hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-16 14:33:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,374 Commits 8 Branches 89 Tags
634d59dfd596e65f9677b5e2c2039fb57b74fad8
Commit Graph

7374 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Min RK
634d59dfd5 Merge pull request #4783 from manics/token-button-after 
Token UI: move button to after form fields
 2024-04-15 10:07:18 +02:00
Simon Li
061d267d74 Token UI: move button to after form fields 2024-04-12 17:01:11 +01:00
Min RK
d0523f5e93 Merge pull request #4781 from minrk/template-debug 
clarify error template debug log
 2024-04-11 09:35:24 +02:00
Min RK
6a93abbe1c Merge pull request #4779 from krassowski/support-allow_unauthenticated_access-false 
Support forbidding unauthenticated access (`allow_unauthenticated_access = False`)
 2024-04-10 13:19:45 +02:00
Min RK
6c0a0643e8 Merge pull request #4776 from minrk/forward-415 
forward-port 4.1.5
 2024-04-10 12:57:50 +02:00
Min RK
e3ea59759e clarify error template debug log 
'No template for 404' looks like something's wrong, when all it means to convey is that it doesn't get _special_ treatment
and the default error page is enough.
 2024-04-10 12:56:41 +02:00
krassowski
aefc8de49a Add @allow_unauthenticated decorators 2024-04-10 11:03:33 +01:00
krassowski
88189d54d9 Add a test for allow_unauthenticated_access (xfail) 2024-04-10 10:58:21 +01:00
Min RK
47f39e7c2f changelog for 4.1.5 2024-04-09 11:18:00 +02:00
Min RK
5424108593 singleuser mixin: include check_xsrf_cookie in overrides 2024-04-09 11:18:00 +02:00
Min RK
f9fb650a7b Merge pull request #4769 from consideRatio/pr/fix-typo 
Fix typo in docstring about Authenticator.blocked_users
 2024-04-03 10:49:48 +02:00
Erik Sundell
587e6cec4e Fix typo in docstring about Authenticator.blocked_users 2024-04-02 10:42:20 +02:00
Erik Sundell
a6c513c1ac Merge pull request #4767 from jupyterhub/pre-commit-ci-update-config 
[pre-commit.ci] pre-commit autoupdate
 2024-04-02 08:45:59 +02:00
pre-commit-ci[bot]
b678236f87 [pre-commit.ci] pre-commit autoupdate 
updates:
- [github.com/astral-sh/ruff-pre-commit: v0.3.2 → v0.3.5](https://github.com/astral-sh/ruff-pre-commit/compare/v0.3.2...v0.3.5)
 2024-04-01 22:10:17 +00:00
Simon Li
11f5759fc7 Merge pull request #4763 from jupyterhub/dependabot/npm_and_yarn/jsx/express-4.19.2 
Bump express from 4.18.2 to 4.19.2 in /jsx
 2024-04-01 14:35:57 +02:00
Erik Sundell
95db61e613 Merge pull request #4765 from minrk/414-forward 
forward-port 4.1.4
 2024-03-30 11:10:15 +01:00
Min RK
ab37cd7f24 changelog for 4.1.4 2024-03-30 10:02:43 +01:00
Min RK
26a0be5103 avoid xsrf check on navigate GET requests 
sevices/auth prevents calling check_xsrf_cookie,
but if the Handler itself called it the newly strict check would still be applied

this ensures the check is actually allowed for navigate GET requests
 2024-03-30 10:02:43 +01:00
dependabot[bot]
9009bf2825 Bump express from 4.18.2 to 4.19.2 in /jsx 
Bumps [express](https://github.com/expressjs/express) from 4.18.2 to 4.19.2.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.18.2...4.19.2)

---
updated-dependencies:
- dependency-name: express
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-29 10:03:51 +00:00
Min RK
f0220c87d8 Merge pull request #4755 from minrk/forward-413 2024-03-26 17:35:46 +01:00
Min RK
7d720371c5 changelog for 4.1.3 2024-03-26 14:04:58 +01:00
Min RK
2262bab442 changelog for 4.1.2 2024-03-26 14:04:58 +01:00
Min RK
c08b582c53 respect jupyter-server disable_check_xsrf setting 
allows global disable of xsrf checks in single-user servers
 2024-03-26 14:04:58 +01:00
Min RK
7e56bf7e2c rework handling of multiple xsrf tokens 
rather than attempting to clear multiple tokens (too complicated, breaks named servers)
look for and accept first valid token

have to do our own cookie parsing because existing cookie implementations only return a single value for each key
and default to selecting the _least_ likely to be correct, according to RFCs.

