build(deps-dev): bump sinon from 17.0.0 to 17.0.1 in /src (#6020)

Bumps [sinon](https://github.com/sinonjs/sinon) from 17.0.0 to 17.0.1.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v17.0.0...v17.0.1)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/backend-tests.yml

@@ -24,7 +24,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node }}
           cache: 'npm'
@@ -61,7 +61,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node }}
           cache: 'npm'
@@ -122,7 +122,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'
@@ -155,7 +155,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'

.github/workflows/docker.yml

@@ -36,7 +36,7 @@ jobs:
           cache-to: type=gha,mode=max
       -
         name: Set up Node.js
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 'lts/*'
           cache: 'npm'

.github/workflows/frontend-admin-tests.yml

@@ -29,7 +29,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node }}
           cache: 'npm'
@@ -78,7 +78,7 @@ jobs:
         name: Remove standard frontend test files, so only admin tests are run
         run: mv src/tests/frontend/specs/* /tmp && mv /tmp/admin*.js src/tests/frontend/specs
       -
-        uses: saucelabs/sauce-connect-action@v2.3.4
+        uses: saucelabs/sauce-connect-action@v2.3.5
         with:
           username: ${{ secrets.SAUCE_USERNAME }}
           accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}

.github/workflows/frontend-tests.yml

@@ -23,7 +23,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'
@@ -45,7 +45,7 @@ jobs:
         run: |
           sed -e '/^ *"importExportRateLimiting":/,/^ *\}/ s/"max":.*/"max": 100000000/' -i settings.json
       -
-        uses: saucelabs/sauce-connect-action@v2.3.4
+        uses: saucelabs/sauce-connect-action@v2.3.5
         with:
           username: ${{ secrets.SAUCE_USERNAME }}
           accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}
@@ -78,7 +78,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'
@@ -133,7 +133,7 @@ jobs:
         name: Remove standard frontend test files, so only plugin tests are run
         run: rm src/tests/frontend/specs/*
       -
-        uses: saucelabs/sauce-connect-action@v2.3.4
+        uses: saucelabs/sauce-connect-action@v2.3.5
         with:
           username: ${{ secrets.SAUCE_USERNAME }}
           accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}

.github/workflows/lint-package-lock.yml

@@ -20,7 +20,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'
@@ -29,7 +29,7 @@ jobs:
             src/bin/doc/package-lock.json
       -
         name: Install lockfile-lint
-        run: npm install --no-save lockfile-lint
+        run: npm install --no-save lockfile-lint --legacy-peer-deps
       -
         name: Run lockfile-lint on package-lock.json
         run: >

.github/workflows/load-test.yml

@@ -20,7 +20,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'
@@ -50,7 +50,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'
@@ -107,7 +107,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'

.github/workflows/rate-limit.yml

@@ -20,7 +20,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'

.github/workflows/upgrade-from-latest-release.yml

@@ -26,7 +26,7 @@ jobs:
         with:
           ref: master
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: ${{ matrix.node }}
           cache: 'npm'
@@ -90,7 +90,7 @@ jobs:
         run: cd src && npm test
       -
         name: Install Cypress
-        run: cd src && npm install cypress
+        run: cd src && npm install cypress --legacy-peer-deps
       -
         name: Run Etherpad & Test Frontend
         run: |

.github/workflows/windows.yml

@@ -26,7 +26,7 @@ jobs:
         name: Checkout repository
         uses: actions/checkout@v4
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'
@@ -106,7 +106,7 @@ jobs:
         name: Extract Etherpad
         run: 7z x etherpad-win.zip -oetherpad
       -
-        uses: actions/setup-node@v3
+        uses: actions/setup-node@v4
         with:
           node-version: 20
           cache: 'npm'
@@ -115,7 +115,7 @@ jobs:
             etherpad/src/bin/doc/package-lock.json
       -
         name: Install Cypress
-        run: cd etherpad && cd src && npm install cypress
+        run: cd etherpad && cd src && npm install cypress --legacy-peer-deps
       -
         name: Run Etherpad
         run: |

CHANGELOG.md

@@ -1,3 +1,14 @@
+# 1.9.4
+
+### Compability changes
+
+* Log4js has been updated to the latest version. As it involved a bump of 6 major version. 
+  A lot has changed since then. Most notably the console appender has been deprecated. You can find out more about it [here](https://github.com/log4js-node/log4js-node)
+
+### Notable enhancements and fixes
+
+* Fix for MySQL: The logger calls were incorrectly configured leading to a crash when e.g. somebody uses a different encoding than standard MySQL encoding. 
+
 # 1.9.3
 
 ### Compability changes

doc/api/hooks_client-side.adoc

@@ -283,7 +283,7 @@ Things in context:
 This hook is called on the client side whenever a user joins or changes. This
 can be used to create notifications or an alternate user list.
 
-=== `chatNewMessage`
+=== chatNewMessage
 
 Called from: `src/static/js/chat.js`
 
@@ -319,7 +319,7 @@ Context properties:
 * `duration`: How long (in milliseconds) to display the gritter notification (0
   to disable).
 
-=== `chatSendMessage`
+=== chatSendMessage
 
 Called from: `src/static/js/chat.js`
 

doc/api/hooks_server-side.adoc

@@ -51,7 +51,7 @@ Things in context:
 
 If this hook returns an error, the callback to the install function gets an error, too. This seems useful for adding in features when a particular plugin is installed.
 
-=== `init_<plugin name>`
+=== init_<plugin name>
 
 Called from: `src/static/js/pluginfw/plugins.js`
 
@@ -62,7 +62,7 @@ Context properties:
   * `logger`: An object with the following `console`-like methods: `debug`,
     `info`, `log`, `warn`, `error`.
 
-=== `expressPreSession`
+=== expressPreSession
 
 Called from: `src/node/hooks/express.js`
 
@@ -92,7 +92,7 @@ exports.expressPreSession = async (hookName, {app}) => {
 };
 ----
 
-=== `expressConfigure`
+=== expressConfigure
 
 Called from: `src/node/hooks/express.js`
 
@@ -107,7 +107,7 @@ Context properties:
 * `app`: The Express https://expressjs.com/en/4x/api.html==app[Application]
   object.
 
-=== `expressCreateServer`
+=== expressCreateServer
 
 Called from: `src/node/hooks/express.js`
 
@@ -210,7 +210,7 @@ Things in context:
 This hook gets called when the access to the concrete pad is being checked.
 Return `false` to deny access.
 
-=== `getAuthorId`
+=== getAuthorId
 
 Called from `src/node/db/AuthorManager.js`
 
@@ -267,7 +267,7 @@ exports.getAuthorId = async (hookName, context) => {
 };
 ----
 
-=== `padCreate`
+=== padCreate
 
 Called from: `src/node/db/Pad.js`
 
@@ -279,7 +279,7 @@ Context properties:
 * `authorId`: The ID of the author who created the pad.
 * `author` (**deprecated**): Synonym of `authorId`.
 
-=== `padDefaultContent`
+=== padDefaultContent
 
 Called from `src/node/db/Pad.js`
 
@@ -304,7 +304,7 @@ Context properties:
   be updated to match. Plugins must check the value of the `type` property
   before reading this value.
 
-=== `padLoad`
+=== padLoad
 
 Called from: `src/node/db/PadManager.js`
 
@@ -315,7 +315,7 @@ Context properties:
 * `pad`: The Pad object.
 
 [#_padupdate]
-=== `padUpdate`
+=== padUpdate
 
 Called from: `src/node/db/Pad.js`
 
@@ -329,7 +329,7 @@ Context properties:
 * `revs`: The index of the new revision.
 * `changeset`: The changeset of this revision (see <<_padupdate>>).
 
-=== `padCopy`
+=== padCopy
 
 Called from: `src/node/db/Pad.js`
 
@@ -355,7 +355,7 @@ Usage examples:
 
   * https://github.com/ether/ep_comments_page
 
-=== `padRemove`
+=== padRemove
 
 Called from: `src/node/db/Pad.js`
 
@@ -370,7 +370,7 @@ Usage examples:
 
   * https://github.com/ether/ep_comments_page
 
-=== `padCheck`
+=== padCheck
 
 Called from: `src/node/db/Pad.js`
 
@@ -393,7 +393,7 @@ Things in context:
 
 I have no idea what this is useful for, someone else will have to add this description.
 
-=== `preAuthorize`
+=== preAuthorize
 
 Called from: `src/node/hooks/express/webaccess.js`
 
@@ -700,7 +700,7 @@ exports.authzFailure = (hookName, context, cb) => {
 };
 ----
 
-=== `handleMessage`
+=== handleMessage
 
 Called from: `src/node/handler/PadMessageHandler.js`
 
@@ -733,7 +733,7 @@ exports.handleMessage = async (hookName, {message, socket}) => {
 };
 ----
 
-=== `handleMessageSecurity`
+=== handleMessageSecurity
 
 Called from: `src/node/handler/PadMessageHandler.js`
 
@@ -819,7 +819,7 @@ exports.clientVars = (hookName, context, callback) => {
 };
 ----
 
-=== `getLineHTMLForExport`
+=== getLineHTMLForExport
 
 Called from: `src/node/utils/ExportHtml.js`
 
@@ -968,7 +968,7 @@ exports.exportHtmlAdditionalTagsWithData = function(hook, pad, cb){
 };
 ----
 
-=== `exportEtherpadAdditionalContent`
+=== exportEtherpadAdditionalContent
 
 Called from `src/node/utils/ExportEtherpad.js` and
 `src/node/utils/ImportEtherpad.js`.
@@ -990,7 +990,7 @@ Example:
 exports.exportEtherpadAdditionalContent = () => ['comments'];
 ----
 
-=== `exportEtherpad`
+=== exportEtherpad
 
 Called from `src/node/utils/ExportEtherpad.js`.
 
@@ -1013,7 +1013,7 @@ Context properties:
     should not assume that it is either the pad's real writable ID or its
     read-only ID.
 
-=== `importEtherpad`
+=== importEtherpad
 
 Called from `src/node/utils/ImportEtherpad.js`.
 
@@ -1032,7 +1032,7 @@ Context properties:
     modified.
   * `srcPadId`: The pad ID used for the pad-specific information in `data`.
 
-=== `import`
+=== import
 
 Called from: `src/node/handler/ImportHandler.js`
 
@@ -1062,7 +1062,7 @@ exports.import = async (hookName, {fileEnding, ImportError}) => {
 };
 ----
 
