We build too many walls and not enough bridges

2025-12-23 02:26:42 +00:00 · 2020-04-08 12:59:16 +02:00
commit 17f4d6097a
494 changed files with 62753 additions and 0 deletions
--- a/pkg/pmapi/Changelog.md
+++ b/pkg/pmapi/Changelog.md
@ -0,0 +1,309 @@
+# Do not modify this file!
+It is here for historical reasons only. All changes should be documented in the
+Changelog at the root of this repository.
+
+
+# Changelog for API
+> NOTE we are using versioning for go-pmapi in format `major.minor.bugfix`
+> * major stays at version 1 for the forseeable future
+> * minor is increased when a force upgrade happens or in case of major breaking changes
+> * patch is increased when new features are added
+
+## v1.0.16
+
+### Fixed
+* Potential crash when reporting cert pin failure 
+
+## v1.0.15
+
+### Changed
+* Merge only 50 events into one
+* Response header timeout increased from 10s to 30s
+
+### Fixed
+* Make keyring unlocking threadsafe
+
+## v1.0.14
+
+### Added
+* Config for disabling TLS cert fingerprint checking
+
+### Fixed
+* Ensure sensitive stuff is cleared on client logout even if requests fail
+
+## v1.0.13
+
+### Fixed
+* Correctly set Transport in http client
+
+## v1.0.12
+
+### Changed
+* Only `http.RoundTripper` interface is needed instead of full `http.Transport` struct
+
+### Added
+* GODT-61 (and related): Use DoH to find and switch to a proxy server if the API becomes unreachable
+* GODT-67 added random wait to not cause spikes on server after StatusTooManyRequests
+
+### Fixed
+* FirstReadTimeout was wrongly timeout of the whole request including repeating ones, now it's really only timeout for the first read
+
+## v1.0.11
+
+### Added
+* GODT-53 `Message.Type` added with constants `MessageType*`
+
+## v1.0.10
+
+### Added
+* GODT-55 exporting DANGEROUSLYSetUID
+
+### Changed
+* The full communication between clien and API is logged if logrus level is trace
+
+## v1.0.9
+
+### Fixed
+* Use correct address type value (because API starts counting from 1 but we were counting from 0)
+
+## v1.0.8
+
+### Added
+* Introdcution of connection manager
+
+### Fixed
+* Deadlock during the auth-refresh
+* Fixed an issue where some events were being discarded when merging
+
+## v1.0.7
+
+### Changed
+* The given access token is saved during auth refresh if none was available yet
+
+
+## v1.0.6
+
+### Added
+* `ClientConfig.Timeout` to be able to configure the whole timeout of request
+* `ClientConfig.FirstReadTimeout` to be able to configure the timeout of request to the first byte
+* `ClientConfig.MinSpeed` to be able to configure the timeout when the connection is too slow (limitation in minimum bytes per second)
+* Set default timeouts for http.Transport with certificate pinning
+
+### Changed
+* http.Client by default uses ProxyFromEnvironment to support HTTP_PROXY and HTTPS_PROXY environment variables
+
+## v1.0.5
+
+### Added
+* `ContentTypeMultipartEncrypted` MIME content type for encrypted email
+* `MessageCounts` in event struct
+
+## v1.0.4
+
+### Added
+* `PMKeys` for parsing and reading KeyRing
+* `clearableKey` to rewrite memory
+* Proton/backend-communication#25 Unlock with tokens (OneKey2RuleThemAll Phase I)
+
+### Changed
+* Update of gopenpgp: convert JSON to KeyRing in PMAPI
+* `user.KeyRing` -> `user.KeyRing()`
+* typo `client.GetAddresses()`
+
+### Removed
+* `address.KeyRing`
+
+## v1.0.2 v1.0.3
+
+### Changed
+* Fixed capitalisation in a few places
+* Added /metrics API route
+* Changed function names to be compliant with go linter
+* Encrypt with primary key only
+* Fix `client.doBuffered` - closing body before handling unauthorized request
+* go-pm-crypto -> GopenPGP
+* redefine old functions in `keyring.go`
+* `attachment.Decrypt` drops returning signature (does signature check by default)
+* `attachment.Encrypt` is using readers instead of writers
+* `attachment.DetachedSign` drops writer param and returns signature as a reader
+* `message.Decrypt` drops returning signature (does signature check by default)
+* Changed TLS report URL to https://reports.protonmail.ch/reports/tls
+* Moved from current to soon TLS pin
+
+## v1.0.1
+
+### Removed
+* `ClientID` from all auth routes
+* `ErrorDescription` from error
+
+## v1.0.0
+
+### Changed
+* `client.AuthInfo` does return 2FA information only when authenticated, for the first login information available in `Auth.HasTwoFactor`
+* `client.Auth` does not accept 2FA code in favor of `client.Auth2FA`
+* `client.Unlock` supports only new way of unlock with directly available access token
