4b47a29d87
Converted more files.
2023-07-22 23:09:52 +02:00
fda3ea4c92
Add console.log for outputting the path.
2023-07-22 22:32:44 +02:00
a5ce90c135
Fixed startup and loading of plugins.
2023-07-22 22:22:01 +02:00
6fe4473e25
Added esm to node directory.
2023-07-21 19:25:54 +02:00
b55a9a2411
JSON.stringify error for debugging
2023-07-08 17:42:18 +02:00
b858f5dd62
admin/plugins: explicitly call npm with a plugin version
2023-07-08 17:33:53 +02:00
3c9bcf4c4b
Frontend tests: longer timeout in language.js test to make tests for
...
resilient.
2023-07-08 16:05:15 +02:00
3a45aa1cb2
Add symlinks in ./src/node_modules for backwards compatibility.
...
See "Note for plugin authors" section in Changelog.
Some packages that are in use by plugins got a symlink in
./src/node_modules so that they still work after updating Etherpad. In
the future don't require('etherpad_ep-lite/node_modules/dependency')
anymore, but change this to require('dependency') and add the dependency
to your plugin's package.json
2023-07-08 16:05:11 +02:00
8ddc26b7af
admin tests: refactor
2023-07-08 14:32:05 +02:00
9089b8b973
Use `npm link` to install ep_etherpad-lite. This places a package.json
...
file in the root directory that references ./src directory as the file
source for `ep_etherpad-lite`.
Remove --legacy-peer-deps and --no-save when invoking npm. There is no
need for them anymore, as we are bumping npm now to v8.
./src/package.json contains all dependencies of Etherpad core
(package name ep_etherpad-lite) as before. The root directory's
package.json file references ep_etherpad-lite and also contains
references to any installed plugins.
Remove npm from package.json as we depend on a recent version now; PATH is still updated as before, so in the future we may install a custom npm version again
lint package-lock: update exception for sqlite3
remove node_modules and package.json during installDeps.sh
update Dockerfile
adapt minify
windows build
Fixed installOnWindows.bat
remove node_modules from git
bump minimal node/npm version in src/bin/functions.sh
add changelog notes
update installdeps
fix dockerfile
docker: test npm prefix set to the etherpad directory
workflow: upgrade-from-latest-release needs to be adapted until next release is out
Revert "docker: test npm prefix set to the etherpad directory"
This reverts commit b856a2488c9dbfb2acf35309cd1ee83016b631ad.
use npm link --bin-links=false to prevent it from copying bin files
temp fix for scripts as they are not installed to bin directory anymore
adjust bin paths in Dockerfile
Dockerfile
add hint for npm link, dockerfile
update dockerfile
Revert "Fixed installOnWindows.bat"
This reverts commit 70d0716bbedc4c0c1043155fcc5d157f01775c61.
try installOnWindows; still TODO: no difference between production and development; no warning like in installDeps.sh before update - it just removes package* and node_modules so admins must be aware of the plugins they want to reinstall later
update installOnWindows.bat
update package-lock.json
Dockerfile
Dockerfile
add file: scheme for lint check - needed as long as we have the plugin compatibility symlinks in ./src/node_modules
fix installOnWindows
upgrade-from-latest-release workflow: adapt cypress installation
src/package.json: test-container fix path to _mocha; maybe revert this in case we enable bin-links again
src/package.json: add test-on-windows script
another try with test-on-windows, without using bin-links
use bin-links on windows
Revert "use bin-links on windows"
This reverts commit f50ec2a9fabe3098d48e8f412b73c01edbe2140e.
invoke mocha binary on windows
run npm i once on windows, to make bin files available - why?
remove supertest on windows production builds
add symlink for mocha
debug
Revert "debug"
This reverts commit 8916a0515ca2897c57ca65fef49fd0b3610d2989.
Revert "add symlink for mocha"
This reverts commit 3c60bef77d2a120d24fce14421fe638598cd849d.
windows workflow: adapt cypress path
frontend admin tests
2023-07-08 14:31:54 +02:00
13330c45f8
build(deps): bump marked from 5.1.0 to 5.1.1 in /src/bin/doc ( #5819 )
...
Bumps [marked](https://github.com/markedjs/marked ) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/markedjs/marked/releases )
- [Changelog](https://github.com/markedjs/marked/blob/master/.releaserc.json )
- [Commits](https://github.com/markedjs/marked/compare/v5.1.0...v5.1.1 )
---
updated-dependencies:
- dependency-name: marked
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 19:18:39 +02:00
6adc95d780
build(deps): bump express-rate-limit from 6.7.0 to 6.7.1 in /src ( #5821 )
...
