Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: ory/meta
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: kg-remove-double-tabs
Choose a base ref
...
head repository: ory/meta
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Able to merge. These branches can be automatically merged.

Commits on Oct 6, 2022

  1. Copy the full SHA
    50c6554 View commit details
  2. Copy the full SHA
    23d918a View commit details

Commits on Oct 19, 2022

  1. docs: rename

    aeneasr committed Oct 19, 2022
    Copy the full SHA
    6ab5ce6 View commit details

Commits on Oct 26, 2022

  1. chore(doc): add dyrector.io to adopters (#196)

    Levente Orban authored Oct 26, 2022
    Copy the full SHA
    4a68ca0 View commit details

Commits on Nov 1, 2022

  1. Copy the full SHA
    852a1ae View commit details

Commits on Nov 2, 2022

  1. Copy the full SHA
    b41b1ee View commit details
  2. Copy the full SHA
    a2fba7e View commit details
  3. Copy the full SHA
    ea86906 View commit details
  4. Copy the full SHA
    d3f8710 View commit details
  5. Copy the full SHA
    9f57fec View commit details
  6. feat: add node

    aeneasr committed Nov 2, 2022
    Copy the full SHA
    edac2f7 View commit details
  7. feat: update node

    aeneasr committed Nov 2, 2022
    Copy the full SHA
    d6fc88a View commit details

Commits on Nov 3, 2022

  1. Copy the full SHA
    6be34ae View commit details
  2. Copy the full SHA
    816e68c View commit details

Commits on Nov 8, 2022

  1. Copy the full SHA
    47569d9 View commit details

Commits on Dec 23, 2022

  1. docs: add new adopters (#205)

    vinckr authored Dec 23, 2022
    Copy the full SHA
    a1264fa View commit details

Commits on Dec 29, 2022

  1. fix: remove web from sync

    aeneasr authored Dec 29, 2022
    Copy the full SHA
    a79e317 View commit details

Commits on Jan 1, 2023

  1. Copy the full SHA
    504b939 View commit details
  2. fix: spellcheck issues

    aeneasr committed Jan 1, 2023
    Copy the full SHA
    fbd0d30 View commit details

Commits on Jan 30, 2023

  1. docs: pinniped adopter (#207)

    vinckr authored Jan 30, 2023
    Copy the full SHA
    f1ac396 View commit details

Commits on Apr 17, 2023

  1. Copy the full SHA
    3421e61 View commit details

Commits on Jun 26, 2023

  1. fix: revamp adopters.md (#212)

    * fix: revamp adopters.md
    
    * fix: format prettier
    vinckr authored Jun 26, 2023
    Copy the full SHA
    a8672f3 View commit details

Commits on Jul 31, 2023

  1. fix: update coc (#213)

    vinckr authored Jul 31, 2023
    Copy the full SHA
    46ec362 View commit details

Commits on Aug 3, 2023

  1. Copy the full SHA
    af28aff View commit details
  2. fix: remove prettier-styles

    aeneasr committed Aug 3, 2023
    Copy the full SHA
    0ba3d6e View commit details
  3. Copy the full SHA
    12c655c View commit details
  4. Copy the full SHA
    2c1b6f1 View commit details
  5. Copy the full SHA
    697d3d3 View commit details

Commits on Aug 7, 2023

  1. Copy the full SHA
    ac80097 View commit details
  2. Copy the full SHA
    c78ed23 View commit details

Commits on Aug 10, 2023

  1. Copy the full SHA
    357a400 View commit details

Commits on May 22, 2024

  1. Copy the full SHA
    e838bee View commit details

Commits on Jul 4, 2024

  1. chore(deps-dev): bump braces from 3.0.2 to 3.0.3 (#220)

    Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
    - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
    - [Commits](micromatch/braces@3.0.2...3.0.3)
    
    ---
    updated-dependencies:
    - dependency-name: braces
      dependency-type: indirect
    ...
    
    Signed-off-by: dependabot[bot] <support@github.com>
    Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
    dependabot[bot] authored Jul 4, 2024
    Copy the full SHA
    0861d05 View commit details

Commits on Aug 22, 2024

  1. Copy the full SHA
    95e82c6 View commit details
  2. Copy the full SHA
    297c8a5 View commit details

Commits on Aug 27, 2024

  1. chore: trigger ci

    aeneasr committed Aug 27, 2024
    Copy the full SHA
    43af518 View commit details
  2. Copy the full SHA
    388dbc3 View commit details
  3. chore: format everything

    aeneasr committed Aug 27, 2024
    Copy the full SHA
    939b80f View commit details
  4. fix: remove toc

    aeneasr committed Aug 27, 2024
    Copy the full SHA
    3cf0f00 View commit details
  5. docs: update report section

    aeneasr committed Aug 27, 2024
    Copy the full SHA
    4132def View commit details
  6. docs: move contact section

    aeneasr committed Aug 27, 2024
    Copy the full SHA
    fe4ffe0 View commit details

