1
0
mirror of https://github.com/moparisthebest/mail synced 2024-11-24 09:52:21 -05:00

Merge pull request #412 from tanx/master

Minor fixes to master
This commit is contained in:
Tankred Hase 2015-12-17 16:13:36 +07:00
commit 43729833a5
5 changed files with 12 additions and 29 deletions

View File

@ -1,10 +1,10 @@
branch-defaults: branch-defaults:
release/prod: release/prod:
environment: mail-html5-prod environment: mail-prod
release/test: release/test:
environment: mail-html5-test environment: mail-test
global: global:
application_name: mail-html5 application_name: mail
default_ec2_keyname: null default_ec2_keyname: null
default_platform: Node.js default_platform: Node.js
default_region: eu-central-1 default_region: eu-central-1

View File

@ -1,9 +1,7 @@
sudo: false
language: node_js language: node_js
node_js: node_js:
- "0.12" - "0.12"
before_install: before_install:
- gem install sass - gem install sass
- npm install -g grunt-cli - npm install -g grunt-cli
notifications:
email:
- build@whiteout.io

View File

@ -307,7 +307,7 @@ module.exports = function(grunt) {
}, },
readSandbox: { readSandbox: {
src: [ src: [
'node_modules/dompurify/purify.js', 'node_modules/dompurify/src/purify.js',
'node_modules/iframe-resizer/js/iframeResizer.contentWindow.min.js', 'node_modules/iframe-resizer/js/iframeResizer.contentWindow.min.js',
'src/js/controller/app/read-sandbox.js' 'src/js/controller/app/read-sandbox.js'
], ],

