refactor: allow additional authorized parties in the tokenlogin endpoint#2586
Merged
Junjiequan merged 29 commits intomasterfrom Mar 24, 2026
Merged
refactor: allow additional authorized parties in the tokenlogin endpoint#2586Junjiequan merged 29 commits intomasterfrom
Junjiequan merged 29 commits intomasterfrom
Conversation
Copilot
AI
changed the title
[WIP] Allow additional client(s) in tokenlogin endpoint
Allow additional authorized parties in the tokenlogin endpoint
Mar 4, 2026
Junjiequan
changed the title
Junjiequan
changed the title
Junjiequan
force-pushed
the
copilot/allow-additional-clients-tokenlogin
branch
from
d9026d1 to
bd1ea87
Compare
Junjiequan
force-pushed
the
copilot/allow-additional-clients-tokenlogin
branch
2 times, most recently
from
f087bc9 to
2576f81
Compare
Junjiequan
approved these changes
Mar 23, 2026
Junjiequan
force-pushed
the
copilot/allow-additional-clients-tokenlogin
branch
2 times, most recently
from
4ae4761 to
7722136
Compare
Junjiequan
force-pushed
the
copilot/allow-additional-clients-tokenlogin
branch
from
e05fff0 to
9c3f128
Compare
nitrosx
approved these changes
Mar 24, 2026
Comment on lines
+8
to
+64
| JSON_CONFIG: | | ||
| { | ||
| "interactiveLogin": false, | ||
| "httpServer": "NettyWrapper", | ||
| "tokenCallbacks": [ | ||
| { | ||
| "issuerId": "local-test", | ||
| "tokenExpiry": 3600, | ||
| "requestMappings": [ | ||
| { | ||
| "requestParam": "client_id", | ||
| "match": "scicat-client-test", | ||
| "claims": { | ||
| "sub": "test-username", | ||
| "preferred_username": "test-username", | ||
| "email": "test@test.com", | ||
| "aud": "scicat-client-test", | ||
| "azp": "scicat-client-test" | ||
| } | ||
| }, | ||
| { | ||
| "requestParam": "client_id", | ||
| "match": "additional-authorized-client-test-1", | ||
| "claims": { | ||
| "sub": "test-username", | ||
| "preferred_username": "test-username", | ||
| "email": "test@test.com", | ||
| "aud": "scicat-client-test", | ||
| "azp": "additional-authorized-client-test-1" | ||
| } | ||
| }, | ||
| { | ||
| "requestParam": "client_id", | ||
| "match": "additional-authorized-client-test-2", | ||
| "claims": { | ||
| "sub": "test-username", | ||
| "preferred_username": "test-username", | ||
| "email": "test@test.com", | ||
| "aud": "scicat-client-test", | ||
| "azp": "additional-authorized-client-test-2" | ||
| } | ||
| }, | ||
| { | ||
| "requestParam": "client_id", | ||
| "match": "untrusted-client-test", | ||
| "claims": { | ||
| "sub": "test-username", | ||
| "preferred_username": "test-username", | ||
| "email": "test@test.com", | ||
| "aud": "untrusted-client-test", | ||
| "azp": "untrusted-client-test" | ||
| } | ||
| } | ||
| ] | ||
| } | ||
| ] | ||
| } |
Member
There was a problem hiding this comment.
I wonder if it would make more sense to have this json blob in a separate file?
…DDITIONAL_AUTHORIZED_PARTIES env var Co-authored-by: Junjiequan <78078898+Junjiequan@users.noreply.github.com>
Junjiequan
force-pushed
the
copilot/allow-additional-clients-tokenlogin
branch
from
9c3f128 to
9ce90d0
Compare
Member
|
maybe I am misunderstanding something, but to me the BE will fail whenever started without a valid OIDC issuer, see here |
Member
|
@minottic Could you elaborate a bit? is the test or the change in this PR is causing the issue. If I remember correctly it's either not to provide issuer or provide only correct issuer |
Member
|
yes, sorry. I meant that all tests not run with the compose file that you added in this PR will fail if I am not wrong, as |
Junjiequan
added a commit
that referenced
this pull request
Apr 13, 2026
…2669) * Fixup optimistic concurrency control If the time send by the client is equal to the ressource on the server, the clients updated version is based on servers version with that time. or in other words: the client has taken into account the ressource on the server b/c the client should use the timestamp received with the ressource from the server. from the RFC: > The origin server MUST NOT perform the requested method > if the selected representation's last modification date is more > recent than the date provided in the field-value Client receives t0 Client sends update w/ t0 -> OK Server is on t1 Client received t0 (previously) Client sends update w/ t0 -> FAIL Change-Id: Ibdff18c17a8b43523cec88ac8b9c16a94fd77617 * build(deps-dev): bump @types/node from 25.0.10 to 25.2.0 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.0.10 to 25.2.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.2.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @types/nodemailer from 7.0.5 to 7.0.9 Bumps [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer) from 7.0.5 to 7.0.9. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/nodemailer) --- updated-dependencies: - dependency-name: "@types/nodemailer" dependency-version: 7.0.9 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump globals from 17.1.0 to 17.3.0 Bumps [globals](https://github.com/sindresorhus/globals) from 17.1.0 to 17.3.0. - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](https://github.com/sindresorhus/globals/compare/v17.1.0...v17.3.0) --- updated-dependencies: - dependency-name: globals dependency-version: 17.3.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @typescript-eslint/eslint-plugin Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.53.1 to 8.54.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.54.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.54.