Commits on Nov 8, 2024

  1. Copy the full SHA
    153ada5 View commit details

Commits on Dec 4, 2024

  1. Copy the full SHA
    1af2225 View commit details

Commits on Dec 27, 2024

  1. Copy the full SHA
    000f213 View commit details

Commits on Dec 30, 2024

  1. Copy the full SHA
    7ba4064 View commit details
  2. Copy the full SHA
    cbb120b View commit details
  3. feat: push to all repos

    aeneasr committed Dec 30, 2024
    Copy the full SHA
    a331cc0 View commit details
  4. fix: formatting

    aeneasr committed Dec 30, 2024
    Copy the full SHA
    82777ca View commit details
  5. fix: missing exclusion check

    aeneasr committed Dec 30, 2024
    Copy the full SHA
    e3de57e View commit details
  6. fix: secrets

    aeneasr committed Dec 30, 2024
    Copy the full SHA
    d81347e View commit details
Showing with 1,471 additions and 289 deletions.
  1. +3 −0 .github/workflows/format.yml
  2. +32 −0 .github/workflows/licenses.yml
  3. +2 −2 .github/workflows/sync.yml
  4. +3 −3 .github/workflows/test.yml
  5. +1 −0 .gitignore
  6. +1 −11 CONTRIBUTING.md
  7. +47 −8 Makefile
  8. +48 −34 SECURITY.md
  9. +2 −1 install.sh
  10. +599 −34 package-lock.json
  11. +1 −0 package.json
  12. +133 −77 scripts/sync.sh
  13. +13 −0 static/adopters/dark/amplitude.svg
  14. +43 −0 static/adopters/dark/dyrector_io.svg
  15. +19 −0 static/adopters/dark/pinniped.svg
  16. +5 −0 static/adopters/dark/pvotal.svg
  17. +11 −11 static/adopters/dark/serlo.svg
  18. +32 −0 static/adopters/dark/stackspin.svg
  19. +13 −0 static/adopters/light/amplitude.svg
  20. +47 −0 static/adopters/light/dyrector_io.svg
  21. +19 −0 static/adopters/light/pinniped.svg
  22. +5 −0 static/adopters/light/pvotal.svg
  23. +11 −11 static/adopters/light/serlo.svg
  24. +32 −0 static/adopters/light/stackspin.svg
  25. BIN static/banners/elements.png
  26. +5 −0 static/logos/logo-ory.svg
  27. +11 −5 templates/repository/common/.github/ISSUE_TEMPLATE/BUG-REPORT.yml
  28. +9 −3 templates/repository/common/.github/ISSUE_TEMPLATE/DESIGN-DOC.yml
  29. +9 −3 templates/repository/common/.github/ISSUE_TEMPLATE/FEATURE-REQUEST.yml
  30. +32 −0 templates/repository/common/.github/workflows/licenses.yml
  31. +80 −34 templates/repository/common/ADOPTERS.md
  32. +10 −0 templates/repository/common/CODE_OF_CONDUCT.md
  33. +11 −17 templates/repository/common/CONTRIBUTING.md
  34. +50 −34 templates/repository/common/SECURITY.md
  35. +131 −0 templates/repository/server/.github/workflows/cve-scan.yaml
  36. +1 −1 templates/repository/server/.github/workflows/milestone.yml
3 changes: 3 additions & 0 deletions .github/workflows/format.yml
Original file line number Diff line number Diff line change
@@ -9,6 +9,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-node@v2
with:
node-version: "18.10"
- uses: actions/setup-go@v3
with:
go-version: 1.19
32 changes: 32 additions & 0 deletions .github/workflows/licenses.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
name: Licenses