Bumps [express-rate-limit](https://github.com/express-rate-limit/express-rate-limit ) from 6.7.0 to 6.7.1.
- [Release notes](https://github.com/express-rate-limit/express-rate-limit/releases )
- [Changelog](https://github.com/express-rate-limit/express-rate-limit/blob/main/changelog.md )
- [Commits](https://github.com/express-rate-limit/express-rate-limit/compare/v6.7.0...v6.7.1 )
---
updated-dependencies:
- dependency-name: express-rate-limit
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 18:09:39 +02:00
8e415c10ea
build(deps): bump ueberdb2 from 4.1.6 to 4.1.7 in /src ( #5820 )
...
Bumps [ueberdb2](https://github.com/ether/ueberDB ) from 4.1.6 to 4.1.7.
- [Changelog](https://github.com/ether/ueberDB/blob/main/CHANGELOG.md )
- [Commits](https://github.com/ether/ueberDB/compare/v4.1.6...v4.1.7 )
---
updated-dependencies:
- dependency-name: ueberdb2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-07 18:09:25 +02:00
33ecd1a2e9
build(deps): bump ueberdb2 from 4.1.5 to 4.1.6 in /src ( #5815 )
...
Bumps [ueberdb2](https://github.com/ether/ueberDB ) from 4.1.5 to 4.1.6.
- [Changelog](https://github.com/ether/ueberDB/blob/main/CHANGELOG.md )
- [Commits](https://github.com/ether/ueberDB/compare/v4.1.5...v4.1.6 )
---
updated-dependencies:
- dependency-name: ueberdb2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-06 21:13:44 +02:00
0bf471f97e
Updated to express session v1.18.2
2023-07-05 22:58:26 +02:00
323bedd90d
build(deps): bump ansi-regex in /src
...
Bumps and [ansi-regex](https://github.com/chalk/ansi-regex ). These dependencies needed to be updated together.
Updates `ansi-regex` from 3.0.0 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases )
- [Commits](https://github.com/chalk/ansi-regex/compare/v3.0.0...v5.0.1 )
Updates `ansi-regex` from 4.1.0 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases )
- [Commits](https://github.com/chalk/ansi-regex/compare/v3.0.0...v5.0.1 )
---
updated-dependencies:
- dependency-name: ansi-regex
dependency-type: indirect
- dependency-name: ansi-regex
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-07-04 13:35:45 +01:00
2bb431e7e5
express-session: Implement and enable key rotation ( #5362 ) by @rhansen
...
* SecretRotator: New class to coordinate key rotation
* express-session: Enable key rotation
* Added new entry in docker.adoc
* Move to own package.Removed fallback as Node 16 is now lowest node version.
* Updated package-lock.json
---------
Co-authored-by: SamTV12345 <40429738+samtv12345@users.noreply.github.com>
2023-07-03 22:58:49 +02:00
675c0130b9
allow option to make pad names case-insensitive ( #5501 ) by @DanielHabenicht
...
* New option to make pad names case-insensitive
fixes #3844
* fix helper.gotoTimeslider()
* fix helper.aNewPad() return value
* Update src/node/utils/Settings.js
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
* remove timeout
* rename enforceLowerCasePadIds to lowerCasePadIds
* use before and after hooks
* update with socket specific test
* enforce sanitizing padID for websocket connections
- only enforce for newly created pads, to combat case-sensitive pad name hijacking
* Added updated package.json file.
---------
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
Co-authored-by: SamTV12345 <40429738+samtv12345@users.noreply.github.com>
2023-07-03 20:52:49 +02:00
22704f7dff
build(deps): bump ueberdb2 from 4.1.4 to 4.1.5 in /src ( #5808 )
...
Bumps [ueberdb2](https://github.com/ether/ueberDB ) from 4.1.4 to 4.1.5.
- [Changelog](https://github.com/ether/ueberDB/blob/main/CHANGELOG.md )
- [Commits](https://github.com/ether/ueberDB/compare/v4.1.4...v4.1.5 )
---
updated-dependencies:
- dependency-name: ueberdb2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-07-03 18:07:43 +02:00
6ee4d3daaa
Fixed password with only numbers being rejected.
