mozilla
/
fxa-customs-server
зеркало из
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
fxa-customs-server/CHANGELOG.md

29 KiB
Исходник Постоянная ссылка Ответственный История

1.134.1 (2019-04-02)

Bug Fixes

  • deps: Fix the audit warnings. (6014d75)

1.134.0 (2019-04-02)

Features

  • docker: Use node 10 to build the docker image (2b124c2)

Refactor

  • server: Extract and simplify record retreival/storage, user defined rules. (6f73c3c)

1.132.0 (2019-03-05)

Features

  • fraud-detection: Listen for DataFlow fraud detection events (ad16e74), closes #311

1.130.0 (2019-02-06)

Bug Fixes

  • logs: preserve homogeneity of more log properties (bb91ab5)

chore

  • package: update shrinkwrap (28ad6d5)

1.129.0 (2019-01-25)

Bug Fixes

  • logs: preserve homogeneity of log properties (469ca49)

1.124.0 (2018-10-30)

Bug Fixes

Features

  • deps: Add tls-shrink, remove "^" prefix on audit-filter version (fd69125), closes #280

1.123.0 (2018-10-16)

1.122.0 (2018-10-02)

1.121.0 (2018-09-18)

1.120.1 (2018-09-07)

Features

  • code: add custom rate limits for token code (cd949ae)

1.120.0 (2018-09-06)

Bug Fixes

  • deps: Remove nsp support, add npm audit support in logging only mode. (#274) r=@vladik (884909e), closes #271

Features

  • deps: Update to the newest restify. (#264) (d50ec32)

1.119.0 (2018-08-22)

1.118.1 (2018-08-14)

Bug Fixes

  • restify: set keepAliveTimeout correctly on api.server object (#267) (17a4715)
  • restify: set server.keepAliveTimeout to 120s, similar to in node6 (#266) (c10d339)

1.118.0 (2018-08-08)

Bug Fixes

  • deps: update ip-reputation-js-client to 4.1.0 (#263) r=@vladikoff (3fd7639)

1.117.0 (2018-07-24)

Features

  • ci: update to circle 2 (#260) r=@vbudhram (c346bb8)
  • code: add recoveryKeyExists to account status actions (#259) r=@vladikoff (1d7ea3b)

1.116.0 (2018-07-11)

Bug Fixes

  • circle: docker run --rm -it fxa-customs-server:build npm ls --production fxa#302 (5037ee8)

chore

  • release: Merge mozilla/train-115 into master r=@shane-tomlinson (5112862)

1.115.0 (2018-06-27)

test

  • reputation: adds compose based integration test with iprepd (#253) r=@vladikoff (458f94d)

1.114.3 (2018-06-21)

Features

  • actions: Add 'verifyRecoveryCode' as a code-checking action. (fd4a1a3)

1.114.2 (2018-06-13)

Bug Fixes

  • docker: base image node:8-alpine and upgrade to npm6 (60a9013)

1.114.1 (2018-06-13)

Bug Fixes

1.114.0 (2018-06-13)

Bug Fixes

  • deps: Update ip rep client to v3 (#247), r=@vbudhram (c40684e)
  • deps: update ip rep client to v4 (#249) r=@vladikoff (ab1fb6e)
  • tests: remove bash builtin from test-local.sh (#250) r=@vladikoff (d177360)

1.113.0 (2018-05-30)

chore

  • ci: Remove coveralls from travis config (#246) (3a988b6)

1.112.0 (2018-05-16)

Bug Fixes

  • npm: update shrinkwrap (#241) (aaa2afb)
  • nsp: Update newrelic version (#240) r=@vladikoff (40580f1)

1.111.0 (2018-05-02)

Features

  • node: update to node 8 (#239) r=@jrgm (e8e2e45)

1.110.0 (2018-04-18)

Bug Fixes

chore

  • docs: Add documentation on tagging private releases. (#237) r=@vladikoff (2a8c180)

Features

  • totp: add totp rate limits (#233), r=@rfk (970f01e)

1.109.0 (2018-04-04)

Bug Fixes

  • node: Use Node.js v6.14.0 (#232) r=@vladikoff (de0ddc7)

chore

  • deps: update ip-reputation-js-client (#231) r=@vladikoff (abac95c)

