Nicolas Werner
d70a344a4d
Fix userprofile on roomlist
2 years ago
Nicolas Werner
005a4978bf
Update translations
2 years ago
Nicolas Werner
b205819ba6
Swap thread and edit button
2 years ago
Nicolas Werner
d8993c14e1
Fix raw message dialog
2 years ago
Loren Burkholder
8ecbb39dc6
cppcheck stuff ( #1200 )
...
* cppcheck stuff
* Update src/ui/RoomSettings.cpp
Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>
* Update src/ui/RoomSettings.cpp
Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>
* Fix linting
Co-authored-by: DeepBlueV7.X <nicolas.werner@hotmail.de>
2 years ago
DeepBlueV7.X
5e9eb845ab
Merge pull request #1202 from Nheko-Reborn/grammar
...
Grammar
2 years ago
Loren Burkholder
e7d0344997
Fixed a crash in member list loading ( #1199 )
2 years ago
Nicolas Werner
33403d650a
Don't strip fallbacks on plain text bodies
2 years ago
DeepBlueV7.X
cfcdc23d4a
Merge pull request #1201 from Nheko-Reborn/eoUpdates
...
Update some Esperanto translations
2 years ago
Nicolas Werner
b3c5f41625
Fix a few more windows warnings
2 years ago
Nicolas Werner
1365e4e266
Try to fix qtjdenticon build in appveyor
2 years ago
Nicolas Werner
a55fc8e43b
Work around MSVC bug with structured bindings in lambdas
...
Causes error messages like:
error C3493: 'key_id' cannot be implicitly captured because no default capture mode has been specified
2 years ago
Nicolas Werner
b55b5a8321
Fix a few more warnings
2 years ago
Nicolas Werner
09babc91d2
Green is not Svg::green
...
fixes #1203
2 years ago
Loren Burkholder
2aef39fda8
Update some Esperanto translations
2 years ago
Nicolas Werner
42a23e1859
Reduce windows ci warnings
2 years ago
Nicolas Werner
22a6b8ddb4
Properly qualify fmt function
...
Otherwise it conflicts with C++20 fmt.
2 years ago
Nicolas Werner
944e369d50
Fix clazy
2 years ago
DeepBlueV7.X
f8724fdea8
Merge pull request #1198 from rnhmjoj/pr-green
...
Add green theme color, make "error" configurable
2 years ago
Nicolas Werner
b2b2932c98
Fix linting
2 years ago
Nicolas Werner
7ec842ba51
Replace some user visible mentions of spaces
2 years ago
Nicolas Werner
30882d4aa9
Fix wrong file urls
2 years ago
rnhmjoj
f5d5bea840
Add green theme color, make "error" configurable
2 years ago
Nicolas Werner
2a7c6f2d86
Load components on demand
2 years ago
Nicolas Werner
570d7b8b30
Prepare for adding proxy before chat.model
2 years ago
Loren Burkholder
08aa383a62
Remove unnecessary emit
2 years ago
Loren Burkholder
df834ffc48
Various grammar fixes (mostly removing commas)
2 years ago
Loren Burkholder
e78d107558
Add link to repo to show where issues go
2 years ago
Nicolas Werner
78784babd1
Revert accidental animated image change
2 years ago
Nicolas Werner
1ea5449c18
Disable manpage on debian
2 years ago
Nicolas Werner
c34c9f9035
Automatically switch to threading when replying
2 years ago
Nicolas Werner
88cbac1695
Basic threading support
2 years ago
Nicolas Werner
bffa0115d4
Make clazy happy
2 years ago
Nicolas Werner
2fde381a82
Merge branch 'v0.10.2-fixes'
2 years ago
Nicolas Werner
031a129591
Bump version to 0.10.2
2 years ago
Nicolas Werner
67bee15a38
Prevent the homeserver from inserting malicious secrets
...
Correctly verify that the reply to a secrets request is actually coming
from a verified device. While we did verify that it was us who replied,
we didn't properly cancel storing the secret if the sending device was
one of ours but was maliciously inserted by the homeserver and
unverified. We only send secret requests to verified devices in the
first place, so only the homeserver could abuse this issue.
Additionally we protected against malicious secret poisoning by
verifying that the secret is actually the reply to a request. This means
the server only has 2 places where it can poison the secrets:
- After a verification when we automatically request the secrets
- When the user manually hits the request button
It also needs to prevent other secret answers to reach the client first
since we ignore all replies after that one.
The impact of this might be quite severe. It could allow the server to
replace the cross-signing keys silently and while we might not trust
that key, we possibly could trust it in the future if we rely on the
stored secret. Similarly this could potentially be abused to make the
client trust a malicious online key backup.
If your deployment is not patched yet and you don't control your
homeserver, you can protect against this by simply not doing any
verifications of your own devices and not pressing the request button in
the settings menu.
2 years ago
Joseph Donofry
9010acd909
If and Else blocks were backwards
2 years ago
Joseph Donofry
e6bbe74abf
Make sure there are no spaces in the status string
2 years ago
Joseph Donofry
2a72488a32
Add some additional notarization logging
2 years ago
Joseph Donofry
700978c5ec
Accepted... not Approved
2 years ago
Joseph Donofry
d422e42054
apple's service cares about spaces
2 years ago
Joseph Donofry
975364a901
Update requestUUID source
2 years ago
Joseph Donofry
627f30da69
Use notarytool for notarization instead of altool
2 years ago
Joseph Donofry
64391efc3a
Remove expose_as for codesign job
2 years ago
Joseph Donofry
1f42e17a05
Add macos notarize logs as artifacts
2 years ago
Nicolas Werner
8985c2d1d4
Fix infinite loop that can be triggered by some invalid html
2 years ago
Nicolas Werner
051c25d5b8
Allow editing permissions in spaces recursively
2 years ago
Nicolas Werner
0752f9477e
Fix infinite loop that can be triggered by some invalid html
2 years ago
Joseph Donofry
d103f793bf
If and Else blocks were backwards
2 years ago
Joseph Donofry
d7fffa9f46
Make sure there are no spaces in the status string
2 years ago