zoriya/flood
1
0
Fork 0
mirror of https://github.com/zoriya/flood.git synced 2025-12-05 23:06:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,682 Commits 2 Branches 0 Tags
f0daebbf41d075cfa8da122f73406bc3c6729f1c
Commit Graph

9 Commits

Author SHA1 Message Date
Jesse Chan
f0daebbf41 client: initial integration tests 2020-10-18 22:32:34 +08:00
Jesse Chan
ba7b628492 CI: use prettier to reformat workflows 2020-10-17 13:44:06 +08:00
Jesse Chan
cedc66e0c7 CI: build: run flood --help after build 2020-10-05 15:00:03 +08:00
Jesse Chan
568c2cb57f config.cli: use as default by symlinking to config 2020-09-16 20:51:08 +08:00
Jesse Chan
19c50de91d CI: use "npm ci" 2020-09-05 13:52:27 +08:00
Jesse Chan
261debcfe8 CI: use config.cli.js as config.js 2020-09-02 19:07:28 +08:00
Jesse Chan
d137107ac9 config: deal with "secret" security hazard 
If you provide a default, people WILL use it. It is a security
hazard if people use the default private psk to sign auth messages.

Flood usuaully has privileges to files. A potential intruder may
download files inside Flood and that will lead to arbitrary remote
code execution, not to mention rTorrent's rich and powerful script
interface.

This change makes sure there is NO default and build shall NOT pass
before user provides a secret.

Bug: Flood-UI/flood#589
 2020-08-22 23:43:04 +08:00
Jesse Chan
9009beeae1 i18n: precompile strings to AST 2020-08-14 20:33:32 +08:00
Jesse Chan
52535e1eab CI: configure Github Actions 
Signed-off-by: Jesse Chan <jc@linux.com>
 2020-08-04 16:21:02 +08:00