public-offering
/
pad.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7,895 Commits
190 Branches
71 Tags
55 MiB
Commit Graph

4829 Commits (56d6a1800b3500dca399c18edf9776b1f89474fb)

Author SHA1 Message Date
Richard Hansen bdbde88fed PadMessageHandler: Fix `USER_CHANGES` queue identifier 
`message.padId` is normally undefined for `USER_CHANGES` messages.
 2022-02-23 16:11:16 -05:00
Richard Hansen c59cbb537a Bump version 2022-02-23 16:10:47 -05:00
Richard Hansen 1513932ca1 plugins: Give each plugin a plugin-specific logger object 
This makes it possible for plugins to stop assuming that log4js is
available at `ep_etherpad-lite/node_modules/log4js`.
 2022-02-21 15:13:57 -05:00
Richard Hansen daee90d2af lint: Close function args on same line as final arg 2022-02-21 14:53:48 -05:00
Richard Hansen 37508403d8 lint: Replace `Object.assign()` with object spread syntax 2022-02-21 14:36:58 -05:00
Richard Hansen c8211f2898 lint: Run `eslint --fix` 2022-02-21 14:36:58 -05:00
Richard Hansen 8eb310854d lint: Bump ESLint dependencies 2022-02-21 14:36:58 -05:00
Richard Hansen 005ca0bb09 lint: Move ESLint config to `.eslintrc.cjs` 2022-02-21 14:36:58 -05:00
Richard Hansen d2f4931a35 checkPlugin: Use log4js for logging 2022-02-21 14:36:58 -05:00
Richard Hansen 8aec73b129 checkPlugin: Add ability to remove dependencies 2022-02-21 14:36:58 -05:00
Richard Hansen d5db979c93 checkPlugin: Config ESLint via `.eslintrc.cjs` 2022-02-21 14:36:58 -05:00
Richard Hansen f046f0ab81 checkPlugin: Only create `ep_etherpad-lite` symlink if missing 
This avoids problems if the plugin has a non-peer dependency on
`ep_etherpad-lite`.
 2022-02-20 18:06:46 -05:00
Richard Hansen 9ed1e43593 checkPlugin: Resolve plugin directory symlinks 
This works around weird npm bugs.
 2022-02-20 18:06:46 -05:00
Richard Hansen d9044537bb checkPlugin: cd to Etherpad root dir 2022-02-20 18:06:46 -05:00
Richard Hansen 5a66abae8b checkPlugin: Move everything inside async IIFE 2022-02-20 18:06:46 -05:00
Richard Hansen 2e0e872ae3 Pad: New `padDefaultContent` hook 2022-02-19 14:55:43 -05:00
Richard Hansen aa286b7dbd API: Add optional `authorId` param to mutation functions 2022-02-19 14:55:42 -05:00
Richard Hansen 50fafe608b tests: Basic test for `restoreRevision` API 2022-02-19 14:55:42 -05:00
Richard Hansen 3b8549342a Pad: Plumb author ID through mutation operations 2022-02-19 14:55:42 -05:00
Richard Hansen 5f60b3aab2 Pad: Remove unneccessary `padManager.getPad()` call 2022-02-19 14:55:42 -05:00
Richard Hansen 449b972e6a Pad: Use default parameter value 2022-02-19 14:55:42 -05:00
Richard Hansen aec512d1fa Pad: Rename `author` context properties to `authorId` 2022-02-19 14:55:42 -05:00
Richard Hansen 65bd5ffa6b Pad: Rename `author` vars to `authorId` for consistency 2022-02-19 14:55:42 -05:00
Richard Hansen c2910b98e8 ImportHandler: Skip default pad text when importing to a new pad 2022-02-19 14:25:51 -05:00
Richard Hansen c8f2409de0 ImportHandler: Drop unnecessary underscores in variable names 
Also delete an unnecessary comment.
 2022-02-19 14:25:51 -05:00
translatewiki.net a27b400073 Localisation updates from https://translatewiki.net. 2022-02-14 13:03:22 +01:00
dependabot[bot] 4ed436dbbe
build(deps): bump simple-get from 3.1.0 to 3.1.1 in /src 
Bumps [simple-get](https://github.com/feross/simple-get) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/feross/simple-get/releases)
- [Commits](https://github.com/feross/simple-get/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: simple-get
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-03 16:29:27 +00:00
dependabot[bot] cdc08d157b build(deps-dev): bump selenium-webdriver from 4.0.0 to 4.1.1 in /src 
Bumps [selenium-webdriver](https://github.com/SeleniumHQ/selenium) from 4.0.0 to 4.1.1.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/commits)