-=== `userJoin`
+=== userJoin
 
 Called from: `src/node/handler/PadMessageHandler.js`
 
@@ -1086,7 +1086,7 @@ exports.userJoin = async (hookName, {authorId, displayName, padId}) => {
 };
 ```
 
-=== `userLeave`
+=== userLeave
 
 Called from: `src/node/handler/PadMessageHandler.js`
 
@@ -1110,7 +1110,7 @@ exports.userLeave = async (hookName, {author, padId}) => {
 };
 ----
 
-=== `chatNewMessage`
+=== chatNewMessage
 
 Called from: `src/node/handler/PadMessageHandler.js`
 

doc/assets/style.css

@@ -1,9 +1,9 @@
 body {
   border-top: solid #44b492 5pt;
-  line-height:150%;
-  font-family: 'Quicksand',sans-serif;
+  line-height: 150%;
+  font-family: "Quicksand", sans-serif;
   color: #313b4a;
-  max-width:800px;
+  max-width: 1440px;
   margin: 0 auto;
   padding: 20px;
 }
@@ -12,24 +12,25 @@ a {
   color: #555;
 }
 
-h1,h2 {
+h1,
+h2 {
   color: #44b492;
-  line-height:100%;
+  line-height: 100%;
 }
 
 h2 {
-  font-size: 48px ;
+  font-size: 48px;
 }
 
 h3 {
   font-size: 1.8rem;
 }
 
-h4{
+h4 {
   font-size: 1.5rem;
 }
 
-h5{
+h5 {
   font-size: 1.2rem;
 }
 
@@ -39,7 +40,7 @@ a:hover {
 
 pre {
   background-color: #e0e0e0;
-  padding:20px;
+  padding: 20px;
 }
 
 code {
@@ -50,7 +51,9 @@ img {
   max-width: 100%;
 }
 
-table, th, td {
+table,
+th,
+td {
   text-align: left;
   border: 1px solid gray;
   border-collapse: collapse;
@@ -58,7 +61,7 @@ table, th, td {
 
 th {
   padding: 0.5em;
-  background: #EEE;
+  background: #eee;
 }
 
 td {

doc/cookies.adoc

@@ -19,7 +19,7 @@ Cookies used by Etherpad.
 | Session
 | true
 | true
-| Session ID of the https://expressjs.com[Express web framework]. When Etherpad is behind a reverse proxy, and an administrator wants to use session stickiness, he may use this cookie. If you are behind a reverse proxy, please remember to set `trustProxy: true` in `settings.json`. Set in [webaccess.js#L131](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/node/hooks/express/webaccess.js#L131).
+| Session ID of the https://expressjs.com[Express web framework]. When Etherpad is behind a reverse proxy, and an administrator wants to use session stickiness, he may use this cookie. If you are behind a reverse proxy, please remember to set `trustProxy: true` in `settings.json`. Set in https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/node/hooks/express/webaccess.js#L131[webaccess.js#L131].
 
 
 |language
@@ -29,7 +29,7 @@ Cookies used by Etherpad.
 | Session
 | false
 | true
-| The language of the UI (e.g.: `en-GB`, `it`). Set in [pad_editor.js#L111](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad_editor.js#L111).
+| The language of the UI (e.g.: `en-GB`, `it`). Set in https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad_editor.js#L111[pad_editor.js#L111].
 
 
 |prefs / prefsHttp
@@ -39,7 +39,7 @@ Cookies used by Etherpad.
 | year 3000
 | false
 | true
-| Client-side preferences (e.g.: font family, chat always visible, show authorship colors, ...). Set in [pad_cookie.js#L49](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad_cookie.js#L49). `prefs` is used if Etherpad is accessed over HTTPS, `prefsHttp` if accessed over HTTP. For more info see https://github.com/ether/etherpad-lite/issues/3179.
+| Client-side preferences (e.g.: font family, chat always visible, show authorship colors, ...). Set in https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad_cookie.js#L49[pad_cookie.js#L49]. `prefs` is used if Etherpad is accessed over HTTPS, `prefsHttp` if accessed over HTTP. For more info see https://github.com/ether/etherpad-lite/issues/3179.
 
 
 
@@ -50,7 +50,7 @@ Cookies used by Etherpad.
 | 60 days
 | false
 | true
-| A random token representing the author, of the form `t.randomstring_of_lenght_20`. The random string is generated by the client, at (https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad.js#L55-L66[pad.js#L55-L66]). This cookie is always set by the client (at (https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad.js#L153-L158[pad.js#L153-L158])) without any solicitation from the server. It is used for all the pads accessed via the web UI (not used for the HTTP API). On the server side, its value is accessed at [SecurityManager.js#L33](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/node/db/SecurityManager.js#L33).
+| A random token representing the author, of the form `t.randomstring_of_lenght_20`. The random string is generated by the client, at https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad.js#L55-L66[pad.js#L55-L66]. This cookie is always set by the client at https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad.js#L153-L158[pad.js#L153-L158] without any solicitation from the server. It is used for all the pads accessed via the web UI (not used for the HTTP API). On the server side, its value is accessed at https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/node/db/SecurityManager.js#L33[SecurityManager.js#L33].
 |===
 
 For more info, visit the related discussion at https://github.com/ether/etherpad-lite/issues/3563.

doc/localization.adoc

@@ -20,12 +20,13 @@ Translations will be send back to us regularly and will eventually appear in the
 
 [source,json]
 ----
-{ "pad.modals.connected": "Connecté."
-, "pad.modals.uderdup": "Ouvrir dans une nouvelle fenêtre."
-, "pad.toolbar.unindent.title": "Dèsindenter"
-, "pad.toolbar.undo.title": "Annuler (Ctrl-Z)"
-, "timeslider.pageTitle": "{{appTitle}} Curseur temporel",
-, ...
+{ 
+  "pad.modals.connected": "Connecté.",
+  "pad.modals.uderdup": "Ouvrir dans une nouvelle fenêtre.",
+  "pad.toolbar.unindent.title": "Dèsindenter",
+  "pad.toolbar.undo.title": "Annuler (Ctrl-Z)",
+  "timeslider.pageTitle": "{{appTitle}} Curseur temporel",
+  ...
 }
 ----
 
@@ -71,7 +72,7 @@ alert(window._('pad.chat'));
 ----
 ==== 2. Create translate files in the locales directory of your plugin
 
-* The name of the file must be the language code of the language it contains translations for (see https://joker-x.github.com/languages4translatewiki/test/[supported lang codes]; e.g. en ? English, es ? Spanish...)
+* The name of the file must be the language code of the language it contains translations for (see https://joker-x.github.io/languages4translatewiki/test/[supported lang codes]; e.g. en ? English, es ? Spanish...)
 * The extension of the file must be `.json`
 * The default language is English, so your plugin should always provide `en.json`
 * In order to avoid naming conflicts, your message keys should start with the name of your plugin followed by a dot (see below)
@@ -80,7 +81,8 @@ alert(window._('pad.chat'));
 
 [source, json]
 ----
-{ "ep_your-plugin.h1": "Heading 1"
+{ 
+  "ep_your-plugin.h1": "Heading 1"
 }
 ----
 
@@ -88,7 +90,8 @@ alert(window._('pad.chat'));
 
 [source, json]
 ----
-{ "ep_your-plugin.h1": "Título 1"
+{ 
+  "ep_your-plugin.h1": "Título 1"
 }
 ----
 
@@ -103,8 +106,9 @@ For example, if you want to replace `Chat` with `Notes`, simply add...
 
 [source,json]
 ----
-{ "ep_your-plugin.h1": "Heading 1"
-, "pad.chat": "Notes"
+{ 
+  "ep_your-plugin.h1": "Heading 1",
+  "pad.chat": "Notes"
 }
 ----
 

doc/plugins.adoc

@@ -64,7 +64,7 @@ translations into `locales/`, though, in order to have them integrated. (See
 Your plugin definition goes into `ep.json`. In this file you register your hook
 functions, indicate the parts of your plugin and the order of execution. (A
 documentation of all available events to hook into can be found in chapter
-[hooks](#all_hooks).)
+<<Server-side hooks>>.)
 
 [source,json]
 ----
@@ -88,7 +88,7 @@ A hook function registration maps a hook name to a hook function specification.
 The hook function specification looks like `ep_example/file.js:functionName`. It
 consists of two parts separated by a colon: a module name to `require()` and the
 name of a function exported by the named module. See
-[`module.exports`](https://nodejs.org/docs/latest/api/modules.html#modules_module_exports)
+https://nodejs.org/docs/latest/api/modules.html#modules_module_exports[`module.exports`]
 for how to export a function.
 
 For the module name you can omit the `.js` suffix, and if the file is `index.js`

settings.json.docker

@@ -207,15 +207,15 @@
 
   "dbType": "${DB_TYPE:dirty}",
   "dbSettings": {
-    "host":     "${DB_HOST:undefined}",
-    "port":     "${DB_PORT:undefined}",
-    "database": "${DB_NAME:undefined}",
-    "user":     "${DB_USER:undefined}",
-    "password": "${DB_PASS:undefined}",
-    "charset":  "${DB_CHARSET:undefined}",
-    "filename": "${DB_FILENAME:var/dirty.db}",
+    "host":       "${DB_HOST:undefined}",
+    "port":       "${DB_PORT:undefined}",
+    "database":   "${DB_NAME:undefined}",
+    "user":       "${DB_USER:undefined}",
+    "password":   "${DB_PASS:undefined}",
+    "charset":    "${DB_CHARSET:undefined}",
+    "filename":   "${DB_FILENAME:var/dirty.db}",
     "collection": "${DB_COLLECTION:undefined}",
-    "url":      "${DB_URL:undefined}"
+    "url":        "${DB_URL:undefined}"
   },
 
   /*

src/bin/doc/package-lock.json

@@ -5,9 +5,9 @@
   "requires": true,
   "dependencies": {
     "marked": {
-      "version": "9.1.0",
-      "resolved": "https://registry.npmjs.org/marked/-/marked-9.1.0.tgz",
-      "integrity": "sha512-VZjm0PM5DMv7WodqOUps3g6Q7dmxs9YGiFUZ7a2majzQTTCgX+6S6NAJHPvOhgFBzYz8s4QZKWWMfZKFmsfOgA=="
+      "version": "9.1.4",
+      "resolved": "https://registry.npmjs.org/marked/-/marked-9.1.4.tgz",
+      "integrity": "sha512-Mq83CCaClhXqhf8sLQ57c1unNelHEuFadK36ga+GeXR4FeT/5ssaC5PaCRVqMA74VYorzYRqdAaxxteIanh3Kw=="
     }
   }
 }

src/bin/doc/package.json

@@ -7,7 +7,7 @@
     "node": ">=12.17.0"
   },
   "dependencies": {
-    "marked": "^9.1.0"
+    "marked": "^9.1.4"
   },
   "devDependencies": {},
   "optionalDependencies": {},

src/bin/installOnWindows.bat

@@ -14,7 +14,7 @@ cd /D node_modules
 mklink /D "ep_etherpad-lite" "..\src"
 
 cd /D "ep_etherpad-lite"
-cmd /C npm ci || exit /B 1
+cmd /C npm ci --legacy-peer-deps || exit /B 1
 
 cd /D "%~dp0\..\.."
 

src/bin/release.js

@@ -9,9 +9,12 @@ const childProcess = require('child_process');
 const log4js = require('log4js');
 const path = require('path');
 const semver = require('semver');
-const {exec} = require("child_process");
+const {exec} = require('child_process');
 
-log4js.replaceConsole();
+log4js.configure({appenders: {console: {type: 'console'}},
+  categories: {
+    default: {appenders: ['console'], level: 'info'},
+  }});
 
 /*
 
@@ -78,11 +81,11 @@ const assertUpstreamOk = (branch, opts = {}) => {
 };
 
 // Check if asciidoctor is installed
-exec('asciidoctor -v', (err,stdout)=>{
-  if (err){
-    console.log('Please install asciidoctor')
-    console.log('https://asciidoctor.org/docs/install-toolchain/')
-    process.exit(1)
+exec('asciidoctor -v', (err, stdout) => {
+  if (err) {
+    console.log('Please install asciidoctor');
+    console.log('https://asciidoctor.org/docs/install-toolchain/');
+    process.exit(1);
   }
 });
 
@@ -183,7 +186,7 @@ try {
   run('git pull --ff-only', {cwd: '../ether.github.com/'});
   console.log('Committing documentation...');
   run(`cp -R out/doc/ ../ether.github.com/public/doc/v'${newVersion}'`);
-  run(`npm version ${newVersion}`, {cwd:'../ether.github.com'})
+  run(`npm version ${newVersion}`, {cwd: '../ether.github.com'});
   run('git add .', {cwd: '../ether.github.com/'});
   run(`git commit -m '${newVersion} docs'`, {cwd: '../ether.github.com/'});
 } catch (err) {

src/locales/ast.json

@@ -1,7 +1,8 @@
 {
 	"@metadata": {
 		"authors": [
-			"Xuacu"
+			"Xuacu",
+			"YoaR"
 		]
 	},
 	"index.newPad": "Nuevu bloc",
@@ -25,9 +26,9 @@
 	"pad.toolbar.embed.title": "Compartir ya incrustar esti bloc",
 	"pad.toolbar.showusers.title": "Amosar los usuarios d'esti bloc",
 	"pad.colorpicker.save": "Guardar",
-	"pad.colorpicker.cancel": "Encaboxar",
+	"pad.colorpicker.cancel": "Zarrar",
 	"pad.loading": "Cargando...",