2023-07-02 17:48:16 +02:00
8e690aa342
Add bash to the docker image.
2023-07-01 19:43:30 +02:00
9a679aca56
Optimize/docker container ( #5800 )
...
* Bumped ueberdb2 to 4.1.1
* Install only production ready dependencies.
* Added optimized Dockerfile.
* Fixed variable detection.
* Move to own variable for detecting production build.
* Use shell syntax for parameter expansion.
* Use shell as default.
2023-07-01 19:23:17 +02:00
8ab82d713d
Bumped ueberdb2 to 4.1.4 with a variable redis url.
2023-07-01 15:07:59 +02:00
5798126322
Bumped ueberdb2 to 4.1.1
2023-07-01 11:57:53 +02:00
135491c96b
build(deps-dev): bump eslint-config-etherpad in /src ( #5791 )
...
Bumps [eslint-config-etherpad](https://github.com/ether/eslint-config-etherpad ) from 3.0.13 to 3.0.15.
- [Commits](https://github.com/ether/eslint-config-etherpad/compare/v3.0.13...v3.0.15 )
---
updated-dependencies:
- dependency-name: eslint-config-etherpad
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 18:49:24 +02:00
626ac50282
build(deps-dev): bump etherpad-cli-client from 2.0.1 to 2.0.2 in /src ( #5792 )
...
Bumps [etherpad-cli-client](https://github.com/johnmclear/etherpad-cli-client ) from 2.0.1 to 2.0.2.
- [Changelog](https://github.com/ether/etherpad-cli-client/blob/main/CHANGELOG.md )
- [Commits](https://github.com/johnmclear/etherpad-cli-client/compare/v2.0.1...v2.0.2 )
---
updated-dependencies:
- dependency-name: etherpad-cli-client
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 18:30:57 +02:00
0796f1de36
build(deps): bump ueberdb2 from 4.0.1 to 4.0.11 in /src ( #5794 )
...
Bumps [ueberdb2](https://github.com/ether/ueberDB ) from 4.0.1 to 4.0.11.
- [Changelog](https://github.com/ether/ueberDB/blob/main/CHANGELOG.md )
- [Commits](https://github.com/ether/ueberDB/compare/v4.0.1...v4.0.11 )
---
updated-dependencies:
- dependency-name: ueberdb2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-28 18:10:11 +02:00
581b2bef27
Update/socket.io to latest 2.x version ( #5784 )
...
* build(deps): bump ansi-regex in /src
Bumps and [ansi-regex](https://github.com/chalk/ansi-regex ). These dependencies needed to be updated together.
Updates `ansi-regex` from 3.0.0 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases )
- [Commits](https://github.com/chalk/ansi-regex/compare/v3.0.0...v5.0.1 )
Updates `ansi-regex` from 4.1.0 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases )
- [Commits](https://github.com/chalk/ansi-regex/compare/v3.0.0...v5.0.1 )
---
updated-dependencies:
- dependency-name: ansi-regex
dependency-type: indirect
- dependency-name: ansi-regex
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
* Updates socket.io to latest 2.x version.
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 23:29:29 +02:00
f6e463c38b
build(deps): bump ansi-regex in /src ( #5782 )
...
Bumps and [ansi-regex](https://github.com/chalk/ansi-regex ). These dependencies needed to be updated together.
Updates `ansi-regex` from 3.0.0 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases )
- [Commits](https://github.com/chalk/ansi-regex/compare/v3.0.0...v5.0.1 )
Updates `ansi-regex` from 4.1.0 to 5.0.1
- [Release notes](https://github.com/chalk/ansi-regex/releases )
- [Commits](https://github.com/chalk/ansi-regex/compare/v3.0.0...v5.0.1 )
---
updated-dependencies:
- dependency-name: ansi-regex
dependency-type: indirect
- dependency-name: ansi-regex
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 23:03:49 +02:00
db42f23fcc
Added optimized alpine image for better security and smaller image. ( #5780 )
2023-06-27 22:17:55 +02:00
7dfeda77bf
build(deps): bump terser from 5.18.1 to 5.18.2 in /src ( #5779 )
...
Bumps [terser](https://github.com/terser/terser ) from 5.18.1 to 5.18.2.
- [Changelog](https://github.com/terser/terser/blob/master/CHANGELOG.md )
- [Commits](https://github.com/terser/terser/compare/v5.18.1...v5.18.2 )
---
updated-dependencies:
- dependency-name: terser
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-27 21:21:36 +02:00
049231e4af
Feature/axios ( #5776 )
...
