libre-service.eu/pad.libre-service.eu-etherpad
libre-service.eu/pad.libre-service.eu-etherpad
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-02-01 03:12:42 +01:00
Code Issues Projects Releases Wiki Activity
8245 commits 207 branches 105 tags 124 MiB
Commit graph

5117 commits

Author SHA1 Message Date
Tom Kunze
49c7a4ba82 extractPadData: Fix wrong DB get function 2022-03-21 04:57:04 -04:00
translatewiki.net
4b4d6caf25 Localisation updates from https://translatewiki.net. 2022-03-17 13:03:59 +01:00
Richard Hansen
ae092edf0c AuthorManager: New getAuthorId hook 2022-03-16 06:10:28 -04:00
Richard Hansen
6d4085f5f0 SecurityManager: Restrict valid author token values 2022-03-16 06:10:28 -04:00
Richard Hansen
b89ae69202 SecurityManager: Don't prefetch values 
Prefetching can cause unhandled Promise rejections, and it makes the
code less readable.
 2022-03-16 06:10:28 -04:00
Richard Hansen
8053875d45 pad_utils: Factor out author token generation 2022-03-16 06:10:28 -04:00
Richard Hansen
4e1674ceaf deps: Bump etherpad-cli-client 2022-03-16 06:10:28 -04:00
translatewiki.net
0a993399dc Localisation updates from https://translatewiki.net. 2022-03-14 13:03:44 +01:00
translatewiki.net
14a58fb9ba Localisation updates from https://translatewiki.net. 2022-03-10 13:03:41 +01:00
dependabot[bot]
979c2cc7de
build(deps): bump terser from 5.11.0 to 5.12.0 in /src 
Bumps [terser](https://github.com/terser/terser) from 5.11.0 to 5.12.0.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.11.0...v5.12.0)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-02 15:39:12 +00:00
Richard Hansen
d0d3290019 lint: Bump ESLint deps 2022-03-01 18:01:52 -05:00
Richard Hansen
a6b969c811 ci: Bump actions/checkout to v3 2022-03-01 17:17:16 -05:00
Richard Hansen
cfb68e5725 pad_utils: Rate limit identical warnDeprecated calls 2022-02-27 02:55:35 -05:00
Richard Hansen
908175d1ca pad_utils: Custom logger interface for warnDeprecated 2022-02-27 02:55:09 -05:00
Richard Hansen
248c114547 chat: Omit undefined authorId, displayName in JSON obj 2022-02-26 20:37:52 -05:00
Richard Hansen
ad45359a9d chat: Silence accidental deprecation warnings 
This fixes a bug introduced in commit
363a48b6d5.
 2022-02-26 20:34:33 -05:00
Richard Hansen
e3e86dc0aa checkPlugin: Bump actions/setup-node to v3 2022-02-26 02:18:40 -05:00
dependabot[bot]
105facea69 build(deps): bump superagent from 6.1.0 to 7.1.1 in /src 
Bumps [superagent](https://github.com/visionmedia/superagent) from 6.1.0 to 7.1.1.
- [Release notes](https://github.com/visionmedia/superagent/releases)
- [Changelog](https://github.com/visionmedia/superagent/blob/master/HISTORY.md)
- [Commits](https://github.com/visionmedia/superagent/compare/v6.1.0...v7.1.1)

---
updated-dependencies:
- dependency-name: superagent
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-25 23:29:19 -05:00
dependabot[bot]
6102bb2abe build(deps-dev): bump sinon from 12.0.1 to 13.0.1 in /src 
Bumps [sinon](https://github.com/sinonjs/sinon) from 12.0.1 to 13.0.1.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v12.0.1...v13.0.1)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-25 23:26:15 -05:00
dependabot[bot]
94be22e78a build(deps): bump openapi-backend from 5.2.0 to 5.2.1 in /src 
Bumps [openapi-backend](https://github.com/anttiviljami/openapi-backend) from 5.2.0 to 5.2.1.
- [Release notes](https://github.com/anttiviljami/openapi-backend/releases)
- [Commits](https://github.com/anttiviljami/openapi-backend/compare/5.2.0...5.2.1)

---
updated-dependencies:
- dependency-name: openapi-backend
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-25 23:23:49 -05:00
Richard Hansen
d0cbf9754d checkPlugin: Run npm ci before npm publish 2022-02-24 21:26:33 -05:00
dependabot[bot]
b4e0e15beb
build(deps): bump jsdom from 18.1.1 to 19.0.0 in /src 
Bumps [jsdom](https://github.com/jsdom/jsdom) from 18.1.1 to 19.0.0.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/master/Changelog.md)
- [Commits](https://github.com/jsdom/jsdom/compare/18.1.1...19.0.0)

---
updated-dependencies:
- dependency-name: jsdom
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-25 02:24:35 +00:00
dependabot[bot]
52eae298cf
build(deps): bump jsonminify from 0.4.1 to 0.4.2 in /src 
Bumps [jsonminify](https://github.com/fkei/JSON.minify) from 0.4.1 to 0.4.2.
- [Release notes](https://github.com/fkei/JSON.minify/releases)
- [Commits](https://github.com/fkei/JSON.minify/compare/0.4.1...0.4.2)

---
updated-dependencies:
- dependency-name: jsonminify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-25 01:51:26 +00:00
dependabot[bot]
188d897f7e build(deps): bump terser from 5.10.0 to 5.11.0 in /src 
Bumps [terser](https://github.com/terser/terser) from 5.10.0 to 5.11.0.
- [Release notes](https://github.com/terser/terser/releases)
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/terser/terser/compare/v5.10.0...v5.11.0)

---
updated-dependencies:
- dependency-name: terser
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-24 20:50:04 -05:00
dependabot[bot]
32bfc6ced8 build(deps): bump express-rate-limit from 5.5.1 to 6.3.0 in /src 
Bumps [express-rate-limit](https://github.com/nfriedly/express-rate-limit) from 5.5.1 to 6.3.0.
- [Release notes](https://github.com/nfriedly/express-rate-limit/releases)
- [Changelog](https://github.com/nfriedly/express-rate-limit/blob/master/changelog.md)
- [Commits](https://github.com/nfriedly/express-rate-limit/compare/v5.5.1...v6.3.0)

---
updated-dependencies:
- dependency-name: express-rate-limit
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-24 20:49:30 -05:00
dependabot[bot]
e87e4231b4 build(deps): bump rehype from 12.0.0 to 12.0.1 in /src 
Bumps [rehype](https://github.com/rehypejs/rehype) from 12.0.0 to 12.0.1.
- [Release notes](https://github.com/rehypejs/rehype/releases)
- [Changelog](https://github.com/rehypejs/rehype/blob/main/changelog.md)
- [Commits](https://github.com/rehypejs/rehype/compare/12.0.0...12.0.1)

---
updated-dependencies:
- dependency-name: rehype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-24 19:31:56 -05:00
dependabot[bot]
dda2ac91f7 build(deps): bump express from 4.17.1 to 4.17.3 in /src 
Bumps [express](https://github.com/expressjs/express) from 4.17.1 to 4.17.3.
- [Release notes](https://github.com/expressjs/express/releases)
- [Changelog](https://github.com/expressjs/express/blob/master/History.md)
- [Commits](https://github.com/expressjs/express/compare/4.17.1...4.17.3)

