dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-06-06 12:11:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,224 Commits 96 Branches 90 Tags
8e65bf198eecde89d3a6a5d76ec995fe09e5cc97
Commit Graph

7224 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Quentin Gliech 8e65bf198e frontend: migrate to Tailwind 4 
Tailwind 4 ships its own Vite plugin and no longer needs PostCSS plumbing.
Drop postcss/autoprefixer/postcss-import/postcss-nesting and the .postcssrc.json,
wire @tailwindcss/vite into vite.config.ts, replace the @tailwind directives
with @import "tailwindcss", and convert the JS tailwind.config.cjs theme
into a CSS @theme block in shared.css. An @source directive points back at
the SSR templates so the Jinja-rendered HTML in templates/ still gets scanned
for utility classes.

The third-party CSS (compound design tokens, compound-web, fontsource) moves
into a new vendor.css entrypoint, loaded ahead of shared.css from main.tsx,
storybook, and base.html. Tailwind v4's @import bundler silently drops the
nested `@import url(...) layer(cpd-base) screen` statements inside the
compound-design-tokens.css barrel, so we have to keep those imports out of
any file that contains Tailwind directives and let Vite's normal CSS pipeline
resolve them instead.
 2026-05-25 16:31:36 +02:00
Quentin Gliech 08898b10da biome: enable CSS tailwind directives parser 
Tailwind 4 introduces new at-rules (@import "tailwindcss", @source, @theme)
that Biome's CSS parser doesn't recognise by default. Enable the
tailwindDirectives parser option so frontend/src/entrypoints/shared.css
lints cleanly.
 2026-05-25 16:31:36 +02:00
Quentin Gliech cb043e2cd9 build(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#5629) 2026-05-25 13:01:00 +02:00
Quentin Gliech a02fb6e14f build(deps): bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (#5628) 2026-05-25 13:00:49 +02:00
Quentin Gliech 6043fa729c build(deps): bump softprops/action-gh-release from 2.6.1 to 3.0.0 (#5627) 2026-05-25 13:00:40 +02:00
Quentin Gliech 73060d1819 build(deps): bump actions/upload-pages-artifact from 4.0.0 to 5.0.0 (#5626) 2026-05-25 13:00:27 +02:00
Quentin Gliech b05ca0e1fb Bump most frontend dependencies (#5699) 2026-05-25 12:57:16 +02:00
Quentin Gliech 99395c9e64 Make sure the footer is loaded before rendering the page 2026-05-25 12:46:00 +02:00
Quentin Gliech 41e8929ba5 Stop using the unsupported 'createFileRoute' typescript magic 
Support for this ware removed from TanStack Router, so we need to explicitly set a route name when calling 'createFileRoute'.
 2026-05-25 12:37:01 +02:00
Quentin Gliech 4bc2bc0e77 Update use of generated GraphQL types 2026-05-25 12:37:01 +02:00
Quentin Gliech ef6ecbbea0 Regenerate GraphQL types 2026-05-25 12:37:01 +02:00
Quentin Gliech 0cb2ea49be Update the typescript config for TypeScript 6 2026-05-25 12:37:01 +02:00
Quentin Gliech f339a10485 Run formatter 2026-05-25 12:37:01 +02:00
Quentin Gliech 9ae07db85a Bump all frontend dependencies 2026-05-25 12:36:56 +02:00
Quentin Gliech 929f40d4f5 Switch to pnpm (#5674) 2026-05-25 11:32:12 +02:00
Quentin Gliech c7654248ab Inline the browser icons 
They are very small and don't need an extra request to load. This is useful as
well for making the snapshots not dependant on where the project is installed
 2026-05-25 11:16:55 +02:00
Quentin Gliech f78917ecbf Merge branch 'main' into quenting/pnpm 2026-05-25 11:12:18 +02:00
Quentin Gliech 07c352ee2e Admin API - User - Add displayname and avatar url when adding user (#5671) 2026-05-21 10:22:30 +02:00
Eric Eastwood 724e3024c5 Fix compatibility typo in session_limit config (#5692) 2026-05-20 17:51:46 -05:00
Eric Eastwood e57e5e41ce Fix compatibility typo 2026-05-20 17:36:49 -05:00
Eric Eastwood a42737aab4 Add max_session_threshold configuration (only apply session_limit to people under the threshold) (#5670) 
Add `max_session_threshold` configuration to prevent new users from passing
session limits while not disrupting the people already past the limit.

> This is most applicable in scenarios where your homeserver has many legacy
> bots/scripts that login over and over (which ideally should be using
> [personal access tokens]
> (https://github.com/element-hq/matrix-authentication-service/issues/4492))
> and you want to avoid breaking their operation while maintaining some level
> of sanity with the number of devices that people can have. This will
> prevent anyone else from crossing the limit.

Spawning from https://github.com/element-hq/matrix-authentication-service/pull/5607#discussion_r3150765827

Part of https://github.com/element-hq/matrix-authentication-service/issues/4339 / https://github.com/element-hq/backend-internal/issues/199 tracking work to limit number of devices.
 2026-05-20 16:59:56 -05:00
Eric Eastwood d38d0cd366 Add interactive tests 2026-05-20 16:36:39 -05:00
Eric Eastwood e8f664e480 Merge branch 'main' into madlittlemods/max-session-threshold 2026-05-20 16:19:09 -05:00
Eric Eastwood 94e35f03cf Show session/device limit errors on account page (#5644) 
Part of https://github.com/element-hq/matrix-authentication-service/issues/4339 / https://github.com/element-hq/backend-internal/issues/199 tracking work to limit number of devices.

