build(deps-dev): bump sinon from 17.0.0 to 17.0.1 in /src (#6020)

Bumps [sinon](https://github.com/sinonjs/sinon) from 17.0.0 to 17.0.1.
- [Release notes](https://github.com/sinonjs/sinon/releases)
- [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md)
- [Commits](https://github.com/sinonjs/sinon/compare/v17.0.0...v17.0.1)

---
updated-dependencies:
- dependency-name: sinon
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.dockerignore

@@ -19,6 +19,7 @@ Dockerfile
 .git/ORIG_HEAD
 .git/packed-refs
 .git/refs/remotes/
+.git/rr-cache/
 .gitignore
 
 settings.json

.github/ISSUE_TEMPLATE/bug_report.md

@@ -7,6 +7,8 @@ assignees: ''
 
 ---
 
+<!-- IMPORTANT: Please disable plugins prior to posting a bug report.  If you have a problem with a plugin please post on the plugin repository.  Thanks! -->
+
 **Describe the bug**
 A clear and concise description of what the bug is.
 
@@ -28,6 +30,7 @@ If applicable, add screenshots to help explain your problem.
  - OS: [e.g., Ubuntu 20.04]
  - Node.js version (`node --version`):
  - npm version (`npm --version`):
+ - Is the server free of plugins: 
 
 **Desktop (please complete the following information):**
  - OS: [e.g. iOS]

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,29 +1,13 @@
 <!--
 
-Some key notes before you open a PR:
+1. If you haven't already, please read https://github.com/ether/etherpad-lite/blob/master/CONTRIBUTING.md#pull-requests .
+2. Run all the tests, both front-end and back-end.  (see https://github.com/ether/etherpad-lite/blob/master/CONTRIBUTING.md#testing)
+3. Keep business logic and validation on the server-side.
+4. Update documentation.
+5. Write `fixes #XXXX` in your comment to auto-close an issue.
 
- 1. Select which branch should this PR be merged in? By default, you should always merge to the develop branch.
- 2. PR name follows [convention](http://karma-runner.github.io/4.0/dev/git-commit-msg.html)
- 3. All tests pass locally, UI and Unit tests
- 4. All business logic and validations must be on the server-side
- 5. Update necessary Documentation
- 6. Put `closes #XXXX` in your comment to auto-close the issue that your PR fixes
-
-
-Also, if you're new here
-
-- Contribution Guide => https://github.com/ether/etherpad-lite/blob/master/CONTRIBUTING.md
+If you're making a big change, please explain what problem it solves:
+- Explain the purpose of the change.  When adding a way to do X, explain why it is important to be able to do X.
+- Show the current vs desired behavior with screenshots/GIFs.
 
 -->
-
-> Please provide enough information so that others can review your pull request:
-
-<!-- You can skip this if you're fixing a typo or updating existing documentation -->
-
-> Explain the **details** for making this change. What existing problem does the pull request solve?
-
-<!-- Example: When "Adding a function to do X", explain why it is necessary to have a way to do X. -->
-
-> Screenshots/GIFs
-
-<!-- Add images/recordings to better visualize the change: expected/current behviour -->

.github/dependabot.yml

@@ -0,0 +1,21 @@
+version: 2
+updates:
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "npm"
+    directory: "/src"
+    schedule:
+      interval: "daily"
+    versioning-strategy: "increase"
+  - package-ecosystem: "npm"
+    directory: "/src/bin/doc"
+    schedule:
+      interval: "daily"
+    versioning-strategy: "increase"

.github/stale.yml

@@ -1,24 +0,0 @@
-# Number of days of inactivity before an issue becomes stale
-daysUntilStale: 60
-# Number of days of inactivity before a stale issue is closed
-daysUntilClose: 7
-# Issues with these labels will never be considered stale
-exemptLabels:
-  - pinned
-  - security
-  - Bug
-  - Serious Bug
-  - Minor bug
-  - Black hole bug
-  - Special case Bug
-  - Upstream bug
-  - Feature Request
-# Label to use when marking an issue as stale
-staleLabel: wontfix
-# Comment to post when marking an issue as stale. Set to `false` to disable
-markComment: >
-  This issue has been automatically marked as stale because it has not had
-  recent activity. It will be closed if no further activity occurs. Thank you
-  for your contributions.
-# Comment to post when closing a stale issue. Set to `false` to disable
-closeComment: false

.github/workflows/backend-tests.yml

@@ -3,183 +3,201 @@ name: "Backend tests"
 # any branch is useful for testing before a PR is submitted
 on: [push, pull_request]
 
+permissions:
+  contents: read
+
 jobs:
   withoutpluginsLinux:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: Linux without plugins
     runs-on: ubuntu-latest
-
     strategy:
       fail-fast: false
       matrix:
-        node: [12, 14, 16]
-
+        node: [16, 18, 20]
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: ${{ matrix.node }}
-
-    - name: Install libreoffice
-      run: |
-        sudo add-apt-repository -y ppa:libreoffice/ppa
-        sudo apt update
-        sudo apt install -y --no-install-recommends libreoffice libreoffice-pdfimport
-
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    - name: Run the backend tests
-      run: cd src && npm test
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node }}
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install libreoffice
+        run: |
+          sudo add-apt-repository -y ppa:libreoffice/ppa
+          sudo apt update
+          sudo apt install -y --no-install-recommends libreoffice libreoffice-pdfimport
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: Run the backend tests
+        run: cd src && npm test
 
