hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-18 07:23:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
5,782 Commits 8 Branches 90 Tags
c657498d7547490b435d36e36f23ee3c19ad8e9c
Commit Graph

5782 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
naveen
1013a49db2 chore: Set permissions for GitHub actions 
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
 2022-06-12 00:30:04 +00:00
Erik Sundell
f6eec29aa2 Merge pull request #3937 from minrk/importlib 
switch to importlib_metadata for entrypoints
 2022-06-08 15:23:54 +02:00
Min RK
64b99d5587 switch to importlib_metadata for entrypoints 
standalone entrypoints package is deprecated
now that similar functionality is in the stdlib

need importlib_metadata >= 3.6 backport on Python < 3.10
 2022-06-08 15:14:50 +02:00
Erik Sundell
75b07fc0d6 Merge pull request #3936 from minrk/add-user-validate 
admin: Hub is responsible for username validation
 2022-06-08 14:55:52 +02:00
Erik Sundell
d64068da66 Merge pull request #3935 from minrk/spawn-page-url 
admin: Fix spawn page link for default server
 2022-06-08 14:51:26 +02:00
Min RK
14d8e23135 trim user input forms 2022-06-08 12:09:11 +02:00
Min RK
0908a15848 Server is responsible for username validation 
Don't reimplement in the client
 2022-06-08 11:06:33 +02:00
Min RK
2e878fb5ca fix spawn page link 2022-06-08 10:48:04 +02:00
Min RK
62d24341ca fix static url in admin page 2022-06-08 10:47:14 +02:00
Yuvi Panda
f2085fdf0f Merge pull request #3931 from consideRatio/pr/add-changelog-to-main 
Add changelog for 2.3.0 and 2.3.1
 2022-06-06 19:53:56 +05:30
Erik Sundell
a19c211612 Add changelog for 2.3.1 2022-06-06 16:18:03 +02:00
Min RK
9bbcf594ea One more in the changelog 2022-06-06 16:17:55 +02:00
Min RK
da89155503 changelog for 2.3 2022-06-06 16:17:54 +02:00
Min RK
3b59c4861f Merge pull request #3904 from manics/named-servers-escape 
Escape named server name
 2022-06-03 17:09:58 +02:00
Min RK
6f5764fd3d Merge pull request #3921 from manics/pages-unreachable 
pages.py: Remove unreachable code
 2022-06-03 16:58:33 +02:00
Simon Li
3c059f3acf Need to escape URLs in spawn-pending too 2022-06-02 19:56:52 +01:00
Simon Li
3a022f1ae3 pages.py: Remove unreachable code 2022-06-02 19:13:25 +01:00
Min RK
049a59f2ed Merge pull request #3920 from jupyterhub/dependabot/npm_and_yarn/jsx/eventsource-1.1.1 
Bump eventsource from 1.1.0 to 1.1.1 in /jsx
 2022-06-02 09:51:36 +02:00
Min RK
ed9ea4e6cc Merge pull request #3914 from manics/setuppy-yarn-jsx 
Build admin app in setup.py
 2022-06-02 09:51:22 +02:00
dependabot[bot]
c415be2db3 Bump eventsource from 1.1.0 to 1.1.1 in /jsx 
Bumps [eventsource](https://github.com/EventSource/eventsource) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/EventSource/eventsource/releases)
- [Changelog](https://github.com/EventSource/eventsource/blob/master/HISTORY.md)
- [Commits](https://github.com/EventSource/eventsource/compare/v1.1.0...v1.1.1)

---
updated-dependencies:
- dependency-name: eventsource
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-01 22:51:13 +00:00
Simon Li
2bc5061e22 Don't escape servername in json blobs 2022-06-01 22:21:00 +01:00
pre-commit-ci[bot]
cedf12baeb [pre-commit.ci] auto fixes from pre-commit.com hooks 
for more information, see https://pre-commit.ci
 2022-06-01 20:28:55 +00:00
Simon Li
b403c41c15 Remove old comment, include description in servername error 
Co-authored-by: Min RK <benjaminrk@gmail.com>
 2022-06-01 21:28:24 +01:00
Simon Li
acd75d85c7 Move installed data file check to script 2022-06-01 20:44:40 +01:00
Simon Li
5e5dad9512 check sdist files in release workflow 2022-06-01 20:43:28 +01:00
Simon Li
95e343395d Ensure jsx is in sdist 2022-06-01 20:43:02 +01:00
Yuvi Panda
6a29e5193b Merge pull request #3919 from minrk/jupyter-server-templates 
ensure custom template is loaded with jupyter-server notebook extension
 2022-06-01 22:59:33 +05:30
Min RK
1cb7177597 ensure custom template is loaded with jupyter-server notebook extension 
our patches to page.html didn't affect nbclassic,
which gets its own jinja environment

