github/meteor
1
1
Fork 0
mirror of https://github.com/meteor/meteor.git synced 2026-05-02 03:01:46 -04:00
Code Issues Packages Projects Releases Wiki Activity
13,780 Commits 1,974 Branches 1,623 Tags
11b7397857f71a938d016e9cd1ddbb4e4b94de4c
Commit Graph

36 Commits

Author SHA1 Message Date
David Glasser
4daaa76b12 METEOR@1.0.4 2015-03-17 13:06:07 -07:00
David Glasser
10ee6aeb10 use real versions of non-core modules 2015-03-05 22:55:19 -08:00
David Glasser
af0469da35 Bump other packages to -rc.0 2015-03-05 22:54:07 -08:00
Slava Kim
27f249bfed A lot of crazy package bumps 2015-01-21 14:03:55 -08:00
Sashko Stubailo
802ba5c014 Bump package versions 2015-01-20 22:34:18 -08:00
Sashko Stubailo
361b99a7fd Re-add deps on npm-bcrypt and npm-node-aes-gcm 2015-01-20 22:34:18 -08:00
David Glasser
6b204ca73a Bump package versions for 1.0.2 2014-12-19 10:31:59 -08:00
David Glasser
73b809c122 Bump versions for 1.0.2. 2014-12-11 22:44:41 -08:00
David Glasser
6ea8443f30 Update calls to addFiles, onUse, and onTest 2014-12-09 20:18:31 -08:00
David Glasser
de5f68cf70 bump all versions (due to source-map upgrade) 2014-11-25 09:06:26 -08:00
Sashko Stubailo
36da5aecb4 Make all version numbers not have rc 2014-10-13 14:09:37 -07:00
Sashko Stubailo
698fbedb10 Bump all of the version numbers to rc.0 2014-10-07 17:10:48 -07:00
Sashko Stubailo
1e53f6b598 Bump all version numbers again after cherry-picking unipackage fix 2014-10-01 17:06:57 -07:00
Sashko Stubailo
0129c3f5ac Bump all of the version numbers again, to republish with the unipackage.json fix 2014-10-01 15:43:05 -07:00
Sashko Stubailo
eecc272e4a Bump every single package version number due to a change in compilation 2014-09-29 23:44:50 -07:00
ekatek
b9a714f028 ripping out internal, name and test from package.js files 2014-07-07 20:50:50 -07:00
David Glasser
bfdc92dfac wrapper checkpoint 2014-06-26 13:53:14 -07:00
ekatek
fb709c9563 remove versions files from core packages 2014-06-16 22:11:31 -07:00
David Glasser
c5e5305a3b Merge branch 'devel' into packaging 
Conflicts:
	tools/bundler.js
	tools/packages.js
 2014-06-11 12:02:57 -07:00
Emily Stark
0a4b7b55cc Use underscore in oauth-encryption package 2014-05-20 11:38:05 -07:00
ekatek
beb0e59b9d new version files from teh new solver? Also, package.js correct with tests 2014-05-09 17:36:25 -07:00
ekatek
031890d2c5 don't store buildtime deps in the catalog 2014-05-04 16:56:58 -07:00
ekatek
23ad149a78 better versions files 2014-04-25 15:06:45 -07:00
ekatek
10d2047d12 clean up 2014-04-25 15:01:20 -07:00
ekatek
c84c8d6097 alphabetize package version lock files 2014-04-24 18:18:21 -07:00
David Glasser
fbde0a00a7 Merge branch 'publish-packages' into library-refactor 
Conflicts:
	packages/domutils/package.js
	packages/handlebars/package.js
	packages/htmljs/package.js
	packages/liverange/package.js
	packages/spark/package.js
	packages/universal-events/package.js
	tools/bundler.js
	tools/help.txt
	tools/packages.js
	tools/run-app.js
	tools/run-mongo.js
	tools/skel/.meteor/packages
 2014-04-24 17:01:36 -07:00
Emily Stark
739cb078f7 Add a couple more oauth encryption tests 2014-04-22 11:24:06 -07:00
Emily Stark
24e42e715b Remove Meteor._printDecryptionFailures. 
We can add it back in if users want it; for now it makes me nervous.
 2014-04-22 11:23:34 -07:00
Emily Stark
54f6d3654a Move userId out of AAD and into plaintext. 
We want to maintain compatibility with the node crypto module, which
doesn't currently have an interface for specifying AAD.
 2014-04-22 10:28:27 -07:00
Emily Stark
4c85670676 Check auth_ok before parsing decrypted ciphertext 2014-04-21 11:40:38 -07:00
Emily Stark
a7a21e5365 Add some curly braces 2014-04-21 11:19:03 -07:00
Emily Stark
f8036fc1f4 Check authTag in isSealed 2014-04-21 11:17:37 -07:00
Emily Stark
92a7e9a30d Reindent OAuthEncryption.isSealed 2014-04-21 11:17:13 -07:00
Andrew Wilcox
6329d7f2d0 Add example for encrypting existing user tokens to the oauth-encryption readme. 
Replace the `Meteor._insecureExceptions` flag with
`Meteor._printDecryptionFailure` to more closely match livedata's
`Meteor._printSentDDP` and `Meteor._printReceivedDDP`.  This also has
the advantage of not changing the behavior of the `open` function when
additional debugging is needed in development.
 2014-04-10 18:29:12 -04:00
Andrew Wilcox
83af2e2179 oauth-encryption code review items 
Have `OAuthEncryption.open` throw "decryption unsuccessful" on any
error to avoid allowing an attacker to break the encryption key by
observing the result of sending manipulated ciphertexts.

Add oauth-encryption and the oauthSecretKey config options to the docs
page.

Update history.

More documentation on functions.

Use `OAuth.sealSecret(...)` instead of `{seal: ...}`.

Rename OAuth._openSecret(s) to OAuth.openSecret(s).

In the readme describing how to generate a key, just use Node instead
of going through the hassle of creating a Meteor application.

Have the `oauth` package weakly depend on `oauth-encryption` for when
it's being used without accounts.

Add tips on using oauth-encryption without accounts to the readme.
 2014-04-10 14:26:44 -04:00
Andrew Wilcox
d365f052f5 Encrypt account service configuration and OAuth secrets stored in the 
database.

"Oauth" is renamed to "OAuth".  "Oauth" is kept as an alias for
backwards compatibility.

README.md contains a sample description of how to generate and use the
oauthSecretKey, which might be incorporated into the wiki
documentation page.
 2014-04-08 18:57:58 -04:00