clinch

Author	SHA1	Message	Date
Dan Milne	cc6d4fcc65	Add test files, update checklist Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-05 23:28:55 +11:00
Dan Milne	5268f10eb3	Don't allow claim escalation Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-05 16:40:11 +11:00
Dan Milne	b09ddf6db5	OpenID Conformance: We need to return to the redirect_uri in the case of errors. Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 15:12:55 +11:00
Dan Milne	b2030df8c2	Return only scopes requested ( OpenID conformance test. Update README	2026-01-02 14:05:54 +11:00
Dan Milne	2f6a2c7406	Update ruby 3.4.6 -> 3.4.7. Update gems. Add trivy scanning and ignore unfixable Debian CVEs. Ignore a test fixture key for Capybara Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / scan_container (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 12:48:40 +11:00
Dan Milne	5137a25626	Add remainging rate limits. Add docker compose production example. Update beta-checklist. Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-02 12:14:13 +11:00
Dan Milne	fed7c3cedb	Some beta-checklist updates	2026-01-02 11:53:41 +11:00
Dan Milne	e288fcad7c	Remove old docs	2026-01-01 21:04:26 +11:00
Dan Milne	c1c6e0112e	ADd backup / restore documentation Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-01 15:40:49 +11:00
Dan Milne	ae99d3d9cf	Fix webauthn bug. Fix tests. Update docs Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-01 15:24:56 +11:00
Dan Milne	c03034c49f	Add files to support brakeman and standardrb. Fix some SRB warnings	2026-01-01 13:18:30 +11:00
Dan Milne	9234904e47	Add security-todo and beta-checklists, and some security rake tasks Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2026-01-01 13:06:54 +11:00
Dan Milne	e36a9a781a	Add new claims to the discovery endpoint Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-12-31 17:27:28 +11:00
Dan Milne	0761c424c1	Fix tests. Remove tests which test rails functionality Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-12-30 00:18:19 +11:00
Dan Milne	2b15aa2c40	Add sentry, set csp reporting API	2025-11-04 22:58:32 +11:00
Dan Milne	73b2ae2f02	Add some docs Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-11-04 21:13:46 +11:00
Dan Milne	81871426e9	Update docs	2025-10-29 16:08:49 +11:00
Dan Milne	ddcb297c74	Add comprhensive csp polices and reporting endpoint. Add environment support require for protecting against rebinding attacks on ip addresses Some checks failed CI / scan_ruby (push) Has been cancelled Details CI / scan_js (push) Has been cancelled Details CI / lint (push) Has been cancelled Details CI / test (push) Has been cancelled Details CI / system-test (push) Has been cancelled Details	2025-10-29 15:37:53 +11:00
Dan Milne	a2008d0750	remove incorrectly named files	2025-10-28 09:01:42 +11:00
Dan Milne	810561d74b	Rename thumbshots	2025-10-28 09:01:42 +11:00
Dan Milne	2ee895888d	Add screenshots	2025-10-28 09:01:42 +11:00
Dan Milne	6c9fc429f1	Increase thumb	2025-10-28 09:01:42 +11:00
Dan Milne	7d200b849e	Add a screenshot	2025-10-28 09:01:42 +11:00
Dan Milne	7074242907	Update docs. Implemented a one-time token to work around domain cookies not being immediately return by the browser. Reduce db queries on /api/verify requests.	2025-10-28 08:27:19 +11:00
Dan Milne	88428bfd97	Add configuration foward-auth headers	2025-10-26 14:41:20 +11:00

25 Commits