-	"pad.noCookie": "Nun pudo alcontrase la cookie. ¡Por favor, permite les cookies nel navegador! La sesión y preferencies  nun se guarden ente visites. Esto pué debese a qu'Etherpad inclúyese nun iFrame en dalgunos restoladores. Asegúrate de qu'Etherpad tea nel mesmu subdominiu/dominiu que la iFrame padre",
+	"pad.noCookie": "Nun pudo alcontrase la cookie. ¡Por favor, permite les cookies nel navegador! La sesión y preferencies  nun se guarden ente visites. Esto pue debese a qu'Etherpad inclúyese nun iFrame en dalgunos restoladores. Asegúrate de qu'Etherpad tea nel mesmu subdominiu/dominiu que l'iFrame padre",
 	"pad.permissionDenied": "Nun tienes permisu pa entrar a esti bloc",
 	"pad.settings.padSettings": "Configuración del bloc",
 	"pad.settings.myView": "la mio vista",
@@ -56,7 +57,7 @@
 	"pad.modals.reconnecting": "Reconeutando col to bloc...",
 	"pad.modals.forcereconnect": "Forzar la reconexón",
 	"pad.modals.reconnecttimer": "Tentando reconeutar en",
-	"pad.modals.cancel": "Encaboxar",
+	"pad.modals.cancel": "Zarrar",
 	"pad.modals.userdup": "Abiertu n'otra ventana",
 	"pad.modals.userdup.explanation": "Esti bloc paez que ta abiertu en más d'una ventana del navegador d'esti ordenador.",
 	"pad.modals.userdup.advice": "Reconeutar pa usar esta ventana.",

src/locales/da.json

@@ -4,13 +4,29 @@
 			"Christian List",
 			"Joedalton",
 			"Peter Alberti",
+			"Peterleth",
 			"Saederup92",
 			"Steenth"
 		]
 	},
+	"admin.page-title": "Admin Dashboard - Etherpad",
+	"admin_plugins": "Plugin manager",
+	"admin_plugins.available": "Tilgængelige Plugins",
+	"admin_plugins.available_not-found": "Ingen plugins fundet.",
 	"admin_plugins.available_fetching": "Henter...",
+	"admin_plugins.available_install.value": "Installer",
+	"admin_plugins.available_search.placeholder": "Søg efter plugins der kan installeres",
 	"admin_plugins.description": "Beskrivelse",
+	"admin_plugins.installed": "Installerede plugins",
+	"admin_plugins.installed_fetching": "Henter installerede plugins...",
+	"admin_plugins.installed_nothing": "Du har ikke installeret nogen plugins endnu.",
+	"admin_plugins.installed_uninstall.value": "Afinstaller",
+	"admin_plugins.last-update": "Sidst opdateret",
 	"admin_plugins.name": "Navn",
+	"admin_plugins.page-title": "Plugin manager - Etherpad",
+	"admin_plugins.version": "Version",
+	"admin_plugins_info": "Fejlfindingsoplysninger",
+	"admin_plugins_info.hooks": "Installerede hooks",
 	"admin_settings": "Indstillinger",
 	"index.newPad": "Ny Pad",
 	"index.createOpenPad": "eller opret/åbn en Pad med navnet:",

src/locales/lt.json

@@ -16,8 +16,33 @@
 	"admin_plugins.available_not-found": "Įskiepių nerasta.",
 	"admin_plugins.available_fetching": "Gaunama…",
 	"admin_plugins.available_install.value": "Įdiegti",
+	"admin_plugins.available_search.placeholder": "Ieškokite įskiepių įdiegimui",
+	"admin_plugins.description": "Aprašymas",
+	"admin_plugins.installed": "Įdiegti įskiepiai",
+	"admin_plugins.installed_fetching": "Gaunami įdiegti papildiniai…",
+	"admin_plugins.installed_nothing": "Dar neįdiegėte jokių papildinių.",
+	"admin_plugins.installed_uninstall.value": "Išinstaluoti",
+	"admin_plugins.last-update": "Paskutinis atnaujinimas",
+	"admin_plugins.name": "Pavadinimas",
+	"admin_plugins.page-title": "Papildinių tvarkyklė – Etherpad",
+	"admin_plugins.version": "Versija",
+	"admin_plugins_info": "Trikčių šalinimo informacija",
+	"admin_plugins_info.parts": "Įdiegtos dalys",
+	"admin_plugins_info.plugins": "Įdiegti papildiniai",
+	"admin_plugins_info.page-title": "Papildinio informacija – Etherpad",
+	"admin_plugins_info.version": "Etherpad versija",
+	"admin_plugins_info.version_latest": "Naujausia prieinama versija",
+	"admin_plugins_info.version_number": "Versijos numeris",
+	"admin_settings": "Nustatymai",
+	"admin_settings.current": "Dabartinė konfigūracija",
+	"admin_settings.current_example-devel": "Kūrimo nustatymų šablono pavyzdys",
+	"admin_settings.current_example-prod": "Gamybos nustatymų šablono pavyzdys",
+	"admin_settings.current_restart.value": "Iš naujo paleisti Etherpad",
+	"admin_settings.current_save.value": "Išsaugoti nustatymus",
+	"admin_settings.page-title": "Nustatymai – Etherpad",
 	"index.newPad": "Naujas bloknotas",
 	"index.createOpenPad": "arba sukurkite/atidarykite Bloknotą su pavadinimu:",
+	"index.openPad": "atidaryti egzistuojantį bloknotą su pavadinimu:",
 	"pad.toolbar.bold.title": "Paryškintasis (Ctrl-B)",
 	"pad.toolbar.italic.title": "Pasvirasis (Ctrl-I)",
 	"pad.toolbar.underline.title": "Pabraukimas (Ctrl-U)",
@@ -50,6 +75,8 @@
 	"pad.settings.fontType": "Šrifto tipas:",
 	"pad.settings.fontType.normal": "Normalus",
 	"pad.settings.language": "Kalba:",
+	"pad.settings.about": "Apie",
+	"pad.settings.poweredBy": "Palaiko",
 	"pad.importExport.import_export": "Importuoti/Eksportuoti",
 	"pad.importExport.import": "Įkelkite bet kokį tekstinį failą arba dokumentą",
 	"pad.importExport.importSuccessful": "Pavyko!",
@@ -60,9 +87,9 @@
 	"pad.importExport.exportword": "Microsoft Word",
 	"pad.importExport.exportpdf": "PDF",
 	"pad.importExport.exportopen": "ODF (Atvirasis dokumento formatas)",
-	"pad.importExport.abiword.innerHTML": "Galite importuoti tik iš paprasto teksto ar HTML formato. Dėl išplėstinių importavimo funkcijų prašome <a href=\"https://github.com/ether/etherpad-lite/wiki/How-to-enable-importing-and-exporting-different-file-formats-in-Ubuntu-or-OpenSuse-or-SLES-with-AbiWord\">įdiegti AbiWord</a>.",
+	"pad.importExport.abiword.innerHTML": "Galite importuoti tik iš paprasto teksto ar HTML formatų. Dėl išplėstinių importavimo funkcijų prašome <a href=\"https://github.com/ether/etherpad-lite/wiki/How-to-enable-importing-and-exporting-different-file-formats-in-Ubuntu-or-OpenSuse-or-SLES-with-AbiWord\">įdiegti AbiWord ar LibreOffice</a>.",
 	"pad.modals.connected": "Prisijungta.",
-	"pad.modals.reconnecting": "Iš naujo prisijungiama prie Jūsų bloknoto",
+	"pad.modals.reconnecting": "Iš naujo prisijungiama prie jūsų bloknoto…",
 	"pad.modals.forcereconnect": "Priversti prisijungti iš naujo",
 	"pad.modals.reconnecttimer": "Bandoma vėl prisijungti",
 	"pad.modals.cancel": "Atšaukti",
@@ -84,6 +111,9 @@
 	"pad.modals.corruptPad.cause": "Tai gali nutikti dėl neteisingos serverio konfigūracijos ar kitos netikėtos elgsenos. Prašome susisiekti su paslaugos administratoriumi.",
 	"pad.modals.deleted": "Ištrintas.",
 	"pad.modals.deleted.explanation": "Bloknotas buvo pašalintas.",
+	"pad.modals.rateLimited.explanation": "Išsiuntėte per daug pranešimų į šį bloknotą, todėl jis atjungė jus.",
+	"pad.modals.rejected.explanation": "Serveris atmetė jūsų naršyklės išsiųstą pranešimą.",
+	"pad.modals.rejected.cause": "Gali būti, kad serveris buvo atnaujintas jums peržiūrint bloknotą, o gal tai Etherpad klaida. Pabandykite iš naujo įkelti puslapį.",
 	"pad.modals.disconnected": "Jūs atsijungėte.",
 	"pad.modals.disconnected.explanation": "Ryšys su serveriu nutrūko",
 	"pad.modals.disconnected.cause": "Gali būti, kad serveris yra nepasiekiamas. Prašome informuoti paslaugos administratorių jei tai tęsiasi.",
@@ -96,6 +126,7 @@
 	"pad.chat.loadmessages": "Įkrauti daugiau pranešimų",
 	"pad.chat.stick.title": "Priklijuoti pokalbį",
 	"pad.chat.writeMessage.placeholder": "Rašykite savo žinutę čia",
+	"timeslider.followContents": "Sekite bloknoto turinio atnaujinimus",
 	"timeslider.pageTitle": "{{appTitle}} Laiko slinkiklis",
 	"timeslider.toolbar.returnbutton": "Grįžti į bloknotą",
 	"timeslider.toolbar.authors": "Autoriai:",
@@ -125,7 +156,7 @@
 	"pad.savedrevs.timeslider": "Galite peržiūrėti išsaugotas peržiūras apsilankydami laiko slinkiklyje",
 	"pad.userlist.entername": "Įveskite savo vardą",
 	"pad.userlist.unnamed": "bevardis",
-	"pad.editbar.clearcolors": "Išvalyti autorystės spalvas visame dokumente?",
+	"pad.editbar.clearcolors": "Išvalyti autorystės spalvas visame dokumente? To negalima atšaukti",
 	"pad.impexp.importbutton": "Importuoti dabar",
 	"pad.impexp.importing": "Importuojama...",
 	"pad.impexp.confirmimport": "Failo importavimas pakeis dabartinį bloknoto tekstą. Ar tikrai norite tęsti?",
@@ -134,5 +165,6 @@
 	"pad.impexp.uploadFailed": "Įkėlimas nepavyko, bandykite dar kartą",
 	"pad.impexp.importfailed": "Importuoti nepavyko",
 	"pad.impexp.copypaste": "Prašome nukopijuoti ir įklijuoti",
-	"pad.impexp.exportdisabled": "Eksportavimas {{type}} formatu yra išjungtas. Prašome susisiekti su savo sistemos administratoriumi dėl informacijos."
+	"pad.impexp.exportdisabled": "Eksportavimas {{type}} formatu yra išjungtas. Prašome susisiekti su savo sistemos administratoriumi dėl informacijos.",
+	"pad.impexp.maxFileSize": "Failas per didelis. Susisiekite su svetainės administratoriumi, kad padidintų leistiną importuoti failo dydį"
 }

src/locales/sco.json

@@ -2,6 +2,7 @@
 	"@metadata": {
 		"authors": [
 			"AmaryllisGardener",
+			"CiphriusKane",
 			"John Reid",
 			"Nintendofan885"
 		]
@@ -50,7 +51,7 @@
 	"pad.importExport.exportword": "Microsoft Word",
 	"pad.importExport.exportpdf": "PDF",
 	"pad.importExport.exportopen": "ODF (Open Document Format)",
-	"pad.importExport.abiword.innerHTML": "Ye can yinly import fae plain tex or HTML formats. Fer mair advanced import features please <a href=\"https://github.com/ether/etherpad-lite/wiki/How-to-enable-importing-and-exporting-different-file-formats-in-Ubuntu-or-OpenSuse-or-SLES-with-AbiWord\">install abiword</a>.",
+	"pad.importExport.abiword.innerHTML": "Ye can anely import fae plain tex or HTML formats. Fur mair advanced import features please <a href=\"https://github.com/ether/etherpad-lite/wiki/How-to-enable-importing-and-exporting-different-file-formats-in-Ubuntu-or-OpenSuse-or-SLES-with-AbiWord\">install abiword</a>.",
 	"pad.modals.connected": "Connected.",
 	"pad.modals.reconnecting": "Reconnectin til yer pad..",
 	"pad.modals.forcereconnect": "Force reconnect",
@@ -76,7 +77,7 @@
 	"pad.modals.disconnected.explanation": "The connection til the server wis loast",
 	"pad.modals.disconnected.cause": "The server micht be onavailable. Please notify the service admeenistrater gif this continues tae happen.",
 	"pad.share": "Share this pad",
-	"pad.share.readonly": "Read yinly",
+	"pad.share.readonly": "Read anely",
 	"pad.share.link": "Airtin",
 	"pad.share.emebdcode": "Embed URL",
 	"pad.chat": "Chait",

src/node/db/API.js

@@ -33,7 +33,7 @@ const exportTxt = require('../utils/ExportTxt');
 const importHtml = require('../utils/ImportHtml');
 const cleanText = require('./Pad').cleanText;
 const PadDiff = require('../utils/padDiff');
-const { checkValidRev, isInt } = require('../utils/checkValidRev');
+const {checkValidRev, isInt} = require('../utils/checkValidRev');
 
 /* ********************
  * GROUP FUNCTIONS ****
@@ -193,6 +193,13 @@ Example returns:
 {code: 1, message:"padID does not exist", data: null}
 {code: 1, message:"text too long", data: null}
 */
+/**
+ *
+ * @param {String} padID the id of the pad
+ * @param {String} text the text of the pad
+ * @param {String} authorId the id of the author, defaulting to empty string
+ * @returns {Promise<void>}
+ */
 exports.setText = async (padID, text, authorId = '') => {
   // text is required
   if (typeof text !== 'string') {
@@ -214,7 +221,10 @@ Example returns:
 {code: 0, message:"ok", data: null}
 {code: 1, message:"padID does not exist", data: null}
 {code: 1, message:"text too long", data: null}
-*/
+ @param {String} padID the id of the pad
+ @param {String} text the text of the pad
+ @param {String} authorId the id of the author, defaulting to empty string
+ */
 exports.appendText = async (padID, text, authorId = '') => {
   // text is required
   if (typeof text !== 'string') {
@@ -233,6 +243,9 @@ Example returns:
 
 {code: 0, message:"ok", data: {text:"Welcome <strong>Text</strong>"}}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} padID the id of the pad
+ @param {String} rev the revision number, defaulting to the latest revision
