4104 Commits (83cc23a51a3f04a21f81b35e255d2e95b926eb35)
 

Author SHA1 Message Date
bors[bot] 04a196c417
Merge #2525 #2534
2525: Switch to GrapheneOS's hardened_malloc r=mergify[bot] a=nextgens

## What type of PR?

Feature

## What does this PR do?

Switch to GrapheneOS's hardened_malloc

This was suggested during the dev meeting of the 18/09/22.

It may break things and it may make things unbearably slow... but it should also make the exploitation of memory corruption bugs a lot harder.

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [ ] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


2534: Close #2533: document SQLALCHEMY_DATABASE_URI r=mergify[bot] a=nextgens

## What type of PR?

documentation

## What does this PR do?

document SQLALCHEMY_DATABASE_URI

### Related issue(s)
- closes #2533

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [x] In case of feature or enhancement: documentation updated accordingly
- [ ] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.


Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
bors[bot] 40bdf7a6d9
Merge #2530
2530: disable SESSION_COOKIE_SECURE when TLS_FLAVOR=notls r=mergify[bot] a=nextgens

## What type of PR?

bug-fix

## What does this PR do?

People are unlikely to proxy everything

### Related issue(s)
- closes #2527

Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2 years ago
bors[bot] 3b150ff9a4
Merge #2532
2532: Allow JS debugging, speed-up asset-build, disable redirect-debug. r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

Another bugfix to the run_dev.sh helper

Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2 years ago
Florent Daigniere b9e5560fb6 Better way to express the same thing
Thanks @ghostwheel42
2 years ago
Florent Daigniere 63513608b9 Close #2533: document SQLALCHEMY_DATABASE_URI 2 years ago
Florent Daigniere 66de1dcec8 Change the logic
The idea here is that if you have set SESSION_COOKIE_SECURE we should
honor that... and if you haven't we should try to do the right thing.
2 years ago
Florent Daigniere 81628149a2 don't fake the library 2 years ago
Florent Daigniere 9b2f018be6 add --no-cache 2 years ago
Florent Daigniere 76f8517e00 This is still required (as TLS_FLAVOR isn't set) 2 years ago
Florent Daigniere b9564c0bc9 This shouldn't have been commited 2 years ago
Florent Daigniere 19af2944d7 Refactor as requested 2 years ago
Alexander Graf 6b470ac403
Allow proper JS debugging, speed-up assets dev-build, disable redirect-debug by default. 2 years ago
Florent Daigniere 7aad1158fb @ghostwheel42 will fix it in another PR 2 years ago
Florent Daigniere a566cb07d6 fix 2 years ago
Florent Daigniere 08b3a2814b Merge branch 'master' of https://github.com/Mailu/Mailu into notls 2 years ago
Florent Daigniere 385b6ac85d Use string formatting 2 years ago
Florent Daigniere 6474108056 Use a join() instead 2 years ago
Florent Daigniere fb75cca2f4 Merge branch 'master' of https://github.com/Mailu/Mailu into fetchmail-improvements 2 years ago
Florent Daigniere c0c91691fd Fix the issue on /admin/fetch/edit 2 years ago
bors[bot] d8e2a2960b
Merge #2531
2531: run_dev.sh: Use FLASK_DEBUG, fix assets, show startup errors. r=mergify[bot] a=ghostwheel42

## What type of PR?

bug-fix

## What does this PR do?

fixes bug in run_dev.sh

Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2 years ago
Alexander Graf b0b64a8e63
Use FLASK_DEBUG, fix assets, show startup errors. 2 years ago
Florent Daigniere 505bb79a78 Don't set the secure Cookie flag if TLS_FLAVOR=notls 2 years ago
Florent Daigniere 9c7dfbeb24 Doc 2 years ago
Florent Daigniere 08a9ab9a56 Improve fetchmail 2 years ago
Florent Daigniere 455180043d doh 2 years ago
Florent Daigniere 56a106ad60 Only one labs section in the conf file 2 years ago
Florent Daigniere 071ad15a97 Better snappymail defaults 2 years ago
Florent Daigniere 6b2cb95a7d This is not required anymore 2 years ago
Florent Daigniere a508eeaafb Use /dev/shm for tmp 2 years ago
Florent Daigniere f2f430af5d Redirect the logs where they belong 2 years ago
Florent Daigniere 06c0c78956 Hardening: run the http and php as different users 2 years ago
Florent Daigniere d7b80e94a4 try again. 2 years ago
Florent Daigniere 7ebac75045 fix tests 2 years ago
Florent Daigniere f3a91d1a18 enable APCu 2 years ago
Florent Daigniere b488e57602 debug 2 years ago
Florent Daigniere 225322fe88 More hardening 2 years ago
Florent Daigniere ad17b10c8e redirects should be HTTP/302 2 years ago
Florent Daigniere 4517ce23a6 Aliases be damned. 2 years ago
Florent Daigniere 6d8cc9083b test 2 years ago
Florent Daigniere 729838c8fe Grrr. 2 years ago
Florent Daigniere 1379a58352 Basic hardening 2 years ago
Florent Daigniere 50f94a282f doh 2 years ago
Florent Daigniere 710dde1faf Fix #948: ensure the admin panel is disabled 2 years ago
Florent Daigniere 7e722cd0c3 fix #2250: ensure rainloop uses _ADDRESS 2 years ago
Florent Daigniere 224f2f4508 This isn't used anymore
The healthcheck is now done by fpm
2 years ago
Florent Daigniere a8d405cb48 Verify the gpg signature of webmails 2 years ago
Florent Daigniere ae64c6cc30 Doh 2 years ago
Florent Daigniere 13adf4aeec Fix tests 2 years ago
Florent Daigniere 1edef755f1 Fix bug #2466 2 years ago
Florent Daigniere dc9e2a3e70 Upgrade Snappymail to 2.21 and merge the webmail containers 2 years ago