Fixes#482
While the solution isn't ideal, there isn't much more to do, other than not using a JS framework to render HTML, as per https://bugzilla.mozilla.org/show_bug.cgi?id=1324255
This also fixes some text on the web extension build, to make it clearer Edge is also supported.
* Checksums - Allow anyone to confirm source and delivered code
For now this only has the initial step on making CSP stricter so we can use it to parse through used files.
Very much WIP for now, but now it should just be a matter of writing up concise docs on how to go through the process, after generating and publishing the checksums via CI as well.
Related to #331
* Lint!
* Add more instructions and CI to build checksums.
* Fix typo and lint
* Remove CSP package dependency, build it manually.
Update commands in docs, fix web extension release.
* Tweak docs and webpack. CI still isn't producing a matching checksum, though.
* Tweak docs for web checksums, add debugging in the checksum action, make it faster, temporarily.
* Fix web checksum, add checksums and instructions for everything else
Closes#467
* Fix tauri release + macos sha256sum
* Remove .app checksum, since it's a directory and checksum'ing the .tar.gz seems strange.
* Properly indent + fix sha256sum results (and windows line endings problem)
* Include PWA for release, add instructions to change filenames when checksum fails.
* Include _everything_ in the CSP now, and tweak the verification script and checksum build to also include everything, now.
Still requires changes in the way to verify a published web app, where I'll have to write a script to parse through the whole CSP now.
* Add TypeScript (Deno) script to parse through CSP and download matched files.
Also update docs.
* Tweak web checksum examples.
* Remove content hashes from font files.
* Try sorting files before adding to CSP, to enforce consistency.
Now both instances will be deployed automatically, while still allowing us to deploy a single one with a specific branch via UI (from the private `devops` repo).
Add a proper implementation of StripeProvisioner, which builds on BasicProvisioner and derives provisioning profiles from Stripe subscriptions. There's been some refactoring of the core provisioning logic as well.
This finishes the e2e login test, and adds lock/unlock testing.
It also fixes an error the locking test caught (for accounts with no items), and caching of node_modules when testing, for faster results.
This adds the first e2e test via [cypress](https://cypress.io). It's still incomplete, but it was a bit of a pain to figure out the shadow dom stuff.
The next step is to force a specific verification code when running via tests so the test can progress.
This fixes the existing tests and enables them for the "basic" CI run on every push.
Some tests/files had to be completely commented out because they're very outdated, and I'd rather fix those in separate PRs.
* CI: Full Release
This implements a full release action that takes care of creating a tag, release, then building and uploading builds for all targets.