1.108.0 (2018-03-21)

Bug Fixes

  • test: start memcached as part of 'npm test' r=@vladikoff (475bf23), closes #228

1.106.0 (2018-02-21)

Bug Fixes

  • log: fix log op s/checkAuthenticated/checkIpOnly/ (13e6af4)

chore

docs

1.103.0 (2018-01-09)

Bug Fixes

Features

  • logs: add Sentry error logs (#224) r=@vbudhram (4cbc544)
  • token: Add rate limit for tokenCodes (#225), r=@rfk (0f94081)

1.102.0 (2017-12-13)

1.101.0 (2017-11-29)

Bug Fixes

  • sms: Load allowedPhoneNumbers from memcached! (6cc0ceb)

chore

  • sms: Store allowed phone numbers in a Set (17a9459)

Features

  • sms: Add an allow list of non-rate limited phone numbers for testing. (7822603), closes #217
  • sms: Added tests for change allowedPhoneNumbers config (35c37d5)

Refactor

  • isAllowed: Add isAllowed to allowedIPs. (7951772)

1.100.0 (2017-11-15)

Bug Fixes

  • grunt: Commit new file CHANGELOG.md, not the old file CHANGELOG (e21820c)
  • newrelic: Dockerpush fix newrelic must be first (#215) r=@vladikoff (bf06c0e), closes [(#215](https://github.com/(/issues/215)
  • newrelic: newrelic native requires python, gyp, c++; update node@6.12.0 (#216) r=@vladikof (19920cc)

chore

  • build: add changelog tag (#213) r=@vbudhram (f228d27)
  • npm: update shrinkwrap command (d45d1ab)

1.98.0 (2017-10-26)

chore

  • docker: Update to node v6.11.5 for security fix (290e678)

1.92.0 (2017-07-26)

Bug Fixes

  • docs: document the dependency on memcached (#211) r=vladikoff (32f9083)
  • server: remove mozdef integration (#209) (a682ae4), closes #204

1.91.0 (2017-07-12)

Bug Fixes

  • nodejs: upgrade to 6.11.1 for security fixes (ef20449)

Features

  • node: upgrade to Node 6 (#208) (7b20330)

1.90.0 (2017-06-28)

1.89.0 (2017-06-28)

1.88.0 (2017-05-31)

Features

  • actions: add consumeSigninCode as an ACCOUNT_ACCESS_ACTION (08fca60)
  • docker: add custom feature branch (#202) r=jrgm (159d53b)

1.86.0 (2017-05-03)

Bug Fixes

  • settings: pushOnMissing no longer updates on unexpected errors (a720749), closes #194
  • sms: Add ability to rate-limit sms by email (#198), r=@rfk (e2f206c)

chore

  • deps: Update shrinkwrap (da6765a)

Features

  • emails: Add createEmail to email sending endpoints (#199) r=vladikoff (b412411), closes #180

1.85.0 (2017-04-19)

Bug Fixes

  • security: escape json output (#193) r=vladikoff (720e7de)

chore

  • docker: Use official node image & update to Node.js v4.8.2 (#196) r=vladikoff (e7dd3c1)

1.84.0 (2017-04-04)

Bug Fixes

  • tests: Correctly rate limit sms by ip address (#191), r=@rfk (2a70689)

1.83.0 (2017-03-21)

Bug Fixes

  • docs: Add notes for sms (#184), r=@shane-tomlinson (1cd55b1)
  • tests: Update config and testing for sms (#189) r=vladikoff (8fef3d1)

1.82.0 (2017-03-08)

Bug Fixes

chore

  • changelog: Update the changelog (c0434db)
  • docs: add circle ci badge to README (63f30f6)
  • package: Use ip-rep service client with keepalive enabled (#181) r=vladikoff (7c2b774)

Features

  • docker: add Docker support (#176) r=vladikoff,jbuck (b0cb1fa)

1.81.0 (2017-02-24)

Bug Fixes

  • config-set: Don't attempt to merge array-valued config items. (#171); r=jrgm (310fafb)
  • reputation: add more (positive) logging to reputation service requests (#179), r=@vbudhram (a521224)

Features

  • blocklist: Add support to specify the block level for multiple blocklists (#167), r=@rfk (14e37c3)

