Richard Hansen
d40d59d9eb
AttributeManager: Simplify logic
2021-05-03 01:42:03 -04:00
Richard Hansen
e3d32a26b6
skiplist: Delete unused methods
2021-05-03 01:42:03 -04:00
Richard Hansen
f650c3d73e
editor: Delete unused `PROFILER` code
2021-05-03 01:42:03 -04:00
Richard Hansen
ab4e99f67a
editor: Delete commented-out code
2021-05-03 01:42:03 -04:00
Richard Hansen
eeead46437
PadMessageHandler: Use a `Map` for `sessioninfos`
...
Maps are a bit more flexible, have clearer semantics, and have a
convenient `size` property.
2021-05-03 01:35:11 -04:00
Richard Hansen
14d4aadfe4
PadMessageHandler: Parallelize client updates
...
Multiple clients are updated in parallel, but multiple revisions sent
to a particular client are still sent sequentially.
2021-05-03 01:35:11 -04:00
Richard Hansen
770755debf
PadMessageHandler: Assume sessioninfo stays valid during client update
...
...but add a try/catch around the message transmission just in case.
2021-05-03 01:35:11 -04:00
Richard Hansen
c85391862b
PadMessageHandler: Avoid unnecessary property lookups
2021-05-03 01:35:11 -04:00
Richard Hansen
d5c6a44d9c
PadMessageHandler: Improve documentation of `sessioninfos`
2021-05-03 01:35:11 -04:00
Richard Hansen
4c4415e14a
PadMessageHandler: Register `activePads` metric only once
2021-05-03 01:35:11 -04:00
snyk-bot
6011d31b22
fix: upgrade underscore from 1.12.1 to 1.13.0
...
Snyk has created this PR to upgrade underscore from 1.12.1 to 1.13.0.
See this package in npm:
https://www.npmjs.com/package/underscore
See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
2021-05-03 01:31:53 -04:00
Richard Hansen
8f236b8687
Minify: Avoid crash due to unhandled Promise rejection if stat fails
2021-05-03 01:26:49 -04:00
Richard Hansen
e8df643d75
Minify: Treat `ENOTDIR` like `ENOENT` when statting a file
...
This avoids an exception when require-kernel requests a path like
`existing-file.js/index.js`.
2021-05-03 01:26:48 -04:00
Richard Hansen
aaacbd3a7a
Minify: Refactor `requestURI()` for readability
2021-05-03 01:26:48 -04:00
translatewiki.net
3a8d66ba6a
Localisation updates from https://translatewiki.net .
2021-04-30 08:49:17 +02:00
translatewiki.net
3afc77dae7
Localisation updates from https://translatewiki.net .
2021-04-26 15:20:55 +02:00
Richard Hansen
8384a7a67b
deps: Bump ueberdb2
2021-04-20 21:56:44 +02:00
Richard Hansen
ea8846154f
favicon: Redo favicon customization
2021-04-20 13:33:55 -04:00
Richard Hansen
92e0bff80c
favicon: Refactor handler and add tests
2021-04-20 13:33:55 -04:00
Richard Hansen
d0d4b95980
favicon: Only serve from `/favicon.ico`
2021-04-20 13:33:54 -04:00
Richard Hansen
c2ac5e6145
tests: Fix missing commit in "Upgrade from latest release" workflow
2021-04-20 13:20:33 -04:00
Richard Hansen
96208e8239
tests: Rename workflow to "Upgrade from latest release"
2021-04-20 13:20:04 -04:00
webzwo0i
3a5af19492
AuthorManager: await for more db methods
2021-04-20 11:27:44 -04:00
webzwo0i
35797e57fc
AuthorManager: await db.set in createAuthor
2021-04-20 11:27:44 -04:00
webzwo0i
20c512c8a9
test for await db.set in createAuthor
2021-04-20 11:27:43 -04:00
Chocobozzz
a001a13411
fix(perf): Disable wtfnode dump by default
...
Consumes a lot of CPU so it's better to enable it on purpose
2021-04-13 16:01:41 +02:00
Richard Hansen
951d369e3f
padaccess: Delete useless try/catch
2021-04-12 22:51:06 -04:00
Richard Hansen
329d037431
Simplify read-only pad ID checks
2021-04-12 22:51:06 -04:00
Richard Hansen
f63610bb12
tests: Test access bypass via read-only pad ID
2021-04-12 22:51:06 -04:00
pcworld
3c71e8983b
Fix read only pad access with authentication
...
