Commit graph

6894 commits

Author SHA1 Message Date
John McLear
ab127289c4 security: limit socketio to 1M chars 2021-02-11 21:01:47 -05:00
Richard Hansen
085ab452a0 chat tests: Give some time to process each of the 140 chat messages
This avoids overflowing socket.io's receive buffer.
2021-02-11 21:01:47 -05:00
Richard Hansen
020df75677 chat tests: Asyncify 2021-02-11 21:01:47 -05:00
Richard Hansen
0fae34009d chat tests: Delete unnecessary expect() 2021-02-11 21:01:47 -05:00
snyk-bot
f6df9ffad0 fix: upgrade measured-core from 1.11.2 to 1.51.1
Snyk has created this PR to upgrade measured-core from 1.11.2 to 1.51.1.

See this package in npm:
https://www.npmjs.com/package/measured-core

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
2021-02-11 18:39:08 +00:00
John McLear
cc7f11560f
Fix OL list items not increasing (#4749)
* tests: additional test coverage for OL items

* parseInt means we can do a proper check

* tests: use ol check value test for #4748
2021-02-11 13:26:37 -05:00
snyk-bot
60a55ec428 fix: upgrade resolve from 1.1.7 to 1.19.0
Snyk has created this PR to upgrade resolve from 1.1.7 to 1.19.0.

See this package in npm:
https://www.npmjs.com/package/resolve

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
2021-02-11 18:24:32 +00:00
snyk-bot
b50fcb065a fix: upgrade underscore from 1.8.3 to 1.12.0
Snyk has created this PR to upgrade underscore from 1.8.3 to 1.12.0.

See this package in npm:
https://www.npmjs.com/package/underscore

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
2021-02-11 18:18:11 +00:00
translatewiki.net
2f1d648787 Localisation updates from https://translatewiki.net. 2021-02-11 18:48:51 +01:00
Richard Hansen
2301c6ec83 pad: Don't throw on socket.io error 2021-02-11 17:25:09 +00:00
Richard Hansen
fc9f236977 plugins: Use npm ls to list the installed plugins
This speeds up startup considerably, and we get rid of a lot of buggy
code.

This works with both npm v6.x and v7.x.
2021-02-09 22:18:35 +00:00
Richard Hansen
ce1b69feda plugins: Helper function to run the npm CLI 2021-02-09 22:18:35 +00:00
Richard Hansen
87341af429 GitHub workflows: Install Node.js v12
I'm not sure how these tests ever worked. I guess some version of
Node.js and npm come pre-installed on the ubuntu-latest images?

I would have prefered to use Node.js v10 because that is our current
minimum supported version, but we have a surprising number of tests
that don't work on Node.js v10 (mostly due to `assert.match()`, which
was added in Node.js v12).
2021-02-09 22:18:35 +00:00
Richard Hansen
83a519941b /admin/plugins: Fix logging of error messages 2021-02-09 22:18:35 +00:00
John McLear
94a65062c7
checkPlugins: remove lib/travis.yml and add github badges if they aren't present (#4731)
A future PR should remove all Travis badges and CI jobs.
2021-02-09 09:41:41 +00:00
Richard Hansen
ebdb2798ff server: Fix handling of errors during startup and shutdown
Before, an unhandled rejection or uncaught exception during startup
would cause `exports.exit()` to wait forever for startup completion.
Similarly, an error during shutdown would cause `exports.exit()` to
wait forever for shutdown to complete. Now any error during startup or
shutdown triggers an immediate exit.
2021-02-09 08:57:24 +00:00
Richard Hansen
5999d8cd44 server: Only pass err arg to exports.exit()
The `uncaughtException` event handlers are passed two arguments: error
and "origin". The `exports.exit()` argument doesn't expect a second
argument.
2021-02-09 08:57:24 +00:00
Richard Hansen
5b327b63ac server: Simplify gating of state transition waiters 2021-02-09 08:57:24 +00:00
Richard Hansen
105f8b0ccb server: Use a log4js logger object for logging 2021-02-09 08:57:24 +00:00
Richard Hansen
cb1116607e Revert "backend tests: change loglevel to WARN (#4514)"
Logging verbosity of the openapi handlers was turned down so GitHub
should be happier with INFO now. This makes it easier to troubleshoot
problems.

This reverts commit b98aaf4904.
2021-02-09 07:24:31 +00:00
Richard Hansen
1e3f352281 openapi: Turn down logging verbosity 2021-02-09 07:24:31 +00:00
Richard Hansen
714e099b2a tests: Fix accidental functions in ordered_list.js
This fixes a bug introduced in commit
e9bb2c410e.
2021-02-09 07:23:38 +00:00
Ole Langbehn
4c6a12ce2b Add commitRateLimiting settings block to settings.json.docker
The settings commitRateLimiting.duration and commitRateLimiting.points
were not available in the settings.json.docker file, and therefore it
was not possible to override their values via environment variables.