0.80.0 (2017-02-16)

Bug Fixes

  • startup: Exit process on any startup error. (#169), r=@rfk (7a56e8b)
  • tests: remove old code coverage tool (#173), r=@vbudhram (84d6ca4), closes #164
  • timers: Unref all the update-polling timers. (#170); r=vbudhram (c5002be)

Features

  • sms: Add support for rate-limiting sms actions (#161), r=@philbooth, @rfk (dd30b0e)

Refactor

  • tests: Add ability to debug child processes (#162), r=@rfk (7a73ca4)

0.79.0 (2017-01-25)

Bug Fixes

  • retryAfter: Round blocking periods up instead of down. (#159), r=@vbudhram (a9f1932)
  • test: increase rateLimitInterval for send_violation_tests (#157), r=@vbudhram (262c210)

Features

  • config: Merge with existing config when writing to memcache. (#151) r=vladikoff (a8f4d68)
  • ipreputation: Use IP reputation service from /check (#152), r=@vbudhram (4f5d781)

0.78.0 (2017-01-11)

Bug Fixes

  • config: remove mockmyid rate limit, add second restmail (#156); r=rfk (d61ac26)
  • docs: Add note about commit messages (#155); r=rfk (da057a2)

chore

  • shrinkwrap: add npm script for shrinkwrap (#150) r=vladikoff (e84a4be), closes #149

0.72.1 (2016-10-26)

Bug Fixes

  • ip_record: Correctly total bad logins by unique email address. (4f20fad)

0.72.0 (2016-10-19)

Bug Fixes

  • blocklist: Convert date to milliseconds for file comparison (#143); r=rfk (dfc173e)
  • logging: Don't attempt to log a 'msg' field. (01d8e3d)
  • unblock: Return unblock value for IPs on a blocklist (fa2c306)

chore

  • config: Don't set allow ALLOWED_IPS by default. (#138); r=jrgm (9545e7d)
  • lint: Fix up some linty issues noticed in PR review. (623de15)

Features

  • blocklist: Add latest firehol sample list (#144); r=rfk (9f23903)
  • requestChecks: Backport "requestChecks" framework from private repo. (5ddfcf1)

0.71.0 (2016-10-05)

Bug Fixes

Features

  • blocklist: Add blocklist module (#117), r=@rfk, @seanmonstar (029111d)
  • unblock: add unblock rate limits (#131); r=rfk (03c8c02)
  • verify-code: Add rate-limiting of code verification attempts. (#132); r=vbudhram (1dc03ef)

0.69.0 (2016-09-08)

feature

  • newrelic: add optional newrelic integration (bac4bbc)

0.67.0 (2016-08-11)

Bug Fixes

  • ip: Rate-limit all status-checking actions per IP. (9a4eaf5)

chore

  • release: Add changelog for v0.66.0 (ca57b82)
  • server: Remove some left-over references to account lockout. (#124) r=vladikoff (383412c)

Features

  • block: ip record blocks trump all other conditions (112277f)
  • server: Add uid_record and checkAuthenticated endpoint (#121) r=vladikoff,rfk (3a254c4)

Refactor

  • test: Modify test cases to use promises instead of callbacks (#123) r=vladikoff (6fadc52), closes #97

0.66.0 (2016-07-27)

Bug Fixes

  • tests: add coveralls and enforce coverage (c236800), closes #12

Features

  • server: Remove badLoginLockout config and EmailRecord.lf (loginFailure) related code. (28343cb)
  • server: Remove account lockout. (f409c6f), closes #120

0.64.0 (2016-06-22)

chore

0.61.0 (2016-05-04)

Features

  • email: Add config option to avoid blocking certain email domains (e578c26)
  • scripts: added admin scripts: block-ip and customs-info (5405ac5)

0.60.1 (2016-04-20)

0.60.0 (2016-04-19)