   withpluginsLinux:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: Linux with Plugins
     runs-on: ubuntu-latest
-
     strategy:
       fail-fast: false
       matrix:
-        node: [12, 14, 16]
-
+        node: [16, 18, 20]
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: ${{ matrix.node }}
-
-    - name: Install libreoffice
-      run: |
-        sudo add-apt-repository -y ppa:libreoffice/ppa
-        sudo apt update
-        sudo apt install -y --no-install-recommends libreoffice libreoffice-pdfimport
-
-    - name: Install Etherpad plugins
-      # The --legacy-peer-deps flag is required to work around a bug in npm v7:
-      # https://github.com/npm/cli/issues/2199
-      run: >
-        npm install --no-save --legacy-peer-deps
-        ep_align
-        ep_author_hover
-        ep_cursortrace
-        ep_font_size
-        ep_hash_auth
-        ep_headings2
-        ep_image_upload
-        ep_markdown
-        ep_readonly_guest
-        ep_set_title_on_pad
-        ep_spellcheck
-        ep_subscript_and_superscript
-        ep_table_of_contents
-
-    # This must be run after installing the plugins, otherwise npm will try to
-    # hoist common dependencies by removing them from src/node_modules and
-    # installing them in the top-level node_modules. As of v6.14.10, npm's hoist
-    # logic appears to be buggy, because it sometimes removes dependencies from
-    # src/node_modules but fails to add them to the top-level node_modules. Even
-    # if npm correctly hoists the dependencies, the hoisting seems to confuse
-    # tools such as `npm outdated`, `npm update`, and some ESLint rules.
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    - name: Run the backend tests
-      run: cd src && npm test
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node }}
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install libreoffice
+        run: |
+          sudo add-apt-repository -y ppa:libreoffice/ppa
+          sudo apt update
+          sudo apt install -y --no-install-recommends libreoffice libreoffice-pdfimport
+      -
+        name: Install Etherpad plugins
+        # The --legacy-peer-deps flag is required to work around a bug in npm v7:
+        # https://github.com/npm/cli/issues/2199
+        run: >
+          npm install --no-save --legacy-peer-deps
+          ep_align
+          ep_author_hover
+          ep_cursortrace
+          ep_font_size
+          ep_hash_auth
+          ep_headings2
+          ep_image_upload
+          ep_markdown
+          ep_readonly_guest
+          ep_set_title_on_pad
+          ep_spellcheck
+          ep_subscript_and_superscript
+          ep_table_of_contents
+      # Etherpad core dependencies must be installed after installing the
+      # plugin's dependencies, otherwise npm will try to hoist common
+      # dependencies by removing them from src/node_modules and installing them
+      # in the top-level node_modules. As of v6.14.10, npm's hoist logic appears
+      # to be buggy, because it sometimes removes dependencies from
+      # src/node_modules but fails to add them to the top-level node_modules.
+      # Even if npm correctly hoists the dependencies, the hoisting seems to
+      # confuse tools such as `npm outdated`, `npm update`, and some ESLint
+      # rules.
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: Run the backend tests
+        run: cd src && npm test
 
   withoutpluginsWindows:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: Windows without plugins
     runs-on: windows-latest
-
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: |
-            cd src
-            npm ci --no-optional
-
-    - name:  Fix up the settings.json
-      run: |
-            powershell -Command "(gc settings.json.template) -replace '\"max\": 10', '\"max\": 10000' | Out-File -encoding ASCII settings.json.holder"
-            powershell -Command "(gc settings.json.holder) -replace '\"points\": 10', '\"points\": 1000' | Out-File -encoding ASCII settings.json"
-
-    - name: Run the backend tests
-      run: cd src && npm test
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installOnWindows.bat
+      -
+        name:  Fix up the settings.json
+        run: |
+          powershell -Command "(gc settings.json.template) -replace '\"max\": 10', '\"max\": 10000' | Out-File -encoding ASCII settings.json.holder"
+          powershell -Command "(gc settings.json.holder) -replace '\"points\": 10', '\"points\": 1000' | Out-File -encoding ASCII settings.json"
+      -
+        name: Run the backend tests
+        run: cd src && npm test
 
