Go to file
Mateusz Mandera fc85d7d613 auth: Add hardening authenticate(use_dummy_backend=True) in do_login.
As explained in the comment, this is to prevent bugs where some strange
combination of codepaths could end up calling do_login without basic
validation of e.g. the subdomain. The usefulness of this will be
extended with the upcoming commit to add the ability to configure custom
code to wrap authenticate() calls in. This will help ensure that some
codepaths don't slip by the mechanism, ending up logging in a user
without the chance for the custom wrapper to run its code.

(cherry picked from commit 72bea3433e)
2024-01-18 15:58:02 -08:00
.github ci: Switch 6.0 production to be on Ubuntu 22.04. 2024-01-15 12:02:53 -08:00
.tx provision: Replace transifex-client with new transifex-cli. 2022-12-13 12:34:08 -08:00
.vscode vscode: Recommend remote development extension. 2021-11-03 16:03:46 -07:00
analytics models: Extract zerver.models.scheduled_jobs. 2024-01-05 10:32:54 -05:00
api_docs Release Zulip Server 8.0. 2023-12-15 11:16:19 -08:00
confirmation remote_billing: Implement confirmation flow for RemoteRealm auth. 2023-12-10 16:15:28 -08:00
corporate remote_billing: Fix /self-hosted-billing/ handling for desktop app. 2024-01-15 21:32:00 -08:00
docs docs: Fix selfhoster URL to be the canonical one. 2024-01-15 12:02:53 -08:00
help docs: Fix selfhoster URL to be the canonical one. 2024-01-15 12:02:53 -08:00
locale i18n: Update translation data from Transifex. 2023-12-15 11:16:19 -08:00
patches dependencies: Patch source-sans to correct format() for variable fonts. 2023-09-13 17:08:53 -07:00
pgroonga migrations: Import BaseDatabaseSchemaEditor from its canonical module. 2023-03-05 14:46:28 -08:00
puppet logrotate: smokescreen has its own config file. 2024-01-15 12:02:53 -08:00
requirements run-dev: Rewrite development proxy with aiohttp. 2023-12-12 08:07:41 -08:00
scripts install: Support PostgreSQL 16. 2024-01-05 10:32:54 -05:00
static static: Make unknown user avatar work on mobile. 2023-12-09 16:59:38 -08:00
stubs/taint actions: Split out zerver.actions.message_send. 2022-04-14 17:14:34 -07:00
templates templates: Move remote_realm_server_mismatch_error.html to zerver. 2024-01-15 21:32:00 -08:00
tools tools: Add a tool for backporting PRs. 2024-01-18 15:58:02 -08:00
var/puppeteer
web remote_billing: Fix /self-hosted-billing/ handling for desktop app. 2024-01-15 21:32:00 -08:00
zerver auth: Add hardening authenticate(use_dummy_backend=True) in do_login. 2024-01-18 15:58:02 -08:00
zilencer zilencer: Have server send realm_uuid to remaining bouncer endpoints. 2024-01-15 16:51:09 -08:00
zproject remote_billing: Fix /self-hosted-billing/ handling for desktop app. 2024-01-15 21:32:00 -08:00
.codecov.yml
.codespellignore pygments: Place Default (light) and Monokai (dark) schemes. 2023-12-04 13:03:34 -08:00
.editorconfig
.eslintignore web: Move web app to ‘web’ directory. 2023-02-23 16:04:17 -08:00
.eslintrc.json eslint: Forbid unchecked casts in TypeScript. 2023-10-26 09:54:30 -07:00
.gitattributes .gitattributes: Mark *.bmp, *.bson, *.mp3, *.pdf as binary. 2022-02-07 18:51:06 -08:00
.gitignore dev_settings: Allow user to override settings in a git-ignored file. 2023-12-04 09:50:14 -08:00
.gitlint lint: Update line-length for commit message to 72 in gitlint. 2023-05-01 10:35:52 -07:00
.mailmap mailmap: Add entry for Rohan Gudimetla. 2023-12-13 13:28:19 -08:00
.npmignore
.npmrc dependencies: Switch to pnpm. 2023-03-20 15:48:29 -07:00
.prettierignore dependencies: Switch to pnpm. 2023-03-20 15:48:29 -07:00
.pyre_configuration
.readthedocs.yaml readthedocs: Add a configuration file. 2023-02-03 16:36:54 -08:00
.sonarcloud.properties
CODE_OF_CONDUCT.md docs: Rename "private message" -> "direct message". 2023-06-23 14:36:16 -07:00
CONTRIBUTING.md contributor docs: Explain what to do if issue assignee is unresponsive. 2023-10-16 13:28:23 -07:00
Dockerfile-postgresql docs: Fix grammar errors found by mwic. 2023-10-09 13:24:09 -07:00
LICENSE
NOTICE
README.md docs: Update Ruff badge and links. 2023-10-26 15:51:46 -07:00
SECURITY.md docs: Update .html links pointing to "Upgrade Zulip" or "Modify Zulip". 2023-08-11 16:49:32 -07:00
Vagrantfile vagrant: Add Fedora 36 support. 2022-09-08 16:12:59 -07:00
manage.py mypy: Enable new error explicit-override. 2023-10-12 12:28:41 -07:00
package.json dependencies: Upgrade JavaScript dependencies. 2023-12-07 14:29:32 -08:00
pnpm-lock.yaml dependencies: Upgrade JavaScript dependencies. 2023-12-07 14:29:32 -08:00
prettier.config.js
pyproject.toml docs: Update Ruff badge and links. 2023-10-26 15:51:46 -07:00
stylelint.config.js dependencies: Upgrade JavaScript dependencies. 2023-07-21 15:58:42 -07:00
tsconfig.json dependencies: Install `@types/jquery.validation for type annotation. 2023-08-14 16:00:20 -07:00
version.py version: Update version after 8.0 release. 2024-01-04 15:29:29 -08:00

README.md

Zulip overview

Zulip is an open-source team collaboration tool with unique topic-based threading that combines the best of email and chat to make remote work productive and delightful. Fortune 500 companies, leading open source projects, and thousands of other organizations use Zulip every day. Zulip is the only modern team chat app that is designed for both live and asynchronous conversations.

Zulip is built by a distributed community of developers from all around the world, with 74+ people who have each contributed 100+ commits. With over 1000 contributors merging over 500 commits a month, Zulip is the largest and fastest growing open source team chat project.

Come find us on the development community chat!

GitHub Actions build status coverage status Mypy coverage Ruff code style: black code style: prettier GitHub release docs Zulip chat Twitter GitHub Sponsors

Getting started

You may also be interested in reading our blog, and following us on Twitter and LinkedIn.

Zulip is distributed under the Apache 2.0 license.