Comments (20)
Moved from #368:
- Drop momentjs
-
moment
and usage ofi18n.api.t
andi18n.translate
in models, views, and email templates need to use localization of user - Sitemap crawler
- Babel polyfill vs polyfill.io
- Two factor authentication
- Admin filtering by group, search by name/email
- User avatar upload (via lipo.io) (@niftylettuce will handle)
- Manifest PNG icon (@niftylettuce will handle)
- Figure out how to add
lint-staged
'sxo --fix && git add
to thetemplate/package.json
file (right now it errors out, see https://github.com/sudo-suhas/lint-staged-multi-pkg possibly we can use lerna or something) - Record demo video and put it on README
- Lad LTS 1.0.0 "Chap"
- Lad email verification to verify account (otherwise someone can register in advance of someone else signing up for an account, then third party signs in with Google/GitHub)
- Deprecations:
0|web | ⚠ warning The option `reconnectTries` is incompatible with the unified topology, please read more by visiting http://bit.ly/2D8WfT6 { 0|web | app: { 0|web | name: 'lad', 0|web | version: '0.0.2', 0|web | node: 'v12.10.0', 0|web | hash: 'ecec4017fb14fd299e161b30b5e93c7c73f52041', 0|web | environment: 'production', 0|web | hostname: 'lad-demo-1', 0|web | pid: 699 0|web | } 0|web | } 0|web | ⚠ warning The option `reconnectInterval` is incompatible with the unified topology, please read more by visiting http://bit.ly/2D8WfT6 {
- proxy server should remove "www" prefix from host on redirect
- server setup script needs --webroot-path #352 (?)
- Browser
setAppInfo
andparse-logs
to parse this if it was passed - Emails when security changes made (web/api account update or key rotation)
- Document all env vars that can be customized (e.g.
rg "process.env" node_modules
)
from lad.
from lad.
cc @shaunwarman I added above "OTP tests need added" checkbox
from lad.
- [ ] OptimalBits/bull#1659 (no longer using Bull)
from lad.
- Programmatically include a
polyfill.js
file with required plugins (vs. using all plugins) via babel/babel-polyfills#13 (comment) and babel/babel#11583
from lad.
- Upgrade to pug v3.x+ once pugjs/pug#3260 is resolved
from lad.
-
Referrer Header Policy https://scotthelme.co.uk/a-new-security-header-referrer-policy/
-
Feature Header Policy https://scotthelme.co.uk/a-new-security-header-feature-policy/too experimental per w3c/webappsec-permissions-policy#189 and helmetjs/feature-policy#6
from lad.
- Report-To header (we already have
reportUri
option being used inhelmet
)
from lad.
- Implement https://github.com/koajs/qs once new major version released
from lad.
- Managed translation override concept (also investigate why Markdown not working in
mandarin.markdown()
)
from lad.
- Note that users must install gifsicle deps imagemin/gifsicle-bin#79
from lad.
-
axe
should only useparse-app-info
in non-development and non-testing environment (configurable)
from lad.
- prefix koa cash keys with
koa-cash:
or something
from lad.
-
X-Cached-Result: true
(orfalse
value) inkoa-cash
as an optionaddHeader: true
enabled by default, and version bump it
from lad.
- improve caching by content-encoding gzip on fonts+svg (not sure why they aren't)
from lad.
- add cache policy option to
koa-cash
from lad.
All of the above issues are now for v3.0.0 release or later.
from lad.
- Add ability to "Cancel" a pending email address change
- Investigate if reset password functionality circumvents 2FA
- Move /change-email to /my-account/change-email
from lad.
- Changing password should prompt for re-entry of password and OTP to continue
- Changing email should prompt for re-entry of password and OTP to continue
from lad.
- Configurable rate limit middleware that's specific to endpoints that send emails or insert data into database (e.g. contact form, signup, verify email, forgot password, reset password, change email, etc)
from lad.
Related Issues (20)
- add tracekit and wrap
- go through all TODO's in code
- 1.0.0. Release Wishlist HOT 1
- Error in plugin "gulp-eslint" after clean install HOT 1
- Marketing
- GET params get duplicated if no locale is provided HOT 2
- Can we move web, api and bull into this repo HOT 1
- Question - Deployment and using the proxy HOT 2
- RateLimit & CloudFlare
- Method Override Middleware used in `@ladjs/web` needs fixed
- Add support for PROXY protocol HOT 2
- Drop Bull from README and rewrite with Bree mention HOT 1
- DeprecationWarning: Mongoose: `findOneAndUpdate()` and `findOneAndDelete()` without the `useFindAndModify` option set to false are deprecated. See: https://mongoosejs.com/docs/deprecations.html#findandmodify
- Bundle and Watch caching
- Default install appears to require `moment` lib HOT 1
- [feat] send email to admin when redis or mongo disconnects/reconnects
- [chore] fix stylelint warnings
- npm ERR! 404 Not Found - GET https://codeload.github.com/niftylettuce/svgfont2js/tar.gz/376ca0b5498ea4fa08b1955ecd5bb11c1014a401 HOT 1
- Error: Cannot find module 'nps-utils' - Even when nps-utils and nps is installed
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lad.