   withpluginsWindows:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: Windows with Plugins
     runs-on: windows-latest
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install Etherpad plugins
-      # The --legacy-peer-deps flag is required to work around a bug in npm v7:
-      # https://github.com/npm/cli/issues/2199
-      run: >
-        npm install --no-save --legacy-peer-deps
-        ep_align
-        ep_author_hover
-        ep_cursortrace
-        ep_font_size
-        ep_hash_auth
-        ep_headings2
-        ep_image_upload
-        ep_markdown
-        ep_readonly_guest
-        ep_set_title_on_pad
-        ep_spellcheck
-        ep_subscript_and_superscript
-        ep_table_of_contents
-
-    # This must be run after installing the plugins, otherwise npm will try to
-    # hoist common dependencies by removing them from src/node_modules and
-    # installing them in the top-level node_modules. As of v6.14.10, npm's hoist
-    # logic appears to be buggy, because it sometimes removes dependencies from
-    # src/node_modules but fails to add them to the top-level node_modules. Even
-    # if npm correctly hoists the dependencies, the hoisting seems to confuse
-    # tools such as `npm outdated`, `npm update`, and some ESLint rules.
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: |
-            cd src
-            npm ci --no-optional
-
-    - name:  Fix up the settings.json
-      run: |
-            powershell -Command "(gc settings.json.template) -replace '\"max\": 10', '\"max\": 10000' | Out-File -encoding ASCII settings.json.holder"
-            powershell -Command "(gc settings.json.holder) -replace '\"points\": 10', '\"points\": 1000' | Out-File -encoding ASCII settings.json"
-
-    - name: Run the backend tests
-      run: cd src && npm test
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install Etherpad plugins
+        # The --legacy-peer-deps flag is required to work around a bug in npm
+        # v7: https://github.com/npm/cli/issues/2199
+        run: >
+          npm install --no-save --legacy-peer-deps
+          ep_align
+          ep_author_hover
+          ep_cursortrace
+          ep_font_size
+          ep_hash_auth
+          ep_headings2
+          ep_image_upload
+          ep_markdown
+          ep_readonly_guest
+          ep_set_title_on_pad
+          ep_spellcheck
+          ep_subscript_and_superscript
+          ep_table_of_contents
+      # Etherpad core dependencies must be installed after installing the
+      # plugin's dependencies, otherwise npm will try to hoist common
+      # dependencies by removing them from src/node_modules and installing them
+      # in the top-level node_modules. As of v6.14.10, npm's hoist logic appears
+      # to be buggy, because it sometimes removes dependencies from
+      # src/node_modules but fails to add them to the top-level node_modules.
+      # Even if npm correctly hoists the dependencies, the hoisting seems to
+      # confuse tools such as `npm outdated`, `npm update`, and some ESLint
+      # rules.
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installOnWindows.bat
+      -
+        name:  Fix up the settings.json
+        run: |
+          powershell -Command "(gc settings.json.template) -replace '\"max\": 10', '\"max\": 10000' | Out-File -encoding ASCII settings.json.holder"
+          powershell -Command "(gc settings.json.holder) -replace '\"points\": 10', '\"points\": 1000' | Out-File -encoding ASCII settings.json"
+      -
+        name: Run the backend tests
+        run: cd src && npm test

.github/workflows/codeql-analysis.yml

@@ -9,46 +9,36 @@ on:
   schedule:
     - cron: '0 13 * * 1'
 
+permissions:
+  contents: read
+
 jobs:
   analyze:
+    permissions:
+      actions: read  # for github/codeql-action/init to get workflow details
+      contents: read  # for actions/checkout to fetch code
+      security-events: write  # for github/codeql-action/autobuild to send a status report
     name: Analyze
     runs-on: ubuntu-latest
-
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-      with:
-        # We must fetch at least the immediate parents so that if this is
-        # a pull request then we can checkout the head.
-        fetch-depth: 2
-
-    # If this run was triggered by a pull request event, then checkout
-    # the head of the pull request instead of the merge commit.
-    - run: git checkout HEAD^2
-      if: ${{ github.event_name == 'pull_request' }}
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
-      # Override language selection by uncommenting this and choosing your languages
-      # with:
-      #   languages: go, javascript, csharp, python, cpp, java
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+        with:
+          # We must fetch at least the immediate parents so that if this is
+          # a pull request then we can checkout the head.
+          fetch-depth: 2
+      # If this run was triggered by a pull request event, then checkout
+      # the head of the pull request instead of the merge commit.
+      -
+        run: git checkout HEAD^2
+        if: ${{ github.event_name == 'pull_request' }}
+      -
+        name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+      -
+        name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+      -
+        name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/dependency-review.yml

@@ -0,0 +1,20 @@
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Reqest, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  dependency-review:
+    runs-on: ubuntu-latest
+    steps:
+      - name: 'Checkout Repository'
+        uses: actions/checkout@v4
+      - name: 'Dependency Review'
+        uses: actions/dependency-review-action@v3

.github/workflows/docker.yml

@@ -0,0 +1,91 @@
+name: Docker
+on:
+  pull_request:
+  push:
+    branches:
+      - 'develop'
+    tags:
+      - 'v?[0-9]+.[0-9]+.[0-9]+'
+env:
+  TEST_TAG: etherpad/etherpad:test
+permissions:
+  contents: read
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Check out
+        uses: actions/checkout@v4
+      -
+        name: Set up QEMU
+        if: github.event_name == 'push'
+        uses: docker/setup-qemu-action@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Build and export to Docker
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          load: true
+          tags: ${{ env.TEST_TAG }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+      -
+        name: Set up Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: 'lts/*'
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Test
+        run: |
+          docker run --rm -d -p 9001:9001 --name test ${{ env.TEST_TAG }}
+          docker logs -f test &
+          ./src/bin/installDeps.sh
+          while true; do
+            echo "Waiting for Docker container to start..."
+            status=$(docker container inspect -f '{{.State.Health.Status}}' test) || exit 1
+            case ${status} in
+              healthy) break;;
+              starting) sleep 2;;
+              *) printf %s\\n "unexpected status: ${status}" >&2; exit 1;;
+            esac
+          done
+          (cd src && npm run test-container)
+          git clean -dxf .
+      -
+        name: Docker meta
+        if: github.event_name == 'push'
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: etherpad/etherpad
+          tags: |
+            type=ref,event=branch
+            type=semver,pattern={{version}}
+            type=semver,pattern={{major}}.{{minor}}
+            type=semver,pattern={{major}}
+      -
+        name: Log in to Docker Hub
+        if: github.event_name == 'push'
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      -
+        name: Build and push
+        if: github.event_name == 'push'
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}

.github/workflows/dockerfile.yml

@@ -1,26 +0,0 @@
-name: "Dockerfile"
-
-# any branch is useful for testing before a PR is submitted
-on: [push, pull_request]
-
-jobs:
-  dockerfile:
-    # run on pushes to any branch
-    # run on PRs from external forks
-    if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
-    name: build image and run connectivity test
-    runs-on: ubuntu-latest
-
-    steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - name: docker build
-      run: |
-        docker build -t etherpad:test .
-        docker run -d -p 9001:9001 etherpad:test
-        ./src/bin/installDeps.sh
-        sleep 3 # delay for startup?
-        cd src && npm run test-container