---
updated-dependencies:
- dependency-name: express
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-24 19:31:21 -05:00
Richard Hansen
b733ed9ab0 Pad: Convert line endings in text from padDefaultContent hook 2022-02-24 17:40:04 -05:00
Richard Hansen
cd43625be8 tests: Add some tests for src/node/db/Pad.js 2022-02-24 17:40:04 -05:00
Richard Hansen
2d53b9f150 PadMessageHandler: Plumb author ID to more pad creation locations 2022-02-24 17:40:04 -05:00
Richard Hansen
363a48b6d5 ChatMessage: Log deprecation warnings for .userId, .authorId 2022-02-24 17:39:38 -05:00
Richard Hansen
b4d9252bfe PadMessageHandler: Don't get Pad object multiple times 2022-02-24 17:39:38 -05:00
Richard Hansen
b276eb0a23 PadMessageHandler: Improve message sanity checking 
Use exceptions instead of silent drops so that the client can detect
the error and react appropriately.
 2022-02-24 17:39:38 -05:00
Richard Hansen
3b76b2dd67 SocketIORouter: Improve error handling 2022-02-24 17:39:38 -05:00
Richard Hansen
fcfa51bda6 PadMessageHandler: Convert complex if to switch 2022-02-24 17:39:38 -05:00
translatewiki.net
05dd9920c5 Localisation updates from https://translatewiki.net. 2022-02-24 13:03:13 +01:00
Richard Hansen
32c82917e3 Merge branch 'master' into develop 2022-02-23 17:25:38 -05:00
Richard Hansen
ba370b0e05 PadMessageHandler: Don't trust user-provided padId 2022-02-23 16:11:21 -05:00
Richard Hansen
bdbde88fed PadMessageHandler: Fix USER_CHANGES queue identifier 
`message.padId` is normally undefined for `USER_CHANGES` messages.
 2022-02-23 16:11:16 -05:00
Richard Hansen
c59cbb537a Bump version 2022-02-23 16:10:47 -05:00
Richard Hansen
1513932ca1 plugins: Give each plugin a plugin-specific logger object 
This makes it possible for plugins to stop assuming that log4js is
available at `ep_etherpad-lite/node_modules/log4js`.
 2022-02-21 15:13:57 -05:00
Richard Hansen
daee90d2af lint: Close function args on same line as final arg 2022-02-21 14:53:48 -05:00
Richard Hansen
37508403d8 lint: Replace Object.assign() with object spread syntax 2022-02-21 14:36:58 -05:00
Richard Hansen
c8211f2898 lint: Run eslint --fix 2022-02-21 14:36:58 -05:00
Richard Hansen
8eb310854d lint: Bump ESLint dependencies 2022-02-21 14:36:58 -05:00
Richard Hansen
005ca0bb09 lint: Move ESLint config to .eslintrc.cjs 2022-02-21 14:36:58 -05:00
Richard Hansen
d2f4931a35 checkPlugin: Use log4js for logging 2022-02-21 14:36:58 -05:00
Richard Hansen
8aec73b129 checkPlugin: Add ability to remove dependencies 2022-02-21 14:36:58 -05:00
Richard Hansen
d5db979c93 checkPlugin: Config ESLint via .eslintrc.cjs 2022-02-21 14:36:58 -05:00
Richard Hansen
f046f0ab81 checkPlugin: Only create ep_etherpad-lite symlink if missing 
This avoids problems if the plugin has a non-peer dependency on
`ep_etherpad-lite`.
 2022-02-20 18:06:46 -05:00
Richard Hansen
9ed1e43593 checkPlugin: Resolve plugin directory symlinks 
This works around weird npm bugs.
 2022-02-20 18:06:46 -05:00
Richard Hansen
d9044537bb checkPlugin: cd to Etherpad root dir 2022-02-20 18:06:46 -05:00
Richard Hansen
5a66abae8b checkPlugin: Move everything inside async IIFE 2022-02-20 18:06:46 -05:00
Richard Hansen
2e0e872ae3 Pad: New padDefaultContent hook 2022-02-19 14:55:43 -05:00
Richard Hansen
aa286b7dbd API: Add optional authorId param to mutation functions 2022-02-19 14:55:42 -05:00
Richard Hansen
50fafe608b tests: Basic test for restoreRevision API 2022-02-19 14:55:42 -05:00
Richard Hansen
3b8549342a Pad: Plumb author ID through mutation operations 2022-02-19 14:55:42 -05:00
Richard Hansen
5f60b3aab2 Pad: Remove unneccessary padManager.getPad() call 2022-02-19 14:55:42 -05:00
Richard Hansen
449b972e6a Pad: Use default parameter value 2022-02-19 14:55:42 -05:00
Richard Hansen
aec512d1fa Pad: Rename author context properties to authorId 2022-02-19 14:55:42 -05:00
Richard Hansen
65bd5ffa6b Pad: Rename author vars to authorId for consistency 2022-02-19 14:55:42 -05:00
Richard Hansen
c2910b98e8 ImportHandler: Skip default pad text when importing to a new pad 2022-02-19 14:25:51 -05:00
Richard Hansen
c8f2409de0 ImportHandler: Drop unnecessary underscores in variable names 
Also delete an unnecessary comment.
 2022-02-19 14:25:51 -05:00
translatewiki.net
a27b400073 Localisation updates from https://translatewiki.net. 2022-02-14 13:03:22 +01:00
dependabot[bot]
4ed436dbbe
build(deps): bump simple-get from 3.1.0 to 3.1.1 in /src 
Bumps [simple-get](https://github.com/feross/simple-get) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/feross/simple-get/releases)
- [Commits](https://github.com/feross/simple-get/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: simple-get
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-03 16:29:27 +00:00
dependabot[bot]
cdc08d157b build(deps-dev): bump selenium-webdriver from 4.0.0 to 4.1.1 in /src 
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.0.0 to 4.1.1.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-03 11:28:40 -05:00
translatewiki.net
b9b6cef4d2 Localisation updates from https://translatewiki.net. 2022-02-03 13:03:23 +01:00
Richard Hansen
33fb4c71e4 deps: Bump ESLint dependencies 2022-02-02 20:21:34 -05:00
translatewiki.net
5d3c34aecb Localisation updates from https://translatewiki.net. 2022-01-31 13:02:59 +01:00
Richard Hansen
5520161088 deps: Upgrade formidable to 2.0.1 2022-01-28 21:34:57 -05:00
dependabot[bot]
6009fdf979
build(deps): bump resolve from 1.20.0 to 1.22.0 in /src 
Bumps [resolve](https://github.com/browserify/resolve) from 1.20.0 to 1.22.0.
- [Release notes](https://github.com/browserify/resolve/releases)
- [Commits](https://github.com/browserify/resolve/compare/v1.20.0...v1.22.0)

---
updated-dependencies:
- dependency-name: resolve
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 21:47:20 +00:00
dependabot[bot]
0e6fd567f7
build(deps): bump openapi-backend from 5.0.1 to 5.1.1 in /src 
Bumps [openapi-backend](https://github.com/anttiviljami/openapi-backend) from 5.0.1 to 5.1.1.
- [Release notes](https://github.com/anttiviljami/openapi-backend/releases)
- [Commits](https://github.com/anttiviljami/openapi-backend/compare/5.0.1...5.1.1)