---
updated-dependencies:
- dependency-name: selenium-webdriver
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-02-03 11:28:40 -05:00
translatewiki.net b9b6cef4d2 Localisation updates from https://translatewiki.net. 2022-02-03 13:03:23 +01:00
Richard Hansen 33fb4c71e4 deps: Bump ESLint dependencies 2022-02-02 20:21:34 -05:00
translatewiki.net 5d3c34aecb Localisation updates from https://translatewiki.net. 2022-01-31 13:02:59 +01:00
Richard Hansen 5520161088 deps: Upgrade formidable to 2.0.1 2022-01-28 21:34:57 -05:00
dependabot[bot] 6009fdf979
build(deps): bump resolve from 1.20.0 to 1.22.0 in /src 
Bumps [resolve](https://github.com/browserify/resolve) from 1.20.0 to 1.22.0.
- [Release notes](https://github.com/browserify/resolve/releases)
- [Commits](https://github.com/browserify/resolve/compare/v1.20.0...v1.22.0)

---
updated-dependencies:
- dependency-name: resolve
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 21:47:20 +00:00
dependabot[bot] 0e6fd567f7
build(deps): bump openapi-backend from 5.0.1 to 5.1.1 in /src 
Bumps [openapi-backend](https://github.com/anttiviljami/openapi-backend) from 5.0.1 to 5.1.1.
- [Release notes](https://github.com/anttiviljami/openapi-backend/releases)
- [Commits](https://github.com/anttiviljami/openapi-backend/compare/5.0.1...5.1.1)

---
updated-dependencies:
- dependency-name: openapi-backend
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 20:49:14 +00:00
dependabot[bot] 0189af9bb1
build(deps): bump clean-css from 5.2.3 to 5.2.4 in /src 
Bumps [clean-css](https://github.com/clean-css/clean-css) from 5.2.3 to 5.2.4.
- [Release notes](https://github.com/clean-css/clean-css/releases)
- [Changelog](https://github.com/clean-css/clean-css/blob/master/History.md)
- [Commits](https://github.com/clean-css/clean-css/compare/v5.2.3...v5.2.4)

---
updated-dependencies:
- dependency-name: clean-css
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 20:46:01 +00:00
dependabot[bot] 65de9eb733
build(deps): bump underscore from 1.13.1 to 1.13.2 in /src 
Bumps [underscore](https://github.com/jashkenas/underscore) from 1.13.1 to 1.13.2.
- [Release notes](https://github.com/jashkenas/underscore/releases)
- [Commits](https://github.com/jashkenas/underscore/compare/1.13.1...1.13.2)

---
updated-dependencies:
- dependency-name: underscore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 20:42:50 +00:00
dependabot[bot] d86e1e5249
build(deps): bump ueberdb2 from 2.0.1 to 2.0.2 in /src 
Bumps [ueberdb2](https://github.com/ether/ueberDB) from 2.0.1 to 2.0.2.
- [Release notes](https://github.com/ether/ueberDB/releases)
- [Changelog](https://github.com/ether/ueberDB/blob/master/CHANGELOG.md)
- [Commits](https://github.com/ether/ueberDB/compare/v2.0.1...v2.0.2)

