Commit graph

3964 commits

Author SHA1 Message Date
John McLear
11f3b7232d
bump version 2021-02-25 18:26:17 +00:00
webzwo0i
efd211bbc5 remove useless semicolon 2021-02-25 16:59:06 +00:00
webzwo0i
fa29858a4e avoid manually including require-kernel in ace.js 2021-02-25 16:59:06 +00:00
translatewiki.net
12c23d468c Localisation updates from https://translatewiki.net. 2021-02-25 16:17:56 +01:00
webzwo0i
a77994ab6e avoid pad_utils in pad.html 2021-02-25 12:46:04 +00:00
Richard Hansen
ba5d8369bf Minify: Consistently use path.join() to build pathnames
This defends against extraneous or missing slashes, and it might
improve the experience on Windows.
2021-02-25 10:14:48 +00:00
Richard Hansen
2d3469e3ee Minify: Improve pathname sanitization
For context, see:
https://nvd.nist.gov/vuln/detail/CVE-2015-3297
9d4e5f6e35
https://github.com/ether/etherpad-lite/issues/2614
2021-02-25 10:14:48 +00:00
Richard Hansen
0cce4ae536 Minify: Also serve jquery.js from old path for compatibility 2021-02-25 10:14:48 +00:00
Richard Hansen
f845f21ba5 /static/tests.html: Fix jquery.js path
See commit 1b8cd0747d.
2021-02-25 10:14:48 +00:00
John McLear
4a65acf417
docs: fix links from TOC to Headings and improve appearance of docs (a little) (#4866)
* docs: fix links from TOC to Headings
* docs: Styling

Just a little modernisation of the appearance of the documentation

* Update src/bin/doc/package.json

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-02-25 09:01:45 +00:00
Richard Hansen
41ec7fe3fc deps: Update ueberdb2 to work around dirty DB bug 2021-02-25 00:02:14 +00:00
Richard Hansen
b2ffd8c95c lint: Update ESLint dependencies 2021-02-24 09:07:24 +00:00
Richard Hansen
dabff9be77 run_cmd: Fix PATH debug log message 2021-02-23 21:41:32 -05:00
John McLear
c7511b2f2e tests: change timeout on bold and embed_value test to support Win10 FF84 2021-02-23 19:53:03 +00:00
John McLear
72d9c8fef9 tests: Use more modern relevant Firefox version in Sauce Labs
Firefox 52 has issues with rendering SVG animations which caused random tests to fail.  Less than 2% of total Firefox users now use Firefox 52 so we're safe to drop testing for it.
2021-02-23 19:53:03 +00:00
John McLear
8364546e70 tests: fix importexport tests
The testing approach was redone to fix numerous issues:
  * Even if the tests had been working, none of them would have caught
    https://github.com/ether/etherpad-lite/issues/4808 because they
    didn't exercise the client-side import logic. Now they do.
  * Follow-up logic was not in the `helper.waitFor()` callback like it
    should have been. Now the code uses `async` and `await` to ensure
    proper execution order.
  * All `$.ajax()` calls used `async: false`. Now they're properly
    asynchronous.
  * The `helper.waitFor()` condition callbacks threw instead of
    returning false.
  * The string comparisons didn't allow for different attribute
    order (e.g., `<ol start="1" class="list-number1">` vs. `<ol
    class="list-number1" start="1">`). Now `Node.isEqualNode()` is
    used to reduce fragility. (`Node.isEqualNode()` is not perfect, so
    the tests are still a bit fragile: If class names or style strings
    are in a different order then `Node.isEqualNode()` will return
    false even if the nodes are semantically equivalent.)

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-02-22 18:20:24 -05:00
Richard Hansen
3ca1589885 Revert "tests: fix importexport frontend tests (#4827)"
I'm going to split this into separate commits.

This reverts commit 9b03f8f6ab.
2021-02-22 18:19:48 -05:00
translatewiki.net
f246d1b476 Localisation updates from https://translatewiki.net. 2021-02-22 16:37:36 +01:00
John McLear
0ac33d2085 tests: timeslider_follow increase test timeout for firefox. 2021-02-22 14:30:19 +00:00
Richard Hansen
1908bedabe caretPosition: Clarify comment in getPosition() 2021-02-22 11:25:45 +00:00
Richard Hansen
91955609af caretPosition: Delete pointless logic in getPosition()
The `line` variable is unconditionally overwritten later, and the
function calls do not have side effects, so it is safe to delete this
logic.
2021-02-22 11:25:45 +00:00
Richard Hansen
1dbdaf93d7 caretPosition: Delete no-op Range.detach() call 2021-02-22 11:25:45 +00:00
Richard Hansen
5e731dfbfd caretPosition: Delete unused var in getPosition() 2021-02-22 11:25:45 +00:00
Richard Hansen
02fd0048bf caretPosition: Invert condition in getPosition() for readability 2021-02-22 11:25:45 +00:00
Richard Hansen
773959ec57 CI: Delete old Sauce Connect logic 2021-02-22 11:25:21 +00:00
John McLear
9b03f8f6ab
tests: fix importexport frontend tests (#4827)
* CI: Leave log level at INFO for frontend tests