+
+### Added
+* `Res.StatusCode` to pass HTTP status code to responses
+* `Auth.HasTwoFactor` method to determine whether account has enabled 2FA (same as `AuthInfo.HasTwoFactor`)
+* `Auth2FA*` structs for 2FA endpoint
+* `client.Auth2FA` method to fully unlock session with 2FA code
+* `ErrUnauthorized` when request cannot be authorized
+* `ErrBad2FACode` when bad 2FA and user cannot try again
+* `ErrBad2FACodeTryAgain` when bad 2FA but user can try again
+
+## 2019-08-06
+
+### Added
+* Send TLS issue report to API
+* Cert fingerpring with `TLSPinning` struct
+* Check API certificate fingerprint and verify hostname
+
+### Changed
+* Using `AddressID` for `/messge/count` and `/conversations/count`
+* Less of copying of responses from the server in the memory
+
+## 2019-08-01
+* low case for `sirupsen`
+* using go modules
+
+## 2019-07-15
+
+### Changed
+* `client.Auths` field is removed in favor of function `client.SetAuths` which opens possibility to use interface
+
+## 2019-05-18
+
+### Changed
+* proton/backend-communication#11 x-pm-uid sent always for `/auth/refresh`
+* proton/backend-communication#11 UID never changes
+
+## 2019-05-28
+
+### Added
+* New test server patern using callbacks
+* Responses are read from json files
+
+### Changed
+* `auth_tests.go` to new callback server pattern
+* Linter fixes for tests
+
+### Removed
+* `TestClient_Do_expired` due to no effect, use `DoUnauthorized` instead
+
+## 2019-05-24
+* Help functions for test
+* CI with Lint
+
+## 2019-05-23
+* Log userID
+
+## 2019-05-21
+* Fix unlocking user keys
+
+## 2019-04-25
+
+### Changed
+* rename `Uid` -> `UID` proton/backend-communication#11
+
+## 2019-04-09
+
+### Added
+* sending attachments as zip `application/octet-stream`
+* function `ReportReq.AddAttachment()`
+* data memeber `ReportReq.Attachments`
+* general function to report bug `client.Report(req ReportReq)` with object as parameter
+
+### Changed
+* `client.ReportBug` and `client.ReportBugWithClient` functions are obsolete and they uses `client.Report(req ReportReq)`
+* `client.ReportCrash` is obsolete. Use sentry instead
+* `Api`->`API`, `Uid`->`UID`
+
+## 2019-03-13
+* user id in raven
+* add file position of panic sender
+
+## 2019-03-06
+* #30 update `pm-crypto` to store `KeyRing.FirstKeyID`
+* #30 Add key salt to `Auth` object from `GetKeySalts` request
+* #30 Add route `GET /keys/salt`
+* removed unused `PmCrypto`
+
+## 2019-02-20
+* removed unused `decryptAccessToken`
+
+## 2019-01-21
+* #29 Parsing all goroutines from pprof
+* #29 Sentry `Threads` implementation
+* #29 using sentry for crashes
+
+## 2019-01-07
+* refactor `pmapi.DecryptString` -> `pmcrypto.KeyRing.DecryptString`
+* fixed tests
+* `crypto` -> `pmcrypto`
+* refactoring code using repos `go-pm-crypto`, `go-pm-mime` and `go-srp`
+
+
+## 2018-12-10
+* #26 adding `Flags` field to message
+* #26 removing fields deprecated by `Flags`: `IsEncrypted`, `Type`, `IsReplied`, `IsRepliedAll`, `IsForwarded`
+* #26 removing deprecated consts (see #26 for replacement)
+* #26 fixing tests (compiling not working)
+
+## 2018-11-19
+
+### Added
+* Wait and retry from `DoJson` if banned from api
+
+### Changed
+* `ErrNoInternet` -> `ErrAPINotReachable`
+* Adding codes for force upgrade: 5004 and 5005
+* Adding codes for API offline: 7001
+* Adding codes for BansRequests: 85131
+
+## 2018-09-18
+
+### Added
+* `client.decryptAccessToken` if privateKey is received (tested with local api) #23
+
+### Changed
+* added fields to User
+* local config TLS skip verify
+
+## 2018-09-06
+
+### Changed
+* decrypt token only if needed
+
+### Broken
+* Tests are not working
+
+## APIv3 UPDATE (2018-08-01)
+* issue Desktop-Bridge#561
+
+### Added
+* Key flag consts
+* `EventAddress`
+* `MailSettings` object and route call
+* `Client.KeyRingForAddressID`
+* `AuthInfo.HasTwoFactor()`
+* `Auth.HasMailboxPassword()`
+
+### Changed
+* Addresses are part of client
+* Update user updates also addresses
+* `BodyKey` and `AttachmentKey` contains `Key` and `Algorithm`
+* `keyPair` (not use Pubkey) -> `pmKeyObject`
+* lots of indent
+* bugs route
+* two factor (ready to U2F)
+* Reorder some to match order in doc (easier to )
+* omit address Order when empty
+* update user and addresses in `CurrentUser()`
+* `User.Unlock()` -> `Client.UnlockAddresses()`
+* `AuthInfo.Uid`  -> `AuthInfo.Uid()`
+* `User.Addresses`  -> `Client.Addresses()`
+
+### Removed
+* User v3 removed plenty (now in settings)
+* Message v3 removed plenty (Starred is label)