.github/workflows/frontend-admin-tests.yml

@@ -3,76 +3,94 @@ name: "Frontend admin tests powered by Sauce Labs"
 
 on: [push]
 
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
   withplugins:
+    if: ${{ github.actor != 'dependabot[bot]' }}
     name: with plugins
     runs-on: ubuntu-latest
 
+#        node: [16, 19, 20] >> Disabled node 16 and 18 because they do not work
     strategy:
       fail-fast: false
       matrix:
-        node: [12, 14, 16]
+        node: [19, 20]
 
     steps:
-    - name: Generate Sauce Labs strings
-      id: sauce_strings
-      run: |
-        printf %s\\n '::set-output name=name::${{ github.workflow }} - ${{ github.job }} - Node ${{ matrix.node }}'
-        printf %s\\n '::set-output name=tunnel_id::${{ github.run_id }}-${{ github.run_number }}-${{ github.job }}-node${{ matrix.node }}'
-
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: ${{ matrix.node }}
-
-    - name: Install etherpad plugins
-      # We intentionally install an old ep_align version to test upgrades to the minor version number.
-      # The --legacy-peer-deps flag is required to work around a bug in npm v7:
-      # https://github.com/npm/cli/issues/2199
-      run: npm install --no-save --legacy-peer-deps ep_align@0.2.27
-
-    # This must be run after installing the plugins, otherwise npm will try to
-    # hoist common dependencies by removing them from src/node_modules and
-    # installing them in the top-level node_modules. As of v6.14.10, npm's hoist
-    # logic appears to be buggy, because it sometimes removes dependencies from
-    # src/node_modules but fails to add them to the top-level node_modules. Even
-    # if npm correctly hoists the dependencies, the hoisting seems to confuse
-    # tools such as `npm outdated`, `npm update`, and some ESLint rules.
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    # Nuke plugin tests
-    - name: Install etherpad plugins
-      run: rm -Rf node_modules/ep_align/static/tests/*
-
-    - name: export GIT_HASH to env
-      id: environment
-      run: echo "::set-output name=sha_short::$(git rev-parse --short ${{ github.sha }})"
-
-    - name: Create settings.json
-      run: cp settings.json.template settings.json
-
-    - name: Write custom settings.json that enables the Admin UI tests
-      run: "sed -i 's/\"enableAdminUITests\": false/\"enableAdminUITests\": true,\\n\"users\":{\"admin\":{\"password\":\"changeme\",\"is_admin\":true}}/' settings.json"
-
-    - name: Remove standard frontend test files, so only admin tests are run
-      run: mv src/tests/frontend/specs/* /tmp && mv /tmp/admin*.js src/tests/frontend/specs
-
-    - uses: saucelabs/sauce-connect-action@v1.1.2
-      with:
-        username: ${{ secrets.SAUCE_USERNAME }}
-        accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}
-        tunnelIdentifier: ${{ steps.sauce_strings.outputs.tunnel_id }}
-
-    - name: Run the frontend admin tests
-      shell: bash
-      env:
-        SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
-        SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
-        SAUCE_NAME: ${{ steps.sauce_strings.outputs.name }}
-        TRAVIS_JOB_NUMBER: ${{ steps.sauce_strings.outputs.tunnel_id }}
-        GIT_HASH: ${{ steps.environment.outputs.sha_short }}
-      run: |
-        src/tests/frontend/travis/adminrunner.sh
+      -
+        name: Generate Sauce Labs strings
+        id: sauce_strings
+        run: |
+          printf %s\\n '::set-output name=name::${{ github.workflow }} - ${{ github.job }} - Node ${{ matrix.node }}'
+          printf %s\\n '::set-output name=tunnel_id::${{ github.run_id }}-${{ github.run_number }}-${{ github.job }}-node${{ matrix.node }}'
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node }}
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install etherpad plugins
+        # We intentionally install an old ep_align version to test upgrades to
+        # the minor version number. The --legacy-peer-deps flag is required to
+        # work around a bug in npm v7: https://github.com/npm/cli/issues/2199
+        run: npm install --no-save --legacy-peer-deps ep_align@0.2.27
+      # Etherpad core dependencies must be installed after installing the
+      # plugin's dependencies, otherwise npm will try to hoist common
+      # dependencies by removing them from src/node_modules and installing them
+      # in the top-level node_modules. As of v6.14.10, npm's hoist logic appears
+      # to be buggy, because it sometimes removes dependencies from
+      # src/node_modules but fails to add them to the top-level node_modules.
+      # Even if npm correctly hoists the dependencies, the hoisting seems to
+      # confuse tools such as `npm outdated`, `npm update`, and some ESLint
+      # rules.
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: Install etherpad plugins
+        run: rm -Rf node_modules/ep_align/static/tests/*
+      -
+        name: export GIT_HASH to env
+        id: environment
+        run: echo "::set-output name=sha_short::$(git rev-parse --short ${{ github.sha }})"
+      -
+        name: Create settings.json
+        run: cp settings.json.template settings.json
+      -
+        name: Write custom settings.json that enables the Admin UI tests
+        run: "sed -i 's/\"enableAdminUITests\": false/\"enableAdminUITests\": true,\\n\"users\":{\"admin\":{\"password\":\"changeme\",\"is_admin\":true}}/' settings.json"
+      -
+        name: increase maxHttpBufferSize
+        run: "sed -i 's/\"maxHttpBufferSize\": 10000/\"maxHttpBufferSize\": 100000/' settings.json"
+      -
+        name: Disable import/export rate limiting
+        run: |
+          sed -e '/^ *"importExportRateLimiting":/,/^ *\}/ s/"max":.*/"max": 1000000/' -i settings.json
+      -
+        name: Remove standard frontend test files, so only admin tests are run
+        run: mv src/tests/frontend/specs/* /tmp && mv /tmp/admin*.js src/tests/frontend/specs
+      -
+        uses: saucelabs/sauce-connect-action@v2.3.5
+        with:
+          username: ${{ secrets.SAUCE_USERNAME }}
+          accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}
+          tunnelIdentifier: ${{ steps.sauce_strings.outputs.tunnel_id }}
+      -
+        name: Run the frontend admin tests
+        shell: bash
+        env:
+          SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
+          SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
+          SAUCE_NAME: ${{ steps.sauce_strings.outputs.name }}
+          TRAVIS_JOB_NUMBER: ${{ steps.sauce_strings.outputs.tunnel_id }}
+          GIT_HASH: ${{ steps.environment.outputs.sha_short }}
+        run: |
+          src/tests/frontend/travis/adminrunner.sh