Now, they can be overridden by setting the following env vars:

* commitRateLimiting.duration: COMMIT_RATE_LIMIT_DURATION
* commitRateLimiting.points:   COMMIT_RATE_LIMIT_POINTS
2021-02-08 19:19:03 +00:00
Richard Hansen
e9bb2c410e tests: Fix erroneous use of waitForPromise() in ordered_list.js
`waitForPromise()` should always be used with `await` (either directly
or with a later `await` on the returned Promise). In this case,
the condition should be immediately true so `waitForPromise()` is not
the right tool here.
2021-02-08 18:24:11 +00:00
John McLear
7baa0cda02
tests: disabled checks shouldnt change behavior (#4729) 2021-02-08 11:07:07 +00:00
John McLear
9070c71e9f color picker: allow full white 2021-02-08 11:01:27 +00:00
John McLear
5d96cf9754
changelog 1.8.8 (#4725)
* changelog 1.8.8

* for squash: refine changelog

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-02-07 22:24:19 +00:00
Richard Hansen
1c9afa5168 lint: src/static/js/ace.js 2021-02-07 20:04:07 +00:00
Richard Hansen
8668017c62 ace: Use globalThis instead of non-strict default context
This is necessary before `'use strict';` can be added to the top of
the file.
2021-02-07 20:04:07 +00:00
Richard Hansen
3c2e0f0e16 ace: Simplify Ace2Editor method creation
* Delete the unused `optDoNow` parameter from `pendingInit()`.
  * Move the `setAuthorInfo()` 1st parameter check out of the wrapper
    and in to the `setAuthorInfo()` function itself.
2021-02-07 20:04:07 +00:00
John McLear
865a463154 fix: release script output 2021-02-07 19:28:00 +00:00
John McLear
2b112ac851
tests: Admin Frontend Test Coverage(#4717)
Covers all frontend admin operations, runs separated in CI.
2021-02-07 11:32:57 +00:00
Richard Hansen
294f2a251f lint: Fix bugs and style issues introduced in PR #4718
This fixes issues introduced in commit
f8a19c4527.
2021-02-07 07:51:35 +00:00
Richard Hansen
0ff8274d2e tests: Fix waitForPromise() in enter.js 2021-02-07 07:13:04 +00:00
Richard Hansen
c625c611d2 tests: delete src/tests/frontend/specs/caret.js
All of the tests in this file are commented out so this file does
nothing. We can uncomment the code and clean it up, but the approach
taken in these tests will never work: For security reasons, browsers
do not allow synthetic key events to perform the default
behavior (such as moving the carent when an arrow key is pressed).

There are two ways to test responses to navigation keys:
  * Use WebDriver to create "genuine" keyboard events.
  * Suppress the default behavior and implement caret movement
    ourselves. This is tremendously complicated, especially arrow
    up/down.
2021-02-07 07:02:23 +00:00
John McLear
1f0cb01110 tests: fix enter test 2021-02-07 07:00:12 +00:00
John McLear
f8a19c4527
lint: lint and various fixes of frontend test specs 2021-02-07 06:39:03 +00:00
Richard Hansen
da10d42183 Delete top-level package.json
Advantages of a top-level `package.json`:
  * It prevents npm from printing benign warnings about missing
    `package.json` whenever a plugin is installed.
  * Semantically, it is "the right thing to do" if plugins are to be
    installed in the top-level directory. This avoids violating
    assumptions various tools make about `package.json`, which makes
    it more likely that we can easily switch to a new version of npm
    or to an npm alternative.

Disadvantages of a top-level `package.json`:
  * Including a dependency of `ep_etherpad-lite@file:src` in the
    top-level `package.json`, which is required to keep npm from
    deleting the `node_modules/ep_etherpad-lite` symlink each time a
    package is installed, drastically slows down plugin installation
    because npm recursively walks the ep_etherpad-lite dependencies.
  * npm has a horrible dependency hoisting behavior: It moves
    dependencies from `src/node_modules/` to the top-level
    `node_modules/` directory when possible. This causes numerous
    mysterious problems, such as silent failures in `npm outdated` and
    `npm update`, and it breaks plugins that do
    `require('ep_etherpad-lite/node_modules/foo')`.

Right now, with npm v6.x, eliminating the disadvantages is far more
valuable than keeping the advantages. (This might change with npm
v7.x.)

For a long time there was no top-level `package.json` and it worked
fairly well, although users were often confused by npm's benign
warnings. The top-level `package.json` was added because we needed a
place to put ESLint config for the stuff in `bin/` and `tests/`, and
we wanted the advantages listed above. Unfortunately we were unaware
of the disadvantages at the time. The `bin/` and `tests/` directories
were moved under `src/` so we no longer need the top-level
`package.json` for ESLint.

