QuivrHQ/quivr
1
1
Fork 0
mirror of https://github.com/QuivrHQ/quivr.git synced 2024-12-15 09:32:22 +03:00
Code Issues Packages Projects Releases Wiki Activity
877 Commits 837 Branches 347 Tags 205 MiB
c2bf3adc24
Commit Graph

26 Commits

Author SHA1 Message Date
Matthieu Jacq
56d1f94b62
feat: upgrade to plus button (#1482) 
# Description

Epic: #1429 
User Story: #1430 

## Pour la mise en preview / prod:

- Mettre à jour l'environnement

```env
NEXT_PUBLIC_STRIPE_PRICING_TABLE_ID=<change-me>
NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=<change-me>
```

- Activer le feature flag `monetization` (booléen)

## Screenshots (if appropriate):

Button:
<img width="289" alt="image"
src="https://github.com/StanGirard/quivr/assets/67386567/c0f7321e-2f48-4462-aab9-fd1c6f4282cd">

Modal:
<img width="843" alt="image"
src="https://github.com/StanGirard/quivr/assets/67386567/28082680-1126-44db-bf77-76ae7474747f">
 2023-10-24 18:26:48 +02:00
Stan Girard
7a750c54a4 feat: 🎸 cms 
added seo objects
 2023-10-23 19:46:58 +02:00
Mamadou DICKO
6514358796
feat: fetch homepage data from CMS (#1452) 
Issue: https://github.com/StanGirard/quivr/issues/1448
 2023-10-20 15:36:55 +02:00
Mamadou DICKO
1cd99ae234
feat: add testimonials section (#1427) 
Issue: https://github.com/StanGirard/quivr/issues/1428


https://github.com/StanGirard/quivr/assets/63923024/b0b25f3e-d038-4740-b581-e3c256d89902
 2023-10-18 17:36:29 +02:00
Matthieu Jacq
2c7d48cf4e
feat: configure CSP for self-hosting and multiple ports in dev mode (#1364) 
Closes #1358 
Closes #1359

⚠️ Need to update the preview and prod environment with a
"NEXT_PUBLIC_FRONTEND_URL" variable before merging.
 2023-10-09 17:02:15 +02:00
Matthieu Jacq
d0e363e66e
feat: enable CSP in all environments (local/preview/prod) (#1334) 
# Description

Enable CSP in all environments (local/preview/prod).

Relies on NEXT_PUBLIC_ENV env variable, which should be
`'local'|'preview'|'prod'`

# Comparison of old and new CSP values (tested locally)

## Before

### CSP (for prod only)

```
default-src 'self' https://fonts.googleapis.com https://xxx.supabase.co https://api.june.so https://www.quivr.app/; connect-src 'self' https://xxx.supabase.co http://localhost:5050 https://api.june.so https://api.openai.com https://cdn.growthbook.io https://vitals.vercel-insights.com/v1/vitals; img-src 'self' https://www.gravatar.com data:; media-src 'self' https://user-images.githubusercontent.com https://www.quivr.app/ https://quivr-cms.s3.eu-west-3.amazonaws.com; script-src 'unsafe-inline' 'unsafe-eval' https://va.vercel-scripts.com/ https://www.quivr.app/ https://www.google-analytics.com/; frame-ancestors 'none'; style-src 'unsafe-inline' https://www.quivr.app/;
```

## After

### Prod CSP (iso with before)

```
default-src 'self' https://fonts.googleapis.com https://xxx.supabase.co https://api.june.so https://www.quivr.app/; connect-src 'self' https://xxx.supabase.co http://localhost:5050 https://api.june.so https://api.openai.com https://cdn.growthbook.io https://vitals.vercel-insights.com/v1/vitals; img-src 'self' https://www.gravatar.com data:; media-src 'self' https://user-images.githubusercontent.com https://www.quivr.app/ https://quivr-cms.s3.eu-west-3.amazonaws.com; script-src 'unsafe-inline' 'unsafe-eval' https://va.vercel-scripts.com/ https://www.quivr.app/ https://www.google-analytics.com/; frame-ancestors 'none'; style-src 'unsafe-inline' https://www.quivr.app/;
```

### Preview CSP

```
default-src 'self' https://fonts.googleapis.com https://xxx.supabase.co https://api.june.so https://preview.quivr.app/; connect-src 'self' https://xxx.supabase.co http://localhost:5050 https://api.june.so https://api.openai.com https://cdn.growthbook.io https://vitals.vercel-insights.com/v1/vitals; img-src 'self' https://www.gravatar.com data:; media-src 'self' https://user-images.githubusercontent.com https://www.quivr.app/ https://quivr-cms.s3.eu-west-3.amazonaws.com; script-src 'unsafe-inline' 'unsafe-eval' https://va.vercel-scripts.com/ https://preview.quivr.app/ https://www.google-analytics.com/; frame-ancestors 'none'; style-src 'unsafe-inline' https://preview.quivr.app/;
```

