libre-service.eu/pad.libre-service.eu-etherpad
libre-service.eu/pad.libre-service.eu-etherpad
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-01-20 06:29:53 +01:00
Code Issues Projects Releases Wiki Activity
7963 commits 206 branches 105 tags 123 MiB
Commit graph

4885 commits

Author SHA1 Message Date
Richard Hansen
b276eb0a23 PadMessageHandler: Improve message sanity checking 
Use exceptions instead of silent drops so that the client can detect
the error and react appropriately.
 2022-02-24 17:39:38 -05:00
Richard Hansen
3b76b2dd67 SocketIORouter: Improve error handling 2022-02-24 17:39:38 -05:00
Richard Hansen
fcfa51bda6 PadMessageHandler: Convert complex if to switch 2022-02-24 17:39:38 -05:00
translatewiki.net
05dd9920c5 Localisation updates from https://translatewiki.net. 2022-02-24 13:03:13 +01:00
Richard Hansen
32c82917e3 Merge branch 'master' into develop 2022-02-23 17:25:38 -05:00
Richard Hansen
ba370b0e05 PadMessageHandler: Don't trust user-provided padId 2022-02-23 16:11:21 -05:00
Richard Hansen
bdbde88fed PadMessageHandler: Fix USER_CHANGES queue identifier 
`message.padId` is normally undefined for `USER_CHANGES` messages.
 2022-02-23 16:11:16 -05:00
Richard Hansen
c59cbb537a Bump version 2022-02-23 16:10:47 -05:00
Richard Hansen
1513932ca1 plugins: Give each plugin a plugin-specific logger object 
This makes it possible for plugins to stop assuming that log4js is
available at `ep_etherpad-lite/node_modules/log4js`.
 2022-02-21 15:13:57 -05:00
Richard Hansen
daee90d2af lint: Close function args on same line as final arg 2022-02-21 14:53:48 -05:00
Richard Hansen
37508403d8 lint: Replace Object.assign() with object spread syntax 2022-02-21 14:36:58 -05:00
Richard Hansen
c8211f2898 lint: Run eslint --fix 2022-02-21 14:36:58 -05:00
Richard Hansen
8eb310854d lint: Bump ESLint dependencies 2022-02-21 14:36:58 -05:00
Richard Hansen
005ca0bb09 lint: Move ESLint config to .eslintrc.cjs 2022-02-21 14:36:58 -05:00
Richard Hansen
d2f4931a35 checkPlugin: Use log4js for logging 2022-02-21 14:36:58 -05:00
Richard Hansen
8aec73b129 checkPlugin: Add ability to remove dependencies 2022-02-21 14:36:58 -05:00
Richard Hansen
d5db979c93 checkPlugin: Config ESLint via .eslintrc.cjs 2022-02-21 14:36:58 -05:00
Richard Hansen
f046f0ab81 checkPlugin: Only create ep_etherpad-lite symlink if missing 
This avoids problems if the plugin has a non-peer dependency on
`ep_etherpad-lite`.
 2022-02-20 18:06:46 -05:00
Richard Hansen
9ed1e43593 checkPlugin: Resolve plugin directory symlinks 
This works around weird npm bugs.
 2022-02-20 18:06:46 -05:00
Richard Hansen
d9044537bb checkPlugin: cd to Etherpad root dir 2022-02-20 18:06:46 -05:00
Richard Hansen
5a66abae8b checkPlugin: Move everything inside async IIFE 2022-02-20 18:06:46 -05:00
Richard Hansen
2e0e872ae3 Pad: New padDefaultContent hook 2022-02-19 14:55:43 -05:00
Richard Hansen
aa286b7dbd API: Add optional authorId param to mutation functions 2022-02-19 14:55:42 -05:00
Richard Hansen
50fafe608b tests: Basic test for restoreRevision API 2022-02-19 14:55:42 -05:00
Richard Hansen
3b8549342a Pad: Plumb author ID through mutation operations 2022-02-19 14:55:42 -05:00
Richard Hansen
5f60b3aab2 Pad: Remove unneccessary padManager.getPad() call 2022-02-19 14:55:42 -05:00
Richard Hansen
449b972e6a Pad: Use default parameter value 2022-02-19 14:55:42 -05:00
Richard Hansen
aec512d1fa Pad: Rename author context properties to authorId 2022-02-19 14:55:42 -05:00
Richard Hansen
65bd5ffa6b Pad: Rename author vars to authorId for consistency 2022-02-19 14:55:42 -05:00
Richard Hansen
c2910b98e8 ImportHandler: Skip default pad text when importing to a new pad 2022-02-19 14:25:51 -05:00
Richard Hansen
c8f2409de0 ImportHandler: Drop unnecessary underscores in variable names 
Also delete an unnecessary comment.
 2022-02-19 14:25:51 -05:00
translatewiki.net
a27b400073 Localisation updates from https://translatewiki.net. 2022-02-14 13:03:22 +01:00
dependabot[bot]
4ed436dbbe
build(deps): bump simple-get from 3.1.0 to 3.1.1 in /src 
Bumps [simple-get](https://github.com/feross/simple-get) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/feross/simple-get/releases)
- [Commits](https://github.com/feross/simple-get/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: simple-get
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-03 16:29:27 +00:00
dependabot[bot]
cdc08d157b build(deps-dev): bump selenium-webdriver from 4.0.0 to 4.1.1 in /src 
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.0.0 to 4.1.1.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-03 11:28:40 -05:00
translatewiki.net
b9b6cef4d2 Localisation updates from https://translatewiki.net. 2022-02-03 13:03:23 +01:00
Richard Hansen
33fb4c71e4 deps: Bump ESLint dependencies 2022-02-02 20:21:34 -05:00
translatewiki.net
5d3c34aecb Localisation updates from https://translatewiki.net. 2022-01-31 13:02:59 +01:00
Richard Hansen
5520161088 deps: Upgrade formidable to 2.0.1 2022-01-28 21:34:57 -05:00
dependabot[bot]
6009fdf979
build(deps): bump resolve from 1.20.0 to 1.22.0 in /src 
Bumps [resolve](https://github.com/browserify/resolve) from 1.20.0 to 1.22.0.
- [Release notes](https://github.com/browserify/resolve/releases)
- [Commits](https://github.com/browserify/resolve/compare/v1.20.0...v1.22.0)