---
updated-dependencies:
- dependency-name: openapi-backend
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 20:49:14 +00:00
dependabot[bot]
0189af9bb1
build(deps): bump clean-css from 5.2.3 to 5.2.4 in /src 
Bumps [clean-css](https://github.com/clean-css/clean-css) from 5.2.3 to 5.2.4.
- [Release notes](https://github.com/clean-css/clean-css/releases)
- [Changelog](https://github.com/clean-css/clean-css/blob/master/History.md)
- [Commits](https://github.com/clean-css/clean-css/compare/v5.2.3...v5.2.4)

---
updated-dependencies:
- dependency-name: clean-css
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 20:46:01 +00:00
dependabot[bot]
65de9eb733
build(deps): bump underscore from 1.13.1 to 1.13.2 in /src 
Bumps [underscore](https://github.com/jashkenas/underscore) from 1.13.1 to 1.13.2.
- [Release notes](https://github.com/jashkenas/underscore/releases)
- [Commits](https://github.com/jashkenas/underscore/compare/1.13.1...1.13.2)

---
updated-dependencies:
- dependency-name: underscore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 20:42:50 +00:00
dependabot[bot]
d86e1e5249
build(deps): bump ueberdb2 from 2.0.1 to 2.0.2 in /src 
Bumps [ueberdb2](https://github.com/ether/ueberDB) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/ether/ueberDB/releases)
- [Changelog](https://github.com/ether/ueberDB/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ether/ueberDB/compare/v2.0.1...v2.0.2)

---
updated-dependencies:
- dependency-name: ueberdb2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 08:39:13 +00:00
Richard Hansen
c40544eade lint: Bump ESLint dependencies 2022-01-28 03:24:14 -05:00
dependabot[bot]
8791082077
build(deps): bump clean-css from 5.2.2 to 5.2.3 in /src 
Bumps [clean-css](https://github.com/clean-css/clean-css) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/clean-css/clean-css/releases)
- [Changelog](https://github.com/clean-css/clean-css/blob/master/History.md)
- [Commits](https://github.com/clean-css/clean-css/compare/v5.2.2...v5.2.3)

---
updated-dependencies:
- dependency-name: clean-css
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 07:02:27 +00:00
Richard Hansen
c568bb1baa ci: Skip frontend tests for Dependabot PRs 2022-01-28 01:51:15 -05:00
Richard Hansen
43aa1e4aeb ci: Reformat .yml files for readability 2022-01-28 01:39:45 -05:00
Richard Hansen
35a182e053 ci: dependabot: Set versioning-strategy to increase 
This keeps `package.json` in sync with `package-lock.json`.
 2022-01-27 23:54:28 -05:00
Richard Hansen
63a02ec5fa ci: Enable caching 2022-01-27 22:40:38 -05:00
Richard Hansen
3732565f83 ci: plugins: Bump saucelabs/sauce-connect-action 2022-01-27 22:40:38 -05:00
Richard Hansen
737464935e ci: plugins: Enable dependabot 2022-01-27 22:05:47 -05:00
Richard Hansen
f02334e589 ci: plugins: Install plugin deps before core deps 2022-01-27 22:05:47 -05:00
Richard Hansen
be36f764ad deps: Update eslint-config-etherpad 2022-01-27 22:05:47 -05:00
Richard Hansen
47f5bbef1c deps: Remove tiny-worker 
It is not needed for modern versions of Node.js.
 2022-01-27 02:15:47 -05:00
Richard Hansen
c586502e3c deps: Bump marked to 4.0.12 2022-01-27 02:05:11 -05:00
Richard Hansen
9db3424403 deps: Bump rehype and rehype-minify-whitespace 2022-01-27 01:27:10 -05:00
Richard Hansen
1e604add99 deps: Require Node.js 12.17.0 or later 
This makes it possible to use dynamic `import()`.
 2022-01-27 01:27:10 -05:00
snyk-bot
151f954fea fix: upgrade rate-limiter-flexible from 2.3.5 to 2.3.6 
Snyk has created this PR to upgrade rate-limiter-flexible from 2.3.5 to 2.3.6.

See this package in npm:
https://www.npmjs.com/package/rate-limiter-flexible

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-01-26 20:05:06 -05:00
dependabot[bot]
9b671efd5b build(deps): bump node-fetch from 2.6.6 to 2.6.7 in /src 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.6 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.6...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 20:03:19 -05:00
dependabot[bot]
e44d1c4400 build(deps-dev): bump eslint-config-etherpad from 2.0.2 to 2.0.3 in /src 
Bumps [eslint-config-etherpad](https://github.com/ether/eslint-config-etherpad) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/ether/eslint-config-etherpad/releases)
- [Commits](https://github.com/ether/eslint-config-etherpad/compare/v2.0.2...v2.0.3)

---
updated-dependencies:
- dependency-name: eslint-config-etherpad
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 20:02:42 -05:00
dependabot[bot]
de66bd4799 build(deps): bump http-errors from 1.8.1 to 2.0.0 in /src 
Bumps [http-errors](https://github.com/jshttp/http-errors) from 1.8.1 to 2.0.0.
- [Release notes](https://github.com/jshttp/http-errors/releases)
- [Changelog](https://github.com/jshttp/http-errors/blob/master/HISTORY.md)
- [Commits](https://github.com/jshttp/http-errors/compare/1.8.1...v2.0.0)

---
updated-dependencies:
- dependency-name: http-errors
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 20:01:53 -05:00
dependabot[bot]
abe8a98a4d
build(deps-dev): bump mocha from 9.1.3 to 9.2.0 in /src 
Bumps [mocha](https://github.com/mochajs/mocha) from 9.1.3 to 9.2.0.
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v9.1.3...v9.2.0)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-27 00:58:49 +00:00
dependabot[bot]
867922c8d8 build(deps): bump follow-redirects from 1.14.6 to 1.14.7 in /src 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 19:56:56 -05:00
RichDavis1
ae9114f140 Edit settings.js 
Added formal panics for invalid JSON.
 2022-01-26 19:35:21 -05:00
translatewiki.net
315bcccc14 Localisation updates from https://translatewiki.net. 2022-01-24 13:03:53 +01:00
Richard Hansen
e4a336e875 plugins: Add npm packages to etherpad org 2022-01-20 20:33:24 -05:00
Richard Hansen
692749d1cf express-session: Extend session lifetime if user is active 2022-01-17 21:45:56 -05:00
Richard Hansen
9c1f52f1b0 express-session: Install package from @etherpad scope 
This allows us to use some in-progress features.
 2022-01-17 21:45:56 -05:00
Richard Hansen
023e58cfe6 express-session: Set a finite cookie lifetime 2022-01-17 21:45:56 -05:00
Richard Hansen
ec10700dff express-session: Don't save uninitialized sessions 
This should avoid frivolous session records, such as when the user
gets a 404 (unless login was required to see the 404).
 2022-01-17 21:45:56 -05:00
Richard Hansen
7255dd7ef0 express-session: Inherit proxy trust from Express 2022-01-17 21:45:56 -05:00
Richard Hansen
945e6848e2 SessionStore: Delete DB record when session expires 
This only deletes records known to the current Etherpad instance --
old records from previous runs are not automatically cleaned up.
 2022-01-17 21:45:56 -05:00
Richard Hansen
72cd983f0f SessionStore: Option to update DB record on touch() 2022-01-17 21:45:52 -05:00
Richard Hansen
b991948e21 SessionStore: Don't write DB record if already expired 2022-01-17 21:33:58 -05:00
Richard Hansen
4d498725c7 SessionStore: Improve cookie expiration check 
* Don't mutate `sess.cookie.expires`.
  * Allow `sess.cookie` to be nullish.
  * Always compare `Date` objects.
 2022-01-17 18:17:40 -05:00
Richard Hansen
928c598ecf tests: Add SessionStore backend tests 2022-01-17 17:51:08 -05:00
Richard Hansen
efab3aed0c deps: Update ueberdb2 to 2.0.1 to get proper JSON support 2022-01-14 00:45:47 -05:00
Richard Hansen
d3984aa621 express: Move preAuthorize hook after express-session 
The `ep_openid_connect` plugin needs access to session state before
authorization checks are made (to securely redirect the user back to
the start page when authentication completes). Now that the
`expressPreSession` hook exists, the rationale for moving
`preAuthorize` before the `express-session` middleware is gone.

