3b69c5c38c
chore(deps-dev): bump @testing-library/react from 14.1.2 to 14.2.1
...
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library ) from 14.1.2 to 14.2.1.
- [Release notes](https://github.com/testing-library/react-testing-library/releases )
- [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/react-testing-library/compare/v14.1.2...v14.2.1 )
---
updated-dependencies:
- dependency-name: "@testing-library/react"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-06 06:37:28 +00:00
2b651ce11b
Merge pull request #16315 from mozilla/fxa-9065
...
fix(email): Disable using Relay masks to create an account or secondary
2024-02-05 12:28:02 -05:00
679b80ffa6
fix(email): Disable using Relay masks to create an account or secondary email
2024-02-05 11:19:45 -05:00
54ceed606d
Merge pull request #16325 from mozilla/dependabot/npm_and_yarn/storybook/addon-docs-7.6.12
...
chore(deps-dev): bump @storybook/addon-docs from 7.0.26 to 7.6.12
2024-02-05 08:35:25 -06:00
ad69779a1d
Merge pull request #16331 from mozilla/dependabot/npm_and_yarn/tar-4.4.19
...
chore(deps): bump tar from 4.4.13 to 4.4.19
2024-02-05 08:34:43 -06:00
0947d5393e
Merge pull request #16332 from mozilla/dependabot/npm_and_yarn/nocache-4.0.0
...
chore(deps): bump nocache from 3.0.4 to 4.0.0
2024-02-05 08:34:04 -06:00
47d2d04a1e
Merge pull request #16333 from mozilla/dependabot/npm_and_yarn/eslint-plugin-import-2.29.1
...
chore(deps-dev): bump eslint-plugin-import from 2.25.3 to 2.29.1
2024-02-05 08:30:49 -06:00
1518617929
chore(deps-dev): bump eslint-plugin-import from 2.25.3 to 2.29.1
...
Bumps [eslint-plugin-import](https://github.com/import-js/eslint-plugin-import ) from 2.25.3 to 2.29.1.
- [Release notes](https://github.com/import-js/eslint-plugin-import/releases )
- [Changelog](https://github.com/import-js/eslint-plugin-import/blob/main/CHANGELOG.md )
- [Commits](https://github.com/import-js/eslint-plugin-import/compare/v2.25.3...v2.29.1 )
---
updated-dependencies:
- dependency-name: eslint-plugin-import
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-05 07:07:45 +00:00
67888b7c5a
chore(deps): bump nocache from 3.0.4 to 4.0.0
...
Bumps [nocache](https://github.com/helmetjs/nocache ) from 3.0.4 to 4.0.0.
- [Changelog](https://github.com/helmetjs/nocache/blob/main/CHANGELOG.md )
- [Commits](https://github.com/helmetjs/nocache/compare/v3.0.4...v4.0.0 )
---
updated-dependencies:
- dependency-name: nocache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-05 07:06:54 +00:00
7b8f87da25
chore(deps): bump tar from 4.4.13 to 4.4.19
...
Bumps [tar](https://github.com/isaacs/node-tar ) from 4.4.13 to 4.4.19.
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v4.4.13...v4.4.19 )
---
updated-dependencies:
- dependency-name: tar
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-03 03:47:37 +00:00
f93f35a2fd
Merge pull request #16329 from mozilla/dependabot/npm_and_yarn/nodemailer-6.9.9
...
chore(deps): bump nodemailer from 6.7.3 to 6.9.9
2024-02-02 13:07:28 -05:00
939ef44cd6
Merge pull request #16317 from mozilla/fix-pii-filter-exception
2024-02-02 09:13:29 -08:00
6804a888d0
Merge pull request #16316 from mozilla/fix-extraneous-sentry-errors
2024-02-02 09:11:41 -08:00
0c0181ce2b
Merge pull request #16318 from mozilla/use-gql-for-password-reset
2024-02-02 09:10:30 -08:00
779499ff5e
Merge pull request #16330 from mozilla/delete-account-script-dep-fix
...
fix(scripts): set AccountDeleteManager for delete account script
2024-02-02 10:49:27 -06:00
03db478920
fix(scripts): set AccountDeleteManager for delete account script
...