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump nodemailer and preview-email Bumps [nodemailer](https://github.com/nodemailer/nodemailer) and [preview-email](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript). These dependencies needed to be updated together. Updates `nodemailer` from 6.10.0 to 7.0.11 - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodemailer/nodemailer/compare/v6.10.0...v7.0.11) Updates `preview-email` from 3.1.0 to 3.1.1 - [Release notes](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/releases) - [Commits](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.0...v3.1.1) --- updated-dependencies: - dependency-name: nodemailer dependency-version: 7.0.11 dependency-type: indirect - dependency-name: preview-email dependency-version: 3.1.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 Bumps @isaacs/brace-expansion from 5.0.0 to 5.0.1. --- updated-dependencies: - dependency-name: "@isaacs/brace-expansion" dependency-version: 5.0.1 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * chore: improve mapper efficiency (#2519) * refactor: add encoding/decoding for samples metadata keys (#2469) * encoding/decoding for samples metadata keys * eslint fix * updated tests * eslint fix x2 * reverted back the generator-tag for openapitools-generator * reverts the change about openapi-generators * encoding/decoding for samples metadata keys * eslint fix * updated tests * eslint fix x2 * reverted back the generator-tag for openapitools-generator * reverts the change about openapi-generators * using bulkWrite for sample and dataset migration scripts * using serializer instead of plainToInstance * wip: fixing test * fixed test --------- Co-authored-by: Abdi Abdulle <abdi.abdulle@ess.eu> * fix(legacy-history): pass plain js object to legacy history adapter (#2521) fix(legacy-history): pass plain js object instead of mongoose document to convertGenericToObsoleteHistories * updated frontend configuration with default columns settings * feat(config): add documentation for frontend configuration options (#2513) * added documentation for frontend config flags * changed from flags to options * changed proposalDefaultTab to defaultTab and also updated the document * fix(migration): revert migration filename change (#2526) * refactor(config): set proposal default tab to details (#2527) set proposal default tab to details * feat: add error string in validate (#2525) * needed changes to FE config * feat: metadata keys collection (#2384) * First draft of schema and dto for metadata keys * Added template for module, controller and service * fix lint and import url * added controller & dto * some lint fix * added migration script * improve migration script * add casl-ability for metadata-key and add missing fields for dto and schema * fix wrong swagger response type for attachment v4 endpoint * added findAll endpoint with casl ability * remove create, update, delete abilities for metadataKeys * remove corresponding action enum from the above commit * fix ApiResponse type for attachment and metadatakeys controller * update default frontend config for more compact table content * add access logic * integrate metadataKeys service with dataset * unit test fix * fix unit test * updated documentation * cleanup unused import * fix typo * create metadatakeys for dataset, instrument, proposal and samples * fix unit test * add unit tests for metadatakeys v4 * refactor metadatakeys service unit test to make it readable * add api test * fix api test * test1 * test2 * test * fix metadatakey api test --------- Co-authored-by: junjiequan <a331998513@gmail.com> * fix: batch bulk writes to avoid OOM (#2528) * fix: add @IsNotEmpty() to sourceFolder to prevent empty string (#2529) * build(deps): bump axios from 1.13.2 to 1.13.5 Bumps [axios](https://github.com/axios/axios) from 1.13.2 to 1.13.5. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.13.2...v1.13.5) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * fixed linting * updated frontend default config * changed filter field to text area in swagger for origdatablocks v4 * fixed linting issues * build(deps): bump qs from 6.14.1 to 6.14.2 Bumps [qs](https://github.com/ljharb/qs) from 6.14.1 to 6.14.2. - [Changelog](https://github.com/ljharb/qs/blob/main/CHANGELOG.md) - [Commits](https://github.com/ljharb/qs/compare/v6.14.1...v6.14.2) --- updated-dependencies: - dependency-name: qs dependency-version: 6.14.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump the nestjs group with 4 updates Bumps the nestjs group with 4 updates: [@nestjs/config](https://github.com/nestjs/config), [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express), [@nestjs/swagger](https://github.com/nestjs/swagger) and [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing). Updates `@nestjs/config` from 4.0.2 to 4.0.3 - [Release notes](https://github.com/nestjs/config/releases) - [Commits](https://github.com/nestjs/config/compare/4.0.2...4.0.3) Updates `@nestjs/platform-express` from 11.1.12 to 11.1.13 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.13/packages/platform-express) Updates `@nestjs/swagger` from 11.2.5 to 11.2.6 - [Release notes](https://github.com/nestjs/swagger/releases) - [Commits](https://github.com/nestjs/swagger/compare/11.2.5...11.2.6) Updates `@nestjs/testing` from 11.1.12 to 11.1.13 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.13/packages/testing) --- updated-dependencies: - dependency-name: "@nestjs/config" dependency-version: 4.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nestjs - dependency-name: "@nestjs/platform-express" dependency-version: 11.1.13 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nestjs - dependency-name: "@nestjs/swagger" dependency-version: 11.2.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nestjs - dependency-name: "@nestjs/testing" dependency-version: 11.1.13 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: nestjs ... Signed-off-by: dependabot[bot] <support@github.com> * changed default content-type order for dataset PATCH * build(deps): bump ajv from 8.17.1 to 8.18.0 Bumps [ajv](https://github.com/ajv-validator/ajv) from 8.17.1 to 8.18.0. - [Release notes](https://github.com/ajv-validator/ajv/releases) - [Commits](https://github.com/ajv-validator/ajv/compare/v8.17.1...v8.18.0) --- updated-dependencies: - dependency-name: ajv dependency-version: 8.18.