This change undoes the following commits:
  * bf35dcfc50
  * 0b1ec20c5c
  * 30544b564e
 2022-01-14 00:44:54 -05:00
Richard Hansen
75637708c0 express: Move up cookie-parser middleware 
This makes it possible for the `preAuthorize` and `preExpressSession`
hooks to easily read or set cookies.
 2022-01-14 00:44:54 -05:00
Richard Hansen
ab85db4426 webaccess: Silence prototype pollution warning 2022-01-14 00:44:54 -05:00
Richard Hansen
dcd43e9849 webaccess: Use .startsWith() instead of .search() 2022-01-14 00:44:54 -05:00
translatewiki.net
b9118c22ba Localisation updates from https://translatewiki.net. 2022-01-13 13:02:54 +01:00
Richard Hansen
fd9b770579 PadManager: Refactor padList to avoid duplicate loads 2022-01-02 20:44:42 -05:00
Richard Hansen
66ce2b50a9 openapi: Convert Promise.catch() to catch block 2022-01-02 19:17:20 -05:00
Richard Hansen
fa8bdb0348 promises: Add a comment explaining a subtlety in Gate 2022-01-02 18:57:44 -05:00
Richard Hansen
a115c475ad promises: Expose reject in Gate 2022-01-02 18:57:44 -05:00
Richard Hansen
b72db7ebd6 promises: Return a Promise from Gate.then() 
It doesn't make sense to return a `Gate` from `Gate.then()`, and this
eliminates the semantically confusing constructor parameter.
 2022-01-02 18:57:44 -05:00
Richard Hansen
78a67801f3 promises: Move Gate from server.js (to enable reuse) 2022-01-02 18:57:44 -05:00
Richard Hansen
c8d45586c1 server: Fix stop Gate creation and check 2022-01-02 18:57:44 -05:00
Richard Hansen
10c55a2328 Changeset: Explain why number of removals doesn't matter 2021-12-31 22:53:59 -05:00
Richard Hansen
6495b1e6f4 tests: Disable deprecation warnings when testing deprecated functions 2021-12-31 22:15:03 -05:00
Richard Hansen
c0471dd238 tests: Avoid deprecated Changeset.opIterator 2021-12-31 22:14:07 -05:00
webzwo0i
0af728ffee textLinesMutator: coverage for changed attributes in multiline keeps 2021-12-30 18:44:29 -05:00
webzwo0i
93447b7493 easysync tests: cover more string operation scenarios 2021-12-30 18:44:29 -05:00
webzwo0i
395cbc01bb Changeset.js: refine comments 2021-12-30 18:44:29 -05:00
webzwo0i
55c47efd4c easysync tests: add some more smartOpAssembler tests 2021-12-30 18:44:29 -05:00
webzwo0i
12ebca897d easysync: add clear method to stringAssembler 2021-12-30 18:44:29 -05:00
Chocobozzz
0cc15df9b9 Prevent pad translation and crash 
Prevent "TypeError: Cannot read properties of null (reading 'sheet')"
exception because google chrome can translate `<style type="text/css" title="dynamicsyntax"></style>` title attribute
 2021-12-22 17:46:32 +01:00
Richard Hansen
cb257de8f9 Bump version to v1.9.0 for plugin peerDependencies 
This allows plugins to depend on the not-yet-released API by bumping
their `peerDependencies` to `>=1.9.0`.

IMPORTANT: v1.9.0 IS NOT RELEASED YET. I tried to bump the version to
1.9.0-alpha.0 instead, but unfortunately that doesn't satisfy
`>=1.8.6` which would break just about every plugin.
 2021-12-21 17:23:56 -05:00
Richard Hansen
02a56dc58c PadMessageHandler: Allow handleMessageSecurity to grant one-time write access 2021-12-21 17:23:56 -05:00
Richard Hansen
31b025bd9d PadMessageHandler: Pass session info to handleMessageSecurity hook 2021-12-21 17:23:56 -05:00
Richard Hansen
1b52c9f0c4 PadMessageHandler: Deprecate client context property 2021-12-21 17:23:56 -05:00
Richard Hansen
f1856cf95a Docker: Use new /health endpoint for HEALTHCHECK 2021-12-21 17:19:56 -05:00
Richard Hansen
83f2898723 package.json: Define etherpad binary 2021-12-21 17:19:56 -05:00
Richard Hansen
696f9c3367 specialpages: New /health endpoint for health checking 
This endpoint is intended to conform with:
https://www.ietf.org/archive/id/draft-inadarei-api-health-check-06.html
 2021-12-21 17:19:56 -05:00
Dirk Jagdmann
2e4c546c7f Pad: Add new .spliceText() method 
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-21 17:00:18 -05:00
Richard Hansen
30544b564e express: Skip express-session middleware if pre-authorized 2021-12-20 20:08:19 -05:00
Richard Hansen
649fbdccf5 express: Move static handlers to expressPreSession 
This avoids the need to exempt the paths from authentication checks,
and it eliminates unnecessary express-session state.
 2021-12-20 20:08:19 -05:00
Richard Hansen
72f4ae444d express: New expressPreSession server-side hook 2021-12-20 20:08:19 -05:00
Richard Hansen
0b1ec20c5c express: Move preAuthorize middleware before express-session 2021-12-20 20:08:19 -05:00
Richard Hansen
bf35dcfc50 webaccess: Move preAuthorize to its own middleware 2021-12-20 20:08:19 -05:00
Richard Hansen
7f3d0e71f7 express: Check access before expressConfigure middleware 
There are no guarantees about the order of execution of hook
functions, which means that a plugin's `expressConfigure` hook
function could theoretically register a handler/middleware before the
access check middleware is registered. If that happens, the plugin's
handler would run before the access check, which would be bad. Avoid
the problem by explicitly installing the `webaccess.checkAccess`
middleware before running the `expressConfigure` hook.
 2021-12-20 20:08:18 -05:00
Richard Hansen
472eddc821 webaccess: Skip checks if next is called in preAuthenticate 2021-12-20 20:08:18 -05:00
Richard Hansen
fc498f0ae6 tests: Delete test pad before attempting import 2021-12-20 20:08:18 -05:00
Richard Hansen
02d1b90d30 tests: Factor out USER_CHANGES/ACCEPT_COMMIT helpers 
This will make it possible for other tests to reuse the code.
 2021-12-19 16:53:24 -05:00
snyk-bot
674a0ccedc fix: upgrade openapi-backend from 5.0.0 to 5.0.1 
Snyk has created this PR to upgrade openapi-backend from 5.0.0 to 5.0.1.

See this package in npm:
https://www.npmjs.com/package/openapi-backend

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-12-19 00:54:20 -05:00
webzwo0i
8b73f2ee70 padurlsanitize: Don't crash if sanitizePadId() throws 
Let Express send a 500 status code to the user instead.

