023-10-19 17:39:21 +05:00
Maksim Eltyshev
6662b0a717 fix: Fix order of checks when logging in 2023-10-18 23:07:57 +02:00
Maksim Eltyshev
3bc73c43ea chore: Bump sails version 2023-10-17 19:23:09 +02:00