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @types/nodemailer from 7.0.9 to 7.0.10 Bumps [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer) from 7.0.9 to 7.0.10. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/nodemailer) --- updated-dependencies: - dependency-name: "@types/nodemailer" dependency-version: 7.0.10 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @faker-js/faker from 10.2.0 to 10.3.0 Bumps [@faker-js/faker](https://github.com/faker-js/faker) from 10.2.0 to 10.3.0. - [Release notes](https://github.com/faker-js/faker/releases) - [Changelog](https://github.com/faker-js/faker/blob/next/CHANGELOG.md) - [Commits](https://github.com/faker-js/faker/compare/v10.2.0...v10.3.0) --- updated-dependencies: - dependency-name: "@faker-js/faker" dependency-version: 10.3.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump dotenv from 17.2.3 to 17.3.1 Bumps [dotenv](https://github.com/motdotla/dotenv) from 17.2.3 to 17.3.1. - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](https://github.com/motdotla/dotenv/compare/v17.2.3...v17.3.1) --- updated-dependencies: - dependency-name: dotenv dependency-version: 17.3.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump mathjs from 15.1.0 to 15.1.1 Bumps [mathjs](https://github.com/josdejong/mathjs) from 15.1.0 to 15.1.1. - [Changelog](https://github.com/josdejong/mathjs/blob/develop/HISTORY.md) - [Commits](https://github.com/josdejong/mathjs/compare/v15.1.0...v15.1.1) --- updated-dependencies: - dependency-name: mathjs dependency-version: 15.1.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump jsonpath-plus from 10.3.0 to 10.4.0 Bumps [jsonpath-plus](https://github.com/s3u/JSONPath) from 10.3.0 to 10.4.0. - [Release notes](https://github.com/s3u/JSONPath/releases) - [Changelog](https://github.com/JSONPath-Plus/JSONPath/blob/main/CHANGES.md) - [Commits](https://github.com/s3u/JSONPath/compare/v10.3.0...v10.4.0) --- updated-dependencies: - dependency-name: jsonpath-plus dependency-version: 10.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * remove metadata keys endpoint migration script * feat(auth): implement tokenlogin endpoint (#2531) * created auth providers folder and moved access-group-provider to the providers folder with updated import path * created openid-client provider service and cleaned up old flow * revert path change * revert path change for access-grou-provider * 1. created openid-client module and moved oidc auth logic within the module 2. installed nestJS throttlerModule to control oidc/token endpoint rate limit * remove duplicated openid auth logic from client service * typo fix * client secret is not mandatory * fix failing unit test * add oidc token login unit test * build(deps-dev): bump @typescript-eslint/eslint-plugin Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.54.0 to 8.56.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.56.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.56.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump wait-on from 9.0.3 to 9.0.4 Bumps [wait-on](https://github.com/jeffbski/wait-on) from 9.0.3 to 9.0.4. - [Release notes](https://github.com/jeffbski/wait-on/releases) - [Commits](https://github.com/jeffbski/wait-on/compare/v9.0.3...v9.0.4) --- updated-dependencies: - dependency-name: wait-on dependency-version: 9.0.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @types/nodemailer from 7.0.10 to 7.0.11 Bumps [@types/nodemailer](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/nodemailer) from 7.0.10 to 7.0.11. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/nodemailer) --- updated-dependencies: - dependency-name: "@types/nodemailer" dependency-version: 7.0.11 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @stylistic/eslint-plugin from 5.7.1 to 5.9.0 Bumps [@stylistic/eslint-plugin](https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin) from 5.7.1 to 5.9.0. - [Release notes](https://github.com/eslint-stylistic/eslint-stylistic/releases) - [Changelog](https://github.com/eslint-stylistic/eslint-stylistic/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint-stylistic/eslint-stylistic/commits/v5.9.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@stylistic/eslint-plugin" dependency-version: 5.9.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump rimraf from 6.1.2 to 6.1.3 Bumps [rimraf](https://github.com/isaacs/rimraf) from 6.1.2 to 6.1.3. - [Changelog](https://github.com/isaacs/rimraf/blob/main/CHANGELOG.md) - [Commits](https://github.com/isaacs/rimraf/compare/v6.1.2...v6.1.3) --- updated-dependencies: - dependency-name: rimraf dependency-version: 6.1.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump the nestjs group with 3 updates Bumps the nestjs group with 3 updates: [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express), [@nestjs/terminus](https://github.com/nestjs/terminus) and [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing). Updates `@nestjs/platform-express` from 11.1.13 to 11.1.14 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.14/packages/platform-express) Updates `@nestjs/terminus` from 11.0.0 to 11.1.1 - [Release notes](https://github.com/nestjs/terminus/releases) - [Changelog](https://github.com/nestjs/terminus/blob/master/CHANGELOG.md) - [Commits](https://github.com/nestjs/terminus/compare/11.0.0...11.1.1) Updates `@nestjs/testing` from 11.1.13 to 11.1.14 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.14/packages/testing) --- updated-dependencies: - dependency-name: "@nestjs/platform-express" dependency-version: 11.1.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nestjs - dependency-name: "@nestjs/terminus" dependency-version: 11.