+ @return {Promise<{html: string}>} the html of the pad
 */
 exports.getHTML = async (padID, rev) => {
   if (rev !== undefined) {
@@ -265,6 +278,10 @@ Example returns:
 
 {code: 0, message:"ok", data: null}
 {code: 1, message:"padID does not exist", data: null}
+
+ @param {String} padID the id of the pad
+ @param {String} html the html of the pad
+ @param {String} authorId the id of the author, defaulting to empty string
 */
 exports.setHTML = async (padID, html, authorId = '') => {
   // html string is required
@@ -303,6 +320,9 @@ Example returns:
 {code: 1, message:"start is higher or equal to the current chatHead", data: null}
 
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} padID the id of the pad
+ @param {Number} start the start point of the chat-history
+ @param {Number} end the end point of the chat-history
 */
 exports.getChatHistory = async (padID, start, end) => {
   if (start && end) {
@@ -349,6 +369,10 @@ Example returns:
 
 {code: 0, message:"ok", data: null}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} padID the id of the pad
+ @param {String} text the text of the chat-message
+ @param {String} authorID the id of the author
+ @param {Number} time the timestamp of the chat-message
 */
 exports.appendChatMessage = async (padID, text, authorID, time) => {
   // text is required
@@ -378,6 +402,7 @@ Example returns:
 
 {code: 0, message:"ok", data: {revisions: 56}}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} padID the id of the pad
 */
 exports.getRevisionsCount = async (padID) => {
   // get the pad
@@ -392,6 +417,7 @@ Example returns:
 
 {code: 0, message:"ok", data: {savedRevisions: 42}}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} padID the id of the pad
 */
 exports.getSavedRevisionsCount = async (padID) => {
   // get the pad
@@ -406,6 +432,7 @@ Example returns:
 
 {code: 0, message:"ok", data: {savedRevisions: [2, 42, 1337]}}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} padID the id of the pad
 */
 exports.listSavedRevisions = async (padID) => {
   // get the pad
@@ -420,6 +447,8 @@ Example returns:
 
 {code: 0, message:"ok", data: null}
 {code: 1, message:"padID does not exist", data: null}
+    @param {String} padID the id of the pad
+     @param {Number} rev the revision number, defaulting to the latest revision
 */
 exports.saveRevision = async (padID, rev) => {
   // check if rev is a number
@@ -451,6 +480,8 @@ Example returns:
 
 {code: 0, message:"ok", data: {lastEdited: 1340815946602}}
 {code: 1, message:"padID does not exist", data: null}
+    @param {String} padID the id of the pad
+ @return {Promise<{lastEdited: number}>} the timestamp of the last revision of the pad
 */
 exports.getLastEdited = async (padID) => {
   // get the pad
@@ -466,6 +497,9 @@ Example returns:
 
 {code: 0, message:"ok", data: null}
 {code: 1, message:"pad does already exist", data: null}
+ @param {String} padName the name of the new pad
+    @param {String} text the initial text of the pad
+     @param {String} authorId the id of the author, defaulting to empty string
 */
 exports.createPad = async (padID, text, authorId = '') => {
   if (padID) {
@@ -491,6 +525,7 @@ Example returns:
 
 {code: 0, message:"ok", data: null}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} padID the id of the pad
 */
 exports.deletePad = async (padID) => {
   const pad = await getPadSafe(padID, true);
@@ -504,6 +539,9 @@ exports.deletePad = async (padID) => {
 
  {code:0, message:"ok", data:null}
  {code: 1, message:"padID does not exist", data: null}
+ @param {String} padID the id of the pad
+ @param {Number} rev the revision number, defaulting to the latest revision
+ @param {String} authorId the id of the author, defaulting to empty string
  */
 exports.restoreRevision = async (padID, rev, authorId = '') => {
   // check if rev is a number
@@ -568,6 +606,9 @@ Example returns:
 
 {code: 0, message:"ok", data: {padID: destinationID}}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} sourceID the id of the source pad
+ @param {String} destinationID the id of the destination pad
+ @param {Boolean} force whether to overwrite the destination pad if it exists
 */
 exports.copyPad = async (sourceID, destinationID, force) => {
   const pad = await getPadSafe(sourceID, true);
@@ -582,6 +623,10 @@ Example returns:
 
 {code: 0, message:"ok", data: {padID: destinationID}}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} sourceID the id of the source pad
+ @param {String} destinationID the id of the destination pad
+ @param {Boolean} force whether to overwrite the destination pad if it exists
+ @param {String} authorId the id of the author, defaulting to empty string
 */
 exports.copyPadWithoutHistory = async (sourceID, destinationID, force, authorId = '') => {
   const pad = await getPadSafe(sourceID, true);
@@ -596,6 +641,9 @@ Example returns:
 
 {code: 0, message:"ok", data: {padID: destinationID}}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} sourceID the id of the source pad
+ @param {String} destinationID the id of the destination pad
+ @param {Boolean} force whether to overwrite the destination pad if it exists
 */
 exports.movePad = async (sourceID, destinationID, force) => {
   const pad = await getPadSafe(sourceID, true);
@@ -610,6 +658,7 @@ Example returns:
 
 {code: 0, message:"ok", data: null}
 {code: 1, message:"padID does not exist", data: null}
+ @param {String} padID the id of the pad
 */
 exports.getReadOnlyID = async (padID) => {
   // we don't need the pad object, but this function does all the security stuff for us
@@ -628,6 +677,7 @@ Example returns:
 
 {code: 0, message:"ok", data: {padID: padID}}
 {code: 1, message:"padID does not exist", data: null}
+    @param {String} roID the readonly id of the pad
 */
 exports.getPadID = async (roID) => {
   // get the PadId
@@ -646,6 +696,8 @@ Example returns:
 
 {code: 0, message:"ok", data: null}
 {code: 1, message:"padID does not exist", data: null}
+    @param {String} padID the id of the pad
+     @param {Boolean} publicStatus the public status of the pad
 */
 exports.setPublicStatus = async (padID, publicStatus) => {
   // ensure this is a group pad
@@ -669,6 +721,7 @@ Example returns:
 
 {code: 0, message:"ok", data: {publicStatus: true}}
 {code: 1, message:"padID does not exist", data: null}
+     @param {String} padID the id of the pad
 */
 exports.getPublicStatus = async (padID) => {
   // ensure this is a group pad
@@ -686,6 +739,7 @@ Example returns:
 
 {code: 0, message:"ok", data: {authorIDs : ["a.s8oes9dhwrvt0zif", "a.akf8finncvomlqva"]}
 {code: 1, message:"padID does not exist", data: null}
+     @param {String} padID the id of the pad
 */
 exports.listAuthorsOfPad = async (padID) => {
   // get the pad
@@ -715,6 +769,8 @@ Example returns:
 
 {code: 0, message:"ok"}
 {code: 1, message:"padID does not exist"}
+     @param {String} padID the id of the pad
+     @param {String} msg the message to send
 */
 
 exports.sendClientsMessage = async (padID, msg) => {
@@ -740,6 +796,8 @@ Example returns:
 
 {code: 0, message:"ok", data: {chatHead: 42}}
 {code: 1, message:"padID does not exist", data: null}
+     @param {String} padID the id of the pad
+     @return {Promise<{chatHead: number}>} the chatHead of the pad
 */
 exports.getChatHead = async (padID) => {
   // get the pad
@@ -763,7 +821,9 @@ Example returns:
   }
 }
 {"code":4,"message":"no or wrong API Key","data":null}
-
+  @param {String} padID the id of the pad
+ @param {Number} startRev the start revision number
+ @param {Number} endRev the end revision number
 */
 exports.createDiffHTML = async (padID, startRev, endRev) => {
   // check if startRev is a number
@@ -779,11 +839,9 @@ exports.createDiffHTML = async (padID, startRev, endRev) => {
   // get the pad
   const pad = await getPadSafe(padID, true);
   const headRev = pad.getHeadRevisionNumber();
-  if (startRev > headRev)
-    startRev = headRev;
+  if (startRev > headRev) startRev = headRev;
 
-  if (endRev > headRev)
-    endRev = headRev;
+  if (endRev > headRev) endRev = headRev;
 
   let padDiff;
   try {
@@ -810,7 +868,6 @@ exports.createDiffHTML = async (padID, startRev, endRev) => {
  {"code":0,"message":"ok","data":{"totalPads":3,"totalSessions": 2,"totalActivePads": 1}}
  {"code":4,"message":"no or wrong API Key","data":null}
  */
-
 exports.getStats = async () => {
   const sessionInfos = padMessageHandler.sessioninfos;
 

src/node/db/AuthorManager.js

@@ -93,6 +93,7 @@ exports.getColorPalette = () => [
 
 /**
  * Checks if the author exists
+ * @param {String} authorID The id of the author
  */
 exports.doesAuthorExist = async (authorID) => {
   const author = await db.get(`globalAuthor:${authorID}`);
@@ -100,50 +101,12 @@ exports.doesAuthorExist = async (authorID) => {
   return author != null;
 };
 
-/* exported for backwards compatibility */
+/**
+ exported for backwards compatibility
+ @param {String} authorID The id of the author
+  */
 exports.doesAuthorExists = exports.doesAuthorExist;
 
-const getAuthor4Token = async (token) => {
-  const author = await mapAuthorWithDBKey('token2author', token);
-
-  // return only the sub value authorID
-  return author ? author.authorID : author;
-};
-
-exports.getAuthorId = async (token, user) => {
-  const context = {dbKey: token, token, user};
-  let [authorId] = await hooks.aCallFirst('getAuthorId', context);
-  if (!authorId) authorId = await getAuthor4Token(context.dbKey);
-  return authorId;
-};
-
-/**
- * Returns the AuthorID for a token.
- *
- * @deprecated Use `getAuthorId` instead.
- * @param {String} token The token
- */
-exports.getAuthor4Token = async (token) => {
-  warnDeprecated(
-      'AuthorManager.getAuthor4Token() is deprecated; use AuthorManager.getAuthorId() instead');
-  return await getAuthor4Token(token);
-};
-
-/**
- * Returns the AuthorID for a mapper.
- * @param {String} token The mapper
- * @param {String} name The name of the author (optional)
- */
-exports.createAuthorIfNotExistsFor = async (authorMapper, name) => {
-  const author = await mapAuthorWithDBKey('mapper2author', authorMapper);
-
-  if (name) {
-    // set the name of this author
-    await exports.setAuthorName(author.authorID, name);
-  }
-
-  return author;
-};
 
 /**
  * Returns the AuthorID for a mapper. We can map using a mapperkey,
@@ -174,6 +137,60 @@ const mapAuthorWithDBKey = async (mapperkey, mapper) => {
   return {authorID: author};
 };
 
+/**
+ * Returns the AuthorID for a token.
+ * @param {String} token The token of the author
+ * @return {Promise<string|*|{authorID: string}|{authorID: *}>}
+ */
+const getAuthor4Token = async (token) => {
+  const author = await mapAuthorWithDBKey('token2author', token);
+
+  // return only the sub value authorID
+  return author ? author.authorID : author;
+};
+
+/**
+ * Returns the AuthorID for a token.
+ * @param {String} token
+ * @param {Object} user
+ * @return {Promise<*>}
+ */
+exports.getAuthorId = async (token, user) => {
+  const context = {dbKey: token, token, user};
+  let [authorId] = await hooks.aCallFirst('getAuthorId', context);
+  if (!authorId) authorId = await getAuthor4Token(context.dbKey);
+  return authorId;
+};
+
+/**
+ * Returns the AuthorID for a token.
+ *
+ * @deprecated Use `getAuthorId` instead.
+ * @param {String} token The token
+ */
+exports.getAuthor4Token = async (token) => {
+  warnDeprecated(
+      'AuthorManager.getAuthor4Token() is deprecated; use AuthorManager.getAuthorId() instead');
+  return await getAuthor4Token(token);
+};
+
+/**
+ * Returns the AuthorID for a mapper.
+ * @param {String} authorMapper The mapper
+ * @param {String} name The name of the author (optional)
+ */
+exports.createAuthorIfNotExistsFor = async (authorMapper, name) => {
+  const author = await mapAuthorWithDBKey('mapper2author', authorMapper);
+
+  if (name) {
+    // set the name of this author
+    await exports.setAuthorName(author.authorID, name);
+  }
+