Because:
- the account routes has a dependency on AccountDeleteManager but we
are not setting one into the DI container
This commit:
- set an instance of AccountDeleteManager for the delete account script
2024-02-02 10:07:41 -06:00
c161ada4bc
chore(deps-dev): bump @storybook/addon-docs from 7.0.26 to 7.6.12
...
Bumps [@storybook/addon-docs](https://github.com/storybookjs/storybook/tree/HEAD/code/addons/docs ) from 7.0.26 to 7.6.12.
- [Release notes](https://github.com/storybookjs/storybook/releases )
- [Changelog](https://github.com/storybookjs/storybook/blob/next/CHANGELOG.md )
- [Commits](https://github.com/storybookjs/storybook/commits/v7.6.12/code/addons/docs )
---
updated-dependencies:
- dependency-name: "@storybook/addon-docs"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-02 16:01:04 +00:00
da2ea4c8a0
chore(deps): bump nodemailer from 6.7.3 to 6.9.9
...
Bumps [nodemailer](https://github.com/nodemailer/nodemailer ) from 6.7.3 to 6.9.9.
- [Release notes](https://github.com/nodemailer/nodemailer/releases )
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md )
- [Commits](https://github.com/nodemailer/nodemailer/compare/v6.7.3...v6.9.9 )
---
updated-dependencies:
- dependency-name: nodemailer
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-02 15:54:22 +00:00
07bac606f5
Merge pull request #16327 from mozilla/dependabot/npm_and_yarn/sentry/opentelemetry-node-7.99.0
...
chore(deps): bump @sentry/opentelemetry-node from 7.86.0 to 7.99.0
2024-02-02 09:53:03 -06:00
7cc9fbffcd
Merge pull request #16322 from mozilla/dependabot/npm_and_yarn/golevelup/ts-jest-0.4.0
...
chore(deps): bump @golevelup/ts-jest from 0.3.3 to 0.4.0
2024-02-02 09:51:54 -06:00
eeb68caf96
Merge pull request #16324 from mozilla/dependabot/npm_and_yarn/mozilla/glean-4.0.0
...
chore(deps): bump @mozilla/glean from 3.0.0 to 4.0.0
2024-02-02 09:51:12 -06:00
2710e69e26
chore(deps): bump @sentry/opentelemetry-node from 7.86.0 to 7.99.0
...
Bumps [@sentry/opentelemetry-node](https://github.com/getsentry/sentry-javascript ) from 7.86.0 to 7.99.0.
- [Release notes](https://github.com/getsentry/sentry-javascript/releases )
- [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/getsentry/sentry-javascript/compare/7.86.0...7.99.0 )
---
updated-dependencies:
- dependency-name: "@sentry/opentelemetry-node"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-02 06:59:13 +00:00
b77630cff6
chore(deps): bump @mozilla/glean from 3.0.0 to 4.0.0
...
Bumps [@mozilla/glean](https://github.com/mozilla/glean.js ) from 3.0.0 to 4.0.0.
- [Release notes](https://github.com/mozilla/glean.js/releases )
- [Changelog](https://github.com/mozilla/glean.js/blob/main/CHANGELOG.md )
- [Commits](https://github.com/mozilla/glean.js/compare/v3.0.0...v4.0.0 )
---
updated-dependencies:
- dependency-name: "@mozilla/glean"
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-02 06:52:01 +00:00
6ac77dbedb
chore(deps): bump @golevelup/ts-jest from 0.3.3 to 0.4.0
...
Bumps [@golevelup/ts-jest](https://github.com/golevelup/nestjs ) from 0.3.3 to 0.4.0.
- [Commits](https://github.com/golevelup/nestjs/compare/@golevelup/ts-jest@0.3.3...@golevelup/ts-jest@0.4.0 )
---
updated-dependencies:
- dependency-name: "@golevelup/ts-jest"
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-02 06:46:36 +00:00
998b43fa06
task(settings): Restore use of gql query for resetPassword
...
Because:
- We fixed the ip forwarding issue and want to validate the work
This Commit:
- Makes a gql call PASSWORD_FORGOT_SEND_CODE
2024-02-01 15:12:44 -08:00
ba777e1494
bug(shared): Handle exception in email pii filter
...