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-18 18:47:01 -05:00
Richard Hansen
4733c7d8d3 SessionStore: Promisify to the extent permitted by express-session 2021-12-18 18:29:04 -05:00
webzwo0i
694d3f630e SessionStore: Propagate database errors to express-session 
Send a 500 HTTP status code to the client if the session entry could
not be fetched from the database. This is useful in case the database
is busy and can't respond to the query in time. In this case we want
to abort the client connection as soon as possible.

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-18 18:29:04 -05:00
Richard Hansen
7572040836 Pad: Simplify Pad.copy() logic 2021-12-18 18:28:58 -05:00
webzwo0i
0040f5984e db: await more database operations 
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-18 18:23:27 -05:00
translatewiki.net
e64462323b Localisation updates from https://translatewiki.net. 2021-12-16 13:03:26 +01:00
Richard Hansen
748d661495 Changeset: Fix off-by-one bug in makeSplice 2021-12-16 00:48:07 -05:00
Richard Hansen
30d68df396 Changeset: Add range checks to makeSplice 2021-12-16 00:48:07 -05:00
Richard Hansen
fdf1fdbc23 Changeset: Improve readability of makeSplice() 2021-12-16 00:48:07 -05:00
Richard Hansen
b1d0848701 Pad: Improve readability of appendText 2021-12-16 00:48:07 -05:00
Richard Hansen
a6bf7816ce Pad: Simplify setText 2021-12-16 00:48:07 -05:00
snyk-bot
3693a0574f fix: upgrade jsdom from 18.1.0 to 18.1.1 
Snyk has created this PR to upgrade jsdom from 18.1.0 to 18.1.1.

See this package in npm:
https://www.npmjs.com/package/jsdom

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-12-14 01:05:47 -05:00
Richard Hansen
d94f380141 API: Fix race conditions in setText, appendText, restoreRevision 2021-12-14 01:02:00 -05:00
Richard Hansen
cff089e54e PadMessageHandler: Accept retransmissions of USER_CHANGES 2021-12-14 01:02:00 -05:00
Richard Hansen
a370cfa5c6 Pad: Don't create no-op revisions 2021-12-14 01:02:00 -05:00
Richard Hansen
56b7671422 Pad: Return new rev number from appendRevision() 2021-12-14 01:02:00 -05:00
Richard Hansen
c05ee7ce72 PadMessageHandler: Move ACCEPT_COMMIT after changeset save 2021-12-14 01:02:00 -05:00
Richard Hansen
dbacc73c36 tests: Basic USER_CHANGES backend tests 2021-12-14 01:02:00 -05:00
translatewiki.net
2cae414473 Localisation updates from https://translatewiki.net. 2021-12-13 13:03:50 +01:00
Richard Hansen
1fe01c66fd getCorePlugins.sh: Various improvements 
* Factor out plugin query.
  * Make idempotent.
  * Improve logging.
  * Install by symlinking to a parallel directory rather than cloning
    into `etherpad-lite/node_modules`.
 2021-12-11 02:01:35 -05:00
Richard Hansen
5915c2243d checkPlugin: Redo README.md and LICENSE 2021-12-11 02:01:35 -05:00
Richard Hansen
d81546ad7b checkPlugin: Delete Travis badge from README.md template 2021-12-11 02:01:35 -05:00
Richard Hansen
2c05de7033 checkPlugin: Update ESLint dependencies 2021-12-11 02:01:35 -05:00
Richard Hansen
3563fc1df9 checkPlugin: Relax repo checks 2021-12-11 02:01:35 -05:00
Richard Hansen
4716975c37 checkPlugin: Do case-sensitive filename checks 2021-12-11 02:01:35 -05:00
Richard Hansen
9a85bce212 checkPlugin: Only consider README{,.md} (case-insensitive) 
This avoids false positives such as `README-foo.md`.
 2021-12-11 02:01:35 -05:00
Richard Hansen
753d16af8a checkPlugin: Promisify file system accesses 2021-12-11 02:01:35 -05:00
Richard Hansen
b50c6d07d4 checkPlugin: Improve readability of files assignment 2021-12-11 02:01:35 -05:00
Richard Hansen
b546867adb checkPlugin: Replace .indexOf() with .includes() 2021-12-11 02:01:35 -05:00
Richard Hansen
34a4a74634 checkPlugin: Change autocommit to not push 2021-12-11 02:01:35 -05:00
Richard Hansen
48222449b5 checkPlugin: Add frontend-tests.yml GitHub workflow 2021-12-11 02:01:35 -05:00
Richard Hansen
51c530a3a0 checkPlugin: Compare entire file 2021-12-11 02:01:34 -05:00
Richard Hansen
f0669a8d31 checkPlugin: Automatically determine plugin name in backend-tests.yml 2021-12-11 02:01:34 -05:00
Richard Hansen
314b67b7fe checkPlugin: Improve eslintConfig, funding, scripts checking 2021-12-11 02:01:34 -05:00
Richard Hansen
b7dce95802 checkPlugin: Use updateDeps to manage engine 2021-12-10 14:44:02 -05:00
Richard Hansen
f0ab112c2d checkPlugin: Factor out duplicate file update logic and simplify 2021-12-10 14:44:02 -05:00
Richard Hansen
b7de4faf42 checkPlugin: Don't bump version if there are no changes 2021-12-10 14:44:01 -05:00
Richard Hansen
4d457f6296 ImportHandler: Pass ImportError to import hook 2021-12-10 02:34:13 -05:00
translatewiki.net
d1da8f1ebd Localisation updates from https://translatewiki.net. 2021-12-09 13:03:48 +01:00
translatewiki.net
841bc10039 Localisation updates from https://translatewiki.net. 2021-12-06 13:03:04 +01:00
John McLear
6cca27dea6 API: getText with old revision should only return text, not atext 
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-05 18:50:39 -05:00
Richard Hansen
99fae2ec6e pad: Fix application of padOptions values from settings.json 2021-12-04 23:06:17 -05:00
Richard Hansen
f8b4189bc4 pad: Always pass strings to pad option callbacks 2021-12-04 23:06:17 -05:00
Richard Hansen
8c857a85ac pad: Use null as default for userName, userColor options 
These options are used as strings, so it doesn't make sense to default
them to a boolean value.

Note that this change has no effect due to a bug in how pad options
are processed; that bug will be fixed in a future commit.
 2021-12-04 23:06:16 -05:00
Richard Hansen
61b608e264 pad: Use null as default for lang option 
It doesn't make sense to override the browser's language with `en-gb`
by default.

Note that this change has no effect due to a bug in how pad options
are processed; that bug will be fixed in a future commit.
 2021-12-04 23:06:16 -05:00
Richard Hansen
7ff71cd41e pad: Ignore null values in padOptions from settings.json 2021-12-04 23:06:16 -05:00
Richard Hansen
f4257a28ba pad: Delete duplicate decodeURIComponent() calls 
`URL.searchParams` already decodes the value.