.github/workflows/frontend-tests.yml

@@ -3,132 +3,149 @@ name: "Frontend tests powered by Sauce Labs"
 
 on: [push]
 
+permissions:
+  contents: read # to fetch code (actions/checkout)
+
 jobs:
   withoutplugins:
     name: without plugins
     runs-on: ubuntu-latest
+    if: ${{ github.actor != 'dependabot[bot]' }}
 
     steps:
-    - name: Generate Sauce Labs strings
-      id: sauce_strings
-      run: |
-        printf %s\\n '::set-output name=name::${{ github.workflow }} - ${{ github.job }}'
-        printf %s\\n '::set-output name=tunnel_id::${{ github.run_id }}-${{ github.run_number }}-${{ github.job }}'
-
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    - name: export GIT_HASH to env
-      id: environment
-      run: echo "::set-output name=sha_short::$(git rev-parse --short ${{ github.sha }})"
-
-    - name: Create settings.json
-      run: cp settings.json.template settings.json
-
-    - name: Disable import/export rate limiting
-      run: |
-        sed -e '/^ *"importExportRateLimiting":/,/^ *\}/ s/"max":.*/"max": 0/' -i settings.json
-
-    - uses: saucelabs/sauce-connect-action@v1
-      with:
-        username: ${{ secrets.SAUCE_USERNAME }}
-        accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}
-        tunnelIdentifier: ${{ steps.sauce_strings.outputs.tunnel_id }}
-
-    - name: Run the frontend tests
-      shell: bash
-      env:
-        SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
-        SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
-        SAUCE_NAME: ${{ steps.sauce_strings.outputs.name }}
-        TRAVIS_JOB_NUMBER: ${{ steps.sauce_strings.outputs.tunnel_id }}
-        GIT_HASH: ${{ steps.environment.outputs.sha_short }}
-      run: |
-        src/tests/frontend/travis/runner.sh
+      -
+        name: Generate Sauce Labs strings
+        id: sauce_strings
+        run: |
+          printf %s\\n '::set-output name=name::${{ github.workflow }} - ${{ github.job }}'
+          printf %s\\n '::set-output name=tunnel_id::${{ github.run_id }}-${{ github.run_number }}-${{ github.job }}'
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: export GIT_HASH to env
+        id: environment
+        run: echo "::set-output name=sha_short::$(git rev-parse --short ${{ github.sha }})"
+      -
+        name: Create settings.json
+        run: cp settings.json.template settings.json
+      -
+        name: Disable import/export rate limiting
+        run: |
+          sed -e '/^ *"importExportRateLimiting":/,/^ *\}/ s/"max":.*/"max": 100000000/' -i settings.json
+      -
+        uses: saucelabs/sauce-connect-action@v2.3.5
+        with:
+          username: ${{ secrets.SAUCE_USERNAME }}
+          accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}
+          tunnelIdentifier: ${{ steps.sauce_strings.outputs.tunnel_id }}
+      -
+        name: Run the frontend tests
+        shell: bash
+        env:
+          SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
+          SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
+          SAUCE_NAME: ${{ steps.sauce_strings.outputs.name }}
+          TRAVIS_JOB_NUMBER: ${{ steps.sauce_strings.outputs.tunnel_id }}
+          GIT_HASH: ${{ steps.environment.outputs.sha_short }}
+        run: |
+          src/tests/frontend/travis/runner.sh
 
   withplugins:
     name: with plugins
     runs-on: ubuntu-latest
+    if: ${{ github.actor != 'dependabot[bot]' }}
 