+  return author;
+};
+
+
 /**
  * Internal function that creates the database entry for an author
  * @param {String} name The name of the author
@@ -231,7 +248,7 @@ exports.setAuthorName = async (author, name) => await db.setSub(
 
 /**
  * Returns an array of all pads this author contributed to
- * @param {String} author The id of the author
+ * @param {String} authorID The id of the author
  */
 exports.listPadsOfAuthor = async (authorID) => {
   /* There are two other places where this array is manipulated:
@@ -255,7 +272,7 @@ exports.listPadsOfAuthor = async (authorID) => {
 
 /**
  * Adds a new pad to the list of contributions
- * @param {String} author The id of the author
+ * @param {String} authorID The id of the author
  * @param {String} padID The id of the pad the author contributes to
  */
 exports.addPad = async (authorID, padID) => {
@@ -282,7 +299,7 @@ exports.addPad = async (authorID, padID) => {
 
 /**
  * Removes a pad from the list of contributions
- * @param {String} author The id of the author
+ * @param {String} authorID The id of the author
  * @param {String} padID The id of the pad the author contributes to
  */
 exports.removePad = async (authorID, padID) => {

src/node/db/GroupManager.js

@@ -25,6 +25,10 @@ const db = require('./DB');
 const padManager = require('./PadManager');
 const sessionManager = require('./SessionManager');
 
+/**
+ * Lists all groups
+ * @return {Promise<{groupIDs: string[]}>} The ids of all groups
+ */
 exports.listAllGroups = async () => {
   let groups = await db.get('groups');
   groups = groups || {};
@@ -33,6 +37,11 @@ exports.listAllGroups = async () => {
   return {groupIDs};
 };
 
+/**
+ * Deletes a group and all associated pads
+ * @param {String} groupID The id of the group
+ * @return {Promise<void>} Resolves when the group is deleted
+ */
 exports.deleteGroup = async (groupID) => {
   const group = await db.get(`group:${groupID}`);
 
@@ -68,6 +77,11 @@ exports.deleteGroup = async (groupID) => {
   await db.remove(`group:${groupID}`);
 };
 
+/**
+ * Checks if a group exists
+ * @param {String} groupID the id of the group to delete
+ * @return {Promise<boolean>} Resolves to true if the group exists
+ */
 exports.doesGroupExist = async (groupID) => {
   // try to get the group entry
   const group = await db.get(`group:${groupID}`);
@@ -75,6 +89,10 @@ exports.doesGroupExist = async (groupID) => {
   return (group != null);
 };
 
+/**
+ * Creates a new group
+ * @return {Promise<{groupID: string}>} the id of the new group
+ */
 exports.createGroup = async () => {
   const groupID = `g.${randomString(16)}`;
   await db.set(`group:${groupID}`, {pads: {}, mappings: {}});
@@ -85,6 +103,11 @@ exports.createGroup = async () => {
   return {groupID};
 };
 
+/**
+ * Creates a new group if it does not exist already and returns the group ID
+ * @param groupMapper the mapper of the group
+ * @return {Promise<{groupID: string}|{groupID: *}>} a promise that resolves to the group ID
+ */
 exports.createGroupIfNotExistsFor = async (groupMapper) => {
   if (typeof groupMapper !== 'string') {
     throw new CustomError('groupMapper is not a string', 'apierror');
@@ -103,6 +126,14 @@ exports.createGroupIfNotExistsFor = async (groupMapper) => {
   return result;
 };
 
+/**
+ * Creates a group pad
+ * @param {String} groupID The id of the group
+ * @param {String} padName The name of the pad
+ * @param {String} text The text of the pad
+ * @param {String} authorId The id of the author
+ * @return {Promise<{padID: string}>} a promise that resolves to the id of the new pad
+ */
 exports.createGroupPad = async (groupID, padName, text, authorId = '') => {
   // create the padID
   const padID = `${groupID}$${padName}`;
@@ -131,6 +162,11 @@ exports.createGroupPad = async (groupID, padName, text, authorId = '') => {
   return {padID};
 };
 
+/**
+ * Lists all pads of a group
+ * @param {String} groupID The id of the group
+ * @return {Promise<{padIDs: string[]}>} a promise that resolves to the ids of all pads of the group
+ */
 exports.listPads = async (groupID) => {
   const exists = await exports.doesGroupExist(groupID);
 

src/node/db/Pad.js

@@ -25,7 +25,8 @@ const promises = require('../utils/promises');
 /**
  * Copied from the Etherpad source code. It converts Windows line breaks to Unix
  * line breaks and convert Tabs to spaces
- * @param txt
+ * @param {String} txt The text to clean
+ * @returns {String} The cleaned text
  */
 exports.cleanText = (txt) => txt.replace(/\r\n/g, '\n')
     .replace(/\r/g, '\n')
@@ -73,9 +74,16 @@ class Pad {
     return this.publicStatus;
   }
 
+  /**
+   * Appends a new revision
+   * @param {Object} aChangeset The changeset to append to the pad
+   * @param {String} authorId The id of the author
+   * @return {Promise<number|string>}
+   */
   async appendRevision(aChangeset, authorId = '') {
     const newAText = Changeset.applyToAText(aChangeset, this.atext, this.pool);
-    if (newAText.text === this.atext.text && newAText.attribs === this.atext.attribs && this.head !== -1) {
+    if (newAText.text === this.atext.text && newAText.attribs === this.atext.attribs &&
+        this.head !== -1) {
       return this.head;
     }
     Changeset.copyAText(newAText, this.atext);
@@ -158,6 +166,10 @@ class Pad {
     return await this.db.getSub(`pad:${this.id}:revs:${revNum}`, ['meta', 'atext']);
   }
 
+  /**
+   * Returns all authors that worked on this pad
+   * @return {[String]} The id of authors who contributed to this pad
+   */
   getAllAuthors() {
     const authorIds = [];
 
@@ -173,8 +185,7 @@ class Pad {
   async getInternalRevisionAText(targetRev) {
     const keyRev = this.getKeyRevisionNumber(targetRev);
     const headRev = this.getHeadRevisionNumber();
-    if (targetRev > headRev)
-      targetRev = headRev;
+    if (targetRev > headRev) targetRev = headRev;
     const [keyAText, changesets] = await Promise.all([
       this._getKeyRevisionAText(keyRev),
       Promise.all(

src/node/db/PadManager.js

@@ -59,6 +59,7 @@ const padList = new class {
 
   /**
    * Returns all pads in alphabetical order as array.
+   * @returns {Promise<string[]>} A promise that resolves to an array of pad IDs.
    */
   async getPads() {
     if (!this._loaded) {

src/node/db/ReadOnlyManager.js

@@ -26,13 +26,15 @@ const randomString = require('../utils/randomstring');
 
 /**
  * checks if the id pattern matches a read-only pad id
- * @param {String} the pad's id
+ * @param {String} id the pad's id
+ * @return {Boolean} true if the id is readonly
  */
 exports.isReadOnlyId = (id) => id.startsWith('r.');
 
 /**
  * returns a read only id for a pad
  * @param {String} padId the id of the pad
+ * @return {String} the read only id
  */
 exports.getReadOnlyId = async (padId) => {
   // check if there is a pad2readonly entry
@@ -53,12 +55,14 @@ exports.getReadOnlyId = async (padId) => {
 /**
  * returns the padId for a read only id
  * @param {String} readOnlyId read only id
+ * @return {String} the padId
  */
 exports.getPadId = async (readOnlyId) => await db.get(`readonly2pad:${readOnlyId}`);
 
 /**
  * returns the padId and readonlyPadId in an object for any id
- * @param {String} padIdOrReadonlyPadId read only id or real pad id
+ * @param {String} id read only id or real pad id
+ * @return {Object} an object with the padId and readonlyPadId
  */
 exports.getIds = async (id) => {
   const readonly = exports.isReadOnlyId(id);

src/node/db/SecurityManager.js

@@ -49,6 +49,11 @@ const DENY = Object.freeze({accessStatus: 'deny'});
  *
  * WARNING: Tokens and session IDs MUST be kept secret, otherwise users will be able to impersonate
  * each other (which might allow them to gain privileges).
+ * @param {String} padID
+ * @param {String} sessionCookie
+ * @param {String} token
+ * @param {Object} userSettings
+ * @return {DENY|{accessStatus: String, authorID: String}}
  */
 exports.checkAccess = async (padID, sessionCookie, token, userSettings) => {
   if (!padID) {

src/node/db/SessionManager.js

@@ -81,6 +81,11 @@ exports.findAuthorID = async (groupID, sessionCookie) => {
   return sessionInfo.authorID;
 };
 
+/**
+ * Checks if a session exists
+ * @param {String} sessionID The id of the session
+ * @return {Promise<boolean>} Resolves to true if the session exists
+ */
 exports.doesSessionExist = async (sessionID) => {
   // check if the database entry of this session exists
   const session = await db.get(`session:${sessionID}`);
@@ -89,6 +94,10 @@ exports.doesSessionExist = async (sessionID) => {
 
 /**
  * Creates a new session between an author and a group
+ * @param {String} groupID The id of the group
+ * @param {String} authorID The id of the author
+ * @param {Number} validUntil The unix timestamp when the session should expire
+ * @return {Promise<{sessionID: string}>} the id of the new session
  */
 exports.createSession = async (groupID, authorID, validUntil) => {
   // check if the group exists
@@ -146,6 +155,11 @@ exports.createSession = async (groupID, authorID, validUntil) => {
   return {sessionID};
 };
 
+/**
+ * Returns the sessioninfos for a session
+ * @param {String} sessionID The id of the session
+ * @return {Promise<Object>} the sessioninfos
+ */
 exports.getSessionInfo = async (sessionID) => {
   // check if the database entry of this session exists
   const session = await db.get(`session:${sessionID}`);
@@ -161,6 +175,8 @@ exports.getSessionInfo = async (sessionID) => {
 
 /**
  * Deletes a session
+ * @param {String} sessionID The id of the session
+ * @return {Promise<void>} Resolves when the session is deleted
  */
 exports.deleteSession = async (sessionID) => {
   // ensure that the session exists
@@ -186,6 +202,11 @@ exports.deleteSession = async (sessionID) => {
   await db.remove(`session:${sessionID}`);
 };
 
+/**
+ * Returns an array of all sessions of a group
+ * @param {String} groupID The id of the group
+ * @return {Promise<Object>} The sessioninfos of all sessions of this group
+ */
 exports.listSessionsOfGroup = async (groupID) => {
   // check that the group exists
   const exists = await groupManager.doesGroupExist(groupID);
@@ -197,6 +218,11 @@ exports.listSessionsOfGroup = async (groupID) => {
   return sessions;
 };
 
+/**
+ * Returns an array of all sessions of an author
+ * @param {String} authorID The id of the author
+ * @return {Promise<Object>} The sessioninfos of all sessions of this author
+ */
 exports.listSessionsOfAuthor = async (authorID) => {
   // check that the author exists
   const exists = await authorManager.doesAuthorExist(authorID);
@@ -204,12 +230,16 @@ exports.listSessionsOfAuthor = async (authorID) => {
     throw new CustomError('authorID does not exist', 'apierror');
   }
 
-  const sessions = await listSessionsWithDBKey(`author2sessions:${authorID}`);
-  return sessions;
+  return await listSessionsWithDBKey(`author2sessions:${authorID}`);
 };
 
 // this function is basically the code listSessionsOfAuthor and listSessionsOfGroup has in common
 // required to return null rather than an empty object if there are none
+/**
+ * Returns an array of all sessions of a group
+ * @param {String} dbkey The db key to use to get the sessions
+ * @return {Promise<*>}
+ */
 const listSessionsWithDBKey = async (dbkey) => {
   // get the group2sessions entry
   const sessionObject = await db.get(dbkey);
@@ -218,8 +248,7 @@ const listSessionsWithDBKey = async (dbkey) => {
   // iterate through the sessions and get the sessioninfos
   for (const sessionID of Object.keys(sessions || {})) {
     try {
-      const sessionInfo = await exports.getSessionInfo(sessionID);
-      sessions[sessionID] = sessionInfo;
+      sessions[sessionID] = await exports.getSessionInfo(sessionID);
     } catch (err) {
       if (err.name === 'apierror') {
         console.warn(`Found bad session ${sessionID} in ${dbkey}`);
@@ -233,5 +262,9 @@ const listSessionsWithDBKey = async (dbkey) => {