Also delete some useless comments.
 2021-12-04 23:06:09 -05:00
Richard Hansen
6beb5dcaf5 tests: Disable deprecation warnings when testing deprecated functions 2021-11-30 23:17:35 -05:00
Richard Hansen
c4f18a9b3a padutils: Rename warnWithStack() to warnDeprecated() 
This makes it more legitimate for tests to disable the warnings when
testing deprecated functionality.
 2021-11-30 23:11:23 -05:00
Richard Hansen
a02e45499d Use the new AttributeMap and Changeset APIs 2021-11-28 23:47:27 -05:00
Richard Hansen
f00b1ae89b Merge branch 'master' into develop 2021-11-28 23:10:45 -05:00
Richard Hansen
142a47cbbc Release v1.8.16 2021-11-28 23:03:58 -05:00
Richard Hansen
77bcb507b3 ImportEtherpad: Limit in-flight DB queries 2021-11-28 22:28:55 -05:00
Richard Hansen
5b3575acf0 ImportEtherpad: Use AttributePool to check attributes 2021-11-28 22:28:55 -05:00
Richard Hansen
19909eae53 ImportEtherpad: Rigorously check imported data 2021-11-28 22:28:55 -05:00
Richard Hansen
885ff3bcde Pad: Move padLoad hook invocation to PadManager.js 
This puts global state change logic with the rest of the global state
management logic. This also makes it possible to create temporary Pad
objects without triggering plugin actions.
 2021-11-28 22:28:55 -05:00
Richard Hansen
f7d4abdabe Pad: Inject the database dependency 2021-11-28 22:28:55 -05:00
Richard Hansen
7c870f8a58 Pad: Add strict validation checks 2021-11-28 22:28:55 -05:00
Richard Hansen
2608a81654 Changeset: Stricter validation checks 2021-11-28 22:28:55 -05:00
Richard Hansen
ad78b24113 ImportEtherpad: Warn about unsupported attrib at encounter 2021-11-28 22:28:55 -05:00
Richard Hansen
23f8a12922 ImportEtherpad: Don't make any changes if data is bad 2021-11-28 22:28:55 -05:00
Richard Hansen
a2e77a7128 ImportEtherpad: Enforce single-pad records 2021-11-28 22:28:54 -05:00
Richard Hansen
33778281b9 ImportEtherpad: Simplify attribute key iteration 2021-11-28 22:28:54 -05:00
Richard Hansen
00fc7c8e86 ImportEtherpad: Reject unknown DB records 2021-11-28 22:27:44 -05:00
Richard Hansen
8e9bc8d325 ImportEtherpad: Avoid false positives when checking apool 2021-11-28 19:00:44 -05:00
Richard Hansen
003e5cbd4b ImportEtherpad: Fix DB key pad ID transformation 2021-11-28 19:00:44 -05:00
Richard Hansen
fea7948b05 ImportEtherpad: Fix author info processing 2021-11-28 19:00:44 -05:00
Richard Hansen
777d045246 GroupManager: Clean up any mappings when deleting a group 2021-11-28 14:06:47 +00:00
Richard Hansen
5b37a56197 GroupManager: Use .setSub() and parallel queries to avoid races 
This also simplfies the code.
 2021-11-27 22:20:03 -05:00
Richard Hansen
9d63700da0 SessionManager: Use .setSub() and parallel queries to avoid races 
This also simplfies the code.
 2021-11-27 22:20:03 -05:00
Timon Engelke
3070cee9ca Delete group after removing it from the group list 2021-11-27 22:20:03 -05:00
Timon Engelke
09c9e32d72 Delete session after corresponding group2session and author2session 2021-11-27 22:20:03 -05:00
Richard Hansen
2f0561abc0 ImportEtherpad: Remove unnecessary variable 2021-11-25 18:39:07 -05:00
Richard Hansen
9bc90128cb ImportEtherpad: Fix async logic 2021-11-25 18:39:07 -05:00
webzwo0i
0983985dd5 easysync tests: Split into multiple files 2021-11-23 21:07:08 -05:00
webzwo0i
617515bcbb easysync tests: Group related tests 2021-11-23 21:07:08 -05:00
webzwo0i
310444f5d3 easysync tests: Rename tests 2021-11-23 21:07:08 -05:00
webzwo0i
ec3833ab66 easysync tests: Convert IIFE into a describe() 2021-11-23 21:07:08 -05:00
Richard Hansen
6a7b54313f easysync tests: Move shared helper functions to the top 
This will make it easier to split `easysync.js` into multiple files.
 2021-11-23 21:07:08 -05:00
Richard Hansen
d3427240c6 tests: Serve all of src/tests/frontend/, not just specs 2021-11-23 21:07:07 -05:00
Richard Hansen
89fe40e080 Changeset: Migrate from OpIter to deserializeOps() 2021-11-23 01:21:49 -05:00
Richard Hansen
0eca0251f2 Changeset: Use a generator to implement OpIter 2021-11-23 01:21:49 -05:00
Richard Hansen
a4aec006dc Changeset: Turn opIterator() into a real class 2021-11-23 01:21:12 -05:00
Richard Hansen
86959f7ebc Changeset: Throw on unexpected chars while iterating ops 2021-11-23 01:21:12 -05:00
Richard Hansen
657492e191 Changeset: Turn newOp() into a real class 2021-11-23 01:21:12 -05:00
Richard Hansen
fba0bb6dff Changeset: Turn textLinesMutator() into a real class 2021-11-23 01:21:12 -05:00
Richard Hansen
dab881139d Pad: Fix copyPadWithoutHistory apool corruption bug 2021-11-22 18:40:22 -05:00
Richard Hansen
ed78b56079 tests: Refine copyPadWithoutHistory tests 2021-11-22 18:40:22 -05:00
Richard Hansen
d74dd235a4 Changeset: Replace appendATextToAssembler() with a generator 2021-11-22 18:10:37 -05:00
Richard Hansen
9e772df991 deps: Bump dependencies 2021-11-21 21:31:53 -05:00
Richard Hansen
2fc06a0884 Changeset: Add TODO comments for issues noticed 2021-11-21 04:11:41 -05:00
Richard Hansen
f1eb7a25a6 Changeset: Migrate to the new attribute API 2021-11-21 04:11:41 -05:00
Richard Hansen
f40d285109 tests: Refine contentcollector tests 2021-11-21 04:11:41 -05:00
Richard Hansen
1f227200da Replace separate attrib key, value calls with single pair call 2021-11-21 04:11:41 -05:00
Richard Hansen
6cf2055199 Changeset: New API to simplify attribute processing 2021-11-21 04:11:41 -05:00
Richard Hansen
982d8ad0f2 Changeset: Refactor makeAttribsString for readability 2021-11-21 04:11:41 -05:00
Richard Hansen
9e7b142bb7 Invert conditions to improve readability 2021-11-21 04:11:41 -05:00
Richard Hansen
93abc31936 changesettracker: Fix author attribute ID fetch 2021-11-21 04:11:41 -05:00
Richard Hansen
d0e74ada2f changesettracker: Remove unnecessary .numToAttrib check 2021-11-21 04:11:41 -05:00
Richard Hansen
3ec5e84737 lint: Update ESLint dependencies 2021-11-21 03:34:19 -05:00
snyk-bot
cddd78d892 fix: upgrade formidable from 1.2.2 to 1.2.6 
Snyk has created this PR to upgrade formidable from 1.2.2 to 1.2.6.

See this package in npm:
https://www.npmjs.com/package/formidable

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-11-21 03:11:38 -05:00
snyk-bot
ff0f81161f fix: upgrade async from 3.2.1 to 3.2.2 
Snyk has created this PR to upgrade async from 3.2.1 to 3.2.2.

