Richard Hansen
4ae8fbc40d
tests: Increase `importexportGetPost.js` timeouts
...
The tests were timing out on my machine.
2021-02-16 21:13:35 -05:00
Richard Hansen
3d2f77f75d
lint: Fix ESLint errors in backend tests
2021-02-16 21:13:35 -05:00
Richard Hansen
00d45e3229
Defer rate limiter creation to a hook call
...
This makes it possible to change the rate limiter settings via
`/admin/settings` or by modifying the appropriate settings object and
reinvoking the hook.
2021-02-16 21:13:35 -05:00
Richard Hansen
d7ed71eba0
plugins: Fix "Error: spawn npm ENOENT" error on Windows
...
On Windows, npm should be invoked as `npm.cmd`, not `npm`. Use a
drop-in replacement for `child_process.spawn()` that does the right
thing on Windows.
2021-02-16 22:00:20 +00:00
John McLear
2e92e8e9d0
tests: frontend test button increase timeouts
2021-02-16 16:38:59 +00:00
snyk-bot
b06e47c06e
fix: src/bin/doc/package.json & src/bin/doc/package-lock.json to reduce vulnerabilities
...
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-MARKED-584281
2021-02-16 11:10:46 +00:00
snyk-bot
095edb5043
fix: upgrade express-rate-limit from 5.1.1 to 5.2.3
...
Snyk has created this PR to upgrade express-rate-limit from 5.1.1 to 5.2.3.
See this package in npm:
https://www.npmjs.com/package/express-rate-limit
See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
2021-02-16 11:05:49 +00:00
Richard Hansen
c39d0606cf
ace2_inner: Delete special arrow key handling
...
I can't see any reason this would be necessary, and it appears to not
behave as intended (`scroll.scrollWhenPressArrowKeys()` is not invoked
after a continuously held arrow key is finally let up).
2021-02-16 11:03:31 +00:00
Richard Hansen
72704a9fbd
release: Update the `doc/latest` symlink
2021-02-16 10:37:07 +00:00
Richard Hansen
345f5227fd
release: Use log4js to improve message readability
2021-02-16 10:37:07 +00:00
Richard Hansen
899f2e02f3
release: Reset Git repo on error
2021-02-16 10:37:07 +00:00
Richard Hansen
ba32f71f30
release: Automate more steps
2021-02-16 10:37:07 +00:00
Richard Hansen
18c8838a33
release: Stricter checking of `CHANGELOG.md`
2021-02-16 10:37:07 +00:00
Richard Hansen
5c48ebb406
release: Fix wrapping of log message
2021-02-16 10:37:07 +00:00
Richard Hansen
5816fd5f2f
release: Add git sanity checks
2021-02-16 10:37:07 +00:00
Richard Hansen
a814893ca3
release: Assume `../ether.github.com` exists
2021-02-16 10:37:07 +00:00
Richard Hansen
8db6b5da4a
release: Don't capture stdout when unnecessary
...
This should make it easier to troubleshoot issues.
2021-02-16 10:37:07 +00:00
Richard Hansen
83b55eb41f
release: Shorthand function for running a command
2021-02-16 10:37:07 +00:00
Richard Hansen
2691d556fe
release: Enforce lockfileVersion 1
2021-02-16 10:37:07 +00:00
Richard Hansen
1ada0ab5d6
release: cd to Etherpad root directory
2021-02-16 10:37:07 +00:00
Richard Hansen
565d020876
release: Make sure JSON ends with `\n`
2021-02-16 10:37:07 +00:00
Richard Hansen
ea4b2ef8fb
release: Factor out JSON read/write for later reuse
2021-02-16 10:37:07 +00:00
Richard Hansen
8155d6154d
release: Don't create `release/x.y.z` branch
...
Patch-specific release branches should never diverge from the tag, so
they serve no useful purpose. (If they do diverge, which some did
before I deleted them all, what does it mean? Are we going to move the
tag in the future? It's just too confusing.)
In the future we might want to do major- or minor-specific
branches (e.g., `release/1` or `release/1.8`), but only if we want to
maintain old releases. For example, if 2.0 is a major release that
doesn't work with plugins designed for 1.x we might want to maintain a
`release/1` branch that continues to get bugfixes while the bulk of
new work continues to land on `develop`. If we do decide to maintain
old releases we'll need a new set of release scripts (or edit the
`release.js` script on the `release/1` branch).