View File

@ -1,4 +1,4 @@
Whiteout Mail [![Build Status](https://travis-ci.org/whiteout-io/mail-html5.svg?branch=master)](https://travis-ci.org/whiteout-io/mail-html5) [![Gitter](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/whiteout-io/mail-html5?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) Whiteout Mail [![Build Status](https://travis-ci.org/whiteout-io/mail.svg?branch=master)](https://travis-ci.org/whiteout-io/mail)
========== ==========
Whiteout Mail is an easy to use email client with integrated OpenPGP encryption written in pure JavaScript. Download the official version under [whiteout.io](https://whiteout.io/#product). Whiteout Mail is an easy to use email client with integrated OpenPGP encryption written in pure JavaScript. Download the official version under [whiteout.io](https://whiteout.io/#product).
@ -7,7 +7,7 @@ Whiteout Mail is an easy to use email client with integrated OpenPGP encryption
### Features ### Features
You can read about product features and our future roadmap in our [FAQ](https://github.com/whiteout-io/mail-html5/wiki/FAQ). You can read about product features and our future roadmap in our [FAQ](https://github.com/whiteout-io/mail/wiki/FAQ).
### Privacy and Security ### Privacy and Security
@ -17,7 +17,7 @@ We take the privacy of your data very seriously. Here are some of the technical
* Messages are [encrypted end-to-end ](http://en.wikipedia.org/wiki/End-to-end_encryption) using the [OpenPGP](http://en.wikipedia.org/wiki/Pretty_Good_Privacy) standard. This means that only you and the recipient can read your mail. Your messages and private PGP key are stored only on your computer (in IndexedDB). * Messages are [encrypted end-to-end ](http://en.wikipedia.org/wiki/End-to-end_encryption) using the [OpenPGP](http://en.wikipedia.org/wiki/Pretty_Good_Privacy) standard. This means that only you and the recipient can read your mail. Your messages and private PGP key are stored only on your computer (in IndexedDB).
* Users have the option to use [encrypted private key sync](https://github.com/whiteout-io/mail-html5/wiki/Secure-OpenPGP-Key-Pair-Synchronization-via-IMAP) if they want to use Whiteout on multiple devices. * Users have the option to use [encrypted private key sync](https://github.com/whiteout-io/mail/wiki/Secure-OpenPGP-Key-Pair-Synchronization-via-IMAP) if they want to use Whiteout on multiple devices.
* [Content Security Policy (CSP)](http://www.html5rocks.com/en/tutorials/security/content-security-policy/) is enforced to prevent injection attacks. * [Content Security Policy (CSP)](http://www.html5rocks.com/en/tutorials/security/content-security-policy/) is enforced to prevent injection attacks.
@ -27,7 +27,7 @@ We take the privacy of your data very seriously. Here are some of the technical
* Like most native email clients, whiteout mail uses raw [TCP sockets](http://developer.chrome.com/apps/socket.html) to communicate directly with your mail server via IMAP/SMTP. TLS is used to protect your password and message data in transit. * Like most native email clients, whiteout mail uses raw [TCP sockets](http://developer.chrome.com/apps/socket.html) to communicate directly with your mail server via IMAP/SMTP. TLS is used to protect your password and message data in transit.
* The app is deployed as a signed [Chrome Packaged App](https://developer.chrome.com/apps/about_apps.html) with [auditable static versions](https://github.com/whiteout-io/mail-html5/releases) in order to prevent [problems with host-based security](https://blog.whiteout.io/2014/04/13/heartbleed-and-javascript-crypto/). * The app is deployed as a signed [Chrome Packaged App](https://developer.chrome.com/apps/about_apps.html) with [auditable static versions](https://github.com/whiteout-io/mail/releases) in order to prevent [problems with host-based security](https://blog.whiteout.io/2014/04/13/heartbleed-and-javascript-crypto/).
* The app can also be used from any modern web browser in environments where installing an app is not possible (e.g. a locked down corporate desktop). The IMAP/SMTP TLS sessions are still terminated in the user's browser using JS crypto ([Forge](https://github.com/digitalbazaar/forge)), but the encrypted TLS payload is proxied via [socket.io](http://socket.io/), due to the lack of raw sockets in the browser. **Please keep in mind that this mode of operation is not as secure as using the signed packaged app, since users must trust the webserver to deliver the correct code. This mode will still protect user against passive attacks like wiretapping (since PGP and TLS are still applied in the user's browser), but not against active attacks from the webserver. So it's best to decide which threat model applies to you.** * The app can also be used from any modern web browser in environments where installing an app is not possible (e.g. a locked down corporate desktop). The IMAP/SMTP TLS sessions are still terminated in the user's browser using JS crypto ([Forge](https://github.com/digitalbazaar/forge)), but the encrypted TLS payload is proxied via [socket.io](http://socket.io/), due to the lack of raw sockets in the browser. **Please keep in mind that this mode of operation is not as secure as using the signed packaged app, since users must trust the webserver to deliver the correct code. This mode will still protect user against passive attacks like wiretapping (since PGP and TLS are still applied in the user's browser), but not against active attacks from the webserver. So it's best to decide which threat model applies to you.**
@ -39,11 +39,11 @@ We take the privacy of your data very seriously. Here are some of the technical
* We will launch a bug bounty program later on for independent security researchers. If you find any security vulnerabilities, don't hesitate to contact us [security@whiteout.io](mailto:security@whiteout.io). * We will launch a bug bounty program later on for independent security researchers. If you find any security vulnerabilities, don't hesitate to contact us [security@whiteout.io](mailto:security@whiteout.io).
* You can also just create an [issue](https://github.com/whiteout-io/mail-html5/issues) on GitHub if you're missing a feature or just want to give us feedback. It would be much appreciated! * You can also just create an [issue](https://github.com/whiteout-io/mail/issues) on GitHub if you're missing a feature or just want to give us feedback. It would be much appreciated!
### Testing ### Testing
You can download a prebuilt bundle under [releases](https://github.com/whiteout-io/mail-html5/releases) or build your own from source (requires [node.js](http://nodejs.org/download/), [grunt](http://gruntjs.com/getting-started#installing-the-cli) and [sass](http://sass-lang.com/install)): You can download a prebuilt bundle under [releases](https://github.com/whiteout-io/mail/releases) or build your own from source (requires [node.js](http://nodejs.org/download/), [grunt](http://gruntjs.com/getting-started#installing-the-cli) and [sass](http://sass-lang.com/install)):
npm install && npm test npm install && npm test

View File

@ -3,21 +3,6 @@
"description": "Mail App with integrated OpenPGP encryption.", "description": "Mail App with integrated OpenPGP encryption.",
"author": "Whiteout Networks", "author": "Whiteout Networks",
"homepage": "https://whiteout.io", "homepage": "https://whiteout.io",
"repository": {
"type": "git",
"url": "https://github.com/whiteout-io/mail-html5.git"
},
"keywords": [
"email",
"mail",
"client",
"app",
"openpgp",
"pgp",
"gpg",
"imap",
"smtp"
],
"engines": { "engines": {
"node": ">=0.10" "node": ">=0.10"
}, },
@ -40,7 +25,7 @@
"browsersmtp": "https://github.com/whiteout-io/browsersmtp/tarball/master", "browsersmtp": "https://github.com/whiteout-io/browsersmtp/tarball/master",
"chai": "~1.9.2", "chai": "~1.9.2",
"crypto-lib": "~0.2.1", "crypto-lib": "~0.2.1",
"dompurify": "~0.6.3", "dompurify": "~0.7.3",
"grunt": "~0.4.1", "grunt": "~0.4.1",
"grunt-angular-templates": "~0.5.7", "grunt-angular-templates": "~0.5.7",
"grunt-autoprefixer": "~0.7.2", "grunt-autoprefixer": "~0.7.2",