1. Sep 02, 2019
  2. Apr 08, 2019
    • Luke Schoen's avatar
      fix: Relates to #124. Security (#451) · d0ae2071
      Luke Schoen authored
      * feat: Security aspects for fether-electron. See #124
      
      * feat: Add Source Maps support
      
      * docs: Add Source Maps guide to Readme
      
      * feat: Add webpack-build-notifier add-on with custom Webpack config
      
      * fix: Remove duplicate dependency
      
      * WIP
      
      * WIP
      
      * review-fix: Configure CSP depending on NODE_ENV
      
      * fix: Fix worker-src for the camera in production
      
      * review-fix: Remove unnecessary config of source maps dependency
      
      * Use preload script as buffer between main and renderer processes (#463)
      
      * fix: Remove is-electron since now using preload script
      
      * fix: Remove old preload script
      
      * fix: Do not expose electron, remote, or require to web app
      
      * fix: Add newline
      
      * feat: Single Fether instance lock
      
      * fix: Move preload to static folder so works with binary
      
      * review-fix: Remove fix for webview since not used. Add comment incase used in future. Fix other event handling code
      
      * review-fix: Add optional opt-in to using Webpack notifier plugin by running with NOTIFIER=true yarn start
      
      * review-fix: Use pino.debug instead of console.log
      
      * review-fix: Add worker-src blob to CSP in development for webcam
      
      * review-fix: Update handling of untrusted urls and sessions and certificates
      
      * review-fix: Convert to WSS. Move CSP into array like in Parity-JS Shell. Update CSP
      
      * review-fix: Update CSP to avoid duplication
      
      * review-fix: Remove from new-window event listener that which applies to additional new BrowserWindows since not applicable
      
      * review-fix: Combined pino logs
      
      * review-fix: Change to parsedUrl.href instead of origin. Fix trusted urls for dev
      
      * fix: Remote https 127.0.0.1 in prod
      
      * review-fix: Move WebpackBuildNotifier images so not in binary. Fix ico file
      
      * fix: Remove console.logs
      
      * refactor: Cleanup so can merge. Extract for inclusion in separate PR
      
      * review-fix: Remove debugging notes since better in wiki
      
      * review-fix: Remove other lines due to move to wiki
      
      * fix comment
      
      * review-fix: Remove setPermissionRequestHandler since not know if need. Move to https://hackmd.io/O1FA34BuSNyJoPV1Cu3L0A
      
      * review-fix: Move CSP debugging into onHeadersReceived
      
      * review-fix: Fix isParityRunningStatus
      
      * review-fix: Replace parse-url with Node.js url parser
      
      * review-fix: Remove parse-url from dependencies
      
      * fix: Fix logic in setCertificateVerifyProc
      
      * WIP
      
      * review-fix: Dynamically add WS port from CLI to trusted
      
      * review-fix: Update comments with security warnings
      
      * merge latest from master and fix conflicts
      
      * chore: Remove useless console.log
      
      * misc: See commit details
      
      * Remove --ws-origins from CLI, hard-code instead
      * Remove --ws-interface from CLI, hard-code instead
      * Ignore --ws-interface and --ws-origins flags in CLI
      * Add hard-coded default trusted WS interface to window.bridge
      * Add default WS port to window.bridge
      
      * WIP - start implementing isDev. See FIXME for future work required
      
      * review-fix: Use appIsPackaged instead of NODE_ENV
      
      * fix: Add IS_PROD to constants and assign appIsPackaged to it. Expose it to frontend so no longer use NODE_ENV
      
      * feat: Add wiki Fether FAQ to trusted urls since required by PR #482
      
      * fix: Fix untrusted blockscout.com error in setCertificateVerifyProc
      
      * review-fix: fix blocked image hosting and external blockscout urls
      
      * review-fix: trust github token icons
      
      * review-fix: Rename network to fetherNetwork so custom config avoids naming conflict
      
      * review-fix: Remove duplicate pino.debug for CSP
      
      * review-fix: Remove WsSecure until wss and certificates implemented
      
      * review-fix: Update config to show Electron security warnings in all environments
      
      * review-fix: Remove use of wsInterface
      
      * refactor: Refactor tests inside describe blocks
      
      * tests: Add chrome dev tools to tests for trusted urls
      
      * review-fix: Use NODE_ENV and Electron app.isPackaged
      
      * fix: Rebuild yarn.lock
      
      * fix: Fix linting to arg passed to correct script
      
      * review-fix: Remove ws-origins flag and trusted ws origins
      
      * test: Fix failing test
      
      * review-fix: Remove package-lock.json
      
      * fix: Use NODE_ENV consistently instead of process.defaultApp
      
      * fix: Change to hash instead of transactionHash for blockscout
      d0ae2071
  3. Apr 03, 2019
  4. Mar 28, 2019
    • Thibaut Sardan's avatar
      Use new token contract's source (#477) · a1d014b0
      Thibaut Sardan authored
      * add script to manually fetch tokens from github.com/ethereum-lists/tokens over IPFS
      
      * remove ts files from linting
      
      * remove ts files from test to fix CI
      
      * WIP token image
      
      * improve token default image
      
      * Test the pipe with hardcoded IPFS addresses
      
      * add comments
      
      * add --use-hardcoded-addresses argument
      
      * shorten things up with a spread
      
      * address comments
      
      * fix test and address comment
      a1d014b0
  5. May 23, 2018
  6. May 17, 2018