---
updated-dependencies:
- dependency-name: resolve
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 21:47:20 +00:00
dependabot[bot]
0e6fd567f7
build(deps): bump openapi-backend from 5.0.1 to 5.1.1 in /src 
Bumps [openapi-backend](https://github.com/anttiviljami/openapi-backend) from 5.0.1 to 5.1.1.
- [Release notes](https://github.com/anttiviljami/openapi-backend/releases)
- [Commits](https://github.com/anttiviljami/openapi-backend/compare/5.0.1...5.1.1)

---
updated-dependencies:
- dependency-name: openapi-backend
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 20:49:14 +00:00
dependabot[bot]
0189af9bb1
build(deps): bump clean-css from 5.2.3 to 5.2.4 in /src 
Bumps [clean-css](https://github.com/clean-css/clean-css) from 5.2.3 to 5.2.4.
- [Release notes](https://github.com/clean-css/clean-css/releases)
- [Changelog](https://github.com/clean-css/clean-css/blob/master/History.md)
- [Commits](https://github.com/clean-css/clean-css/compare/v5.2.3...v5.2.4)

---
updated-dependencies:
- dependency-name: clean-css
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 20:46:01 +00:00
dependabot[bot]
65de9eb733
build(deps): bump underscore from 1.13.1 to 1.13.2 in /src 
Bumps [underscore](https://github.com/jashkenas/underscore) from 1.13.1 to 1.13.2.
- [Release notes](https://github.com/jashkenas/underscore/releases)
- [Commits](https://github.com/jashkenas/underscore/compare/1.13.1...1.13.2)