Follow-up to https://github.com/element-hq/matrix-authentication-service/pull/5639
 2026-05-20 16:18:24 -05:00
Eric Eastwood a17e53297d Merge branch 'main' into madlittlemods/max-session-threshold 
Conflicts:
	crates/handlers/src/compat/login.rs
 2026-05-20 16:16:22 -05:00
Eric Eastwood e3af5fbbe5 Interactive compat m.login.sso test for session soft_limit (#5675) 
Follow-up to https://github.com/element-hq/matrix-authentication-service/pull/5607

Part of https://github.com/element-hq/matrix-authentication-service/issues/4339 / https://github.com/element-hq/backend-internal/issues/199 tracking work to limit number of devices.
 2026-05-20 16:09:25 -05:00
Eric Eastwood d4e33f5121 Fix lints 2026-05-20 15:48:56 -05:00
Eric Eastwood c16eebdc6a Fix potentially typo 2026-05-20 15:47:58 -05:00
Eric Eastwood 1c648edb87 Use safer num_sessions_filtered_header pluralization 
See https://github.com/element-hq/matrix-authentication-service/pull/5644#discussion_r3227855225
 2026-05-20 15:47:09 -05:00
Eric Eastwood 62b2bf9a78 Add note on doing better than data-testid 2026-05-20 15:43:27 -05:00
Eric Eastwood e65237b8f9 Merge branch 'main' into madlittlemods/soft-limit-account-session-management 2026-05-20 15:06:24 -05:00
Eric Eastwood 8d39676585 Use assert_matches!(...) 
See https://github.com/element-hq/matrix-authentication-service/pull/5675#discussion_r3275925322
 2026-05-20 15:03:09 -05:00
Eric Eastwood a9114e34d1 Add FIXME for better DOM scrutiny 
See https://github.com/element-hq/matrix-authentication-service/pull/5675#discussion_r3275929267
 2026-05-20 14:56:56 -05:00
Eric Eastwood 97b3446f69 Merge branch 'main' into madlittlemods/soft-limit-sso-login-test 2026-05-20 14:44:14 -05:00
Eric Eastwood 7d37e02fc0 Check whether policy evaluation result is valid() when we process_violations_for_compat_login(...) (#5681) 
This regressed in
https://github.com/element-hq/matrix-authentication-service/pull/5607 but
because the policy is only being used for session limiting
(https://github.com/element-hq/matrix-authentication-service/pull/5287), no
behavior has actually regressed. This is just important if we start enforcing
other logic in these policies.

Part of
https://github.com/element-hq/matrix-authentication-service/issues/4339 /
https://github.com/element-hq/backend-internal/issues/199 tracking work to
limit number of devices.
 2026-05-20 14:07:51 -05:00
Eric Eastwood bd995f18ef Merge branch 'main' into madlittlemods/check-valid 
Conflicts:
	crates/handlers/src/compat/login.rs
 2026-05-20 12:28:18 -05:00
Eric Eastwood 186b54f241 Schedule SyncDevicesJob after dangerous_hard_limit_eviction so the homeserver stays up to date (#5679) 
Follow-up to https://github.com/element-hq/matrix-authentication-service/pull/5607#discussion_r3189451555
 2026-05-20 12:26:07 -05:00
Eric Eastwood b73e06aded Update comment langauge and add it to other login spots 2026-05-20 11:58:36 -05:00
Eric Eastwood 7764e9e296 Formatting 2026-05-20 11:48:37 -05:00
Eric Eastwood 2aba54c4ba Update reason for why synchronous device creation 
See https://github.com/element-hq/matrix-authentication-service/pull/5679#discussion_r3237767718
 2026-05-20 11:47:18 -05:00
Eric Eastwood 502cf66024 Merge branch 'main' into madlittlemods/sync-devices-after-hard-limit-eviction 2026-05-20 11:45:02 -05:00
Quentin Gliech 89080983c4 Split multi-arch Docker build into parallel jobs (#5474) 2026-05-20 15:47:00 +02:00
Quentin Gliech eeea952b55 Add a comment about the artefact collection 2026-05-20 15:24:19 +02:00
Quentin Gliech 7834229784 Re-add DOCKER_METADATA_ANNOTATIONS_LEVELS to narrow annotations to the index 
`docker buildx imagetools create --annotation manifest:KEY=VALUE` errors
out with "manifest annotations are not supported yet". metadata-action
defaults to emitting `manifest:` prefixed entries, so without an explicit
`DOCKER_METADATA_ANNOTATIONS_LEVELS: index` the finalize step blows up
the first time it sees a non-empty annotations list.
 2026-05-20 15:22:56 +02:00
Quentin Gliech 63deb0b1fd Don't specify DOCKER_METADATA_ANNOTATIONS_LEVELS 
We're injecting annotations manually anyway
 2026-05-20 14:42:17 +02:00
Quentin Gliech d88db7deff Simplify the injection of annotations in the final manifest 2026-05-20 14:41:53 +02:00
Quentin Gliech c2dc7c11a9 Split multi-arch Docker build into parallel jobs 
- Modify Dockerfile to build single architecture based on TARGETARCH instead of cross-compiling both targets in one run
- Replace single build-image job with matrix job (amd64, arm64)
- Add finalize-image job that creates multi-arch manifests using `docker buildx imagetools create` and signs the final images
- Each architecture gets its own build cache

This enables parallel builds of each architecture, reducing total build time by running both simultaneously rather than sequentially.
 2026-05-20 12:57:22 +02:00
Quentin Gliech 750de33486 Push MAS docker images to Element OCI Registry (#5459) 2026-05-20 11:58:11 +02:00
Quentin Gliech 6946e57ffd Fix the release notes reference to the image 2026-05-20 10:58:01 +02:00
Quentin Gliech b9cddc84b6 Remove unused apalis dependabot config (#5685) 2026-05-20 10:57:12 +02:00