   return sessions;
 };
 
-// checks if a number is an int
+/**
+ * checks if a number is an int
+ * @param {number|string} value
+ * @return {boolean} If the value is an integer
+ */
 const isInt = (value) => (parseFloat(value) === parseInt(value)) && !isNaN(value);

src/node/handler/APIHandler.js

@@ -165,12 +165,13 @@ exports.version = version;
 
 /**
  * Handles a HTTP API call
- * @param functionName the name of the called function
+ * @param {String} apiVersion the version of the api
+ * @param {String} functionName the name of the called function
  * @param fields the params of the called function
  * @req express request object
  * @res express response object
  */
-exports.handle = async function (apiVersion, functionName, fields, req, res) {
+exports.handle = async function (apiVersion, functionName, fields) {
   // say goodbye if this is an unknown API version
   if (!(apiVersion in version)) {
     throw new createHTTPError.NotFound('no such api version');

src/node/handler/ExportHandler.js

@@ -38,6 +38,11 @@ const tempDirectory = os.tmpdir();
 
 /**
  * do a requested export
+ * @param {Object} req the request object
+ * @param {Object} res the response object
+ * @param {String} padId the pad id to export
+ * @param {String} readOnlyId the read only id of the pad to export
+ * @param {String} type the type to export
  */
 exports.doExport = async (req, res, padId, readOnlyId, type) => {
   // avoid naming the read-only file as the original pad's id

src/node/handler/ImportHandler.js

@@ -73,6 +73,10 @@ const tmpDirectory = os.tmpdir();
 
 /**
  * do a requested import
+ * @param {Object} req the request object
+ * @param {Object} res the response object
+ * @param {String} padId the pad id to export
+ * @param {String} authorId the author id to use for the import
  */
 const doImport = async (req, res, padId, authorId) => {
   // pipe to a file
@@ -233,6 +237,14 @@ const doImport = async (req, res, padId, authorId) => {
   return false;
 };
 
+/**
+ * Handles the request to import a file
+ * @param {Request} req the request object
+ * @param {Response} res the response object
+ * @param {String} padId the pad id to export
+ * @param {String} authorId the author id to use for the import
+ * @return {Promise<void>} a promise
+ */
 exports.doImport = async (req, res, padId, authorId = '') => {
   let httpStatus = 200;
   let code = 0;

src/node/handler/SocketIORouter.js

@@ -35,8 +35,9 @@ const components = {};
 
 let io;
 
-/**
- * adds a component
+/** adds a component
+ * @param {string} moduleName
+ * @param {Module} module
  */
 exports.addComponent = (moduleName, module) => {
   if (module == null) return exports.deleteComponent(moduleName);
@@ -44,10 +45,15 @@ exports.addComponent = (moduleName, module) => {
   module.setSocketIO(io);
 };
 
+/**
+ * removes a component
+ * @param {Module} moduleName
+ */
 exports.deleteComponent = (moduleName) => { delete components[moduleName]; };
 
 /**
  * sets the socket.io and adds event functions for routing
+ * @param {Object} _io the socket.io instance
  */
 exports.setSocketIO = (_io) => {
   io = _io;

src/node/hooks/express/admin.js

@@ -1,6 +1,14 @@
 'use strict';
 const eejs = require('../../eejs');
 
+
+/**
+ * Add the admin navigation link
+ * @param hookName {String} the name of the hook
+ * @param args {Object} the object containing the arguments
+ * @param {Function} cb  the callback function
+ * @return {*}
+ */
 exports.expressCreateServer = (hookName, args, cb) => {
   args.app.get('/admin', (req, res) => {
     if ('/' !== req.path[req.path.length - 1]) return res.redirect('./admin/');

src/node/hooks/express/adminplugins.js

@@ -121,6 +121,13 @@ exports.socketio = (hookName, args, cb) => {
   return cb();
 };
 
+/**
+ * Sorts  a list of plugins by a property
+ * @param {Object} plugins The plugins to sort
+ * @param {Object} property The property to sort by
+ * @param  {String} dir The directory of the plugin
+ * @return {Object[]}
+ */
 const sortPluginList = (plugins, property, /* ASC?*/dir) => plugins.sort((a, b) => {
   if (a[property] < b[property]) {
     return dir ? -1 : 1;

src/node/hooks/express/importexport.js

@@ -11,13 +11,16 @@ const securityManager = require('../../db/SecurityManager');
 const webaccess = require('./webaccess');
 
 exports.expressCreateServer = (hookName, args, cb) => {
-  settings.importExportRateLimiting.onLimitReached = (req, res, options) => {
-    // when the rate limiter triggers, write a warning in the logs
-    console.warn('Import/Export rate limiter triggered on ' +
-                 `"${req.originalUrl}" for IP address ${req.ip}`);
-  };
-  // The rate limiter is created in this hook so that restarting the server resets the limiter.
-  const limiter = rateLimit(settings.importExportRateLimiting);
+  const limiter = rateLimit({
+    ...settings.importExportRateLimiting,
+    handler: (request, response, next, options) => {
+      if (request.rateLimit.current === request.rateLimit.limit + 1) {
+        // when the rate limiter triggers, write a warning in the logs
+        console.warn('Import/Export rate limiter triggered on ' +
+            `"${request.originalUrl}" for IP address ${request.ip}`);
+      }
+    },
+  });
 
   // handle export requests
   args.app.use('/p/:pad/:rev?/export/:type', limiter);

src/node/hooks/express/openapi.js

@@ -696,10 +696,20 @@ exports.expressPreSession = async (hookName, {app}) => {
   }
 };
 
-// helper to get api root
+/**
+ * Helper to get the current root path for an API version
+ * @param {String} version The API version
+ * @param {APIPathStyle} style The style of the API path
+ * @return {String} The root path for the API version
+ */
 const getApiRootForVersion = (version, style = APIPathStyle.FLAT) => `/${style}/${version}`;
 
-// helper to generate an OpenAPI server object when serving definitions
+/**
+ * Helper to generate an OpenAPI server object when serving definitions
+ * @param {String} apiRoot The root path for the API version
+ * @param {Request} req The express request object
+ * @return {url: String} The server object for the OpenAPI definition location
+ */
 const generateServerForApiVersion = (apiRoot, req) => ({
   url: `${settings.ssl ? 'https' : 'http'}://${req.headers.host}${apiRoot}`,
 });

src/node/security/crypto.js

@@ -12,4 +12,4 @@ exports.hkdf = util.promisify(crypto.hkdf);
 /**
  * Promisified version of Node.js's crypto.randomBytes
  */
-exports.randomBytes = util.promisify(crypto.randomBytes);
+exports.randomBytes = util.promisify(crypto.randomBytes);

src/node/server.js

@@ -25,7 +25,6 @@
  */
 
 const log4js = require('log4js');
-log4js.replaceConsole();
 
 const settings = require('./utils/Settings');
 

src/node/utils/Cli.js

@@ -45,7 +45,7 @@ for (let i = 0; i < argv.length; i++) {
     exports.argv.sessionkey = arg;
   }
 
-  // Override location of settings.json file
+  // Override location of APIKEY.txt file
   if (prevArg === '--apikey') {
     exports.argv.apikey = arg;
   }

src/node/utils/Settings.js

@@ -50,15 +50,24 @@ const nonSettings = [
 
 // This is a function to make it easy to create a new instance. It is important to not reuse a
 // config object after passing it to log4js.configure() because that method mutates the object. :(
-const defaultLogConfig = () => ({appenders: [{type: 'console'}]});
+const defaultLogConfig = () => ({appenders: {console: {type: 'console'}},
+  categories: {
+    default: {appenders: ['console'], level: 'info'},
+  }});
 const defaultLogLevel = 'INFO';
 
 const initLogging = (logLevel, config) => {
   // log4js.configure() modifies exports.logconfig so check for equality first.
   const logConfigIsDefault = deepEqual(config, defaultLogConfig());
   log4js.configure(config);
-  log4js.setGlobalLogLevel(logLevel);
-  log4js.replaceConsole();
+  log4js.getLogger('console');
+
+  // Overwrites for console output methods
+  console.debug = logger.debug.bind(logger);
+  console.log = logger.info.bind(logger);
+  console.warn = logger.warn.bind(logger);
+  console.error = logger.error.bind(logger);
+
   // Log the warning after configuring log4js to increase the chances the user will see it.
   if (!logConfigIsDefault) logger.warn('The logconfig setting is deprecated.');
 };

src/package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "ep_etherpad-lite",
-  "version": "1.9.3",
+  "version": "1.9.4",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -90,18 +90,18 @@
       }
     },
     "@eslint/js": {
-      "version": "8.50.0",
-      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.50.0.tgz",
-      "integrity": "sha512-NCC3zz2+nvYd+Ckfh87rA47zfu2QsQpvc6k1yzTk+b9KzRj0wkGa8LSoGOXN6Zv4lRf/EIoZ80biDh9HOI+RNQ==",
+      "version": "8.52.0",
+      "resolved": "https://registry.npmjs.org/@eslint/js/-/js-8.52.0.tgz",
+      "integrity": "sha512-mjZVbpaeMZludF2fsWLD0Z9gCref1Tk4i9+wddjRvpUNqqcndPkBD09N/Mapey0b3jaXbLm2kICwFv2E64QinA==",
       "dev": true
     },
     "@humanwhocodes/config-array": {
-      "version": "0.11.11",
-      "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.11.tgz",
-      "integrity": "sha512-N2brEuAadi0CcdeMXUkhbZB84eskAc8MEX1By6qEchoVywSgXPIjou4rYsl0V3Hj0ZnuGycGCjdNgockbzeWNA==",
+      "version": "0.11.13",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/config-array/-/config-array-0.11.13.tgz",
+      "integrity": "sha512-JSBDMiDKSzQVngfRjOdFXgFfklaXI4K9nLF49Auh21lmBWRLIK3+xTErTWD4KU54pb6coM6ESE7Awz/FNU3zgQ==",
       "dev": true,
       "requires": {
-        "@humanwhocodes/object-schema": "^1.2.1",
+        "@humanwhocodes/object-schema": "^2.0.1",
         "debug": "^4.1.1",
         "minimatch": "^3.0.5"
       },
@@ -130,9 +130,9 @@
       "dev": true
     },
     "@humanwhocodes/object-schema": {
-      "version": "1.2.1",
-      "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-1.2.1.tgz",
-      "integrity": "sha512-ZnQMnLV4e7hDlUvw8H+U8ASL02SS2Gn6+9Ac3wGGLIe7+je2AeAOxPY+izIPJDfFDb7eDjev0Us8MO1iFRN8hA==",
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/@humanwhocodes/object-schema/-/object-schema-2.0.1.tgz",
+      "integrity": "sha512-dvuCeX5fC9dXgJn9t+X5atfmgQAzUOWqS1254Gh0m6i8wKd10ebXkfNKiRK+1GWi/yTvvLDHpoxLr0xxxeslWw==",
       "dev": true
     },
     "@jridgewell/gen-mapping": {
@@ -170,9 +170,9 @@
       "integrity": "sha512-eF2rxCRulEKXHTRiDrDy6erMYWqNw4LPdQ8UQA4huuxaQsVeRPFl2oM8oDGxMFhJUWZf9McpLtJasDDZb/Bpeg=="
     },
     "@jridgewell/trace-mapping": {
-      "version": "0.3.19",
-      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.19.tgz",
-      "integrity": "sha512-kf37QtfW+Hwx/buWGMPcR60iF9ziHa6r/CZJIHbmcm4+0qrXiVdxegAH0F6yddEVQ7zdkjcGCgCzUu+BcbhQxw==",
+      "version": "0.3.20",
+      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.20.tgz",
+      "integrity": "sha512-R8LcPeWZol2zR8mmH3JeKQ6QRCFb7XgUhV9ZlGhHLGyg4wpPiPZNQOOWhFZhxKw8u//yTbNGI42Bx/3paXEQ+Q==",
       "requires": {
         "@jridgewell/resolve-uri": "^3.1.0",
         "@jridgewell/sourcemap-codec": "^1.4.14"
@@ -225,9 +225,9 @@
       }
     },
     "@sinonjs/fake-timers": {
-      "version": "10.3.0",
-      "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz",
-      "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==",
+      "version": "11.2.2",
+      "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-11.2.2.tgz",
+      "integrity": "sha512-G2piCSxQ7oWOxwGSAyFHfPIsyeJGXYtc6mFbnFA+kRXkiEnTl8c/8jul2S329iFBnDI9HGoeWWAZvuvOkZccgw==",
       "dev": true,
       "requires": {
         "@sinonjs/commons": "^3.0.0"
@@ -740,9 +740,9 @@
       "dev": true
     },
     "axios": {
-      "version": "1.5.1",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.5.1.tgz",
-      "integrity": "sha512-Q28iYCWzNHjAm+yEAot5QaAMxhMghWLFVf7rRdwhUI+c2jix2DUXjAHXVi+s1ibs3mjPO/cCgbA++3BjD0vP/A==",
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.6.0.tgz",