Because:
- We could see from breadcrumbs on other sentry events that uriDecode would sometimes produce an exception
This Commit:
- Handles any uriDecode error and falls back to just using the raw string if this happens
2024-02-01 10:56:58 -08:00
65095d40ec
bug(auth): Fix issue where errors are being reported that should be repressed.
...
Because:
- After adding tracing and upgrading sentry it appears errors can propagate in other ways.
This Commit:
- Moves the ignoreError check into the error module
- Runs the ignoreError check in the filterEvents function that runs on before send.
2024-02-01 10:53:29 -08:00
47f6acbb09
Merge pull request #16313 from mozilla/dependabot/npm_and_yarn/nock-13.5.1
...
chore(deps-dev): bump nock from 13.3.0 to 13.5.1
2024-02-01 09:55:16 -06:00
9d017c992b
Merge pull request #16311 from mozilla/dependabot/npm_and_yarn/googleapis-131.0.0
...
chore(deps): bump googleapis from 109.0.1 to 131.0.0
2024-02-01 09:54:50 -06:00
99b7575b48
Merge pull request #16312 from mozilla/dependabot/npm_and_yarn/nx/node-17.3.1
...
chore(deps-dev): bump @nx/node from 16.10.0 to 17.3.1
2024-02-01 09:51:27 -06:00
cfd2c47288
Merge pull request #16308 from mozilla/dependabot/npm_and_yarn/read-3.0.1
...
chore(deps-dev): bump read from 2.1.0 to 3.0.1
2024-02-01 09:26:56 -06:00
bbfc0480e5
chore(deps-dev): bump nock from 13.3.0 to 13.5.1
...
Bumps [nock](https://github.com/nock/nock ) from 13.3.0 to 13.5.1.
- [Release notes](https://github.com/nock/nock/releases )
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md )
- [Commits](https://github.com/nock/nock/compare/v13.3.0...v13.5.1 )
---
updated-dependencies:
- dependency-name: nock
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-01 06:50:27 +00:00
5543e8a003
chore(deps-dev): bump @nx/node from 16.10.0 to 17.3.1
...
Bumps [@nx/node](https://github.com/nrwl/nx/tree/HEAD/packages/node ) from 16.10.0 to 17.3.1.
- [Release notes](https://github.com/nrwl/nx/releases )
- [Commits](https://github.com/nrwl/nx/commits/17.3.1/packages/node )
---
updated-dependencies:
- dependency-name: "@nx/node"
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-01 06:49:06 +00:00
19a92efc1e
chore(deps): bump googleapis from 109.0.1 to 131.0.0
...
Bumps [googleapis](https://github.com/googleapis/google-api-nodejs-client ) from 109.0.1 to 131.0.0.
- [Release notes](https://github.com/googleapis/google-api-nodejs-client/releases )
- [Changelog](https://github.com/googleapis/google-api-nodejs-client/blob/main/release-please-config.json )
- [Commits](https://github.com/googleapis/google-api-nodejs-client/compare/googleapis-v109.0.1...googleapis-v131.0.0 )
---
updated-dependencies:
- dependency-name: googleapis
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-01 06:47:34 +00:00
b0e54b2eef
chore(deps-dev): bump read from 2.1.0 to 3.0.1
...
Bumps [read](https://github.com/npm/read ) from 2.1.0 to 3.0.1.
- [Release notes](https://github.com/npm/read/releases )
- [Changelog](https://github.com/npm/read/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/read/compare/v2.1.0...v3.0.1 )
---
updated-dependencies:
- dependency-name: read
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-01 06:40:45 +00:00
1e50382016
Merge pull request #16292 from mozilla/fxa-8841-paypel-refund-on-delete
...
feat(auth): Refund Stripe and PayPal invoices on delete
2024-01-31 17:42:02 -05:00
f37f930bbc
Merge pull request #16288 from mozilla/dependabot/github_actions/slackapi/slack-github-action-1.25.0
...
chore(deps): bump slackapi/slack-github-action from 1.24.0 to 1.25.0
2024-01-31 15:16:21 -06:00
b8e1a418f1
Merge pull request #16280 from mozilla/dependabot/npm_and_yarn/dotenv-expand-10.0.0
...
chore(deps): bump dotenv-expand from 5.1.0 to 10.0.0
2024-01-31 15:09:42 -06:00
0b60612c47
feat(auth): Refund Stripe and PayPal invoices on delete
...
