* Allow modification of failed charges on admin billing page
Allows cancelling a failed subscription and forcing another charge attempt
* use addNotification
* fix(app-frontend): do not emit exceptions when no loaders are available
* refactor(app): simplify Microsoft login code without functional changes
* feat(app): external browser auth flow for Modrinth account login
* chore: address Clippy lint
* chore(app/oauth_utils): simplify `handle_reply` error handling according to review
* chore(app-lib): simplify `Url` usage out of MC auth module
* starting on new checklist implementation
Change default shouldShow behavior for stages.
add new messages and stages.
Change some existing stage logic.
Add placeholder var for the rules.
Co-Authored-By: @coolbot100s
* misc fixes + corrections
* Add clickable link previews to links stage
* Correct mislabeled title message and add new title messages
* Change message formatting, use rules variable, correct wip desc and title 1.8 messages, add tags buttons
* More applications of rules placeholder
* Add new status alerts stage
* change order of statusAlerts
* Update title related messages, add navigation based vars
* Overhaul Links stage and add new messages.
* Set message weights, add some disables
* message.mds now obey lint >:(
* fixed links text message formatting and changed an icon
* Combine title and slug stages
* Add more info to some stages and properly case stage ids
* tweak summary text formatting
* Improved tags stage info and more navigation placeholders
* redo reupload stage, more navigation placeholders, licensing stage improvements, versions stage improvements, status alerts stage improvements
* Allow modpack permissions stage to appear again by adding a dummy button.
* Update modpack permissions guidance
* fix: blog path issues
* fix: lint issues
* fix license stage text formatting
* Improve license stage
* feat: move links into one md file to be cleaner
* Update packages/moderation/data/stages/links.ts
Signed-off-by: IMB11 <hendersoncal117@gmail.com>
---------
Signed-off-by: IMB11 <hendersoncal117@gmail.com>
Co-authored-by: IMB11 <hendersoncal117@gmail.com>
Co-authored-by: IMB11 <calum@modrinth.com>
* feat: add security.txt
Security.txt is a well-known (pun intended) file among security researchers, so they don't have to go scavenging for your security information. More information is available on [securitytxt.org](https://securitytxt.org/).
I've set the following values:
- The email to contact with issues, `jai@modrinth.com`. This is the email stated in the security policy. If you wish to not include it here due to spam, you should also not have it as a `mailto` link in the security policy.
- Expiry is set to 2030. By this time Modrinth has become the biggest Minecraft mod distributor, and having expanded into other games. By this time they should also have updated this file.
- English is the preferred language
- The file is located at modrinth.com/.well-known/security.txt
- The security policy is at https://modrinth.com/legal/security
The following values have been left unset:
- PGP key, not sure where this would be located, if there is one
- Acknowledgments. Modrinth does currently not have a site for thanks
- Hiring, as it wants security-related positions
- CSAF, a Common Security Advisory Framework ?
* fix(docs): reduce security.txt expiry
This addresses a concern where the security.txt has a long expiration date. Someone could treat this as "use this until then", which we don't want since it's a long time. The specification recommends no longer than one year, as it is to mark as stale.
From the RFC:
> The "Expires" field indicates the date and time after which the data contained in the "security.txt" file is considered stale and should not be used (as per Section 5.3). The value of this field is formatted according to the Internet profiles of [ISO.8601-1] and [ISO.8601-2] as defined in [RFC3339]. It is RECOMMENDED that the value of this field be less than a year into the future to avoid staleness.
Signed-off-by: Erb3 <49862976+Erb3@users.noreply.github.com>
* fix(frontend): extend security.txt expiry
It takes so long to merge the PR :(
Signed-off-by: Erb3 <49862976+Erb3@users.noreply.github.com>
* docs(frontend) careers link in security.txt
Signed-off-by: Erb3 <49862976+Erb3@users.noreply.github.com>
---------
Signed-off-by: Erb3 <49862976+Erb3@users.noreply.github.com>
Co-authored-by: Erb3 <49862976+Erb3@users.noreply.github.com>