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nestjs - dependency-name: "@nestjs/testing" dependency-version: 11.1.14 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: nestjs ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump bn.js from 4.12.2 to 4.12.3 Bumps [bn.js](https://github.com/indutny/bn.js) from 4.12.2 to 4.12.3. - [Release notes](https://github.com/indutny/bn.js/releases) - [Changelog](https://github.com/indutny/bn.js/blob/master/CHANGELOG.md) - [Commits](https://github.com/indutny/bn.js/compare/v4.12.2...v4.12.3) --- updated-dependencies: - dependency-name: bn.js dependency-version: 4.12.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump minimatch from 3.1.2 to 3.1.4 Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.1.2 to 3.1.4. - [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md) - [Commits](https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.4) --- updated-dependencies: - dependency-name: minimatch dependency-version: 3.1.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * fix: update ESLint rules and fix malfunctioning unit test for attachment v4 controller (#2568) * fix: update ESLint rules and fix malfunctioning unit test for attachment v4 controller * partially fix es lint error & skips lint check for test files * remove unnecessary job step * docs(frontend-config): update frontend config documentation (#2535) * update frontend config option descriptions and mark deprecated options * added options related to detailed documentations * ci: only pull ES image if enabled (#2567) * build(deps-dev): bump @eslint/eslintrc from 3.3.3 to 3.3.4 Bumps [@eslint/eslintrc](https://github.com/eslint/eslintrc) from 3.3.3 to 3.3.4. - [Release notes](https://github.com/eslint/eslintrc/releases) - [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslintrc/compare/eslintrc-v3.3.3...eslintrc-v3.3.4) --- updated-dependencies: - dependency-name: "@eslint/eslintrc" dependency-version: 3.3.4 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @types/lodash from 4.17.23 to 4.17.24 Bumps [@types/lodash](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash) from 4.17.23 to 4.17.24. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/lodash) --- updated-dependencies: - dependency-name: "@types/lodash" dependency-version: 4.17.24 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @types/node from 25.2.0 to 25.3.3 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.2.0 to 25.3.3. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.3.3 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @typescript-eslint/eslint-plugin Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.56.0 to 8.56.1. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.56.1/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.56.1 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump globals from 17.3.0 to 17.4.0 Bumps [globals](https://github.com/sindresorhus/globals) from 17.3.0 to 17.4.0. - [Release notes](https://github.com/sindresorhus/globals/releases) - [Commits](https://github.com/sindresorhus/globals/compare/v17.3.0...v17.4.0) --- updated-dependencies: - dependency-name: globals dependency-version: 17.4.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump actions/upload-artifact from 6 to 7 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump actions/download-artifact from 7 to 8 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 7 to 8. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v7...v8) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @types/supertest from 6.0.3 to 7.2.0 Bumps [@types/supertest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/supertest) from 6.0.3 to 7.2.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/supertest) --- updated-dependencies: - dependency-name: "@types/supertest" dependency-version: 7.2.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * fix: stricter date validation for encode * fix: avoid register endpoint to override nested * fix: datablock find forwards correct id (#2590) * build(deps): bump multer and @nestjs/platform-express Bumps [multer](https://github.com/expressjs/multer) to 2.1.1 and updates ancestor dependency [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express). These dependencies need to be updated together. Updates `multer` from 2.0.2 to 2.1.1 - [Release notes](https://github.com/expressjs/multer/releases) - [Changelog](https://github.com/expressjs/multer/blob/main/CHANGELOG.md) - [Commits](https://github.com/expressjs/multer/compare/v2.0.2...v2.1.1) Updates `@nestjs/platform-express` from 11.1.14 to 11.1.16 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.16/packages/platform-express) --- updated-dependencies: - dependency-name: multer dependency-version: 2.1.1 dependency-type: indirect - dependency-name: "@nestjs/platform-express" dependency-version: 11.1.16 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * refactor: remove unused code using Action.DatasetReadManyOwner * build(deps-dev): bump @types/node from 25.3.3 to 25.3.5 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.3.3 to 25.3.5. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.3.5 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @stylistic/eslint-plugin from 5.9.0 to 5.10.0 Bumps [@stylistic/eslint-plugin](https://github.com/eslint-stylistic/eslint-stylistic/tree/HEAD/packages/eslint-plugin) from 5.9.0 to 5.10.0. - [Release notes](https://github.com/eslint-stylistic/eslint-stylistic/releases) - [Changelog](https://github.com/eslint-stylistic/eslint-stylistic/blob/v5.10.0/CHANGELOG.md) - [Commits](https://github.com/eslint-stylistic/eslint-stylistic/commits/v5.10.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@stylistic/eslint-plugin" dependency-version: 5.10.