---
updated-dependencies:
- dependency-name: underscore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 20:42:50 +00:00
dependabot[bot]
d86e1e5249
build(deps): bump ueberdb2 from 2.0.1 to 2.0.2 in /src 
Bumps [ueberdb2](https://github.com/ether/ueberDB) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/ether/ueberDB/releases)
- [Changelog](https://github.com/ether/ueberDB/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ether/ueberDB/compare/v2.0.1...v2.0.2)

---
updated-dependencies:
- dependency-name: ueberdb2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 08:39:13 +00:00
Richard Hansen
c40544eade lint: Bump ESLint dependencies 2022-01-28 03:24:14 -05:00
dependabot[bot]
8791082077
build(deps): bump clean-css from 5.2.2 to 5.2.3 in /src 
Bumps [clean-css](https://github.com/clean-css/clean-css) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/clean-css/clean-css/releases)
- [Changelog](https://github.com/clean-css/clean-css/blob/master/History.md)
- [Commits](https://github.com/clean-css/clean-css/compare/v5.2.2...v5.2.3)

---
updated-dependencies:
- dependency-name: clean-css
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 07:02:27 +00:00
Richard Hansen
c568bb1baa ci: Skip frontend tests for Dependabot PRs 2022-01-28 01:51:15 -05:00
Richard Hansen
43aa1e4aeb ci: Reformat .yml files for readability 2022-01-28 01:39:45 -05:00
Richard Hansen
35a182e053 ci: dependabot: Set versioning-strategy to increase 
This keeps `package.json` in sync with `package-lock.json`.
 2022-01-27 23:54:28 -05:00
Richard Hansen
63a02ec5fa ci: Enable caching 2022-01-27 22:40:38 -05:00
Richard Hansen
3732565f83 ci: plugins: Bump saucelabs/sauce-connect-action 2022-01-27 22:40:38 -05:00
Richard Hansen
737464935e ci: plugins: Enable dependabot 2022-01-27 22:05:47 -05:00
Richard Hansen
f02334e589 ci: plugins: Install plugin deps before core deps 2022-01-27 22:05:47 -05:00
Richard Hansen
be36f764ad deps: Update eslint-config-etherpad 2022-01-27 22:05:47 -05:00
Richard Hansen
47f5bbef1c deps: Remove tiny-worker 
It is not needed for modern versions of Node.js.
 2022-01-27 02:15:47 -05:00
Richard Hansen
c586502e3c deps: Bump marked to 4.0.12 2022-01-27 02:05:11 -05:00
Richard Hansen
9db3424403 deps: Bump rehype and rehype-minify-whitespace 2022-01-27 01:27:10 -05:00
Richard Hansen
1e604add99 deps: Require Node.js 12.17.0 or later 
This makes it possible to use dynamic `import()`.
 2022-01-27 01:27:10 -05:00
snyk-bot
151f954fea fix: upgrade rate-limiter-flexible from 2.3.5 to 2.3.6 
Snyk has created this PR to upgrade rate-limiter-flexible from 2.3.5 to 2.3.6.

See this package in npm:
https://www.npmjs.com/package/rate-limiter-flexible

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-01-26 20:05:06 -05:00
dependabot[bot]
9b671efd5b build(deps): bump node-fetch from 2.6.6 to 2.6.7 in /src 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.6 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.6...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 20:03:19 -05:00
dependabot[bot]
e44d1c4400 build(deps-dev): bump eslint-config-etherpad from 2.0.2 to 2.0.3 in /src 
Bumps [eslint-config-etherpad](https://github.com/ether/eslint-config-etherpad) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/ether/eslint-config-etherpad/releases)
- [Commits](https://github.com/ether/eslint-config-etherpad/compare/v2.0.2...v2.0.3)