     steps:
-    - name: Generate Sauce Labs strings
-      id: sauce_strings
-      run: |
-        printf %s\\n '::set-output name=name::${{ github.workflow }} - ${{ github.job }}'
-        printf %s\\n '::set-output name=tunnel_id::${{ github.run_id }}-${{ github.run_number }}-${{ github.job }}'
-
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install Etherpad plugins
-      # The --legacy-peer-deps flag is required to work around a bug in npm v7:
-      # https://github.com/npm/cli/issues/2199
-      run: >
-        npm install --no-save --legacy-peer-deps
-        ep_align
-        ep_author_hover
-        ep_cursortrace
-        ep_embedmedia
-        ep_font_size
-        ep_hash_auth
-        ep_headings2
-        ep_image_upload
-        ep_markdown
-        ep_readonly_guest
-        ep_set_title_on_pad
-        ep_spellcheck
-        ep_subscript_and_superscript
-        ep_table_of_contents
-
-    # This must be run after installing the plugins, otherwise npm will try to
-    # hoist common dependencies by removing them from src/node_modules and
-    # installing them in the top-level node_modules. As of v6.14.10, npm's hoist
-    # logic appears to be buggy, because it sometimes removes dependencies from
-    # src/node_modules but fails to add them to the top-level node_modules. Even
-    # if npm correctly hoists the dependencies, the hoisting seems to confuse
-    # tools such as `npm outdated`, `npm update`, and some ESLint rules.
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    - name: export GIT_HASH to env
-      id: environment
-      run: echo "::set-output name=sha_short::$(git rev-parse --short ${{ github.sha }})"
-
-    - name: Create settings.json
-      run: cp settings.json.template settings.json
-
-    - name: Disable import/export rate limiting
-      run: |
-        sed -e '/^ *"importExportRateLimiting":/,/^ *\}/ s/"max":.*/"max": 0/' -i settings.json
-
+      -
+        name: Generate Sauce Labs strings
+        id: sauce_strings
+        run: |
+          printf %s\\n '::set-output name=name::${{ github.workflow }} - ${{ github.job }}'
+          printf %s\\n '::set-output name=tunnel_id::${{ github.run_id }}-${{ github.run_number }}-${{ github.job }}'
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install Etherpad plugins
+        # The --legacy-peer-deps flag is required to work around a bug in npm v7:
+        # https://github.com/npm/cli/issues/2199
+        run: >
+          npm install --no-save --legacy-peer-deps
+          ep_align
+          ep_author_hover
+          ep_cursortrace
+          ep_embedmedia
+          ep_font_size
+          ep_hash_auth
+          ep_headings2
+          ep_image_upload
+          ep_markdown
+          ep_readonly_guest
+          ep_set_title_on_pad
+          ep_spellcheck
+          ep_subscript_and_superscript
+          ep_table_of_contents
+      # Etherpad core dependencies must be installed after installing the
+      # plugin's dependencies, otherwise npm will try to hoist common
+      # dependencies by removing them from src/node_modules and installing them
+      # in the top-level node_modules. As of v6.20.10, npm's hoist logic appears
+      # to be buggy, because it sometimes removes dependencies from
+      # src/node_modules but fails to add them to the top-level node_modules.
+      # Even if npm correctly hoists the dependencies, the hoisting seems to
+      # confuse tools such as `npm outdated`, `npm update`, and some ESLint
+      # rules.
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: export GIT_HASH to env
+        id: environment
+        run: echo "::set-output name=sha_short::$(git rev-parse --short ${{ github.sha }})"
+      -
+        name: Create settings.json
+        run: cp settings.json.template settings.json
+      -
+        name: Disable import/export rate limiting
+        run: |
+          sed -e '/^ *"importExportRateLimiting":/,/^ *\}/ s/"max":.*/"max": 1000000/' -i settings.json
       # XXX we should probably run all tests, because plugins could effect their results
-    - name: Remove standard frontend test files, so only plugin tests are run
-      run: rm src/tests/frontend/specs/*
-
-    - uses: saucelabs/sauce-connect-action@v1
-      with:
-        username: ${{ secrets.SAUCE_USERNAME }}
-        accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}
-        tunnelIdentifier: ${{ steps.sauce_strings.outputs.tunnel_id }}
-
-    - name: Run the frontend tests
-      shell: bash
-      env:
-        SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
-        SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
-        SAUCE_NAME: ${{ steps.sauce_strings.outputs.name }}
-        TRAVIS_JOB_NUMBER: ${{ steps.sauce_strings.outputs.tunnel_id }}
-        GIT_HASH: ${{ steps.environment.outputs.sha_short }}
-      run: |
-        src/tests/frontend/travis/runner.sh
+      -
+        name: Remove standard frontend test files, so only plugin tests are run
+        run: rm src/tests/frontend/specs/*
+      -
+        uses: saucelabs/sauce-connect-action@v2.3.5
+        with:
+          username: ${{ secrets.SAUCE_USERNAME }}
+          accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}
+          tunnelIdentifier: ${{ steps.sauce_strings.outputs.tunnel_id }}
+      -
+        name: Run the frontend tests
+        shell: bash
+        env:
+          SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
+          SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
+          SAUCE_NAME: ${{ steps.sauce_strings.outputs.name }}
+          TRAVIS_JOB_NUMBER: ${{ steps.sauce_strings.outputs.tunnel_id }}
+          GIT_HASH: ${{ steps.environment.outputs.sha_short }}
+        run: |
+          src/tests/frontend/travis/runner.sh

.github/workflows/lint-package-lock.yml

@@ -3,26 +3,39 @@ name: "Lint"
 # any branch is useful for testing before a PR is submitted
 on: [push, pull_request]
 
+permissions:
+  contents: read
+
 jobs:
   lint-package-lock:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: package-lock.json
     runs-on: ubuntu-latest
-
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install lockfile-lint
-      run: npm install lockfile-lint
-
-    - name: Run lockfile-lint on package-lock.json
-      run: npx lockfile-lint --path src/package-lock.json --validate-https --allowed-hosts npm
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install lockfile-lint
+        run: npm install --no-save lockfile-lint --legacy-peer-deps
+      -
+        name: Run lockfile-lint on package-lock.json
+        run: >
+          npx lockfile-lint
+          --path src/package-lock.json
+          --allowed-hosts npm
+          --allowed-schemes https:
+          --allowed-schemes github:
+          --allowed-urls github:mapbox/node-sqlite3#593c9d498be2510d286349134537e3bf89401c4a