### Local CSP

```
default-src 'self' https://fonts.googleapis.com https://xxx.supabase.co https://api.june.so http://localhost:3000 http://localhost:3001; connect-src 'self' https://xxx.supabase.co http://localhost:5050 https://api.june.so https://api.openai.com https://cdn.growthbook.io https://vitals.vercel-insights.com/v1/vitals; img-src 'self' https://www.gravatar.com data:; media-src 'self' https://user-images.githubusercontent.com https://www.quivr.app/ https://quivr-cms.s3.eu-west-3.amazonaws.com; script-src 'unsafe-inline' 'unsafe-eval' https://va.vercel-scripts.com/ http://localhost:3000 http://localhost:3001 https://www.google-analytics.com/; frame-ancestors 'none'; style-src 'unsafe-inline' http://localhost:3000 http://localhost:3001;
```

# 🧪 External checks

Syntax checked with https://csp-evaluator.withgoogle.com/ (for the 3
environments).

---------

Co-authored-by: gozineb <zinebe@theodo.fr>
 2023-10-05 17:37:25 +02:00
Matthieu Jacq
ed358c7fa3
refactor: ♻️ ContentSecurityPolicy as an object (#1312) 
* ♻️  ContentSecurityPolicy as an object

* CSP: Remove redundant operation
 2023-10-03 16:16:02 +02:00
Zineb El Bachiri
c215284fe9
🚑 return to old CSP syntax (#1282) 2023-09-28 18:24:31 +02:00
Matthieu Jacq
b6f38f7aff
fix: 🔒️ add gravatar.com to the content security policy (#1273) 
* fix: 🔒️ add gravatar.com to the content security policy

* 🎨 cleaner ContentSecurityPolicy string definition
 2023-09-27 15:57:44 +02:00
Matthieu Jacq
7470d389a7
feat: 👤 Implement gravatar (#1268) 
*  Implement gravatar

* ♻️  refact gravatar url generation with a custom hook

* review: do not add a default value to the email if undefined
 2023-09-27 14:41:08 +02:00
Riccardo Linares
4b88c89814
Update next.config.js (#1251) 
Removing typo in next.confing.js
 2023-09-26 09:36:53 +02:00
Stan Girard
cdc097901e fix(cms): changed url 2023-09-21 14:31:07 +02:00
Stan Girard
f2937a7eee feat(cms): added images 2023-09-21 14:23:22 +02:00
Stan Girard
f74a1c50c8
feat(strapi): added first draft (#1237) 2023-09-21 00:20:29 +02:00
Zineb El Bachiri
886d30cf9e
feat(analytics): add google analytics (#1147) 
* 🚚 move june analytics to folder and update paths

*  set up google analytics

*  sent firt GA event with react-ga

* 🔒️ update security headers to include vercel and google analytics

* 🚚 rename Vercel Analytics

*  use react-ga4 instread

* 💚 fix tests
 2023-09-18 15:12:50 +02:00
Zineb El Bachiri
eb7b677fef
🚑 add growthbook to csp headers (#1117) 2023-09-06 11:40:07 +02:00
Zineb El Bachiri
55a387d740
🔒️ add url api.openai to CSP headers (#1077) 2023-08-31 15:50:16 +02:00
Zineb El Bachiri
abe7cca902
add github mediasource in security headers (#551) 2023-07-07 13:00:26 +02:00
Zineb El Bachiri
11cb81f40d
🚑 use security headers in prod environement only (#550) 2023-07-07 10:40:57 +02:00
Zineb El Bachiri
9e942ba959
add cors security headers (#533) 2023-07-06 19:01:38 +02:00
Stan Girard
f9b3eba973 feat(sentry): added only if env variable set 2023-07-02 14:32:16 +02:00
Stan Girard
b444761622 fix(sentry): added fix 2023-07-02 10:54:36 +02:00
Stan Girard
3918ad3015 fix(sentry): removed from variables 2023-07-02 10:26:16 +02:00
Stan Girard
fbd1e17018
feat(sentry): added sentry (#443) 2023-07-01 21:12:13 +02:00
Mamadou DICKO
d848d5aa0b
Chore: add husky, no-unused-vars & no-explicit-any eslint rules (#168) 
* chore: add husky

* chore(eslint): add  no-unused-vars rule

* chore(eslint): add  no-explicit-any rule

* chore: add PR template
 2023-05-26 13:56:29 +02:00
Stan Girard
58630f7207 feat(api): new api init 2023-05-18 01:22:13 +02:00