Merge branch 'develop' of https://github.com/vector-im/element-web into t3chguy/oidc-config

.github/workflows/dockerhub.yaml

@@ -7,6 +7,9 @@ on:
         # This job can take a while, and we have usage limits, so just publish develop only twice a day
         - cron: "0 7/12 * * *"
 concurrency: ${{ github.workflow }}-${{ github.ref_name }}
+
+permissions:
+    id-token: write # needed for signing the images with GitHub OIDC Token
 jobs:
     buildx:
         name: Docker Buildx
@@ -26,6 +29,9 @@ jobs:
               with:
                   fetch-depth: 0 # needed for docker-package to be able to calculate the version
 
+            - name: Install Cosign
+              uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3
+
             - name: Prepare
               if: matrix.prepare
               run: ${{ matrix.prepare }}
@@ -58,6 +64,7 @@ jobs:
                       ${{ matrix.flavor }}
 
             - name: Build and push
+              id: build-and-push
               uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5
               with:
                   context: .
@@ -66,6 +73,17 @@ jobs:
                   tags: ${{ steps.meta.outputs.tags }}
                   labels: ${{ steps.meta.outputs.labels }}
 
+            - name: Sign the images with GitHub OIDC Token
+              env:
+                  DIGEST: ${{ steps.build-and-push.outputs.digest }}
+                  TAGS: ${{ steps.meta.outputs.tags }}
+              run: |
+                  images=""
+                  for tag in ${TAGS}; do
+                      images+="${tag}@${DIGEST} "
+                  done
+                  cosign sign --yes ${images}
+
             - name: Update repo description
               if: matrix.variant == 'vanilla'
               uses: peter-evans/dockerhub-description@e98e4d1628a5f3be2be7c231e50981aee98723ae # v4

.github/workflows/end-to-end-tests.yaml

@@ -22,6 +22,7 @@ jobs:
             issues: read
             pull-requests: read
         with:
+            element-web-sha: ${{ github.sha }}
             react-sdk-repository: matrix-org/matrix-react-sdk
             # We only want to run the playwright tests on merge queue to prevent regressions
             # from creeping in. They take a long time to run and consume multiple concurrent runners.

code_style.md

@@ -225,6 +225,12 @@ Unless otherwise specified, the following applies to all code:
     }
     ```
 
+37. Avoid functions whose fundamental behaviour varies with different parameter types.
+    Multiple return types are fine, but if the function's behaviour is going to change significantly,
+    have two separate functions. For example, `SDKConfig.get()` with a string param which returns the
+    type according to the param given is ok, but `SDKConfig.get()` with no args returning the whole
+    config object would not be: this should just be a separate function.
+
 ## React
 
 Inheriting all the rules of TypeScript, the following additionally apply:

src/vector/platform/ElectronPlatform.tsx

@@ -57,8 +57,6 @@ interface SquirrelUpdate {
     updateURL: string;
 }
 
-const LEGACY_PROTOCOL = "element";
-const OIDC_PROTOCOL = "io.element.desktop";
 const SSO_ID_KEY = "element-desktop-ssoid";
 
 const isMac = navigator.platform.toUpperCase().includes("MAC");
@@ -381,7 +379,7 @@ export default class ElectronPlatform extends VectorBasePlatform {
 
     public getSSOCallbackUrl(fragmentAfterLogin?: string): URL {
         const url = super.getSSOCallbackUrl(fragmentAfterLogin);
-        url.protocol = LEGACY_PROTOCOL;
+        url.protocol = "element";
         url.searchParams.set(SSO_ID_KEY, this.ssoID);
         return url;
     }
@@ -468,7 +466,7 @@ export default class ElectronPlatform extends VectorBasePlatform {
      */
     public getOidcCallbackUrl(): URL {
         const url = super.getOidcCallbackUrl();
-        url.protocol = OIDC_PROTOCOL;
+        url.protocol = "io.element.desktop";
         return url;
     }
 }