---
updated-dependencies:
- dependency-name: eslint-config-etherpad
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 20:02:42 -05:00
dependabot[bot]
de66bd4799 build(deps): bump http-errors from 1.8.1 to 2.0.0 in /src 
Bumps [http-errors](https://github.com/jshttp/http-errors) from 1.8.1 to 2.0.0.
- [Release notes](https://github.com/jshttp/http-errors/releases)
- [Changelog](https://github.com/jshttp/http-errors/blob/master/HISTORY.md)
- [Commits](https://github.com/jshttp/http-errors/compare/1.8.1...v2.0.0)

---
updated-dependencies:
- dependency-name: http-errors
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 20:01:53 -05:00
dependabot[bot]
abe8a98a4d
build(deps-dev): bump mocha from 9.1.3 to 9.2.0 in /src 
Bumps [mocha](https://github.com/mochajs/mocha) from 9.1.3 to 9.2.0.
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v9.1.3...v9.2.0)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-27 00:58:49 +00:00
dependabot[bot]
867922c8d8 build(deps): bump follow-redirects from 1.14.6 to 1.14.7 in /src 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 19:56:56 -05:00
RichDavis1
ae9114f140 Edit settings.js 
Added formal panics for invalid JSON.
 2022-01-26 19:35:21 -05:00
translatewiki.net
315bcccc14 Localisation updates from https://translatewiki.net. 2022-01-24 13:03:53 +01:00
Richard Hansen
e4a336e875 plugins: Add npm packages to etherpad org 2022-01-20 20:33:24 -05:00
Richard Hansen
692749d1cf express-session: Extend session lifetime if user is active 2022-01-17 21:45:56 -05:00
Richard Hansen
9c1f52f1b0 express-session: Install package from @etherpad scope 
This allows us to use some in-progress features.
 2022-01-17 21:45:56 -05:00
Richard Hansen
023e58cfe6 express-session: Set a finite cookie lifetime 2022-01-17 21:45:56 -05:00
Richard Hansen
ec10700dff express-session: Don't save uninitialized sessions 
This should avoid frivolous session records, such as when the user
gets a 404 (unless login was required to see the 404).
 2022-01-17 21:45:56 -05:00
Richard Hansen
7255dd7ef0 express-session: Inherit proxy trust from Express 2022-01-17 21:45:56 -05:00
Richard Hansen
945e6848e2 SessionStore: Delete DB record when session expires 
This only deletes records known to the current Etherpad instance --
old records from previous runs are not automatically cleaned up.
 2022-01-17 21:45:56 -05:00
Richard Hansen
72cd983f0f SessionStore: Option to update DB record on touch() 2022-01-17 21:45:52 -05:00
Richard Hansen
b991948e21 SessionStore: Don't write DB record if already expired 2022-01-17 21:33:58 -05:00
Richard Hansen
4d498725c7 SessionStore: Improve cookie expiration check 
* Don't mutate `sess.cookie.expires`.
  * Allow `sess.cookie` to be nullish.
  * Always compare `Date` objects.
 2022-01-17 18:17:40 -05:00
Richard Hansen
928c598ecf tests: Add SessionStore backend tests 2022-01-17 17:51:08 -05:00
Richard Hansen
efab3aed0c deps: Update ueberdb2 to 2.0.1 to get proper JSON support 2022-01-14 00:45:47 -05:00
Richard Hansen
d3984aa621 express: Move preAuthorize hook after express-session 
The `ep_openid_connect` plugin needs access to session state before
authorization checks are made (to securely redirect the user back to
the start page when authentication completes). Now that the
`expressPreSession` hook exists, the rationale for moving
`preAuthorize` before the `express-session` middleware is gone.