.github/workflows/load-test.yml

@@ -3,109 +3,123 @@ name: "Loadtest"
 # any branch is useful for testing before a PR is submitted
 on: [push, pull_request]
 
+permissions:
+  contents: read
+
 jobs:
   withoutplugins:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: without plugins
     runs-on: ubuntu-latest
-
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    - name: Install etherpad-load-test
-      run: sudo npm install -g etherpad-load-test
-
-    - name: Run load test
-      run: src/tests/frontend/travis/runnerLoadTest.sh 25 50
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: Install etherpad-load-test
+        run: sudo npm install -g etherpad-load-test
+      -
+        name: Run load test
+        run: src/tests/frontend/travis/runnerLoadTest.sh 25 50
 
   withplugins:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: with Plugins
     runs-on: ubuntu-latest
-
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install etherpad-load-test
-      run: sudo npm install -g etherpad-load-test
-
-    - name: Install etherpad plugins
-      # The --legacy-peer-deps flag is required to work around a bug in npm v7:
-      # https://github.com/npm/cli/issues/2199
-      run: >
-        npm install --no-save --legacy-peer-deps
-        ep_align
-        ep_author_hover
-        ep_cursortrace
-        ep_font_size
-        ep_hash_auth
-        ep_headings2
-        ep_markdown
-        ep_readonly_guest
-        ep_set_title_on_pad
-        ep_spellcheck
-        ep_subscript_and_superscript
-        ep_table_of_contents
-
-    # This must be run after installing the plugins, otherwise npm will try to
-    # hoist common dependencies by removing them from src/node_modules and
-    # installing them in the top-level node_modules. As of v6.14.10, npm's hoist
-    # logic appears to be buggy, because it sometimes removes dependencies from
-    # src/node_modules but fails to add them to the top-level node_modules. Even
-    # if npm correctly hoists the dependencies, the hoisting seems to confuse
-    # tools such as `npm outdated`, `npm update`, and some ESLint rules.
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    # configures some settings and runs npm run test
-    - name: Run load test
-      run: src/tests/frontend/travis/runnerLoadTest.sh 25 50
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install etherpad-load-test
+        run: sudo npm install -g etherpad-load-test
+      -
+        name: Install etherpad plugins
+        # The --legacy-peer-deps flag is required to work around a bug in npm v7:
+        # https://github.com/npm/cli/issues/2199
+        run: >
+          npm install --no-save --legacy-peer-deps
+          ep_align
+          ep_author_hover
+          ep_cursortrace
+          ep_font_size
+          ep_hash_auth
+          ep_headings2
+          ep_markdown
+          ep_readonly_guest
+          ep_set_title_on_pad
+          ep_spellcheck
+          ep_subscript_and_superscript
+          ep_table_of_contents
+      # Etherpad core dependencies must be installed after installing the
+      # plugin's dependencies, otherwise npm will try to hoist common
+      # dependencies by removing them from src/node_modules and installing them
+      # in the top-level node_modules. As of v6.14.10, npm's hoist logic appears
+      # to be buggy, because it sometimes removes dependencies from
+      # src/node_modules but fails to add them to the top-level node_modules.
+      # Even if npm correctly hoists the dependencies, the hoisting seems to
+      # confuse tools such as `npm outdated`, `npm update`, and some ESLint
+      # rules.
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: Run load test
+        run: src/tests/frontend/travis/runnerLoadTest.sh 25 50
 
   long:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: long running
     runs-on: ubuntu-latest
-
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    - name: Install etherpad-load-test
-      run: sudo npm install -g etherpad-load-test
-
-
-    # configures some settings and runs npm run test
-    - name: Run load test
-      run: src/tests/frontend/travis/runnerLoadTest.sh 5000 5
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: Install etherpad-load-test
+        run: sudo npm install -g etherpad-load-test
+      -
+        name: Run load test
+        run: src/tests/frontend/travis/runnerLoadTest.sh 5000 5

.github/workflows/rate-limit.yml

@@ -3,41 +3,50 @@ name: "rate limit"
 # any branch is useful for testing before a PR is submitted
 on: [push, pull_request]
 
+permissions:
+  contents: read
+
 jobs:
   ratelimit:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: test
     runs-on: ubuntu-latest
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: docker network
-      run: docker network create --subnet=172.23.42.0/16 ep_net
-
-    - name: build docker image
-      run: |
-        docker build -f Dockerfile -t epl-debian-slim .
-        docker build -f src/tests/ratelimit/Dockerfile.nginx -t nginx-latest .
-        docker build -f src/tests/ratelimit/Dockerfile.anotherip -t anotherip .
-    - name: run docker images
-      run: |
-        docker run --name etherpad-docker -p 9000:9001 --rm --network ep_net --ip 172.23.42.2 -e 'TRUST_PROXY=true' epl-debian-slim &
-        docker run -p 8081:80 --rm --network ep_net --ip 172.23.42.1 -d nginx-latest
-        docker run --rm --network ep_net --ip 172.23.42.3 --name anotherip -dt anotherip
-
-    - name: install dependencies and create symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    - name: run rate limit test
-      run: |
-        cd src/tests/ratelimit
-        ./testlimits.sh
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: docker network
+        run: docker network create --subnet=172.23.42.0/16 ep_net
+      -
+        name: build docker image
+        run: |
+          docker build -f Dockerfile -t epl-debian-slim .
+          docker build -f src/tests/ratelimit/Dockerfile.nginx -t nginx-latest .
+          docker build -f src/tests/ratelimit/Dockerfile.anotherip -t anotherip .
+      -
+        name: run docker images
+        run: |
+          docker run --name etherpad-docker -p 9000:9001 --rm --network ep_net --ip 172.23.42.2 -e 'TRUST_PROXY=true' epl-debian-slim &
+          docker run -p 8081:80 --rm --network ep_net --ip 172.23.42.1 -d nginx-latest
+          docker run --rm --network ep_net --ip 172.23.42.3 --name anotherip -dt anotherip
+      -
+        name: install dependencies and create symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: run rate limit test
+        run: |
+          cd src/tests/ratelimit
+          ./testlimits.sh