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @eslint/eslintrc from 3.3.4 to 3.3.5 Bumps [@eslint/eslintrc](https://github.com/eslint/eslintrc) from 3.3.4 to 3.3.5. - [Release notes](https://github.com/eslint/eslintrc/releases) - [Changelog](https://github.com/eslint/eslintrc/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslintrc/compare/eslintrc-v3.3.4...eslintrc-v3.3.5) --- updated-dependencies: - dependency-name: "@eslint/eslintrc" dependency-version: 3.3.5 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump class-validator from 0.14.3 to 0.15.1 Bumps [class-validator](https://github.com/typestack/class-validator) from 0.14.3 to 0.15.1. - [Release notes](https://github.com/typestack/class-validator/releases) - [Changelog](https://github.com/typestack/class-validator/blob/develop/CHANGELOG.md) - [Commits](https://github.com/typestack/class-validator/compare/v0.14.3...v0.15.1) --- updated-dependencies: - dependency-name: class-validator dependency-version: 0.15.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @nestjs/testing in the nestjs group Bumps the nestjs group with 1 update: [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing). Updates `@nestjs/testing` from 11.1.14 to 11.1.16 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.16/packages/testing) --- updated-dependencies: - dependency-name: "@nestjs/testing" dependency-version: 11.1.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: nestjs ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump sinon from 21.0.1 to 21.0.2 Bumps [sinon](https://github.com/sinonjs/sinon) from 21.0.1 to 21.0.2. - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md) - [Commits](https://github.com/sinonjs/sinon/compare/v21.0.1...v21.0.2) --- updated-dependencies: - dependency-name: sinon dependency-version: 21.0.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump docker/build-push-action from 6 to 7 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6 to 7. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v6...v7) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump docker/login-action from 3 to 4 Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump docker/setup-buildx-action from 3 to 4 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump docker/metadata-action from 5 to 6 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5 to 6. - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/v5...v6) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump docker/setup-qemu-action from 3 to 4 Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3 to 4. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v3...v4) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump liquidjs from 10.21.0 to 10.25.0 Bumps [liquidjs](https://github.com/harttle/liquidjs) from 10.21.0 to 10.25.0. - [Release notes](https://github.com/harttle/liquidjs/releases) - [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md) - [Commits](https://github.com/harttle/liquidjs/compare/v10.21.0...v10.25.0) --- updated-dependencies: - dependency-name: liquidjs dependency-version: 10.25.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * only add https if needed to landingpage * fix: eslint errors due to new version * build(deps): bump undici from 6.23.0 to 6.24.0 Bumps [undici](https://github.com/nodejs/undici) from 6.23.0 to 6.24.0. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v6.23.0...v6.24.0) --- updated-dependencies: - dependency-name: undici dependency-version: 6.24.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump jest from 30.2.0 to 30.3.0 Bumps [jest](https://github.com/jestjs/jest/tree/HEAD/packages/jest) from 30.2.0 to 30.3.0. - [Release notes](https://github.com/jestjs/jest/releases) - [Changelog](https://github.com/jestjs/jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jestjs/jest/commits/v30.3.0/packages/jest) --- updated-dependencies: - dependency-name: jest dependency-version: 30.3.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @typescript-eslint/eslint-plugin Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.56.1 to 8.57.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.57.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump the nestjs group with 2 updates Bumps the nestjs group with 2 updates: [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express) and [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing). Updates `@nestjs/platform-express` from 11.1.16 to 11.1.17 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.17/packages/platform-express) Updates `@nestjs/testing` from 11.1.16 to 11.1.17 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.17/packages/testing) --- updated-dependencies: - dependency-name: "@nestjs/platform-express" dependency-version: 11.1.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nestjs - dependency-name: "@nestjs/testing" dependency-version: 11.1.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: nestjs ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump sinon from 21.0.2 to 21.0.3 Bumps [sinon](https://github.com/sinonjs/sinon) from 21.0.2 to 21.0.3. - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md) - [Commits](https://github.com/sinonjs/sinon/compare/v21.0.2...v21.0.3) --- updated-dependencies: - dependency-name: sinon dependency-version: 21.0.3 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @types/node from 25.3.5 to 25.5.0 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.3.5 to 25.5.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.5.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump eslint from 9.39.2 to 10.0.3 Bumps [eslint](https://github.com/eslint/eslint) from 9.39.2 to 10.0.3. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/compare/v9.39.2...v10.0.3) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.0.3 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * docs(statusBanner): update frontend config with statusBanner (#2620) * build(deps-dev): bump flatted from 3.3.3 to 3.4.2 Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.3 to 3.4.2. - [Commits](https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2) --- updated-dependencies: - dependency-name: flatted dependency-version: 3.4.2 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * feat(config): add sort property for columns default list settings (#2587) added sort property * build(deps-dev): bump @typescript-eslint/parser from 8.57.0 to 8.57.1 Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 8.57.0 to 8.57.1. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.1/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-version: 8.57.1 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump eslint from 10.0.3 to 10.1.0 Bumps [eslint](https://github.com/eslint/eslint) from 10.0.3 to 10.1.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/compare/v10.0.3...v10.1.0) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.1.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @typescript-eslint/eslint-plugin Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.57.0 to 8.57.1. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.1/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.57.1 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump @nestjs-modules/mailer in the nestjs group Bumps the nestjs group with 1 update: [@nestjs-modules/mailer](https://github.com/nest-modules/mailer). Updates `@nestjs-modules/mailer` from 2.0.2 to 2.3.0 - [Release notes](https://github.com/nest-modules/mailer/releases) - [Commits](https://github.com/nest-modules/mailer/compare/v2.0.2...@nestjs-modules/mailer@2.3.0) --- updated-dependencies: - dependency-name: "@nestjs-modules/mailer" dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: nestjs ... Signed-off-by: dependabot[bot] <support@github.com> * fix: update import path for nestjs mailer after package version update (#2631) fix import path for nestjs mailer after package version update * build(deps): bump glob from 10.4.5 to 10.5.0 Bumps [glob](https://github.com/isaacs/node-glob) from 10.4.5 to 10.5.0. - [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md) - [Commits](https://github.com/isaacs/node-glob/compare/v10.4.5...v10.5.0) --- updated-dependencies: - dependency-name: glob dependency-version: 10.5.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * fix: package lockfile * refactor: allow additional authorized parties in the tokenlogin endpoint (#2586) * Allow additional authorized parties in tokenlogin endpoint via OIDC_ADDITIONAL_AUTHORIZED_PARTIES env var Co-authored-by: Junjiequan <78078898+Junjiequan@users.noreply.github.com> * es lint fix * add e2e test for oidc * add --wait for coantiners ready * test * test2 * test * fix mount path * test * cp local-test-realm * disable health check for keycloack * fix health check command * test * test * test * test * test * test * move oauth test from jest to mocha * remove keycloak from docker compose local * enable Oauth test only for github runner * user auth-mock-server instead of real keycloack * remove mount * import mock-oauth2-server * test * clean up * update doc * minor clean up * use correct syntax for health check * fix import path for nestjs mailer after package version update --------- Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com> Co-authored-by: Junjiequan <78078898+Junjiequan@users.noreply.github.com> Co-authored-by: junjiequan <a331998513@gmail.com> * fix: move oauth mock test env variables to CI (#2633) * BREAKING CHANGE: migrate elasticsearch to opensearch (#2562) * renaming elasticSearch to Opensearch * refactor opensearch query logic * load settings & mappings from json file * Set opensearchService optional in datasetService * fix unit test * update api test for opensearch * fix opensearch api test * added missing host for api test * fix api test * isIndexExists to return boolean value instead of body & fix opensearch API test * revert removed testData * fix api test * update unit tests * minor type correction for createFullfacetPipeline * add interface IDatasetOpenSearchPipeline for opensearch fullfacet pipe builder * remove unused configs & update env example * remove unused compose files & replace es image from all compose files & replace ES envs with OS envs * fix for permission filter * update default OS password for local development and remove .env.opensearch file * correct prepare:local command * update opensearch doc * update documentation * add api test for search query * centralize os query condition in one place * test1 * test * change dataset name in TestData.js used for api test * add OPENSEARCH_REFRESH="wait_for" for API test * avoid multi os config loading * run os connection retry on background * remove isAdmin * fix os api test * add bulk sync * user cursor for data sync * default dataSyncBatchSize to 1000 * added dataset opensearch dto * minor text change * add excludeExtraneousValues ot plainToInstance * update package * fix for inconsistant mongodb version across different packages * fix unit test * Use correct PickType for dataset-opensearch dto * build(deps): bump nodemailer from 8.0.3 to 8.0.4 Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 8.0.3 to 8.0.4. - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.4) --- updated-dependencies: - dependency-name: nodemailer dependency-version: 8.0.