+      "integrity": "sha512-EZ1DYihju9pwVB+jg67ogm+Tmqc6JmhamRN6I4Zt8DfZu5lbcQGw3ozH9lFejSJgs/ibaef3A9PMXPLeefFGJg==",
       "requires": {
         "follow-redirects": "^1.15.0",
         "form-data": "^4.0.0",
@@ -1037,7 +1037,8 @@
     "core-util-is": {
       "version": "1.0.3",
       "resolved": "https://registry.npmjs.org/core-util-is/-/core-util-is-1.0.3.tgz",
-      "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ=="
+      "integrity": "sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ==",
+      "dev": true
     },
     "cross-spawn": {
       "version": "7.0.3",
@@ -1079,6 +1080,11 @@
         "whatwg-url": "^11.0.0"
       }
     },
+    "date-format": {
+      "version": "4.0.14",
+      "resolved": "https://registry.npmjs.org/date-format/-/date-format-4.0.14.tgz",
+      "integrity": "sha512-39BOQLs9ZjKh0/patS9nrT8wc3ioX3/eA/zgbKNopnF2wCqJEoxywwwElATYvRsXdnOxA/OQeQoFZ3rFjVajhg=="
+    },
     "debug": {
       "version": "2.6.9",
       "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz",
@@ -1424,18 +1430,19 @@
       }
     },
     "eslint": {
-      "version": "8.50.0",
-      "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.50.0.tgz",
-      "integrity": "sha512-FOnOGSuFuFLv/Sa+FDVRZl4GGVAAFFi8LecRsI5a1tMO5HIE8nCm4ivAlzt4dT3ol/PaaGC0rJEEXQmHJBGoOg==",
+      "version": "8.52.0",
+      "resolved": "https://registry.npmjs.org/eslint/-/eslint-8.52.0.tgz",
+      "integrity": "sha512-zh/JHnaixqHZsolRB/w9/02akBk9EPrOs9JwcTP2ek7yL5bVvXuRariiaAjjoJ5DvuwQ1WAE/HsMz+w17YgBCg==",
       "dev": true,
       "requires": {
         "@eslint-community/eslint-utils": "^4.2.0",
         "@eslint-community/regexpp": "^4.6.1",
         "@eslint/eslintrc": "^2.1.2",
-        "@eslint/js": "8.50.0",
-        "@humanwhocodes/config-array": "^0.11.11",
+        "@eslint/js": "8.52.0",
+        "@humanwhocodes/config-array": "^0.11.13",
         "@humanwhocodes/module-importer": "^1.0.1",
         "@nodelib/fs.walk": "^1.2.8",
+        "@ungap/structured-clone": "^1.2.0",
         "ajv": "^6.12.4",
         "chalk": "^4.0.0",
         "cross-spawn": "^7.0.2",
@@ -1983,9 +1990,9 @@
       }
     },
     "express-rate-limit": {
-      "version": "7.1.0",
-      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.1.0.tgz",
-      "integrity": "sha512-pwKOMedrpJJeINON/9jhAa18udV2qwxPZSoklPZK8pmXxUyE5uXaptiwjGw8bZILbxqfUZ/p8pQA99ODjSgA5Q=="
+      "version": "7.1.3",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-7.1.3.tgz",
+      "integrity": "sha512-BDes6WeNYSGRRGQU8QDNwUnwqaBro28HN/TTweM3RlxXRHDld8RLoH7tbfCxAc0hamQyn6aL0KrfR45+ZxknYg=="
     },
     "express-session": {
       "version": "npm:@etherpad/express-session@1.18.2",
@@ -2141,12 +2148,12 @@
       "dev": true
     },
     "flat-cache": {
-      "version": "3.1.0",
-      "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.1.0.tgz",
-      "integrity": "sha512-OHx4Qwrrt0E4jEIcI5/Xb+f+QmJYNj2rrK8wiIdQOIrB9WrrJL8cjZvXdXuBTkkEwEqLycb5BeZDV1o2i9bTew==",
+      "version": "3.1.1",
+      "resolved": "https://registry.npmjs.org/flat-cache/-/flat-cache-3.1.1.tgz",
+      "integrity": "sha512-/qM2b3LUIaIgviBQovTLvijfyOQXPtSRnRK26ksj2J7rzPIecePUIpJsZ4T02Qg+xiAEKIs5K8dsHEd+VaKa/Q==",
       "dev": true,
       "requires": {
-        "flatted": "^3.2.7",
+        "flatted": "^3.2.9",
         "keyv": "^4.5.3",
         "rimraf": "^3.0.2"
       }
@@ -2154,8 +2161,7 @@
     "flatted": {
       "version": "3.2.9",
       "resolved": "https://registry.npmjs.org/flatted/-/flatted-3.2.9.tgz",
-      "integrity": "sha512-36yxDn5H7OFZQla0/jFJmbIKTdZAQHngCedGxiMmpNfEZM0sdEeT+WczLQrjK6D7o2aiyLYDnkw0R3JK0Qv1RQ==",
-      "dev": true
+      "integrity": "sha512-36yxDn5H7OFZQla0/jFJmbIKTdZAQHngCedGxiMmpNfEZM0sdEeT+WczLQrjK6D7o2aiyLYDnkw0R3JK0Qv1RQ=="
     },
     "follow-redirects": {
       "version": "1.15.3",
@@ -2201,6 +2207,23 @@
       "resolved": "https://registry.npmjs.org/fresh/-/fresh-0.5.2.tgz",
       "integrity": "sha512-zJ2mQYM18rEFOudeV4GShTGIQ7RbzA7ozbU9I/XBpm7kqgMywgmylMwXHxZJmkVoYkna9d2pVXVXPdYTP9ej8Q=="
     },
+    "fs-extra": {
+      "version": "8.1.0",
+      "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-8.1.0.tgz",
+      "integrity": "sha512-yhlQgA6mnOJUKOsRUFsgJdQCvkKhcz8tlZG5HBQfReYZy46OwLcY+Zia0mtdHsOo9y/hP+CxMN0TU9QxoOtG4g==",
+      "requires": {
+        "graceful-fs": "^4.2.0",
+        "jsonfile": "^4.0.0",
+        "universalify": "^0.1.0"
+      },
+      "dependencies": {
+        "universalify": {
+          "version": "0.1.2",
+          "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz",
+          "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg=="
+        }
+      }
+    },
     "fs.realpath": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz",
@@ -2340,8 +2363,7 @@
     "graceful-fs": {
       "version": "4.2.11",
       "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz",
-      "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==",
-      "dev": true
+      "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ=="
     },
     "graphemer": {
       "version": "1.4.0",
@@ -2894,7 +2916,8 @@
     "isarray": {
       "version": "0.0.1",
       "resolved": "https://registry.npmjs.org/isarray/-/isarray-0.0.1.tgz",
-      "integrity": "sha512-D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ=="
+      "integrity": "sha512-D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ==",
+      "dev": true
     },
     "isexe": {
       "version": "2.0.0",
@@ -2984,6 +3007,14 @@
         "minimist": "^1.2.0"
       }
     },
+    "jsonfile": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz",
+      "integrity": "sha512-m6F1R3z8jjlf2imQHS2Qez5sjKWQzbuuhuJ/FKYFRZvPE3PuHcSMVZzfsLhGVOkfd20obL5SWEBew5ShlquNxg==",
+      "requires": {
+        "graceful-fs": "^4.1.6"
+      }
+    },
     "jsonminify": {
       "version": "0.4.2",
       "resolved": "https://registry.npmjs.org/jsonminify/-/jsonminify-0.4.2.tgz",
@@ -3011,44 +3042,6 @@
         "pako": "~1.0.2",
         "readable-stream": "~2.3.6",
         "setimmediate": "^1.0.5"
-      },
-      "dependencies": {
-        "isarray": {
-          "version": "1.0.0",
-          "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
-          "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
-          "dev": true
-        },
-        "readable-stream": {
-          "version": "2.3.8",
-          "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
-          "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
-          "dev": true,
-          "requires": {
-            "core-util-is": "~1.0.0",
-            "inherits": "~2.0.3",
-            "isarray": "~1.0.0",
-            "process-nextick-args": "~2.0.0",
-            "safe-buffer": "~5.1.1",
-            "string_decoder": "~1.1.1",
-            "util-deprecate": "~1.0.1"
-          }
-        },
-        "safe-buffer": {
-          "version": "5.1.2",
-          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
-          "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
-          "dev": true
-        },
-        "string_decoder": {
-          "version": "1.1.1",
-          "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
-          "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
-          "dev": true,
-          "requires": {
-            "safe-buffer": "~5.1.0"
-          }
-        }
       }
     },
     "just-extend": {
@@ -3064,9 +3057,9 @@
       "dev": true
     },
     "keyv": {
-      "version": "4.5.3",
-      "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.3.tgz",
-      "integrity": "sha512-QCiSav9WaX1PgETJ+SpNnx2PRRapJ/oRSXM4VO5OGYGSjrxbKPVFVhB3l2OCbLCk329N8qyAtsJjSjvVBWzEug==",
+      "version": "4.5.4",
+      "resolved": "https://registry.npmjs.org/keyv/-/keyv-4.5.4.tgz",
+      "integrity": "sha512-oxVHkHR/EJf2CNXnWxRLW6mg7JyCCUcG0DtEGmL2ctUo1PNTin1PUil+r/+4r5MpVgC/fn1kjsx7mjSujKqIpw==",
       "dev": true,
       "requires": {
         "json-buffer": "3.0.1"
@@ -3137,18 +3130,29 @@
       }
     },
     "log4js": {
-      "version": "0.6.38",
-      "resolved": "https://registry.npmjs.org/log4js/-/log4js-0.6.38.tgz",
-      "integrity": "sha512-Cd+klbx7lkiaamEId9/0odHxv/PFHDz2E12kEfd6/CzIOZD084DzysASR/Dot4i1dYPBQKC3r2XIER+dfbLOmw==",
+      "version": "6.9.1",
+      "resolved": "https://registry.npmjs.org/log4js/-/log4js-6.9.1.tgz",
+      "integrity": "sha512-1somDdy9sChrr9/f4UlzhdaGfDR2c/SaD2a4T7qEkG4jTS57/B3qmnjLYePwQ8cqWnUHZI0iAKxMBpCZICiZ2g==",
       "requires": {
-        "readable-stream": "~1.0.2",
-        "semver": "~4.3.3"
+        "date-format": "^4.0.14",
+        "debug": "^4.3.4",
+        "flatted": "^3.2.7",
+        "rfdc": "^1.3.0",
+        "streamroller": "^3.1.5"
       },
       "dependencies": {
-        "semver": {
-          "version": "4.3.6",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-4.3.6.tgz",
-          "integrity": "sha512-IrpJ+yoG4EOH8DFWuVg+8H1kW1Oaof0Wxe7cPcXW3x9BjkN/eVo54F15LyqemnDIUYskQWr9qvl/RihmSy6+xQ=="
+        "debug": {
+          "version": "4.3.4",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz",
+          "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==",
+          "requires": {
+            "ms": "2.1.2"
+          }
+        },
+        "ms": {
+          "version": "2.1.2",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
         }
       }
     },
@@ -3453,9 +3457,9 @@
       "integrity": "sha512-+EUsqGPLsM+j/zdChZjsnX51g4XrHFOIXwfnCVPGlQk/k5giakcKsuxCObBRu6DSm9opw/O6slWbJdghQM4bBg=="
     },
     "nise": {
-      "version": "5.1.4",
-      "resolved": "https://registry.npmjs.org/nise/-/nise-5.1.4.tgz",
-      "integrity": "sha512-8+Ib8rRJ4L0o3kfmyVCL7gzrohyDe0cMFTBa2d364yIrEGMEoetznKJx899YxjybU6bL9SQkYPSBBs1gyYs8Xg==",
+      "version": "5.1.5",
+      "resolved": "https://registry.npmjs.org/nise/-/nise-5.1.5.tgz",
+      "integrity": "sha512-VJuPIfUFaXNRzETTQEEItTOP8Y171ijr+JLq42wHes3DiryR8vT+1TXQW/Rx8JNUhyYYWyIvjXTU6dOhJcs9Nw==",
       "dev": true,
       "requires": {
         "@sinonjs/commons": "^2.0.0",
@@ -3474,6 +3478,26 @@
             "type-detect": "4.0.8"
           }
         },
+        "@sinonjs/fake-timers": {
+          "version": "10.3.0",
+          "resolved": "https://registry.npmjs.org/@sinonjs/fake-timers/-/fake-timers-10.3.0.tgz",
+          "integrity": "sha512-V4BG07kuYSUkTCSBHG8G8TNhM+F19jXFWnQtzj+we8DrkpSBCee9Z3Ms8yiGer/dlmhe35/Xdgyo3/0rQKg7YA==",
+          "dev": true,
+          "requires": {
+            "@sinonjs/commons": "^3.0.0"
+          },
+          "dependencies": {
+            "@sinonjs/commons": {
+              "version": "3.0.0",
+              "resolved": "https://registry.npmjs.org/@sinonjs/commons/-/commons-3.0.0.tgz",
+              "integrity": "sha512-jXBtWAF4vmdNmZgD5FoKsVLv3rPgDnLgPbU84LIJ3otV44vJlDRokVng5v8NFJdCf/da9legHcKaRuZs4L7faA==",
+              "dev": true,
+              "requires": {
+                "type-detect": "4.0.8"
+              }
+            }
+          }
+        },
         "path-to-regexp": {
           "version": "1.8.0",
           "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.8.0.tgz",
@@ -6820,9 +6844,9 @@
       }
     },
     "openapi-backend": {
-      "version": "5.10.0",
-      "resolved": "https://registry.npmjs.org/openapi-backend/-/openapi-backend-5.10.0.tgz",
-      "integrity": "sha512-8AFqr9VfzC/8hXsIpEyzJlqLV8EhJDnZnZ1tIDMfIXKUvMcR5to4HdLvXlDzd7Ur8JJh6x3O0V0B6lKenR3UYQ==",
+      "version": "5.10.5",
+      "resolved": "https://registry.npmjs.org/openapi-backend/-/openapi-backend-5.10.5.tgz",
+      "integrity": "sha512-ivZfL0Lwj7rRctCqxAquGy4j/VcdUXUvDsEVM3NG/2jDuvYT2dS+sf9ntGo5vv4hkOnkWgPnR6HxHp7NPexqAA==",
       "requires": {
         "@apidevtools/json-schema-ref-parser": "^11.1.0",
         "ajv": "^8.6.2",
@@ -7079,9 +7103,9 @@
       "integrity": "sha512-Hrgsx+orqoygnmhFbKaHE6c296J+HTAQXoxEF6gNupROmmGJRoyzfG3ccAveqCBrwr/2yxQ5BVd/GTl5agOwSg=="
