- Added safeIntToUint and safeFloat64ToUint functions to prevent integer overflow in proxy_host_handler.go.
- Updated GetAvailableSpace method in backup_service.go with overflow protection.
- Improved LiveLogViewer tests by using findBy queries to avoid race conditions.
- Adjusted benchmark.yml to handle permissions and increased alert threshold to 175%.
- Created CI/CD Failure Remediation Plan document for addressing workflow failures.
- Updated LiveLogViewer to support a new security mode, allowing for the display of security logs.
- Implemented mock functions for connecting to security logs in tests.
- Added tests for rendering, filtering, and displaying security log entries, including blocked requests and source filtering.
- Modified Security page to utilize the new security mode in LiveLogViewer.
- Updated Security page tests to reflect changes in log viewer and ensure proper rendering of security-related components.
- Introduced a new script for CrowdSec startup testing, ensuring proper configuration and parser installation.
- Added pre-flight checks in the CrowdSec integration script to verify successful startup and configuration.
- Implement tests for ImportSuccessModal to verify rendering and functionality.
- Update AuthContext to store authentication token in localStorage and manage token state.
- Modify useImport hook to capture and expose commit results, preventing unnecessary refetches.
- Enhance useCertificates hook to support optional refetch intervals.
- Update Dashboard to conditionally poll certificates based on pending status.
- Integrate ImportSuccessModal into ImportCaddy for user feedback on import completion.
- Adjust Login component to utilize returned token for authentication.
- Refactor CrowdSecConfig tests for improved readability and reliability.
- Add debug_db.py script for inspecting the SQLite database.
- Update integration and test scripts for better configuration and error handling.
- Introduce Trivy scan script for vulnerability assessment of Docker images.
- Created `qa-test-output-after-fix.txt` and `qa-test-output.txt` to log results of certificate page authentication tests.
- Added `build.sh` for deterministic backend builds in CI, utilizing `go list` for efficiency.
- Introduced `codeql_scan.sh` for CodeQL database creation and analysis for Go and JavaScript/TypeScript.
- Implemented `dockerfile_check.sh` to validate Dockerfiles for base image and package manager mismatches.
- Added `sourcery_precommit_wrapper.sh` to facilitate Sourcery CLI usage in pre-commit hooks.
- Added a test case in CrowdSecConfig to show improved error message when preset is not cached.
- Introduced a new test suite for the Dashboard component, verifying counts and health status.
- Updated SMTPSettings tests to utilize a shared render function and added tests for backend validation errors.
- Modified Security.audit tests to improve input handling and removed redundant export failure test.
- Refactored Security tests to remove export functionality and ensure correct rendering of components.
- Enhanced UsersPage tests with new scenarios for updating user permissions and manual invite link flow.
- Created a new utility for rendering components with a QueryClient and MemoryRouter for better test isolation.
- Updated go-test-coverage script to improve error handling and coverage reporting.
- Introduced `crowdsec_integration_test.go` to validate the integration of the CrowdSec preset pull and apply functionality.
- Updated `RealCommandExecutor` to return combined output for command execution.
- Enhanced `CrowdsecHandler` to map errors to appropriate HTTP status codes, including handling timeouts.
- Added tests for timeout scenarios in `crowdsec_presets_handler_test.go`.
- Improved `HubService` to support configurable pull and apply timeouts via environment variables.
- Implemented fallback logic for fetching hub index from a default URL if the primary fails.
- Updated documentation to reflect changes in preset handling and cscli availability.
- Refactored frontend tests to utilize a new test query client for better state management.
- Added a new integration script `crowdsec_integration.sh` for automated testing of the CrowdSec integration.
- Added comprehensive tests for CrowdSec configuration, including preset application and validation error handling.
- Introduced new test cases for importing CrowdSec configurations, ensuring backup creation and successful import.
- Updated existing tests to reflect changes in UI elements and functionality, including toggling CrowdSec mode and exporting configurations.
- Created utility functions for building export filenames and handling downloads, improving code organization and reusability.
- Refactored existing tests to use new test IDs and ensure accurate assertions for UI elements and API calls.
docs: Modify security documentation to indicate Cerberus is enabled by default
test: Adjust frontend feature flag tests to align with new Cerberus flag
feat: Integrate feature flags into Layout component for conditional rendering
test: Enhance Layout component tests for feature flag visibility
feat: Implement Optional Features section in System Settings page
test: Add tests for Optional Features toggles in System Settings
fix: Remove unused Cerberus state from System Settings component
- Implemented new CSS animations for UI elements including bobbing, pulsing, rotating, and spinning effects.
- Integrated loading overlays in CrowdSecConfig, Login, ProxyHosts, Security, and WafConfig pages to enhance user experience during asynchronous operations.
- Added contextual messages for loading states to inform users about ongoing processes.
- Created tests for Login and Security pages to ensure overlays function correctly during login attempts and security operations.