See this package in npm:
https://www.npmjs.com/package/async

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-11-21 03:06:12 -05:00
snyk-bot
dd9814a4b8 fix: upgrade clean-css from 5.2.1 to 5.2.2 
Snyk has created this PR to upgrade clean-css from 5.2.1 to 5.2.2.

See this package in npm:
https://www.npmjs.com/package/clean-css

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-11-21 03:04:52 -05:00
snyk-bot
7ed980aa59 fix: upgrade rate-limiter-flexible from 2.3.1 to 2.3.2 
Snyk has created this PR to upgrade rate-limiter-flexible from 2.3.1 to 2.3.2.

See this package in npm:
https://www.npmjs.com/package/rate-limiter-flexible

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-11-21 03:04:31 -05:00
John McLear
2e19087cb9 bump version 2021-11-20 15:20:35 +00:00
Richard Hansen
ae1741c25b PadMessageHandler: Add missing parseNum() for attribute lookup 2021-11-20 01:24:30 -05:00
Richard Hansen
a052580bd1 PadMessageHandler: Stop the USER_CHANGES timer on exception 2021-11-20 01:24:30 -05:00
Richard Hansen
97e382e5d2 PadMessageHandler: Move USER_CHANGES processing inside try 
This improves the accuracy of the timing stats, and it simplifies
error handling.
 2021-11-20 01:24:30 -05:00
Richard Hansen
b1c1501e1e PadMessageHandler: Use object destructuring 2021-11-20 01:24:30 -05:00
Richard Hansen
e961718ff2 PadMessageHandler: Improve error logging 
Use a log4js logger instead of `console`, and clean up some of the log
messages.
 2021-11-20 01:24:30 -05:00
Richard Hansen
1447ab8899 PadMessageHandler: Factor out common USER_CHANGES error message formatting 2021-11-20 01:24:30 -05:00
Richard Hansen
35b2aeb3b1 PadMessageHandler: Factor out duplicate bad USER_CHANGES handling 
This also fixes a double-count bug.
 2021-11-20 01:24:30 -05:00
Richard Hansen
85919ff914 PadMessageHandler: Replace channels package with async-friendly class 2021-11-20 01:24:30 -05:00
Richard Hansen
5c1177a3d9 PadMessageHandler: Switch from nodeify to util.callbackify 2021-11-20 01:24:30 -05:00
Richard Hansen
abf4eeeb17 ImportHtml: Wait for HTML processing to complete 2021-11-20 01:24:00 -05:00
Richard Hansen
50dce085c2 ImportHtml: In-line an unnecessary function 2021-11-20 01:24:00 -05:00
Richard Hansen
afdb01681a ImportHtml: Reuse the HTML processor 2021-11-20 01:24:00 -05:00
Richard Hansen
db105e8650 ImportHtml: Get the logger once 2021-11-20 01:24:00 -05:00
Richard Hansen
6e19d888d3 docs: Check in src/bin/doc/package-lock.json 
Looks like this was accidentally deleted in commit
4a65acf417.
 2021-11-20 01:09:50 -05:00
Richard Hansen
24b22e3a6d MinifyWorker: Fix buggy error handling in compressCSS 2021-11-19 02:47:17 -05:00
Richard Hansen
98f0e931fe MinifyWorker: Promisify compressCSS 2021-11-19 02:47:17 -05:00
Richard Hansen
c94906f1f8 MinifyWorker: Delete unhelpful comment 
The comment should have been a commit message instead.
 2021-11-19 02:47:17 -05:00
Richard Hansen
a65498e849 Changeset: Move SmartOpAssembler.appendOpWithText() to a standalone function 2021-11-14 04:17:00 -05:00
Richard Hansen
eae814f5a0 pad_utils: New warnWithStack() function 2021-11-14 04:15:10 -05:00
Richard Hansen
1bbe0d9215 Changeset: Use in check to help TypeScript narrowing 2021-11-13 17:44:38 -05:00
Richard Hansen
4f4a775d9e Changeset: Improve handling of missing attribute in old pool 2021-11-13 17:44:38 -05:00
Richard Hansen
b62534a6b2 Changeset: Use Maps to simplify attribute processing 2021-11-13 17:44:38 -05:00
Richard Hansen
9401ae876b Changeset: Sort attributes by keys, not full string rep 2021-11-13 17:44:38 -05:00
Richard Hansen
1cad5d881a Changeset: Use for...of iteration to improve readability 2021-11-13 17:44:38 -05:00
Richard Hansen
6d5b737140 Changeset: Replace .apply() with spread operator 2021-11-13 17:44:38 -05:00
Richard Hansen
9c17b03660 Changeset: Require Op opcode and attribs to be strings 2021-11-13 17:44:38 -05:00
Richard Hansen
0ae8fb1441 Changeset: Use string concatenation instead of array join 
People report that string concatenation is faster. Also, I think it's
more readable.
 2021-11-13 17:44:38 -05:00
Richard Hansen
097f2623c6 Changeset: Add sanity checks to slicerZipperFunc() 2021-11-13 17:44:38 -05:00
Richard Hansen
efeb69b4ea Changeset: Simplify slicerZipperFunc() 2021-11-13 17:44:38 -05:00
Richard Hansen
42d4d8269c Changeset: Refactor appendATextToAssembler() for readability 2021-11-13 17:44:38 -05:00
Richard Hansen
ca5bdddc59 Changeset: Use break instead of done variable 2021-11-13 17:44:38 -05:00
Richard Hansen
44d99733c6 Changeset: Check .hasNext() before calling .next() 2021-11-13 17:44:38 -05:00
Richard Hansen
1955e7b263 Changeset: Replace output params with return values 
This improves readability and reduces the chances of introducing a
bug.
 2021-11-13 17:44:38 -05:00
Richard Hansen
94f5507671 Changeset: Improve copyOp() API 
Use `Object.assign()` to implement `copyOp()`, which simplifies the
code and provides a return value. Also make the second op optional.
 2021-11-13 17:44:38 -05:00
Richard Hansen
02ef78e174 Changeset: Make sure opOut is cleared 
`slicerZipperFunc()` previously assumed the provided `opOut` argument
was a null Op. Enforce this by clearing it at the beginning.
 2021-11-13 17:44:38 -05:00
Richard Hansen
18a6b7279c Changeset: Only pass strings to parseNum() 2021-11-13 17:44:38 -05:00
Richard Hansen
7ec0d5f385 Changeset: Remove unnecessary linesApplySplice() 2021-11-13 17:44:38 -05:00
Richard Hansen
37bb297e76 Changeset: Improve logged error message 
I saw this on a production system today and wanted more information.
 2021-11-13 17:44:38 -05:00
Richard Hansen
7fa9b07116 Changeset: Invert conditions to improve readability 2021-11-13 17:44:38 -05:00
Richard Hansen
b29e59419e Changeset: Factor out duplicate code 2021-11-13 17:44:38 -05:00
Richard Hansen
4a65c2c8ff Changeset: Unexport unnecessarily exported functions 
These functions aren't used outside of this file.
 2021-11-13 17:44:38 -05:00
Richard Hansen
085bc8cbb3 plugins: Don't create .ep_initialized files 
These files cause problems with Docker images and read-only
directories/mounts, and they have dubious value (any install-time
setup should instead be done at startup).
 2021-11-13 17:43:33 -05:00
Richard Hansen
263105d185 tests: Remove overly aggressive timeouts 2021-11-13 03:05:38 -05:00
Richard Hansen
3c6aef11bd lint: Add 'use strict'; 2021-11-13 03:02:40 -05:00
Richard Hansen
0f7c5a8782 lint: Use window. to avoid global declaration 2021-11-12 23:45:05 -05:00
Richard Hansen
19e9c2f114 adminsettings: Pay attention to --settings 2021-11-12 23:45:05 -05:00
Richard Hansen
46ad93024d adminsettings: Promisify 2021-11-12 23:45:05 -05:00
Richard Hansen
4e2f816665 adminsettings: Use object destructuring 2021-11-12 23:45:05 -05:00
Timon Engelke
b0a7237443 Fix comparison between CustomError and string 2021-11-12 23:40:20 +01:00
webzwo0i
8b73b911c9 Changeset: Use string templates 
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-11-09 01:05:53 +01:00
translatewiki.net
cb95e5907c Localisation updates from https://translatewiki.net. 2021-11-08 13:04:14 +01:00
Richard Hansen
cc688f7367 ace: Delete dead code 2021-11-07 23:24:39 -05:00
Richard Hansen
5283bfc14a linestylefilter: Delete unused arguments 2021-11-07 23:24:39 -05:00
Richard Hansen
dd8ec4e291 Changeset: Remove unused lastIndex() method from op iterator 2021-11-07 23:24:39 -05:00
Richard Hansen
0fd2a46783 Changeset: Remove unused start index parameter for opIterator() 2021-11-07 23:24:39 -05:00
Richard Hansen
43dae4cb1d Changeset: Delete unused index parameters in applyZip() 2021-11-07 23:24:24 -05:00
Richard Hansen
b3215992c9 changesettracker: Delete IE8 compatibility code 2021-11-07 22:42:31 -05:00
Richard Hansen
9f66ffbc3b Pad: Delete no-op call to SmartOpAssembler.appendOpWithText() 2021-11-07 22:42:31 -05:00
Richard Hansen
ad6de52eb2 Changeset: More JSDoc comment improvements 2021-11-07 22:42:31 -05:00
Richard Hansen
caefd2184a PadMessageHandler: Don't fire userLeave if user hasn't joined yet 2021-11-07 01:30:39 -04:00
snyk-bot
088fb14784 fix: upgrade express-rate-limit from 5.4.1 to 5.5.0 
Snyk has created this PR to upgrade express-rate-limit from 5.4.1 to 5.5.0.