regression test included
 2022-06-01 16:13:10 +02:00
Yuvi Panda
50e863ca52 Merge pull request #3910 from minrk/optimize-prefix-lookup 
use equality to filter token prefixes
 2022-06-01 19:05:45 +05:30
Yuvi Panda
8cdd7ca2d2 Merge pull request #3918 from minrk/default-url-priority 
set default_url via config
 2022-06-01 19:04:55 +05:30
Min RK
6fbf8411ec Merge pull request #3915 from manics/contrib-docs 
Update Contributing documentation
 2022-05-31 19:52:30 +02:00
Min RK
fa200fed98 set default_url via config 
avoids accidental overrides of `@default('default_url')` in subclasses,
e.g. SingleUserLabApp
 2022-05-31 17:05:58 +02:00
Simon Li
7d7d30bcae Don't build admin app on readthedocs 2022-05-29 19:23:57 +01:00
Simon Li
85a4bbc28e Update Contributing documentation 
Adds yarn, moves most of CONTRIBUTING.md into https://jupyterhub.readthedocs.io/en/stable/contributing/index.html to reduce duplication
 2022-05-29 19:11:57 +01:00
Simon Li
0b161627c2 yarn: allow jlpm to be used instead 2022-05-29 17:14:14 +01:00
Simon Li
36e7898ed4 Update CI so that setup.py can build admin app 2022-05-29 16:52:24 +01:00
Simon Li
3537722208 Include generated admin-react.js.LICENSE.txt 2022-05-29 16:52:24 +01:00
Simon Li
dfcaa29c8a Build react admin app in setup.py 2022-05-29 16:52:20 +01:00
Simon Li
92c6d69bc8 Remove share/jupyterhub/static/js/admin-react.js jsx/build 2022-05-29 16:12:29 +01:00
Simon Li
7b8a2ae57b Escape server-name in URLs returned by API 2022-05-27 23:06:55 +01:00
Simon Li
b444fe478c Ensure server-name is escaped in proxy add_route 2022-05-27 22:44:09 +01:00
Simon Li
50fb1a016c Move server-name / check to higher up, add test 2022-05-27 22:06:19 +01:00
Min RK
e229c63e11 use equality to filter token prefixes 
otherwise, index isn't used

note: this means changing the token prefix size requires revoking all tokens,
where before only _increasing_ the token prefix size required doing that.
 2022-05-25 15:54:34 +02:00
Erik Sundell
9649a57e34 Merge pull request #3908 from minrk/fail-fail-auth-state 
allow auth_state_hook to halt spawn
 2022-05-25 12:43:39 +02:00
Erik Sundell
ac85d63013 Merge pull request #3907 from minrk/bump-moment 
bump moment.js 2.29.2
 2022-05-25 12:39:34 +02:00
Min RK
4b2ba1f6c0 allow auth_state_hook to halt spawn 
hooks prior to start should raise and stop the whole thing

only hooks during cleanup need to be passed over
 2022-05-25 11:36:32 +02:00
Min RK
886d15b622 bump moment.js 2.29.2 2022-05-25 11:32:06 +02:00
Min RK
d517ce37e7 Merge pull request #3906 from fabianbaier/patch-1 
Force add existing certificates
 2022-05-25 11:23:58 +02:00
Min RK
85f0cec33e Merge pull request #3903 from manics/jupyter-troubleshoot 
`jupyter troubleshooting` ➡️  `jupyter troubleshoot`
 2022-05-25 11:18:35 +02:00
pre-commit-ci[bot]
5c37569b2a [pre-commit.ci] auto fixes from pre-commit.com hooks 
for more information, see https://pre-commit.ci
 2022-05-25 05:04:07 +00:00