Because:
* For unverified accounts, refund invoices paid through PayPal, up to
180 days ago.
* For unverified accounts, refund all invoices paid through Stripe.
This commit:
* Adds invoice fetch to StripeHelper
* Adds invoices refund method to StripeHelper
* Adds invoices refund method to PayPalHelper
* Adds refundSubscriptions method to AccountDeleteManager
Closes #FXA-8840 and FXA-8841
Co-authored-by: Julian Poyourow <julian@poyourow.com>
2024-01-31 16:04:00 -05:00
010efaee84
Merge pull request #16290 from mozilla/FXA-8870
...
task(settings, content, graphql, admin): Support V2 key stretching on the front-end
2024-01-31 11:44:28 -08:00
eb40b69cdb
Merge pull request #16306 from mozilla/dont-persist-age
...
fix(storage): Don't persist `atLeast18AtReg` to local storage
2024-01-31 13:22:12 -06:00
5a58b355bd
task(settings, content, admin): Support V2 key stretching on the front end
...
Because:
- We want to support V2 key stretching
- We want to enable V2 key stretching via and experiment
This Commit:
- Adds support to fxa-auth-client so that it can run in either V1 or V2 key stretching mode
- Adds experiment to toggle on and off V2 key stretching
- Updates content server to apply V2 key stretching when experiment is enabled, or `quickstretch=2` is in url
- Updates settings to apply V2 key stretching when experiment is enabled, or `quickstretch=2` is in url
- Updates graphql-server to support V2 key stretching parameters
- Adds functional test coverage to ensure that all combinations of V1 and V2 key stretch user flows are compatible.
- Ensures that the keyStretchToken and uwrapBKey are sent to firefox depending on which key stretch version was used
2024-01-31 10:57:16 -08:00
fd3404658b
fix(storage): Don't persist `atLeast18AtReg` to local storage since it isn't used
2024-01-31 13:55:28 -05:00
14d74a0756
Merge pull request #16305 from mozilla/FXA-8629.followup.1
...
task(graphql): Add logging for incoming x-forwarded-for headers
2024-01-31 09:32:53 -08:00
41ce2090c8
task(graphql): Add logging for incoming x-forwarded-for headers
...
Because:
- After landing the previous patch, there was some concern that something might also be off with the headers being sent to the gql-api.
This Commit:
- Adds logs to ensure that the x-forwarded-for headers are being sent to graphql-api
- Adds extra edge case such that current x-forwarded-for headers are respected. Note that in stage / production, these values are provided by the ingress. It's possible that the previous implementation, which just looked at req.ip was dropping these.
2024-01-31 08:53:05 -08:00
dd1f0c23db
Merge pull request #16257 from mozilla/FXA-8907
...
refactor(sync): Remove 'Looking for Firefox Sync?' link from home page
2024-01-31 10:22:36 -06:00
d48892752f
Merge pull request #16304 from mozilla/FXA-8905
...
feat(sync): Send Sync oauth login data via firefox.fxaLogin
2024-01-31 10:19:11 -06:00
274b5bd930
feat(sync): Send Sync oauth login data via firefox.fxaLogin
...
Because:
* Sync desktop is moving to oauth_webchannel_v1 context and we need to accomodate to allow content and oauth sync to share the same session token
This commit:
* Sends oauth sync data up via firefox.fxaLogin and firefox.fxaLoginSignedInUser for signup and reset password
* Removes switch statements around integration type, as we're not following this pattern on new pages, and removes now obsolete comments
* Adds isSyncOAuthIntegration helper
* Updates tests
closes FXA-8905
2024-01-31 09:51:00 -06:00
7a166a3f55
Merge pull request #16302 from mozilla/script-rate-limit-comments
...
chore(scripts): add help text about rate limits to scripts
2024-01-31 08:54:17 -06:00
f5fb7cd701
Merge pull request #16301 from mozilla/fxa-8793
...
fix(signin): Redirect to totp page if user lands on signin confirm with totp enabled
2024-01-31 09:28:19 -05:00
dependabot[bot]
Vijay Budhram
Vijay Budhram
Barry Chen
Dan Schomburg
dschom
Reino Muhl
Lauren Zugai