on:
pull_request:
push:
branches:
- main
- v3
- master

jobs:
licenses:
name: License compliance
runs-on: ubuntu-latest
steps:
- name: Install script
uses: ory/ci/licenses/setup@master
with:
token: ${{ secrets.ORY_BOT_PAT || secrets.GITHUB_TOKEN }}
- name: Check licenses
uses: ory/ci/licenses/check@master
- name: Write, commit, push licenses
uses: ory/ci/licenses/write@master
if:
${{ github.ref == 'refs/heads/main' || github.ref ==
'refs/heads/master' || github.ref == 'refs/heads/v3' }}
with:
author-email:
${{ secrets.ORY_BOT_PAT &&
'60093411+ory-bot@users.noreply.github.com' ||
format('{0}@users.noreply.github.com', github.actor) }}
author-name: ${{ secrets.ORY_BOT_PAT && 'ory-bot' || github.actor }}
4 changes: 2 additions & 2 deletions .github/workflows/sync.yml
Original file line number Diff line number Diff line change
@@ -21,12 +21,12 @@ jobs:
- uses: actions/checkout@v2
- uses: webfactory/ssh-agent@v0.4.1
with:
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
ssh-private-key: ${{ secrets.ORY_BOT_SSH_KEY }}
- run: |
source ./scripts/sync.sh
install_dependencies_on_ci
configure_git_on_ci
workspace=$(create_workspace)
replicate_all "$workspace" "push"
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_AENEASR }}
GITHUB_TOKEN: ${{ secrets.ORY_BOT_PAT }}
6 changes: 3 additions & 3 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -10,10 +10,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- run: make test
- uses: webfactory/ssh-agent@v0.4.1
with:
ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}
ssh-private-key: ${{ secrets.ORY_BOT_SSH_KEY }}
- run: make test
- name: Dry-run the sync
run: |
source ./scripts/sync.sh
@@ -22,4 +22,4 @@ jobs:
workspace=$(create_workspace)
replicate_all "$workspace" "commit"
env:
GITHUB_TOKEN: ${{ secrets.GH_TOKEN_AENEASR }}
GITHUB_TOKEN: ${{ secrets.ORY_BOT_PAT }}
1 change: 1 addition & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
.bin
.idea
node_modules
.DS_store
12 changes: 1 addition & 11 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -1,13 +1,3 @@
<!--
Thank you for contributing changes to this document! Because we use a central repository
to synchronize this file across all our repositories, make sure to make your edits
in the correct file, which you can find here:
https://github.com/ory/meta/blob/master/templates/repository/CONTRIBUTING.md
-->

# Contributing to ORY {{Project}}

<!-- START doctoc generated TOC please keep comment here to allow auto update -->
@@ -72,7 +62,7 @@ do this is via the [ORY Community](https://community.ory.sh/) or join the
[a Contributors License Agreement?](https://cla-assistant.io/ory/)

- I would like updates about new versions of ORY {{Project}}.
[How are new releases announced?](https://ory.us10.list-manage.com/subscribe?u=ffb1a878e4ec6c0ed312a3480&id=f605a41b53)
[How are new releases announced?](https://www.ory.sh/l/sign-up-newsletter)

## How can I contribute?

55 changes: 47 additions & 8 deletions Makefile
Original file line number Diff line number Diff line change
@@ -1,33 +1,72 @@
format: .bin/shfmt node_modules # formats the source code
OS=$(shell uname -s | tr '[:upper:]' '[:lower:]')
ARCH=$(shell uname -m)
ifeq ($(ARCH),x86_64)
ARCH=amd64
ARCH_SHCK=x86_64
else ifeq ($(ARCH),arm64)
ARCH=arm64
ARCH_SHCK=arm64
else ifeq ($(ARCH),aarch64)
ARCH=arm64
ARCH_SHCK=arm64
else ifeq ($(ARCH),i386)
ARCH=386
ARCH_SHCK=386
else ifeq ($(ARCH),i686)
ARCH=386
ARCH_SHCK=386
endif

format: .bin/ory .bin/shfmt node_modules # formats the source code
echo formatting ...
.bin/ory dev headers copyright --type=open-source
.bin/shfmt --write .
npm exec -- prettier --write .

help: # shows all available Make commands
cat Makefile | grep '^[^ ]*:' | grep -v '^\.bin/' | grep -v '^node_modules' | grep -v '.SILENT:' | grep -v help | sed 's/:.*#/#/' | column -s "#" -t

licenses: .bin/licenses node_modules # checks open-source licenses
.bin/licenses

.bin/licenses: Makefile
curl https://raw.githubusercontent.com/ory/ci/master/licenses/install | sh

test: .bin/shellcheck .bin/shfmt node_modules # runs all linters
echo running tests ...
find . -name '*.sh' | xargs .bin/shellcheck
echo Verifying formatting ...
.bin/shfmt --list .

.bin/ory: Makefile
echo installing Ory CLI ...
curl https://raw.githubusercontent.com/ory/meta/master/install.sh | bash -s -- -b .bin ory v1.1.0
touch .bin/ory

.bin/shellcheck: Makefile
echo installing Shellcheck ...
curl -sSL https://github.com/koalaman/shellcheck/releases/download/stable/shellcheck-stable.linux.x86_64.tar.xz | tar xJ
mkdir -p .bin
mv shellcheck-stable/shellcheck .bin
rm -rf shellcheck-stable
touch .bin/shellcheck # update the timestamp so that Make doesn't re-install the file over and over again
if [ "$$(uname -s)" = "Darwin" ] && [ "$$(uname -m)" = "arm64" ]; then \
echo " - detected macOS ARM64" && \
curl -sSL https://github.com/koalaman/shellcheck/releases/download/v0.10.0/shellcheck-v0.10.0.darwin.aarch64.tar.xz | tar xJ; \
elif [ "$$(uname -s)" = "Linux" ] && [ "$$(uname -m)" = "x86_64" ]; then \
echo " - detected Linux AMD64" && \
curl -sSL https://github.com/koalaman/shellcheck/releases/download/v0.10.0/shellcheck-v0.10.0.linux.x86_64.tar.xz | tar xJ; \
else \
echo " - unsupported architecture: $$(uname -s) $$(uname -m)" && \
exit 1; \
fi
mv shellcheck-v0.10.0/shellcheck .bin
rm -rf shellcheck-v0.10.0
touch .bin/shellcheck