This change undoes the following commits:
  * bf35dcfc50
  * 0b1ec20c5c
  * 30544b564e
 2022-01-14 00:44:54 -05:00
Richard Hansen
75637708c0 express: Move up cookie-parser middleware 
This makes it possible for the `preAuthorize` and `preExpressSession`
hooks to easily read or set cookies.
 2022-01-14 00:44:54 -05:00
Richard Hansen
ab85db4426 webaccess: Silence prototype pollution warning 2022-01-14 00:44:54 -05:00
Richard Hansen
dcd43e9849 webaccess: Use .startsWith() instead of .search() 2022-01-14 00:44:54 -05:00
translatewiki.net
b9118c22ba Localisation updates from https://translatewiki.net. 2022-01-13 13:02:54 +01:00
Richard Hansen
fd9b770579 PadManager: Refactor padList to avoid duplicate loads 2022-01-02 20:44:42 -05:00
Richard Hansen
66ce2b50a9 openapi: Convert Promise.catch() to catch block 2022-01-02 19:17:20 -05:00
Richard Hansen
fa8bdb0348 promises: Add a comment explaining a subtlety in Gate 2022-01-02 18:57:44 -05:00
Richard Hansen
a115c475ad promises: Expose reject in Gate 2022-01-02 18:57:44 -05:00
Richard Hansen
b72db7ebd6 promises: Return a Promise from Gate.then() 
It doesn't make sense to return a `Gate` from `Gate.then()`, and this
eliminates the semantically confusing constructor parameter.
 2022-01-02 18:57:44 -05:00
Richard Hansen
78a67801f3 promises: Move Gate from server.js (to enable reuse) 2022-01-02 18:57:44 -05:00
Richard Hansen
c8d45586c1 server: Fix stop Gate creation and check 2022-01-02 18:57:44 -05:00
Richard Hansen
10c55a2328 Changeset: Explain why number of removals doesn't matter 2021-12-31 22:53:59 -05:00
Richard Hansen
6495b1e6f4 tests: Disable deprecation warnings when testing deprecated functions 2021-12-31 22:15:03 -05:00
Richard Hansen
c0471dd238 tests: Avoid deprecated Changeset.opIterator 2021-12-31 22:14:07 -05:00
webzwo0i
0af728ffee textLinesMutator: coverage for changed attributes in multiline keeps 2021-12-30 18:44:29 -05:00
webzwo0i
93447b7493 easysync tests: cover more string operation scenarios 2021-12-30 18:44:29 -05:00
webzwo0i
395cbc01bb Changeset.js: refine comments 2021-12-30 18:44:29 -05:00
webzwo0i
55c47efd4c easysync tests: add some more smartOpAssembler tests 2021-12-30 18:44:29 -05:00
webzwo0i
12ebca897d easysync: add clear method to stringAssembler 2021-12-30 18:44:29 -05:00
Chocobozzz
0cc15df9b9 Prevent pad translation and crash 
Prevent "TypeError: Cannot read properties of null (reading 'sheet')"
exception because google chrome can translate `<style type="text/css" title="dynamicsyntax"></style>` title attribute
 2021-12-22 17:46:32 +01:00
Richard Hansen
cb257de8f9 Bump version to v1.9.0 for plugin peerDependencies 
This allows plugins to depend on the not-yet-released API by bumping
their `peerDependencies` to `>=1.9.0`.