2021-02-16 10:37:07 +00:00
John McLear
e1dcaa5210
release: Better steps for release procedure
2021-02-16 10:37:07 +00:00
John McLear
655ae90464
release: Exclude `var/` during Windows build
2021-02-16 10:37:07 +00:00
Richard Hansen
d5969507cd
release: Clone docs repo in `..`
2021-02-16 10:37:07 +00:00
Richard Hansen
bdd32f8915
Replace `node_modules/ep_etherpad-lite` with `src`
2021-02-16 10:35:05 +00:00
snyk-bot
269c6d09c5
fix: upgrade npm from 6.14.8 to 6.14.11
...
Snyk has created this PR to upgrade npm from 6.14.8 to 6.14.11.
See this package in npm:
https://www.npmjs.com/package/npm
See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
2021-02-15 18:35:59 -05:00
snyk-bot
ed02606c4b
fix: upgrade semver from 5.6.0 to 5.7.1
...
Snyk has created this PR to upgrade semver from 5.6.0 to 5.7.1.
See this package in npm:
https://www.npmjs.com/package/semver
See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
2021-02-15 21:54:50 +00:00
Richard Hansen
f0a6236a0d
Merge branch 'master' into develop
2021-02-15 12:47:47 -05:00
Richard Hansen
113df1f186
Merge branch 'develop'
2021-02-15 12:47:33 -05:00
John McLear
c0f73e6672
bump version
2021-02-15 12:47:20 -05:00
John McLear
306e839bd8
docs: security notification
2021-02-15 12:45:31 -05:00
John McLear
b7e88cb904
security: New setting for Socket.IO `maxHttpBufferSize`
2021-02-15 12:45:31 -05:00
Richard Hansen
ed93ef5636
/admin/settings: Reload plugins, call `loadSettings` hook on restart
...
This should match the normal startup procedure a bit more closely.
2021-02-15 08:43:14 +00:00
Guilherme Goncalves
3ff244f7a0
Update lines with zero height on sidediv
...
Avoid evaluation of `0` height as false within `if` condition,
since it is possible having 0px as line-height.
2021-02-15 00:42:00 -05:00
Egil
9c7dcb1d0a
eejs: Upgrade ejs to the latest version
...
The type of ejs's `__output` variable is now string instead of array
of strings, so the handling of `__output` had to change.
2021-02-14 23:36:53 -05:00
John McLear
615e47114b
Revert "socketio: increase socketio limit to 1MiB"
...
This reverts commit 55c96e5577
.
2021-02-14 16:53:48 +00:00
Richard Hansen
648e7c7342
docs: Mention improved import UX in `CHANGELOG.md`
2021-02-14 03:58:53 -05:00
Richard Hansen
b711ff6acf
import: Ajaxify pad import
...
This eliminates an inline script (good for Content Security Policy)
and improves the user experience.
2021-02-14 08:35:38 +00:00
Richard Hansen
fba55fa6cf
ImportHandler: Refactor `doImport()` for readability
2021-02-14 08:35:38 +00:00
Richard Hansen
28b28866a2
ImportHandler: Move the logger up
...
Also change the name to something shorter.
2021-02-14 08:35:38 +00:00
Richard Hansen
26b5a69ccc
ImportHandler: Use `JSON.stringify()` to properly escape characters
2021-02-14 08:35:38 +00:00
Richard Hansen
ed80883709
ImportHandler: Lint the response script sent to the browser
2021-02-14 08:35:38 +00:00
Richard Hansen
0ff131bbbb
ImportHandler: Throw Errors, not strings
2021-02-14 08:35:38 +00:00
Richard Hansen
908635a1de
ImportHandler: Use `return reject(...)` to avoid double settle
2021-02-14 08:35:38 +00:00
Richard Hansen
e01059dce5
ImportHandler: Switch to `fs/promises` API
2021-02-14 08:35:38 +00:00
Richard Hansen
5b1b030906
ImportHandler: Use asynchronous rename instead of `fs.renameSync()`
2021-02-14 08:35:38 +00:00
Richard Hansen
c7b1abebe4
ImportHandler: Avoid deprecated `fs.exists()` function
2021-02-14 08:35:38 +00:00
Richard Hansen
008209b0e0
ImportHandler: Delete redundant variable
2021-02-14 08:35:38 +00:00