An alternative to a top-level `package.json`: Create
`plugins/package.json` and install all plugins in `plugins/`. If
`plugins/package.json` has a dependency of
`ep_etherpad-lite@file:../src` then plugin installation will still be
slow (npm will still recursively walk the dependencies in
`src/package.json`) but it should avoid npm's nasty dependency
hoisting behavior. To avoid slow plugin installation we could create a
lightweight `etherpad-pluginlib` package that Etherpad plugins would
use to indirectly access Etherpad's internals. As an added bonus, this
intermediate package could become an adaptor that provides a stable
interface to plugins even when Etherpad core rapidly evolves.
2021-02-07 06:24:52 +00:00
John McLear
e02246641e
ordered lists bugfix: first line item can be 0.*, don't show 0 as undefined (#4600) 2021-02-06 20:19:05 +00:00
John McLear
4862d6fa9c
editor: fix enter key keep line in view (#4639) 2021-02-06 19:56:59 +00:00
John McLear
c969ae58c2
stats: activePads & lastDisconnected stats 2021-02-06 19:53:52 +00:00
John McLear
5f58ce14d6
editor: remove grayed logic and styles so background color is not lost on disconnect/reconnect. 2021-02-06 09:58:10 +00:00
Richard Hansen
8b28e00784 restructure: Prefix bin/ and tests/ with src/
This is a follow-up to commit
2ea8ea1275.
2021-02-05 21:52:08 +00:00
John McLear
2ea8ea1275 restructure: move bin/ and tests/ to src/
Also add symlinks from the old `bin/` and `tests/` locations to avoid
breaking scripts and other tools.

Motivations:

  * Scripts and tests no longer have to do dubious things like:

        require('ep_etherpad-lite/node_modules/foo')

    to access packages installed as dependencies in
    `src/package.json`.

  * Plugins can access the backend test helper library in a non-hacky
    way:

        require('ep_etherpad-lite/tests/backend/common')

  * We can delete the top-level `package.json` without breaking our
    ability to lint the files in `bin/` and `tests/`.

    Deleting the top-level `package.json` has downsides: It will cause
    `npm` to print warnings whenever plugins are installed, npm will
    no longer be able to enforce a plugin's peer dependency on
    ep_etherpad-lite, and npm will keep deleting the
    `node_modules/ep_etherpad-lite` symlink that points to `../src`.

    But there are significant upsides to deleting the top-level
    `package.json`: It will drastically speed up plugin installation
    because `npm` doesn't have to recursively walk the dependencies in
    `src/package.json`. Also, deleting the top-level `package.json`
    avoids npm's horrible dependency hoisting behavior (where it moves
    stuff from `src/node_modules/` to the top-level `node_modules/`
    directory). Dependency hoisting causes numerous mysterious
    problems such as silent failures in `npm outdated` and `npm
    update`. Dependency hoisting also breaks plugins that do:

        require('ep_etherpad-lite/node_modules/foo')
2021-02-04 17:15:08 -05:00
John McLear
efde0b787a
npm-load-remove: checkPad.js example (#4711)
* npm-load-remove: checkPad.js example

* npm-load-remove: checkPad.js example

* npm-load-remove: checkPad.js example

* npm-load-remove: checkPad.js example

* npm-load-remove: checkPad.js example

* npm-load-remove: checkPad.js example

* npm-load-remove: checkPadDeltas

* npm-load-remove: extractPadData

* npm-load-remove: importSqlFile

* npm-load-remove: rebuildPad

* npm-load-remove: repairPad

* npm-load-remove: checkAllPads

* npm-load-remove: migrateDirtyDBtoRealDB

* npm-load-remove: migrateDirtyDBtoRealDB path

* npm-load-remove: migrateDirtyDBtoRealDB dbclose fix

* npm-load-remove: migrateDirtyDBtoRealDB remove commented out line

* npm-load-remove: migrateDirtyDBtoRealDB reintroduce util
2021-02-04 20:53:30 +00:00
Richard Hansen
5a865dfc7e pluginfw: Delete unused return value 2021-02-04 08:41:00 +00:00
Richard Hansen
a145b97682 pluginfw: Use for loops to improve readability 2021-02-04 08:41:00 +00:00
Richard Hansen
fdaacc44c8 pluginfw: Replace slide.asyncMap() with Promise.all() 2021-02-04 08:41:00 +00:00
Richard Hansen
746cc8cc34 pluginfw: In-line formatPluginsWithVersion()
There's only one caller of the function, so move the logic to where it
is used.
2021-02-04 08:41:00 +00:00
Richard Hansen
cd1d322af4 /admin/plugins/info: Move logic to .js file 2021-02-04 08:41:00 +00:00