---
updated-dependencies:
- dependency-name: ueberdb2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 08:39:13 +00:00
Richard Hansen c40544eade lint: Bump ESLint dependencies 2022-01-28 03:24:14 -05:00
dependabot[bot] 8791082077
build(deps): bump clean-css from 5.2.2 to 5.2.3 in /src 
Bumps [clean-css](https://github.com/clean-css/clean-css) from 5.2.2 to 5.2.3.
- [Release notes](https://github.com/clean-css/clean-css/releases)
- [Changelog](https://github.com/clean-css/clean-css/blob/master/History.md)
- [Commits](https://github.com/clean-css/clean-css/compare/v5.2.2...v5.2.3)

---
updated-dependencies:
- dependency-name: clean-css
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-28 07:02:27 +00:00
Richard Hansen c568bb1baa ci: Skip frontend tests for Dependabot PRs 2022-01-28 01:51:15 -05:00
Richard Hansen 43aa1e4aeb ci: Reformat `.yml` files for readability 2022-01-28 01:39:45 -05:00
Richard Hansen 35a182e053 ci: dependabot: Set `versioning-strategy` to `increase` 
This keeps `package.json` in sync with `package-lock.json`.
 2022-01-27 23:54:28 -05:00
Richard Hansen 63a02ec5fa ci: Enable caching 2022-01-27 22:40:38 -05:00
Richard Hansen 3732565f83 ci: plugins: Bump saucelabs/sauce-connect-action 2022-01-27 22:40:38 -05:00
Richard Hansen 737464935e ci: plugins: Enable dependabot 2022-01-27 22:05:47 -05:00
Richard Hansen f02334e589 ci: plugins: Install plugin deps before core deps 2022-01-27 22:05:47 -05:00
Richard Hansen be36f764ad deps: Update eslint-config-etherpad 2022-01-27 22:05:47 -05:00
Richard Hansen 47f5bbef1c deps: Remove tiny-worker 
It is not needed for modern versions of Node.js.
 2022-01-27 02:15:47 -05:00
Richard Hansen c586502e3c deps: Bump marked to 4.0.12 2022-01-27 02:05:11 -05:00
Richard Hansen 9db3424403 deps: Bump rehype and rehype-minify-whitespace 2022-01-27 01:27:10 -05:00
Richard Hansen 1e604add99 deps: Require Node.js 12.17.0 or later 
This makes it possible to use dynamic `import()`.
 2022-01-27 01:27:10 -05:00
snyk-bot 151f954fea fix: upgrade rate-limiter-flexible from 2.3.5 to 2.3.6 
Snyk has created this PR to upgrade rate-limiter-flexible from 2.3.5 to 2.3.6.

See this package in npm:
https://www.npmjs.com/package/rate-limiter-flexible

See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=referral&page=upgrade-pr
 2022-01-26 20:05:06 -05:00
dependabot[bot] 9b671efd5b build(deps): bump node-fetch from 2.6.6 to 2.6.7 in /src 
Bumps [node-fetch](https://github.com/node-fetch/node-fetch) from 2.6.6 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases)
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.6...v2.6.7)

---
updated-dependencies:
- dependency-name: node-fetch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 20:03:19 -05:00
dependabot[bot] e44d1c4400 build(deps-dev): bump eslint-config-etherpad from 2.0.2 to 2.0.3 in /src 
Bumps [eslint-config-etherpad](https://github.com/ether/eslint-config-etherpad) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/ether/eslint-config-etherpad/releases)
- [Commits](https://github.com/ether/eslint-config-etherpad/compare/v2.0.2...v2.0.3)

---
updated-dependencies:
- dependency-name: eslint-config-etherpad
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 20:02:42 -05:00
dependabot[bot] de66bd4799 build(deps): bump http-errors from 1.8.1 to 2.0.0 in /src 
Bumps [http-errors](https://github.com/jshttp/http-errors) from 1.8.1 to 2.0.0.
- [Release notes](https://github.com/jshttp/http-errors/releases)
- [Changelog](https://github.com/jshttp/http-errors/blob/master/HISTORY.md)
- [Commits](https://github.com/jshttp/http-errors/compare/1.8.1...v2.0.0)