See this package in npm:
https://www.npmjs.com/package/express-rate-limit

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2021-11-05 18:17:27 -04:00
Richard Hansen
56cb08f4c5 pad: Pass color and display name in CLIENT_READY 2021-11-05 18:14:27 -04:00
Richard Hansen
7a0d8cb52e pad: Use URLSearchParams to process search params 
Also unexport `getUrlVars` because it isn't used outside the file.
 2021-11-05 18:14:27 -04:00
Richard Hansen
fe87e2df87 ImportHandler: Pass the pad ID to the import hook 
This enables plugins to log the pad ID if desired.
 2021-11-05 17:19:54 -04:00
Richard Hansen
caf4e9f28c ImportHandler: Use truthiness to signal conversion handled 2021-11-05 17:19:54 -04:00
translatewiki.net
cc4772a99e Localisation updates from https://translatewiki.net. 2021-11-04 13:03:08 +01:00
Richard Hansen
6bf8142221 chat: Translate newly created message entries 2021-11-01 04:56:46 -04:00
Richard Hansen
99b7bdd176 chat: Set timestamp CSS font-size: smaller; 2021-11-01 01:54:29 -04:00
Richard Hansen
51907015ed chat: Fix gritter duration 2021-11-01 01:54:29 -04:00
Richard Hansen
23f963c9fe chat: Improve name mention detection 2021-11-01 01:54:29 -04:00
Richard Hansen
26675c5019 chat: New chatNewMessage server-side hook 2021-11-01 01:54:29 -04:00
Richard Hansen
23a98e5946 tests: Refactor waitForSocketEvent() to improve readability 2021-11-01 01:54:29 -04:00
Richard Hansen
3132235f2c tests: Rename getSocketEvent() to waitForSocketEvent() 2021-11-01 01:54:29 -04:00
Richard Hansen
65bd597053 tests: Move socket.io connection helpers to common.js 2021-11-01 01:54:28 -04:00
Richard Hansen
bea57ff249 tests: Use logger variable for consistency 2021-11-01 01:54:28 -04:00
Richard Hansen
9fbd2e5c3d chat: New chatSendMessage client-side hook 2021-11-01 01:54:28 -04:00
Richard Hansen
4c2f7f9a11 chat: Rename userId to authorId, userName to displayName 2021-11-01 01:54:28 -04:00
Richard Hansen
0f47ca9046 chat: Plumb message object end to end 
This will make it possible for future commits to add hooks that allow
plugins to augment chat messages with arbitrary metadata.
 2021-11-01 01:54:28 -04:00
Richard Hansen
f1f4ed7c58 chat: Allow chatNewMessage hook to control rendering 2021-11-01 01:54:28 -04:00
Richard Hansen
2597b940f4 chat: Give chatNewMessage hook access to the raw message object 2021-11-01 01:54:28 -04:00
Richard Hansen
fc5a3f553d chat: Test processing in chatNewMessage hook 2021-11-01 01:54:28 -04:00
Richard Hansen
caac4bf711 chat: Promisify addMessage() 2021-11-01 01:54:28 -04:00
Richard Hansen
3f7f629eeb chat: Scroll down after the chatNewMessage hook finishes 2021-11-01 01:54:28 -04:00
Richard Hansen
195a6bd81b chat: Move click handler setup to init() 2021-11-01 01:54:28 -04:00
Richard Hansen
23037280a8 Pad: Simplify getChatMessages() 2021-11-01 01:54:28 -04:00
Richard Hansen
e471cb12e6 tests: Also spy on initially loaded chat messages 2021-11-01 01:54:28 -04:00
Richard Hansen
66a8c48fac tests: Save the CHAT_MESSAGE payload, not the wrapper 2021-11-01 01:54:28 -04:00
Richard Hansen
c8e0916e1a tests: Spy on socket.io messages as early as possible 2021-11-01 01:54:28 -04:00
Richard Hansen
e28c9ffc97 tests: Support injecting hook functions during pad load 2021-11-01 01:54:28 -04:00
Richard Hansen
c8e544ec8d tests: Fix handling of nullish module definitions 2021-11-01 01:54:28 -04:00
Richard Hansen
9aaf781548 PadMessageHandler: Modernize userLeave hook context properties 2021-10-30 03:07:44 -04:00
Richard Hansen
a6d060d67b PadMessageHandler: Replace clientReady hook with new userJoin hook 2021-10-30 03:07:44 -04:00
Richard Hansen
c98910e1c5 PadMessageHandler: Populate session info as early as possible 2021-10-30 03:07:44 -04:00
Richard Hansen
b7de24c85f PadMessageHandler: Fix readability of duplicate user check 2021-10-30 03:07:44 -04:00
Richard Hansen
00e7b04518 PadMessageHandler: Improve readability of changeset loading 2021-10-30 03:07:44 -04:00
Richard Hansen
50b9e0df1f PadMessageHandler: Use values from session info object 
This is more consistent with the rest of the code, and it provides a
single source of truth.
 2021-10-30 03:07:40 -04:00
Richard Hansen
10e930408c PadMessageHandler: Delete unnecessary CLIENT_READY checks 
The checks are already performed by the security manager.
 2021-10-30 03:06:57 -04:00