Before this commit, webaccess.checkAccess saved the authorization in
user.padAuthorizations[padId] with padId being the read-only pad ID,
however later stages, e.g. in PadMessageHandler, use the real pad ID for
access checks. This led to authorization being denied.
This commit fixes it by only storing and comparing the real pad IDs and
not read-only pad IDs.
This fixes test case "authn user readonly pad -> 200, ok" in
src/tests/backend/specs/socketio.js.
2021-04-12 22:51:06 -04:00
pcworld
0d33793908
tests: readonly pastes must be readable+exportable with authentication
...
readonly paste links should be readable even if authentication is turned
on, as long as the user provides valid login data.
This test currently fails.
Also test that readonly paste IDs can be exported under the same
condition, which currently succeeds.
2021-04-12 22:51:06 -04:00
translatewiki.net
7d5cad6932
Localisation updates from https://translatewiki.net .
2021-04-12 15:43:27 +02:00
Richard Hansen
d01b593d3c
chat: Ensure that `ctx.text` is interpreted as HTML
2021-04-11 06:20:29 +02:00
Richard Hansen
a3a0ff7bc1
chat: Use jQuery to build the chat message DOM object
...
This reduces the likelihood of accidentally introducing an XSS
vulnerability.
2021-04-11 06:20:29 +02:00
Richard Hansen
74554d36a5
chat: Allow `chatNewMessage` hook to modify more values
2021-04-11 06:20:29 +02:00
Richard Hansen
1ad134a538
PadMessageHandler: Improve logging of pre-CLIENT_READY drops
...
This should make it easier to see what is emitting the the messages so
it can be fixed.
2021-04-09 18:43:02 +02:00
Richard Hansen
91e99c84ca
import: Reduce log spam from unsupported elements
2021-04-09 18:43:02 +02:00
Richard Hansen
09c349e2a1
import: Use a Set for supported elements
2021-04-09 18:43:02 +02:00
translatewiki.net
e31da37d00
Localisation updates from https://translatewiki.net .
2021-04-08 14:54:44 +02:00
webzwo0i
a796811558
escape userId before setting it as HTML attribute
2021-04-07 23:29:27 -04:00
webzwo0i
9408d4395f
remove custom timeouts
2021-04-07 17:47:11 -04:00
Mikk Andresen
af19a010c5
DOCS: Fix broken links in TOC - use Marked to generate ID slugs instead of local implementation that was giving out different IDs in some cases - https://github.com/citizenos/citizenos-fe/issues/535
2021-04-06 21:42:01 +02:00
Mikk Andresen
78ea888cb7
DOCS: Add basic styles for tables and resources section to Changeset docs - https://github.com/citizenos/citizenos-fe/issues/535
2021-04-06 21:42:01 +02:00
webzwo0i
e483b91916
Don't make browsers fail on sync-xhr until require-kernel is dropped
2021-04-05 04:34:29 -04:00
snyk-bot
e86547c4f5
fix: upgrade openapi-backend from 3.9.0 to 3.9.1
...
Snyk has created this PR to upgrade openapi-backend from 3.9.0 to 3.9.1.
See this package in npm:
https://www.npmjs.com/package/openapi-backend
See this project in Snyk:
https://app.snyk.io/org/johnmclear/project/d9a12bfb-7ccd-443f-9e22-f30d339cc8c5?utm_source=github&utm_medium=upgrade-pr
2021-04-03 16:54:52 -04:00
Richard Hansen
e4754eb9df
tests: Fix race in `timeslider_revisions.js`
2021-04-02 15:46:27 +02:00
Richard Hansen
27e5373050
tests: Fix race in `change_user_name.js`
2021-04-02 15:46:27 +02:00
Richard Hansen
58dac4c0fc
tests: Fix races in `inner_height.js`
2021-04-02 15:46:27 +02:00
Richard Hansen
4ad80d4072
tests: Delete overly aggressive frontend test timeouts
...
This should reduce test flakiness.
2021-04-02 15:46:27 +02:00
Richard Hansen
7cbb3f565d
tests: Speed up `helper.edit()` and `helper.clearPad()`
2021-04-02 15:46:27 +02:00