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump handlebars from 4.7.8 to 4.7.9 Bumps [handlebars](https://github.com/handlebars-lang/handlebars.js) from 4.7.8 to 4.7.9. - [Release notes](https://github.com/handlebars-lang/handlebars.js/releases) - [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md) - [Commits](https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9) --- updated-dependencies: - dependency-name: handlebars dependency-version: 4.7.9 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * feat(publish): add support for ajv custom dynamicDefaults and keywords (#2569) * build(deps-dev): bump brace-expansion from 1.1.12 to 1.1.13 Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.12 to 1.1.13. - [Release notes](https://github.com/juliangruber/brace-expansion/releases) - [Commits](https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13) --- updated-dependencies: - dependency-name: brace-expansion dependency-version: 1.1.13 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump @nestjs-modules/mailer in the nestjs group Bumps the nestjs group with 1 update: [@nestjs-modules/mailer](https://github.com/nest-modules/mailer). Updates `@nestjs-modules/mailer` from 2.3.0 to 2.3.4 - [Release notes](https://github.com/nest-modules/mailer/releases) - [Commits](https://github.com/nest-modules/mailer/compare/@nestjs-modules/mailer@2.3.0...@nestjs-modules/mailer@2.3.4) --- updated-dependencies: - dependency-name: "@nestjs-modules/mailer" dependency-version: 2.3.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nestjs ... Signed-off-by: dependabot[bot] <support@github.com> * build: update package-lock (#2643) * build(deps): bump amqplib from 0.10.9 to 1.0.2 Bumps [amqplib](https://github.com/amqp-node/amqplib) from 0.10.9 to 1.0.2. - [Release notes](https://github.com/amqp-node/amqplib/releases) - [Changelog](https://github.com/amqp-node/amqplib/blob/main/CHANGELOG.md) - [Commits](https://github.com/amqp-node/amqplib/compare/v0.10.9...v1.0.2) --- updated-dependencies: - dependency-name: amqplib dependency-version: 1.0.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump dependabot/fetch-metadata from 2.5.0 to 3.0.0 Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 2.5.0 to 3.0.0. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v2.5.0...v3.0.0) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump geekyeggo/delete-artifact from 5 to 6 Bumps [geekyeggo/delete-artifact](https://github.com/geekyeggo/delete-artifact) from 5 to 6. - [Release notes](https://github.com/geekyeggo/delete-artifact/releases) - [Changelog](https://github.com/GeekyEggo/delete-artifact/blob/main/CHANGELOG.md) - [Commits](https://github.com/geekyeggo/delete-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: geekyeggo/delete-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump actions/create-github-app-token from 2 to 3 Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2 to 3. - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump the nestjs group with 4 updates Bumps the nestjs group with 4 updates: [@nestjs/platform-express](https://github.com/nestjs/nest/tree/HEAD/packages/platform-express), [@nestjs/cli](https://github.com/nestjs/nest-cli), [@nestjs/schematics](https://github.com/nestjs/schematics) and [@nestjs/testing](https://github.com/nestjs/nest/tree/HEAD/packages/testing). Updates `@nestjs/platform-express` from 11.1.17 to 11.1.18 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.18/packages/platform-express) Updates `@nestjs/cli` from 11.0.16 to 11.0.17 - [Release notes](https://github.com/nestjs/nest-cli/releases) - [Commits](https://github.com/nestjs/nest-cli/compare/11.0.16...11.0.17) Updates `@nestjs/schematics` from 11.0.9 to 11.0.10 - [Release notes](https://github.com/nestjs/schematics/releases) - [Commits](https://github.com/nestjs/schematics/compare/11.0.9...11.0.10) Updates `@nestjs/testing` from 11.1.17 to 11.1.18 - [Release notes](https://github.com/nestjs/nest/releases) - [Commits](https://github.com/nestjs/nest/commits/v11.1.18/packages/testing) --- updated-dependencies: - dependency-name: "@nestjs/platform-express" dependency-version: 11.1.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nestjs - dependency-name: "@nestjs/cli" dependency-version: 11.0.17 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: nestjs - dependency-name: "@nestjs/schematics" dependency-version: 11.0.10 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: nestjs - dependency-name: "@nestjs/testing" dependency-version: 11.1.18 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: nestjs ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @typescript-eslint/parser from 8.57.2 to 8.58.0 Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 8.57.2 to 8.58.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-version: 8.58.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump amqplib from 1.0.2 to 1.0.3 Bumps [amqplib](https://github.com/amqp-node/amqplib) from 1.0.2 to 1.0.3. - [Release notes](https://github.com/amqp-node/amqplib/releases) - [Changelog](https://github.com/amqp-node/amqplib/blob/main/CHANGELOG.md) - [Commits](https://github.com/amqp-node/amqplib/compare/v1.0.2...v1.0.3) --- updated-dependencies: - dependency-name: amqplib dependency-version: 1.0.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump dotenv from 17.3.1 to 17.4.1 Bumps [dotenv](https://github.com/motdotla/dotenv) from 17.3.1 to 17.4.1. - [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md) - [Commits](https://github.com/motdotla/dotenv/compare/v17.3.1...v17.4.1) --- updated-dependencies: - dependency-name: dotenv dependency-version: 17.4.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump lodash from 4.17.23 to 4.18.1 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.23...4.18.1) --- updated-dependencies: - dependency-name: lodash dependency-version: 4.18.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @types/node from 25.5.0 to 25.5.2 Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.5.0 to 25.5.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.5.2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump eslint from 10.1.0 to 10.2.0 Bumps [eslint](https://github.com/eslint/eslint) from 10.1.0 to 10.2.