IMPORTANT: v1.9.0 IS NOT RELEASED YET. I tried to bump the version to
1.9.0-alpha.0 instead, but unfortunately that doesn't satisfy
`>=1.8.6` which would break just about every plugin.
 2021-12-21 17:23:56 -05:00
Richard Hansen
02a56dc58c PadMessageHandler: Allow handleMessageSecurity to grant one-time write access 2021-12-21 17:23:56 -05:00
Richard Hansen
31b025bd9d PadMessageHandler: Pass session info to handleMessageSecurity hook 2021-12-21 17:23:56 -05:00
Richard Hansen
1b52c9f0c4 PadMessageHandler: Deprecate client context property 2021-12-21 17:23:56 -05:00
Richard Hansen
f1856cf95a Docker: Use new /health endpoint for HEALTHCHECK 2021-12-21 17:19:56 -05:00
Richard Hansen
83f2898723 package.json: Define etherpad binary 2021-12-21 17:19:56 -05:00
Richard Hansen
696f9c3367 specialpages: New /health endpoint for health checking 
This endpoint is intended to conform with:
https://www.ietf.org/archive/id/draft-inadarei-api-health-check-06.html
 2021-12-21 17:19:56 -05:00
Dirk Jagdmann
2e4c546c7f Pad: Add new .spliceText() method 
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-21 17:00:18 -05:00
Richard Hansen
30544b564e express: Skip express-session middleware if pre-authorized 2021-12-20 20:08:19 -05:00
Richard Hansen
649fbdccf5 express: Move static handlers to expressPreSession 
This avoids the need to exempt the paths from authentication checks,
and it eliminates unnecessary express-session state.
 2021-12-20 20:08:19 -05:00
Richard Hansen
72f4ae444d express: New expressPreSession server-side hook 2021-12-20 20:08:19 -05:00
Richard Hansen
0b1ec20c5c express: Move preAuthorize middleware before express-session 2021-12-20 20:08:19 -05:00
Richard Hansen
bf35dcfc50 webaccess: Move preAuthorize to its own middleware 2021-12-20 20:08:19 -05:00
Richard Hansen
7f3d0e71f7 express: Check access before expressConfigure middleware 
There are no guarantees about the order of execution of hook
functions, which means that a plugin's `expressConfigure` hook
function could theoretically register a handler/middleware before the
access check middleware is registered. If that happens, the plugin's
handler would run before the access check, which would be bad. Avoid
the problem by explicitly installing the `webaccess.checkAccess`
middleware before running the `expressConfigure` hook.
 2021-12-20 20:08:18 -05:00
Richard Hansen
472eddc821 webaccess: Skip checks if next is called in preAuthenticate 2021-12-20 20:08:18 -05:00
Richard Hansen
fc498f0ae6 tests: Delete test pad before attempting import 2021-12-20 20:08:18 -05:00
Richard Hansen
02d1b90d30 tests: Factor out USER_CHANGES/ACCEPT_COMMIT helpers 
This will make it possible for other tests to reuse the code.
 2021-12-19 16:53:24 -05:00
snyk-bot
674a0ccedc fix: upgrade openapi-backend from 5.0.0 to 5.0.1 
Snyk has created this PR to upgrade openapi-backend from 5.0.0 to 5.0.1.

See this package in npm:
https://www.npmjs.com/package/openapi-backend

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-12-19 00:54:20 -05:00
webzwo0i
8b73f2ee70 padurlsanitize: Don't crash if sanitizePadId() throws 
Let Express send a 500 status code to the user instead.

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-18 18:47:01 -05:00
Richard Hansen
4733c7d8d3 SessionStore: Promisify to the extent permitted by express-session 2021-12-18 18:29:04 -05:00
webzwo0i
694d3f630e SessionStore: Propagate database errors to express-session 
Send a 500 HTTP status code to the client if the session entry could
not be fetched from the database. This is useful in case the database
is busy and can't respond to the query in time. In this case we want
to abort the client connection as soon as possible.

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-18 18:29:04 -05:00
Richard Hansen
7572040836 Pad: Simplify Pad.copy() logic 2021-12-18 18:28:58 -05:00
webzwo0i
0040f5984e db: await more database operations 
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-18 18:23:27 -05:00
translatewiki.net
e64462323b Localisation updates from https://translatewiki.net. 2021-12-16 13:03:26 +01:00
Richard Hansen
748d661495 Changeset: Fix off-by-one bug in makeSplice 2021-12-16 00:48:07 -05:00
Richard Hansen
30d68df396 Changeset: Add range checks to makeSplice 2021-12-16 00:48:07 -05:00
Richard Hansen
fdf1fdbc23 Changeset: Improve readability of makeSplice() 2021-12-16 00:48:07 -05:00
Richard Hansen
b1d0848701 Pad: Improve readability of appendText 2021-12-16 00:48:07 -05:00
Richard Hansen
a6bf7816ce Pad: Simplify setText 2021-12-16 00:48:07 -05:00
snyk-bot
3693a0574f fix: upgrade jsdom from 18.1.0 to 18.1.1 
Snyk has created this PR to upgrade jsdom from 18.1.0 to 18.1.1.