.bin/shfmt: Makefile
echo installing Shellfmt ...
mkdir -p .bin
curl -sSL https://github.com/mvdan/sh/releases/download/v3.5.1/shfmt_v3.5.1_linux_amd64 -o .bin/shfmt
curl -sSL https://github.com/mvdan/sh/releases/download/v3.10.0/shfmt_v3.10.0_$(OS)_$(ARCH) -o .bin/shfmt
chmod +x .bin/shfmt

node_modules: package.json package-lock.json
echo installing Prettier ...
echo installing Node dependencies ...
npm ci
touch node_modules # update timestamp so that Make doesn't reinstall it over and over

82 changes: 48 additions & 34 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -1,37 +1,51 @@
<!--
Thank you for contributing changes to this document! Because we use a central repository
to synchronize this file across all our repositories, make sure to make your edits
in the correct file, which you can find here:
https://github.com/ory/meta/blob/master/templates/repository/SECURITY.md
-->

<!-- START doctoc generated TOC please keep comment here to allow auto update -->
<!-- DON'T EDIT THIS SECTION, INSTEAD RE-RUN doctoc TO UPDATE -->

- [Security Policy](#security-policy)
- [Supported Versions](#supported-versions)
- [Reporting a Vulnerability](#reporting-a-vulnerability)

<!-- END doctoc generated TOC please keep comment here to allow auto update -->

# Security Policy

## Supported Versions

We release patches for security vulnerabilities. Which versions are eligible
receiving such patches depend on the CVSS v3.0 Rating:

| CVSS v3.0 | Supported Versions |
| --------- | ----------------------------------------- |
| 9.0-10.0 | Releases within the previous three months |
| 4.0-8.9 | Most recent release |
# Ory Security Policy

## Overview

This security policy outlines the security support commitments for different
types of Ory users.

## Apache 2.0 License Users

- **Security SLA:** No security Service Level Agreement (SLA) is provided.
- **Release Schedule:** Releases are planned every 3 to 6 months. These releases
will contain all security fixes implemented up to that point.
- **Version Support:** Security patches are only provided for the current
release version.

## Ory Enterprise License Customers

- **Security SLA:** The following timelines apply for security vulnerabilities
based on their severity:
- Critical: Resolved within 14 days.
- High: Resolved within 30 days.
- Medium: Resolved within 90 days.
- Low: Resolved within 180 days.
- Informational: Addressed as needed.
- **Release Schedule:** Updates are provided as soon as vulnerabilities are
resolved, adhering to the above SLA.
- **Version Support:** Depending on the Ory Enterprise License agreement
multiple versions can be supported.

## Ory Network Users

- **Security SLA:** The following timelines apply for security vulnerabilities
based on their severity:
- Critical: Resolved within 14 days.
- High: Resolved within 30 days.
- Medium: Resolved within 90 days.
- Low: Resolved within 180 days.
- Informational: Addressed as needed.
- **Release Schedule:** Updates are automatically deployed to Ory Network as
soon as vulnerabilities are resolved, adhering to the above SLA.
- **Version Support:** Ory Network always runs the most current version.

[Get in touch](https://www.ory.sh/contact/) to learn more about Ory's security
SLAs and process.

## Reporting a Vulnerability

Please report (suspected) security vulnerabilities to
**[security@ory.sh](mailto:security@ory.sh)**. You will receive a response from
us within 48 hours. If the issue is confirmed, we will release a patch as soon
as possible depending on complexity but historically within a few days.
If you suspect a security vulnerability, please report it to
**[security@ory.sh](mailto:security@ory.sh)**. We will respond within 48 hours.
If confirmed, we will work to release a patch as soon as possible, typically
within a few days depending on the issue's complexity.
3 changes: 2 additions & 1 deletion install.sh
Original file line number Diff line number Diff line change
@@ -181,6 +181,7 @@ echoerr() {
echo "$@" 1>&2
}
log_prefix() {
# shellcheck disable=SC2317
echo "$0"
}
_logp=6
@@ -244,7 +245,7 @@ uname_arch() {
armv6*) arch="armv6" ;;
armv7*) arch="armv7" ;;
esac
echo ${arch}
echo "${arch}"
}
uname_os_check() {
os=$(uname_os)
Loading