---
updated-dependencies:
- dependency-name: http-errors
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 20:01:53 -05:00
dependabot[bot] abe8a98a4d
build(deps-dev): bump mocha from 9.1.3 to 9.2.0 in /src 
Bumps [mocha](https://github.com/mochajs/mocha) from 9.1.3 to 9.2.0.
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v9.1.3...v9.2.0)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-27 00:58:49 +00:00
dependabot[bot] 867922c8d8 build(deps): bump follow-redirects from 1.14.6 to 1.14.7 in /src 
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-01-26 19:56:56 -05:00
RichDavis1 ae9114f140 Edit settings.js 
Added formal panics for invalid JSON.
 2022-01-26 19:35:21 -05:00
translatewiki.net 315bcccc14 Localisation updates from https://translatewiki.net. 2022-01-24 13:03:53 +01:00
Richard Hansen e4a336e875 plugins: Add npm packages to etherpad org 2022-01-20 20:33:24 -05:00
Richard Hansen 692749d1cf express-session: Extend session lifetime if user is active 2022-01-17 21:45:56 -05:00
Richard Hansen 9c1f52f1b0 express-session: Install package from `@etherpad` scope 
This allows us to use some in-progress features.
 2022-01-17 21:45:56 -05:00
Richard Hansen 023e58cfe6 express-session: Set a finite cookie lifetime 2022-01-17 21:45:56 -05:00
Richard Hansen ec10700dff express-session: Don't save uninitialized sessions 
This should avoid frivolous session records, such as when the user
gets a 404 (unless login was required to see the 404).
 2022-01-17 21:45:56 -05:00
Richard Hansen 7255dd7ef0 express-session: Inherit proxy trust from Express 2022-01-17 21:45:56 -05:00
Richard Hansen 945e6848e2 SessionStore: Delete DB record when session expires 
This only deletes records known to the current Etherpad instance --
old records from previous runs are not automatically cleaned up.
 2022-01-17 21:45:56 -05:00
Richard Hansen 72cd983f0f SessionStore: Option to update DB record on `touch()` 2022-01-17 21:45:52 -05:00
Richard Hansen b991948e21 SessionStore: Don't write DB record if already expired 2022-01-17 21:33:58 -05:00
Richard Hansen 4d498725c7 SessionStore: Improve cookie expiration check 
* Don't mutate `sess.cookie.expires`.
  * Allow `sess.cookie` to be nullish.
  * Always compare `Date` objects.
 2022-01-17 18:17:40 -05:00
Richard Hansen 928c598ecf tests: Add SessionStore backend tests 2022-01-17 17:51:08 -05:00
Richard Hansen efab3aed0c deps: Update ueberdb2 to 2.0.1 to get proper JSON support 2022-01-14 00:45:47 -05:00
Richard Hansen d3984aa621 express: Move `preAuthorize` hook after `express-session` 
The `ep_openid_connect` plugin needs access to session state before
authorization checks are made (to securely redirect the user back to
the start page when authentication completes). Now that the
`expressPreSession` hook exists, the rationale for moving
`preAuthorize` before the `express-session` middleware is gone.