Bug Fixes

  • blocking: Merge and now blocks all request on server-side error (484ff0c)
  • blocking: Send block for all requests if memcache is down (721dffe)
  • blocking: Send block for all requests if memcache is down (6955b6a)
  • check: Include more action names in various checks. (a8f5892)
  • config: add more config to ip rate limits (f52d913)
  • config: update name values for ip ban (92a0008)
  • handler: add new config values to handler.js (5ca3052)
  • ip: Be less aggressive about extending IP rate-limit duration. (b8469d4)
  • ip: Don't rate-limit email sending based on IP address alone. (6c2f892)
  • ip: Pass updated config params to ip_record in the ban-handling script. (09dd129)
  • iprecord: Fix calls to IpRecord.addBadLogin (13c339a)
  • ips: Add ALLOWED_IPS environment variable for config. (4456e35)
  • lifetime: ensure memcache lifetime is set in more places (3c3c722)
  • lifetime: Ensure records are written with sufficient ttls in memcache. (5aff49c)
  • lock: add ip lock test (30f8a5d)
  • logins: add docs and simplify test (ed6790f)
  • logins: add test and adjust rate limit (8d94c1c)
  • logins: combine limiting for bad logins and rate (2f0aa17)
  • style: Fix some typos (cafe245)
  • tests: adjust config values for status check (746e9d5)
  • tests: adjust login tests (7c4de25)

chore

Features

  • config: Allow config to be udpated via memcached (8fa354a)
  • ip: Add config option for list of allowed ips. (2632ae7)
  • ip: Count IP rate limits based on unique emails only. (2773c40)
  • iprecord: record errno and ratelimit when errno is 102 (37b4a1a)
  • login: Allow different bad-login errnos to have different weights. (50c84e5)
  • logins: Count rate-limited login attempts as failed logins. (4761653)

0.57.0 (2016-03-01)

Bug Fixes

  • config: restore top-level "config" dir for $(NODE_ENV).json files. (b853875)

Features

  • api: Add check account status (4df20b8)

Refactor

  • lib: Put all the code inside a "lib" subdirectory. (493984a)

0.55.0 (2016-01-31)

Bug Fixes

  • build: add grunt-nsp (816ae95)
  • travis: build and test on 0.10, 0.12 and 4.x (4922a10)
  • travis: remove broken validate-shrinkwrap (f01517b)

chore

  • docs: remove misleading reference to awsbox (8f9c06f)

0.45.0 (2015-09-13)

chore

  • build: Replace JSHint with ESLint (dad97a5)
  • shrinkwrap: update npm-shrinkwrap (cc6444b)
  • travis: Tell Travis to use #fxa-bots (f835276)
  • version: generate legacy-format output for ./config/version.json (129d885)

0.39.0 (2015-06-10)

chore

  • config: Update convict and switch on strict validation. (d2168f9)
  • license: Update license to be SPDX compliant (237f745)
  • shrinkwrap: update ass to what other modules use; update shrinkwrap (06920e5)

0.36.0 (2015-04-28)

chore

  • travis: build/test on 0.10, 0.12, and iojs (2818e43)
  • travis: quiet validate-shrinkwrap failure on security warning on module (4b93b2b)

docs

  • changelog: changelog for train-34 (9f299cc)

0.34.0 (2015-04-02)

Bug Fixes

  • release: add tasks "grunt version" and "grunt version:patch" to create release tags (532f8c2)
  • tests: files were not being linted; so now, make jshint happy (152b7f8)

chore

  • shrinkwrap: update shrinkwrap (e9c5d91)

0.33.0 (2015-03-17)

Bug Fixes

  • config: fix units typo in default config (6befc10)

Features

  • config: Add a badLoginLockoutIntervalSeconds configuration option. (429eec1), closes #75
  • docs: Include a snipped about the memcached requirement. (2446f1a), closes #77

Older Versions

0.6.0

  • Add more logging when handling sqs ban events - #73

0.5.0

  • Block all actions for emails that are explicitly banned - #70

0.4.0

  • Validation errors should return 400 errors, not 500 - #68
  • Document the current blocking and rate-limiting policies - #63

0.3.0

  • Add support for account lockout on excessive login attempts - #58, #60
  • normalize email addresses (compare the lower case values) - #59, #62

0.2.0

  • update request and restify for new qs module
  • update ass version
  • use npm shrinkwrap

0.1.1

  • Remove redundant memcache.host and memcache.port settings
  • expose all configuration settings to the environment; add option memcache.address to work with previous puppet settings
  • removing npm spinner from travis logs

0.1.0

  • init