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/compare/v10.1.0...v10.2.0) --- updated-dependencies: - dependency-name: eslint dependency-version: 10.2.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump ts-loader from 9.5.4 to 9.5.7 Bumps [ts-loader](https://github.com/TypeStrong/ts-loader) from 9.5.4 to 9.5.7. - [Release notes](https://github.com/TypeStrong/ts-loader/releases) - [Changelog](https://github.com/TypeStrong/ts-loader/blob/main/CHANGELOG.md) - [Commits](https://github.com/TypeStrong/ts-loader/compare/v9.5.4...v9.5.7) --- updated-dependencies: - dependency-name: ts-loader dependency-version: 9.5.7 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump ts-jest from 29.4.6 to 29.4.9 Bumps [ts-jest](https://github.com/kulshekhar/ts-jest) from 29.4.6 to 29.4.9. - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.4.6...v29.4.9) --- updated-dependencies: - dependency-name: ts-jest dependency-version: 29.4.9 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps-dev): bump @typescript-eslint/eslint-plugin Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 8.57.2 to 8.58.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.0/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.58.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * feat: rest api provider for access groups (#2558) * REST API Provider for Access Groups * Update logs to match the used standard * update the package lock json * typo fixe * build(deps): bump liquidjs from 10.25.1 to 10.25.5 Bumps [liquidjs](https://github.com/harttle/liquidjs) from 10.25.1 to 10.25.5. - [Release notes](https://github.com/harttle/liquidjs/releases) - [Changelog](https://github.com/harttle/liquidjs/blob/master/CHANGELOG.md) - [Commits](https://github.com/harttle/liquidjs/compare/v10.25.1...v10.25.5) --- updated-dependencies: - dependency-name: liquidjs dependency-version: 10.25.5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * build(deps): bump nodemailer and preview-email Bumps [nodemailer](https://github.com/nodemailer/nodemailer) and [preview-email](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript). These dependencies needed to be updated together. Updates `nodemailer` from 8.0.3 to 8.0.5 - [Release notes](https://github.com/nodemailer/nodemailer/releases) - [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodemailer/nodemailer/compare/v8.0.3...v8.0.5) Updates `preview-email` from 3.1.1 to 3.1.3 - [Release notes](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/releases) - [Commits](https://github.com/forwardemail/test-preview-emails-cross-browsers-ios-simulator-nodejs-javascript/compare/v3.1.1...v3.1.3) --- updated-dependencies: - dependency-name: nodemailer dependency-version: 8.0.5 dependency-type: indirect - dependency-name: preview-email dependency-version: 3.1.3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * feat: update relationship schema (#2661) * build(deps): bump axios from 1.13.6 to 1.15.0 Bumps [axios](https://github.com/axios/axios) from 1.13.6 to 1.15.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.13.6...v1.15.0) --- updated-dependencies: - dependency-name: axios dependency-version: 1.15.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * docs: add description for `/publisheddata/config` endpoint (#2665) * build(deps): bump mathjs from 15.1.1 to 15.2.0 Bumps [mathjs](https://github.com/josdejong/mathjs) from 15.1.1 to 15.2.0. - [Changelog](https://github.com/josdejong/mathjs/blob/develop/HISTORY.md) - [Commits](https://github.com/josdejong/mathjs/compare/v15.1.1...v15.2.0) --- updated-dependencies: - dependency-name: mathjs dependency-version: 15.2.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * feat: update package version to 5.0.0 (#2668) feat: update package version --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Christian Felder <c.felder@fz-juelich.de> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Carlo Minotti <50220438+minottic@users.noreply.github.com> Co-authored-by: abdimo101 <abdi.abdulle@outlook.dk> Co-authored-by: Abdi Abdulle <abdi.abdulle@ess.eu> Co-authored-by: Omkar Zade <omkar.zade@psi.ch> Co-authored-by: Max Novelli <max.novelli@ess.eu> Co-authored-by: fpotier <58594145+fpotier@users.noreply.github.com> Co-authored-by: minottic <carlo.minotti1@gmail.com> Co-authored-by: Emil Gunnarsson <emil.gunnarsson@maxiv.lu.se> Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com> Co-authored-by: AB <71728199+abdellah257@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The
tokenloginendpoint only validated ID tokens issued for the configured scicat OIDC client. Public IdP clients (e.g. a Keycloak public client) could not be used because theirazpclaim wouldn't match.Changes
src/config/configuration.ts: AddedadditionalAuthorizedPartiesto theoidcconfig block, parsed from a newOIDC_ADDITIONAL_AUTHORIZED_PARTIESenv var (comma-separated list of client IDs).src/common/openid-client/openid-client.service.ts: PassesadditionalAuthorizedPartiesas the third argument tonew issuer.Client()when configured, enabling validation of tokens whereazpis a public client butaudincludes the scicat client.Example
Tokens of the following shape will now be accepted:
{ "aud": "scicat-client-id", "azp": "my-public-client" }Multiple clients are supported via comma-separation:
client1,client2.Warning
Firewall rules blocked me from connecting to one or more addresses (expand for details)
I tried to connect to the following addresses, but was blocked by firewall rules:
scarf.sh/home/REDACTED/work/_temp/ghcca-node/node/bin/node node ./report.js(dns block)If you need me to access, download, or install something from one of these locations, you can either:
Original prompt
🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.