This change undoes the following commits:
  * bf35dcfc50
  * 0b1ec20c5c
  * 30544b564e
 2022-01-14 00:44:54 -05:00
Richard Hansen 75637708c0 express: Move up `cookie-parser` middleware 
This makes it possible for the `preAuthorize` and `preExpressSession`
hooks to easily read or set cookies.
 2022-01-14 00:44:54 -05:00
Richard Hansen ab85db4426 webaccess: Silence prototype pollution warning 2022-01-14 00:44:54 -05:00
Richard Hansen dcd43e9849 webaccess: Use `.startsWith()` instead of `.search()` 2022-01-14 00:44:54 -05:00
translatewiki.net b9118c22ba Localisation updates from https://translatewiki.net. 2022-01-13 13:02:54 +01:00
Richard Hansen fd9b770579 PadManager: Refactor `padList` to avoid duplicate loads 2022-01-02 20:44:42 -05:00
Richard Hansen 66ce2b50a9 openapi: Convert `Promise.catch()` to `catch` block 2022-01-02 19:17:20 -05:00
Richard Hansen fa8bdb0348 promises: Add a comment explaining a subtlety in `Gate` 2022-01-02 18:57:44 -05:00
Richard Hansen a115c475ad promises: Expose `reject` in `Gate` 2022-01-02 18:57:44 -05:00
Richard Hansen b72db7ebd6 promises: Return a `Promise` from `Gate.then()` 
It doesn't make sense to return a `Gate` from `Gate.then()`, and this
eliminates the semantically confusing constructor parameter.
 2022-01-02 18:57:44 -05:00
Richard Hansen 78a67801f3 promises: Move Gate from `server.js` (to enable reuse) 2022-01-02 18:57:44 -05:00
Richard Hansen c8d45586c1 server: Fix stop Gate creation and check 2022-01-02 18:57:44 -05:00
Richard Hansen 10c55a2328 Changeset: Explain why number of removals doesn't matter 2021-12-31 22:53:59 -05:00
Richard Hansen 6495b1e6f4 tests: Disable deprecation warnings when testing deprecated functions 2021-12-31 22:15:03 -05:00
Richard Hansen c0471dd238 tests: Avoid deprecated `Changeset.opIterator` 2021-12-31 22:14:07 -05:00
webzwo0i 0af728ffee textLinesMutator: coverage for changed attributes in multiline keeps 2021-12-30 18:44:29 -05:00
webzwo0i 93447b7493 easysync tests: cover more string operation scenarios 2021-12-30 18:44:29 -05:00
webzwo0i 395cbc01bb Changeset.js: refine comments 2021-12-30 18:44:29 -05:00
webzwo0i 55c47efd4c easysync tests: add some more smartOpAssembler tests 2021-12-30 18:44:29 -05:00
webzwo0i 12ebca897d easysync: add clear method to stringAssembler 2021-12-30 18:44:29 -05:00
Chocobozzz 0cc15df9b9 Prevent pad translation and crash 
Prevent "TypeError: Cannot read properties of null (reading 'sheet')"
exception because google chrome can translate `<style type="text/css" title="dynamicsyntax"></style>` title attribute
 2021-12-22 17:46:32 +01:00
Richard Hansen cb257de8f9 Bump version to v1.9.0 for plugin `peerDependencies` 
This allows plugins to depend on the not-yet-released API by bumping
their `peerDependencies` to `>=1.9.0`.

IMPORTANT: v1.9.0 IS NOT RELEASED YET. I tried to bump the version to
1.9.0-alpha.0 instead, but unfortunately that doesn't satisfy
`>=1.8.6` which would break just about every plugin.
 2021-12-21 17:23:56 -05:00
Richard Hansen 02a56dc58c PadMessageHandler: Allow `handleMessageSecurity` to grant one-time write access 2021-12-21 17:23:56 -05:00
Richard Hansen 31b025bd9d PadMessageHandler: Pass session info to `handleMessageSecurity` hook 2021-12-21 17:23:56 -05:00
Richard Hansen 1b52c9f0c4 PadMessageHandler: Deprecate `client` context property 2021-12-21 17:23:56 -05:00
Richard Hansen f1856cf95a Docker: Use new `/health` endpoint for HEALTHCHECK 2021-12-21 17:19:56 -05:00
Richard Hansen 83f2898723 package.json: Define `etherpad` binary 2021-12-21 17:19:56 -05:00
Richard Hansen 696f9c3367 specialpages: New `/health` endpoint for health checking 
This endpoint is intended to conform with:
https://www.ietf.org/archive/id/draft-inadarei-api-health-check-06.html
 2021-12-21 17:19:56 -05:00
Dirk Jagdmann 2e4c546c7f Pad: Add new `.spliceText()` method 
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
 2021-12-21 17:00:18 -05:00