- Implement tests for invalid JSON input in notification template creation, update, and preview endpoints.
- Enhance uptime handler tests to cover sync success and error scenarios for delete and list operations.
- Update routes to include backup service in certificate handler initialization.
- Introduce certificate usage check before deletion in the certificate service, preventing deletion of certificates in use.
- Update certificate service tests to validate new behavior regarding certificate deletion.
- Add new tests for security service to verify break glass token generation and validation.
- Enhance frontend certificate list component to prevent deletion of certificates in use and ensure proper backup creation.
- Create unit tests for the CertificateList component to validate deletion logic and error handling.
- Introduced isolated coverage tests for ProxyHosts with various scenarios including rendering, bulk apply, and link behavior.
- Enhanced existing ProxyHosts coverage tests to include additional assertions and error handling.
- Added tests for Uptime component to verify rendering and monitoring toggling functionality.
- Created utility functions for setting labels and help texts related to proxy host settings.
- Implemented bulk settings application logic with progress tracking and error handling.
- Added toast utility tests to ensure callback functionality and ID incrementing.
- Improved type safety in test files by using appropriate TypeScript types.
- Added API integration for access lists including listing, creating, updating, deleting, and testing IPs against access lists.
- Created AccessListForm component for creating and editing access lists with validation.
- Developed AccessListSelector component for selecting access lists with detailed display of selected ACL.
- Implemented hooks for managing access lists and handling API interactions.
- Added tests for AccessListSelector and useAccessLists hooks to ensure functionality.
- Enhanced AccessLists page with UI for managing access lists, including create, edit, delete, and test IP features.
- Deleted `useSecurity.ts` hook which managed authentication users, providers, and policies.
- Removed `Policies.tsx`, `Providers.tsx`, and `Users.tsx` pages that utilized the above hook.
- Cleaned up the `index.tsx` file in the Security section to remove references to the deleted pages.
- Updated mock data by removing unused properties related to forward authentication.
- Introduced ForwardAuthConfig model to store global forward authentication settings.
- Updated Manager to fetch and apply forward authentication configuration.
- Added ForwardAuthHandler to create a reverse proxy handler for authentication.
- Enhanced ProxyHost model to include forward authentication options.
- Created Security page and ForwardAuthSettings component for managing authentication settings.
- Implemented API endpoints for fetching and updating forward authentication configuration.
- Added tests for new functionality including validation and error handling.
- Updated frontend components to support forward authentication settings.
- Implement DockerHandler to handle API requests for listing Docker containers.
- Create DockerService to interact with Docker API and retrieve container information.
- Add routes for Docker container management in the API.
- Introduce frontend API integration for Docker container listing.
- Enhance ProxyHostForm to allow quick selection of Docker containers.
- Update Docker-related tests to ensure functionality and error handling.
- Modify Docker Compose files to enable Docker socket access for local and remote environments.
- Add TypeScript configurations for improved build processes.
- Implemented Settings page for changing user passwords with validation and feedback.
- Created Setup page for initial admin account setup with form handling and navigation.
- Added API service layer for handling requests related to proxy hosts, remote servers, and import functionality.
- Introduced mock data for testing purposes and set up testing framework with vitest.
- Configured Tailwind CSS for styling and Vite for development and build processes.
- Added scripts for Dockerfile validation, Python syntax checking, and Sourcery integration.
- Implemented release and coverage scripts for better CI/CD practices.
- Deleted Settings.tsx and Setup.tsx pages, which included functionality for changing passwords and setting up an admin account.
- Removed associated test files for Setup page.
- Eliminated API service definitions related to proxy hosts, remote servers, import functionality, and health checks.
- Cleaned up mock data and test setup files.
- Removed configuration files for TypeScript, Vite, and Tailwind CSS.
- Deleted scripts for testing coverage, release management, Dockerfile validation, and Python compilation checks.
- Removed Sourcery pre-commit wrapper script.
- Add backend/node_modules to .gitignore
- Untrack backend/node_modules from git
- Restore backend source files (go.mod, main.go, etc.) that were missing in HEAD
- Include frontend test updates
- Implemented Issue #9: User Authentication & Authorization
- Added User model fields (FailedLoginAttempts, LockedUntil, LastLogin)
- Created AuthService with JWT support, bcrypt hashing, and account lockout
- Added AuthMiddleware and AuthHandler
- Registered auth routes in backend
- Created AuthContext and RequireAuth component in frontend
- Implemented Login page and integrated with backend
- Fixed 'Blank Page' issue in local Docker environment
- Added QueryClientProvider to main.tsx
- Installed missing lucide-react dependency
- Fixed TypeScript linting errors in SetupGuard.tsx
- Updated docker-entrypoint.sh to use 127.0.0.1 for reliable Caddy checks
- Verified with local Docker build
GitHub Actions
CI
Wikid82