* Move from deprecated request package to axios.
* Fixed package.json
* Another check.
* Fixing npm - hopefully the last.
* Remove double parsing of JSON.
* Bump bundled npm to also get rid of request in the bundled npm.
* Revert "Bump bundled npm to also get rid of request in the bundled npm."
This reverts commit b60fa4f435
2023-06-27 21:20:53 +02:00
7748e8d113
Merge remote-tracking branch 'origin/master' into develop
2023-06-26 23:29:47 +02:00
50c3803326
Bumped version.
2023-06-26 23:20:21 +02:00
211cf7499c
Bumped version.
2023-06-26 23:04:10 +02:00
3665d636ae
Bumped version.
2023-06-26 23:03:35 +02:00
2dede75a61
Merge branch 'develop'
2023-06-26 21:05:35 +02:00
b7295fa8af
bump version
2023-06-26 21:05:34 +02:00
cfa9ea68f5
Added changelog.
2023-06-26 20:35:58 +02:00
1e98033632
Security: Fix revision parsing ( #5772 )
...
A carefully crated URL can cause Etherpad to hang.
2023-06-26 18:17:06 +01:00
1d289520eb
Require Node 16 for Etherpad and target Node 20 for testing ( #5771 )
2023-06-26 18:11:32 +01:00
d3afc1b9fb
build(deps): bump semver from 7.5.2 to 7.5.3 in /src ( #5770 )
...
Bumps [semver](https://github.com/npm/node-semver ) from 7.5.2 to 7.5.3.
- [Release notes](https://github.com/npm/node-semver/releases )
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/node-semver/compare/v7.5.2...v7.5.3 )
---
updated-dependencies:
- dependency-name: semver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-26 18:58:17 +02:00
5a541ce98d
deps: mocha 10
2023-06-24 12:55:13 +01:00
3074b8749a
deps: jsdom 20
2023-06-24 10:47:18 +01:00
fa08e90406
build(deps-dev): bump eslint from 8.14.0 to 8.43.0 in /src
...
Bumps [eslint](https://github.com/eslint/eslint ) from 8.14.0 to 8.43.0.
- [Release notes](https://github.com/eslint/eslint/releases )
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/eslint/eslint/compare/v8.14.0...v8.43.0 )
---
updated-dependencies:
- dependency-name: eslint
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-23 20:36:39 +01:00
a443dab70a
build(deps): bump underscore from 1.13.3 to 1.13.6 in /src
...
Bumps [underscore](https://github.com/jashkenas/underscore ) from 1.13.3 to 1.13.6.
- [Commits](https://github.com/jashkenas/underscore/compare/1.13.3...1.13.6 )
---
updated-dependencies:
- dependency-name: underscore
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-23 20:33:44 +01:00
1d85bff12c
build(deps-dev): bump set-cookie-parser from 2.4.8 to 2.6.0 in /src
...
Bumps [set-cookie-parser](https://github.com/nfriedly/set-cookie-parser ) from 2.4.8 to 2.6.0.
- [Commits](https://github.com/nfriedly/set-cookie-parser/compare/v2.4.8...v2.6.0 )
---
updated-dependencies:
- dependency-name: set-cookie-parser
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-23 11:16:24 +01:00
159434b759
tests: drop windows 7 test coverage & use chrome latest for admin tests instead of safari ( #5752 )
2023-06-23 10:22:09 +01:00
db43147a44
build(deps): bump async from 3.2.3 to 3.2.4 in /src
...
Bumps [async](https://github.com/caolan/async ) from 3.2.3 to 3.2.4.
- [Release notes](https://github.com/caolan/async/releases )
- [Changelog](https://github.com/caolan/async/blob/master/CHANGELOG.md )
- [Commits](https://github.com/caolan/async/compare/v3.2.3...v3.2.4 )
---
updated-dependencies:
- dependency-name: async
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-23 09:33:02 +01:00
fe60bf9de3
build(deps): bump ejs from 3.1.7 to 3.1.9 in /src
...
Bumps [ejs](https://github.com/mde/ejs ) from 3.1.7 to 3.1.9.
- [Release notes](https://github.com/mde/ejs/releases )
- [Commits](https://github.com/mde/ejs/compare/v3.1.7...v3.1.9 )
---
updated-dependencies:
- dependency-name: ejs
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-06-23 09:32:49 +01:00
SamTV12345