     },
     "rate-limiter-flexible": {
-      "version": "3.0.0",
-      "resolved": "https://registry.npmjs.org/rate-limiter-flexible/-/rate-limiter-flexible-3.0.0.tgz",
-      "integrity": "sha512-janAJkWxWxmLka0hV+XvCTo0M8keeSeOuz8ZL33cTXrkS4ek9mQ2VJm9ri7fm03oTVth19Sfqb1ijCmo7K/vAg=="
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/rate-limiter-flexible/-/rate-limiter-flexible-3.0.3.tgz",
+      "integrity": "sha512-Wn9STZy2bKaWin9U54opnHvX14NNAlfLD+eiOTNNQnsIOd2A7Rnmt9msHWbUBloSEz2Nk1YTQ4CBa30TdlAgag=="
     },
     "raw-body": {
       "version": "2.5.1",
@@ -7095,14 +7119,32 @@
       }
     },
     "readable-stream": {
-      "version": "1.0.34",
-      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-1.0.34.tgz",
-      "integrity": "sha512-ok1qVCJuRkNmvebYikljxJA/UEsKwLl2nI1OmaqAu4/UE+h0wKCHok4XkL/gvi39OacXvw59RJUOFUkDib2rHg==",
+      "version": "2.3.8",
+      "resolved": "https://registry.npmjs.org/readable-stream/-/readable-stream-2.3.8.tgz",
+      "integrity": "sha512-8p0AUk4XODgIewSi0l8Epjs+EVnWiK7NoDIEGU0HhE7+ZyY8D1IMY7odu5lRrFXGg71L15KG8QrPmum45RTtdA==",
+      "dev": true,
       "requires": {
         "core-util-is": "~1.0.0",
-        "inherits": "~2.0.1",
-        "isarray": "0.0.1",
-        "string_decoder": "~0.10.x"
+        "inherits": "~2.0.3",
+        "isarray": "~1.0.0",
+        "process-nextick-args": "~2.0.0",
+        "safe-buffer": "~5.1.1",
+        "string_decoder": "~1.1.1",
+        "util-deprecate": "~1.0.1"
+      },
+      "dependencies": {
+        "isarray": {
+          "version": "1.0.0",
+          "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz",
+          "integrity": "sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==",
+          "dev": true
+        },
+        "safe-buffer": {
+          "version": "5.1.2",
+          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+          "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+          "dev": true
+        }
       }
     },
     "readdirp": {
@@ -7185,9 +7227,9 @@
       "integrity": "sha512-KigOCHcocU3XODJxsu8i/j8T9tzT4adHiecwORRQ0ZZFcp7ahwXuRU1m+yuO90C5ZUyGeGfocHDI14M3L3yDAQ=="
     },
     "resolve": {
-      "version": "1.22.6",
-      "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.6.tgz",
-      "integrity": "sha512-njhxM7mV12JfufShqGy3Rz8j11RPdLy4xi15UurGJeoHLfJpVXKdh3ueuOqbYUcDZnffr6X739JBo5LzyahEsw==",
+      "version": "1.22.8",
+      "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.8.tgz",
+      "integrity": "sha512-oKWePCxqpd6FlLvGV1VU0x7bkPmmCNolxzjMf4NczoDnQcIWrAF+cPtZn5i6n+RfD2d9i0tzpKnG6Yk168yIyw==",
       "requires": {
         "is-core-module": "^2.13.0",
         "path-parse": "^1.0.7",
@@ -7212,6 +7254,11 @@
       "integrity": "sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==",
       "dev": true
     },
+    "rfdc": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/rfdc/-/rfdc-1.3.0.tgz",
+      "integrity": "sha512-V2hovdzFbOi77/WajaSMXk2OLm+xNIeQdMMuB7icj7bk6zi2F8GGAxigcnDFpJHbNyNcgyJDiP+8nOrY5cZGrA=="
+    },
     "rimraf": {
       "version": "3.0.2",
       "resolved": "https://registry.npmjs.org/rimraf/-/rimraf-3.0.2.tgz",
@@ -7285,14 +7332,14 @@
       "integrity": "sha512-5qfoAgfRWS1sUn+fUJtdbbqM1BD/LoQGa+smPTDjf9OqHyuJqi6ewtbYL0+V1S1RaU6OCOCMWGZocIfz2YK4uw=="
     },
     "selenium-webdriver": {
-      "version": "4.13.0",
-      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.13.0.tgz",
-      "integrity": "sha512-8JS0h5E0Sq7gNfbGg8LVaQ+Eqek97tvOONn3Jmy+NiWfb12WYpftz4VTC4D2JT4wakdG6VUzGKpA8cFGg0IjkA==",
+      "version": "4.15.0",
+      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.15.0.tgz",
+      "integrity": "sha512-BNG1bq+KWiBGHcJ/wULi0eKY0yaDqFIbEmtbsYJmfaEghdCkXBsx1akgOorhNwjBipOr0uwpvNXqT6/nzl+zjg==",
       "dev": true,
       "requires": {
         "jszip": "^3.10.1",
         "tmp": "^0.2.1",
-        "ws": ">=8.13.0"
+        "ws": ">=8.14.2"
       }
     },
     "semver": {
@@ -7402,16 +7449,16 @@
       }
     },
     "sinon": {
-      "version": "16.1.0",
-      "resolved": "https://registry.npmjs.org/sinon/-/sinon-16.1.0.tgz",
-      "integrity": "sha512-ZSgzF0vwmoa8pq0GEynqfdnpEDyP1PkYmEChnkjW0Vyh8IDlyFEJ+fkMhCP0il6d5cJjPl2PUsnUSAuP5sttOQ==",
+      "version": "17.0.1",
+      "resolved": "https://registry.npmjs.org/sinon/-/sinon-17.0.1.tgz",
+      "integrity": "sha512-wmwE19Lie0MLT+ZYNpDymasPHUKTaZHUH/pKEubRXIzySv9Atnlw+BUMGCzWgV7b7wO+Hw6f1TEOr0IUnmU8/g==",
       "dev": true,
       "requires": {
         "@sinonjs/commons": "^3.0.0",
-        "@sinonjs/fake-timers": "^10.3.0",
+        "@sinonjs/fake-timers": "^11.2.2",
         "@sinonjs/samsam": "^8.0.0",
         "diff": "^5.1.0",
-        "nise": "^5.1.4",
+        "nise": "^5.1.5",
         "supports-color": "^7.2.0"
       },
       "dependencies": {
@@ -7570,6 +7617,31 @@
       "resolved": "https://registry.npmjs.org/statuses/-/statuses-2.0.1.tgz",
       "integrity": "sha512-RwNA9Z/7PrK06rYLIzFMlaF+l73iwpzsqRIFgbMLbTcLD6cOao82TaWefPXQvB2fOC4AjuYSEndS7N/mTCbkdQ=="
     },
+    "streamroller": {
+      "version": "3.1.5",
+      "resolved": "https://registry.npmjs.org/streamroller/-/streamroller-3.1.5.tgz",
+      "integrity": "sha512-KFxaM7XT+irxvdqSP1LGLgNWbYN7ay5owZ3r/8t77p+EtSUAfUgtl7be3xtqtOmGUl9K9YPO2ca8133RlTjvKw==",
+      "requires": {
+        "date-format": "^4.0.14",
+        "debug": "^4.3.4",
+        "fs-extra": "^8.1.0"
+      },
+      "dependencies": {
+        "debug": {
+          "version": "4.3.4",
+          "resolved": "https://registry.npmjs.org/debug/-/debug-4.3.4.tgz",
+          "integrity": "sha512-PRWFHuSU3eDtQJPvnNY7Jcket1j0t5OuOsFzPPzsekD52Zl8qUfFIPEiswXqIvHWGVHOgX+7G/vCNNhehwxfkQ==",
+          "requires": {
+            "ms": "2.1.2"
+          }
+        },
+        "ms": {
+          "version": "2.1.2",
+          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
+          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
+        }
+      }
+    },
     "string-width": {
       "version": "4.2.3",
       "resolved": "https://registry.npmjs.org/string-width/-/string-width-4.2.3.tgz",
@@ -7615,9 +7687,21 @@
       }
     },
     "string_decoder": {
-      "version": "0.10.31",
-      "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-0.10.31.tgz",
-      "integrity": "sha512-ev2QzSzWPYmy9GuqfIVildA4OdcGLeFZQrq5ys6RtiuF+RQQiZWr8TZNyAcuVXyQRYfEO+MsoB/1BuQVhOJuoQ=="
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/string_decoder/-/string_decoder-1.1.1.tgz",
+      "integrity": "sha512-n/ShnvDi6FHbbVfviro+WojiFzv+s8MPMHBczVePfUpDJLwoLT0ht1l4YwBCbi8pJAveEEdnkHyPyTP/mzRfwg==",
+      "dev": true,
+      "requires": {
+        "safe-buffer": "~5.1.0"
+      },
+      "dependencies": {
+        "safe-buffer": {
+          "version": "5.1.2",
+          "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz",
+          "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==",
+          "dev": true
+        }
+      }
     },
     "stringify-entities": {
       "version": "4.0.3",
@@ -7746,9 +7830,9 @@
       "dev": true
     },
     "terser": {
-      "version": "5.21.0",
-      "resolved": "https://registry.npmjs.org/terser/-/terser-5.21.0.tgz",
-      "integrity": "sha512-WtnFKrxu9kaoXuiZFSGrcAvvBqAdmKx0SFNmVNYdJamMu9yyN3I/QF0FbH4QcqJQ+y1CJnzxGIKH0cSj+FGYRw==",
+      "version": "5.24.0",
+      "resolved": "https://registry.npmjs.org/terser/-/terser-5.24.0.tgz",
+      "integrity": "sha512-ZpGR4Hy3+wBEzVEnHvstMvqpD/nABNelQn/z2r0fjVWGQsN3bpOLzQlqDxmb4CDZnXq5lpjnQ+mHQLAOpfM5iw==",
       "requires": {
         "@jridgewell/source-map": "^0.3.3",
         "acorn": "^8.8.2",
@@ -7971,9 +8055,9 @@
       "dev": true
     },
     "ueberdb2": {
-      "version": "4.2.17",
-      "resolved": "https://registry.npmjs.org/ueberdb2/-/ueberdb2-4.2.17.tgz",
-      "integrity": "sha512-jCEyaH9xFQzJ9e5+zPBTqNMD3n8zNFmIB1bZ4BBovuGa3LJA34OtFxw5ytDGZZHXFBfUYM0v+PZj9VLPa/j4rg=="
+      "version": "4.2.35",
+      "resolved": "https://registry.npmjs.org/ueberdb2/-/ueberdb2-4.2.35.tgz",
+      "integrity": "sha512-LUIgeiK0pJB88lFS2FEWCybTn6Hm0UwhbPmM6DYRsV9d75+05HI33KDe/nPaFLMjAFk/8/XavWBOlOw4sC4OIg=="
     },
     "uid-safe": {
       "version": "2.1.5",

src/package.json

@@ -31,7 +31,7 @@
   ],
   "dependencies": {
     "async": "^3.2.4",
-    "axios": "^1.5.1",
+    "axios": "^1.6.0",
     "clean-css": "^5.3.2",
     "cookie-parser": "^1.4.6",
     "cross-spawn": "^7.0.3",
@@ -39,7 +39,7 @@
     "etherpad-require-kernel": "^1.0.15",
     "etherpad-yajsml": "0.0.12",
     "express": "4.18.2",
-    "express-rate-limit": "^7.1.0",
+    "express-rate-limit": "^7.1.3",
     "express-session": "npm:@etherpad/express-session@^1.18.2",
     "fast-deep-equal": "^3.1.3",
     "find-root": "1.1.0",
@@ -50,24 +50,24 @@
     "jsonminify": "0.4.2",
     "languages4translatewiki": "0.1.3",
     "lodash.clonedeep": "4.5.0",
-    "log4js": "0.6.38",
+    "log4js": "^6.9.1",
     "measured-core": "^2.0.0",
     "mime-types": "^2.1.35",
     "npm": "^6.14.18",
-    "openapi-backend": "^5.10.0",
+    "openapi-backend": "^5.10.5",
     "proxy-addr": "^2.0.7",
-    "rate-limiter-flexible": "^3.0.0",
+    "rate-limiter-flexible": "^3.0.3",
     "rehype": "^13.0.1",
     "rehype-minify-whitespace": "^6.0.0",
-    "resolve": "1.22.6",
+    "resolve": "1.22.8",
     "security": "1.0.0",
     "semver": "^7.5.4",
     "socket.io": "^2.5.0",
     "superagent": "^8.1.2",
-    "terser": "^5.21.0",
+    "terser": "^5.24.0",
     "threads": "^1.7.0",
     "tinycon": "0.6.8",
-    "ueberdb2": "^4.2.17",
+    "ueberdb2": "^4.2.35",
     "underscore": "1.13.6",
     "unorm": "1.6.0",
     "wtfnode": "^0.9.1"
@@ -78,16 +78,16 @@
     "etherpad-lite": "node/server.js"
   },
   "devDependencies": {
-    "eslint": "^8.50.0",
+    "eslint": "^8.52.0",
     "eslint-config-etherpad": "^3.0.22",
     "etherpad-cli-client": "^2.0.2",
     "mocha": "^10.0.0",
     "mocha-froth": "^0.2.10",
     "nodeify": "^1.0.1",
     "openapi-schema-validation": "^0.4.2",
-    "selenium-webdriver": "^4.13.0",
+    "selenium-webdriver": "^4.15.0",
     "set-cookie-parser": "^2.6.0",
-    "sinon": "^16.1.0",
+    "sinon": "^17.0.1",
     "split-grid": "^1.0.11",
     "supertest": "^6.3.3",
     "typescript": "^4.9.5"
@@ -103,9 +103,8 @@
   "scripts": {
     "lint": "eslint .",
     "test": "mocha --timeout 120000 --recursive tests/backend/specs ../node_modules/ep_*/static/tests/backend/specs",
-    "test-container": "mocha --timeout 5000 tests/container/specs/api",
-    "dev": "bash ./bin/run.sh"
+    "test-container": "mocha --timeout 5000 tests/container/specs/api"
   },
-  "version": "1.9.3",
+  "version": "1.9.4",
   "license": "Apache-2.0"
 }

src/templates/export_html.html

@@ -2,10 +2,10 @@
 <html lang="en">
 <head>
 <title><%- padId %></title>
-<meta name="generator" content="Etherpad">
-<meta name="author" content="Etherpad">
-<meta name="changedby" content="Etherpad">
-<meta charset="utf-8">
+<meta name="generator" content="Etherpad"/>
+<meta name="author" content="Etherpad"/>
+<meta name="changedby" content="Etherpad"/>
+<meta charset="utf-8"/>
 <style>
 ol {
   counter-reset: item;

src/tests/backend/common.js

@@ -42,8 +42,6 @@ exports.init = async function () {
   if (!logLevel.isLessThanOrEqualTo(log4js.levels.DEBUG)) {
     logger.warn('Disabling non-test logging for the duration of the test. ' +
                 'To enable non-test logging, change the loglevel setting to DEBUG.');
-    log4js.setGlobalLogLevel(log4js.levels.OFF);
-    logger.setLevel(logLevel);
   }
 
   // Note: This is only a shallow backup.
@@ -66,7 +64,6 @@ exports.init = async function () {
     webaccess.authnFailureDelayMs = backups.authnFailureDelayMs;
     // Note: This does not unset settings that were added.
     Object.assign(settings, backups.settings);
-    log4js.setGlobalLogLevel(logLevel);
     await server.exit();
   });