set updated xsrf cookie on login to avoid needing two requests to get the right cookie

# Conflicts:
#	jupyterhub/tests/test_services_auth.py
 2024-03-26 14:04:58 +01:00
Min RK
f581b1a541 Merge pull request #4743 from minrk/effver 
Officially adopt EffVer
 2024-03-26 08:59:07 +01:00
Min RK
ca6032381a Merge pull request #4747 from minrk/411-forward 2024-03-24 08:40:56 +01:00
Min RK
f4aa8a4c25 changelog for 4.1.1 2024-03-23 17:17:39 +01:00
Min RK
5831079bf6 allow subclasses to override xsrf check 
need to inject our override into the base class,
rather than at the instance level,
to avoid clobbering any overrides in extensions like jupyter-server-proxy
 2024-03-23 17:17:39 +01:00
Min RK
68f359360e Merge pull request #4742 from jupyterhub/dependabot/npm_and_yarn/jsx/webpack-dev-middleware-5.3.4 
Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /jsx
 2024-03-22 09:24:54 +01:00
Min RK
ca3ac3b08b Officially adopt EffVer 
encodes the policy we already have, but now it has a name
 2024-03-22 09:20:12 +01:00
dependabot[bot]
9b3d55ded0 Bump webpack-dev-middleware from 5.3.3 to 5.3.4 in /jsx 
Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 5.3.3 to 5.3.4.
- [Release notes](https://github.com/webpack/webpack-dev-middleware/releases)
- [Changelog](https://github.com/webpack/webpack-dev-middleware/blob/v5.3.4/CHANGELOG.md)
- [Commits](https://github.com/webpack/webpack-dev-middleware/compare/v5.3.3...v5.3.4)

---
updated-dependencies:
- dependency-name: webpack-dev-middleware
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-22 08:07:23 +00:00
Min RK
6a72ad8ca5 Merge pull request #4737 from minrk/rm-double-doc 
avoid duplicate jupyterhub installation for docs
 2024-03-22 09:06:55 +01:00
Min RK
4cf007b515 Merge pull request #4741 from manics/docs-py-min 
Consistently use minimum Python version in docs
 2024-03-22 08:55:05 +01:00
Simon Li
352826a1ec docs: fix unrelated rendering error 2024-03-21 20:08:59 +00:00
Simon Li
acf7d7daaa docs: use sphinx var for min node version 2024-03-21 20:08:56 +00:00
Simon Li
92d59cd12b docs: Consistently use minimum Python 3.8 2024-03-21 20:03:11 +00:00
Min RK
6ade08825b Merge pull request #4739 from minrk/set-login-cookie-user-changed 
set login cookie if user changed
 2024-03-21 11:43:32 +01:00
Min RK
ff693e82af set login cookie if user changed 
not just if unset

allows login _override_ of existing user without needing to log out first
 2024-03-20 14:37:54 +01:00
Min RK
d2a07aaf1b forward-port 4.1.0 2024-03-20 13:21:34 +01:00
Min RK
4a83cddb8e Merge pull request from GHSA-7r3h-4ph8-w38g 
forward-port 4.1.0
 2024-03-20 13:19:30 +01:00
Min RK
c110c25428 Merge pull request #4738 from minrk/browser-subdomain 
run browser tests in subdomain
 2024-03-20 13:05:58 +01:00
Min RK
1cd3bc1860 fix browser tests with subdomains 2024-03-20 12:51:44 +01:00
Min RK
51156a4762 avoid duplicate jupyterhub installation 
almost every time installing docs/requirements.txt happens, JupyterHub is already installed
adding an `--editable` here ensures a full rebuild happens every time, which is very slow
 2024-03-20 12:27:51 +01:00
Min RK
71f6cfa92b fix permission check on /hub/user/ page 
needed for share redirect to work
 2024-03-20 12:24:56 +01:00
Min RK
66c1600f4f run browser tests in subdomain 2024-03-20 12:24:56 +01:00
Min RK
b319b58a2f default=False for allow_token_in_url for 5.0 2024-03-19 18:46:51 +01:00
Min RK
83ce6d3f6b forward-port 4.1.0 2024-03-19 18:45:58 +01:00
Min RK
970693ef46 Merge pull request #4736 from krassowski/bump-python-version-in-contributing 
Bump required Python version in contributing setup to 3.8
 2024-03-19 13:57:12 +01:00
krassowski
74455d6337 Bump required Python version in contributing setup 2024-03-19 12:52:59 +00:00
Min RK
1db5e5e95c Merge pull request #4733 from kreuzert/main 
Catch ValueError while waiting for server to be reachable
 2024-03-19 09:37:20 +01:00