Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Merge branch 'main' into vc-mvp #2010

Merged
merged 18 commits into from
Nov 6, 2023
Merged

Merge branch 'main' into vc-mvp #2010

merged 18 commits into from
Nov 6, 2023

Conversation

nmattia
Copy link
Collaborator

@nmattia nmattia commented Nov 6, 2023
edited by github-actions bot
Loading

🟡 Some screens were changed

Frederik Rothenberger and others added 18 commits October 23, 2023 14:04
Fix temp keys clashing on equal public keys (#1976)
e8b495a 
* Fix temp keys clashing on equal public keys

This PR fixes a bug that surfaced in the context of the dev build
where the dummy auth public key is static for all anchors:
The temp keys were kept by device public key only, which lead to
subsequent registrations evicting the temp key of the previous dummy
auth device.
Additionally, expirations are only cleaned up lazily and also were only
checking the device public key. This lead to the behaviour where a newly
registered temp key was not considered valid, because it matched the expiration
of a previous registration.

None of the issues above are observed in production, because WebAuthn generates
new public keys for each registration, even if the same hardware is used.

The fix moves the anchor into the temp key identifier, making it different
for different anchors. This addresses both of the issues outlined above.

* Refactor expiration struct

This makes it clearer that both the device_key and anchor are
required to reference the temp key. It also removes one of the
calls to `clone()`.
@nmattia
Preload loader (#1969)
afb54bb 
This ensures the loader (astronaut) is loaded as soon as the app itself loads.

The asset is fairly heavy and can take a couple seconds to load from the
IC. By loading it eagerly we ensures that when it is needed, the
astronaut is ready.
@nmattia
Add CI step to check Cargo.lock (#1979)
19d4706 
* Add CI step to check Cargo.lock

This PR adds a small job to check whether the Cargo.lock is up
to date.

* Add comment to the lockfile check

Co-authored-by: Nicolas Mattia <nicolas.mattia@dfinity.org>

* formatting

---------

Co-authored-by: Nicolas Mattia <nicolas.mattia@dfinity.org>
@nmattia
Remove CSP meta tag (#1980)
bcf5bfa 
* Remove CSP meta tag

This removes the `<meta>` tag used for CSP. We originally included the
CSP in the HTML because the HTTP headers could not be certified.

HTTP headers are now certified so the `Content-Security-Policy` header
_should_ be enough. Additionally, the `<meta>` tag hasn't been replaced
correctly for some time leading to an irrelevant HTML tag.

* Inline CSP meta
@gix-bot
Update commit of IC artefacts (#1988)
5a30cc3 
Co-authored-by: gix-bot <gix-bot@users.noreply.github.com>
Fix docker-build script (#1989)
ea71a16 
The docker build is layered with a dependencies layer to cache
already compiled dependencies. To not cache the non-dependency code,
the last modified timestamp of the `lib.rs` files has to be updated.

If a new `lib.rs` file is introduced, its timestamp needs to be
updated as well. This was overlooked when introducing the
`canister_sig_utils` crate.

This PR makes the dockerfile more robust to touch _all_ the relevant
`lib.rs` files rather than specific ones.
Update test app dfinity libraries (#1983)
14cb21f 
The test app is still using libraries that have the sha256
bug. This PR updates it to no longer be affected.
Refactor readCanisterId to allow reading the test_app id as well (#1985)
743ed5b 
* Refactor readCanisterId to allow reading the test_app id as well

This PR is in preparation for the migration of the selnium tests out
of docker. After the migration, vite needs to know about the test_app
canister id too. This refactoring allows using the existing helper for
that.

* Name parameters of
Update screenshots chrome to version 116 (#1990)
8744d5b 
Update scrennshots chrome to version 116

This update chrome used for the screenshots job to version 116.
The version is updated because the future switch to non-dockerized
selenium tests requires a chromedriver and the chromedriver package
for the version 106 seems to be broken.
@nmattia
Fix asset URL paths (#1987)
bf4ff08 
* Fix asset URL paths

This updates the logic for serving assets from the canister.

The logic previously did not cover all paths where an asset may be
found. For instance, an asset `/foo/index.html` may have returned 200 on
`/foo/` but 404 on `/foo`.

Moreover the `/faq` endpoint is fixed to actually return the expected
redirect to the FAQ. In practice the canister has extra logic for
handling `/faq`, but this fixes the HTML-redirect fallback. This ensures
that `/faq/` & `/faq/index.html` also redirect (which the canister does
not currently check for).

* Don't clone exp vector
@nmattia
Don't update dapps without logo (#1991)
2757b03 
This updates the dapps update script to skip dapps that do not have a
logo. If the dapp doesn't have a logo, then we don't have much to
display.

This also adds some comments to the jq filter used to parse the dapps
list for clarity.
@gix-bot
Update dapps list (#1993)
deb8057 
Update dapps

Co-authored-by: gix-bot <gix-bot@users.noreply.github.com>
@przydatek
Add several utils for handling canister sigs. (#1984)
5710c65 
* Add several utils for handling canister sigs.

* Update Cargo.lock.

* Fix Docker build.

* +=clippy

* Refactor to remove serial tests.

* Address feedback, remove code for verifying canister sigs.

* +=clippy

* Reuse constant.
@gix-bot
Update dapps list (#2003)
7eb483d 
Update dapps

Co-authored-by: gix-bot <gix-bot@users.noreply.github.com>
@przydatek
Move LABEL_SIG constant to a crate, so that it can be re-used. (#2006)
f3abe41
@nmattia
Port components to Astro (#1997)
06b1bbf 
* Port components to Astro

This ports all components shown in the showcase to Astro components.

This means we now have proper routing for displaying those components.

The components are wrapped in native/web components so that Astro can
import them properly; the alternative of creating an arbitrary div with
`id="pageContent"` like we do elsewhere is problematic because Astro
bundles all javascript scripts together when e.g. using `Astro.glob`, meaning all scripts would
trigger on any page importing the components (like the index) and all
would fight for the same `#pageContent`.

The approach of creating new elements is a bit more robust, though also
a bit more verbose.

Another benefit of this approach is that we can e.g. embed/showcase all
components in the index page.

* Restructure showcase components
Upgrade webdriverio to latest version (#1996)
0604b2c 
This upgrades webdriverio to the latest version in preparation
for the change to non-dockerized selenium tests.

The new version now is also able to download chrome and chromedriver on
its own, which is why the `download-chrome.ts` script can be removed.

The testing chrome needs to run with `/dev/shm` disabled because
otherwise it will randomly crash on the GitHub action runners.
@nmattia
Merge branch 'main' into nm-vc-merge
63802df
@nmattia nmattia marked this pull request as ready for review November 6, 2023 10:15
@nmattia nmattia merged commit c40d2f2 into vc-mvp Nov 6, 2023
50 checks passed
@nmattia nmattia deleted the nm-vc-merge branch November 6, 2023 10:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@nmattia @gix-bot @przydatek