* CI: Disable frontend admin tests for non-admin workflow

* CI: Disable import/export rate limiting for frontend tests

* tests: fix importexport tests

The testing approach was redone to fix numerous issues:
  * Even if the tests had been working, none of them would have caught
    https://github.com/ether/etherpad-lite/issues/4808 because they
    didn't exercise the client-side import logic. Now they do.
  * Follow-up logic was not in the `helper.waitFor()` callback like it
    should have been. Now the code uses `async` and `await` to ensure
    proper execution order.
  * All `$.ajax()` calls used `async: false`. Now they're properly
    asynchronous.
  * The `helper.waitFor()` condition callbacks threw instead of
    returning false.
  * The string comparisons didn't allow for different attribute
    order (e.g., `<ol start="1" class="list-number1">` vs. `<ol
    class="list-number1" start="1">`). Now `Node.isEqualNode()` is
    used to reduce fragility. (`Node.isEqualNode()` is not perfect, so
    the tests are still a bit fragile: If class names or style strings
    are in a different order then `Node.isEqualNode()` will return
    false even if the nodes are semantically equivalent.)

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-02-22 10:40:38 +00:00
Richard Hansen
d9c2778d17 plugins: Better fix for LGTM security warning 2021-02-22 09:43:20 +00:00
John McLear
0f16e518ff
api: drop JSONP (#4835)
* api: drop JSONP

* docs: drop JSONP

* tests: drop JSONP

* api: remove isValidJSONPName require
2021-02-22 09:10:02 +00:00
Richard Hansen
85231cb774 tests: More descriptive Sauce Labs name 2021-02-22 03:36:12 -05:00
Richard Hansen
6198e92706 tests: Pass --legacy-peer-deps flag to work around npm v7 bug
This flag is unknown to npm v6, but npm v6 silently ignores unknown
flags.
2021-02-22 03:36:12 -05:00
webzwo0i
14a9749b75 tests: add assert helper for supporting node 10.x 2021-02-22 03:36:12 -05:00
John McLear
ce83181ac3
Lgtm bugfixes (#4838)
* code tidy up: always evaluates

* tidy up: is always true

* tidy up: remove unused code

* always true/false variables

* unused variable

* tidy up: remove unused code in caretPosition.js

* for squash: Revert "tidy up: remove unused code in caretPosition.js"

The `if` condition was previously always true, so the body should be
preserved. If the body is preserved, other logic can be deleted. I
opened PR #4845 to clean it all up.

This reverts commit 75b03e5a7d.

* for squash: simplify

* for squash: Explain that the getter is used for its side effects

It's very weird to call a getter without using its return value. Add a
comment explaining why this is done so that the reader doesn't get
confused.

* for squash: Revert "tidy up: remove unused code"

The exception test was the purpose of the code.

This reverts commit 85153b1676.

* for squash: Log the tsort results

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-02-22 08:26:35 +00:00
John McLear
40d7480d5b lint: padaccess.js 2021-02-21 21:09:02 -05:00
John McLear
029729a386 lint: Settings.js 2021-02-21 21:09:02 -05:00
John McLear
435562299f lint: NodeVersion.js 2021-02-21 21:09:02 -05:00
John McLear
7352dc7571 lint: ImportEtherpad.js 2021-02-21 21:09:02 -05:00
John McLear
613c7d8545 lint: ExportTxt.js 2021-02-21 21:09:02 -05:00
John McLear
d2359be08b lint: ExportHtml.js 2021-02-21 21:09:02 -05:00
John McLear
5718c8b360 lint: AbsolutePaths.js 2021-02-21 21:09:02 -05:00
John McLear
b1614f0592 lint: i18n.js
Partial, still 3 more to do that are slightly higher hanging that can get done.
2021-02-21 21:09:02 -05:00
John McLear
586af5e16e lint: padurlsanitize.js 2021-02-21 21:06:38 -05:00
John McLear
86c938cae2 lint: openapi.js 2021-02-21 21:06:38 -05:00
John McLear
25d4faddd9 lint: SocketIORouter.js 2021-02-21 21:06:38 -05:00
John McLear
5201cb717f lint: PadMessageHandler.js 2021-02-21 21:06:38 -05:00
John McLear
d67f170c46 lint: eejs/index.js 2021-02-21 21:06:38 -05:00
John McLear
3ed4ac649c lint: PadManager.js 2021-02-21 21:02:59 -05:00
John McLear
6b6201b448
null link on plugins and noopener / noreferrer
Resolves a (non) security issue brought up by LGTM but I think the noopener and norefferer are good shouts
2021-02-21 19:30:39 +00:00
John McLear
2c763fb4d1 Delete dirty-db-cleaner.py 2021-02-21 18:07:20 +00:00
John McLear
543e94fd4a
timeslider: slight improvement on code quality (#4836)
This is an interim patch, ultimately the JS needs to be thrown out of the HTML...
2021-02-21 17:59:15 +00:00
John McLear
1b8cd0747d
Move vendor libraries to /vendors folder and exclude from LGTM 2021-02-21 15:07:39 +00:00