See this package in npm:
https://www.npmjs.com/package/jsdom

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-12-14 01:05:47 -05:00
Richard Hansen
d94f380141 API: Fix race conditions in setText, appendText, restoreRevision 2021-12-14 01:02:00 -05:00
Richard Hansen
cff089e54e PadMessageHandler: Accept retransmissions of USER_CHANGES 2021-12-14 01:02:00 -05:00
Richard Hansen
a370cfa5c6 Pad: Don't create no-op revisions 2021-12-14 01:02:00 -05:00
Richard Hansen
56b7671422 Pad: Return new rev number from appendRevision() 2021-12-14 01:02:00 -05:00
Richard Hansen
c05ee7ce72 PadMessageHandler: Move ACCEPT_COMMIT after changeset save 2021-12-14 01:02:00 -05:00
Richard Hansen
dbacc73c36 tests: Basic USER_CHANGES backend tests 2021-12-14 01:02:00 -05:00
translatewiki.net
2cae414473 Localisation updates from https://translatewiki.net. 2021-12-13 13:03:50 +01:00
Richard Hansen
1fe01c66fd getCorePlugins.sh: Various improvements 
* Factor out plugin query.
  * Make idempotent.
  * Improve logging.
  * Install by symlinking to a parallel directory rather than cloning
    into `etherpad-lite/node_modules`.
 2021-12-11 02:01:35 -05:00
Richard Hansen
5915c2243d checkPlugin: Redo README.md and LICENSE 2021-12-11 02:01:35 -05:00
Richard Hansen
d81546ad7b checkPlugin: Delete Travis badge from README.md template 2021-12-11 02:01:35 -05:00
Richard Hansen
2c05de7033 checkPlugin: Update ESLint dependencies 2021-12-11 02:01:35 -05:00
Richard Hansen
3563fc1df9 checkPlugin: Relax repo checks 2021-12-11 02:01:35 -05:00
Richard Hansen
4716975c37 checkPlugin: Do case-sensitive filename checks 2021-12-11 02:01:35 -05:00
Richard Hansen
9a85bce212 checkPlugin: Only consider README{,.md} (case-insensitive) 
This avoids false positives such as `README-foo.md`.
 2021-12-11 02:01:35 -05:00
Richard Hansen
753d16af8a checkPlugin: Promisify file system accesses 2021-12-11 02:01:35 -05:00
Richard Hansen
b50c6d07d4 checkPlugin: Improve readability of files assignment 2021-12-11 02:01:35 -05:00
Richard Hansen
b546867adb checkPlugin: Replace .indexOf() with .includes() 2021-12-11 02:01:35 -05:00
Richard Hansen
34a4a74634 checkPlugin: Change autocommit to not push 2021-12-11 02:01:35 -05:00
Richard Hansen
48222449b5 checkPlugin: Add frontend-tests.yml GitHub workflow 2021-12-11 02:01:35 -05:00
Richard Hansen
51c530a3a0 checkPlugin: Compare entire file 2021-12-11 02:01:34 -05:00
Richard Hansen
f0669a8d31 checkPlugin: Automatically determine plugin name in backend-tests.yml 2021-12-11 02:01:34 -05:00
Richard Hansen
314b67b7fe checkPlugin: Improve eslintConfig, funding, scripts checking 2021-12-11 02:01:34 -05:00