.github/workflows/stale.yml

@@ -0,0 +1,18 @@
+name: 'Close stale issues and PRs'
+on:
+  schedule:
+    - cron: '30 6 * * *'
+permissions:
+  issues: write
+  pull-requests: write
+jobs:
+  stale:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/stale@v8
+        with:
+          close-issue-label: wontfix
+          close-pr-label: wontfix
+          days-before-close: -1
+          exempt-issue-labels: 'pinned,security,Bug,Serious Bug,Minor bug,Black hole bug,Special case Bug,Upstream bug,Feature Request'
+          exempt-pr-labels: 'pinned,security,Bug,Serious Bug,Minor bug,Black hole bug,Special case Bug,Upstream bug,Feature Request'

.github/workflows/upgrade-from-latest-release.yml

@@ -3,89 +3,97 @@ name: "Upgrade from latest release"
 # any branch is useful for testing before a PR is submitted
 on: [push, pull_request]
 
+permissions:
+  contents: read
+
 jobs:
   withpluginsLinux:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: Linux with Plugins
     runs-on: ubuntu-latest
-
     strategy:
       fail-fast: false
       matrix:
-        node: [12, 14, 16]
-
+        node: [16, 18, 20]
     steps:
-    - name: Check out latest release
-      uses: actions/checkout@v2
-      with:
-        ref: master
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: ${{ matrix.node }}
-
-    - name: Install Etherpad plugins
-      # The --legacy-peer-deps flag is required to work around a bug in npm v7:
-      # https://github.com/npm/cli/issues/2199
-      run: >
-        npm install --no-save --legacy-peer-deps
-        ep_align
-        ep_author_hover
-        ep_cursortrace
-        ep_font_size
-        ep_hash_auth
-        ep_headings2
-        ep_image_upload
-        ep_markdown
-        ep_readonly_guest
-        ep_set_title_on_pad
-        ep_spellcheck
-        ep_subscript_and_superscript
-        ep_table_of_contents
-
-    # This must be run after installing the plugins, otherwise npm will try to
-    # hoist common dependencies by removing them from src/node_modules and
-    # installing them in the top-level node_modules. As of v6.14.10, npm's hoist
-    # logic appears to be buggy, because it sometimes removes dependencies from
-    # src/node_modules but fails to add them to the top-level node_modules. Even
-    # if npm correctly hoists the dependencies, the hoisting seems to confuse
-    # tools such as `npm outdated`, `npm update`, and some ESLint rules.
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    - name: Run the backend tests
-      run: cd src && npm test
-
-    # Because actions/checkout@v2 is called with "ref: master" and without
-    # "fetch-depth: 0", the local clone does not have the ${GITHUB_SHA} commit.
-    # Fetch ${GITHUB_REF} to get the ${GITHUB_SHA} commit. Note that a plain
-    # "git fetch" only fetches "normal" references (refs/heads/* and
-    # refs/tags/*), and for pull requests none of the normal references include
-    # ${GITHUB_SHA}, so we have to explicitly tell Git to fetch ${GITHUB_REF}.
-    - name: Fetch the new Git commits
-      run: git fetch --depth=1 origin "${GITHUB_REF}"
-
-    - name: Upgrade to the new Git revision
-      # For pull requests, ${GITHUB_SHA} is the automatically generated merge
-      # commit that merges the PR's source branch to its destination branch.
-      run: git checkout "${GITHUB_SHA}"
-
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    - name: Run the backend tests
-      run: cd src && npm test
-
-    - name: Install Cypress
-      run: npm install cypress -g
-
-    - name: Run Etherpad & Test Frontend
-      run: |
-            node src/node/server.js &
-            curl --connect-timeout 10 --max-time 20 --retry 5 --retry-delay 10 --retry-max-time 60 --retry-connrefused http://127.0.0.1:9001/p/test
-            cd src/tests/frontend
-            cypress run --spec cypress/integration/test.js --config-file cypress/cypress.json
+      -
+        name: Check out latest release
+        uses: actions/checkout@v4
+        with:
+          ref: master
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: ${{ matrix.node }}
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install Etherpad plugins
+        # The --legacy-peer-deps flag is required to work around a bug in npm
+        # v7: https://github.com/npm/cli/issues/2199
+        run: >
+          npm install --no-save --legacy-peer-deps
+          ep_align
+          ep_author_hover
+          ep_cursortrace
+          ep_font_size
+          ep_hash_auth
+          ep_headings2
+          ep_image_upload
+          ep_markdown
+          ep_readonly_guest
+          ep_set_title_on_pad
+          ep_spellcheck
+          ep_subscript_and_superscript
+          ep_table_of_contents
+      # Etherpad core dependencies must be installed after installing the
+      # plugin's dependencies, otherwise npm will try to hoist common
+      # dependencies by removing them from src/node_modules and installing them
+      # in the top-level node_modules. As of v6.14.10, npm's hoist logic appears
+      # to be buggy, because it sometimes removes dependencies from
+      # src/node_modules but fails to add them to the top-level node_modules.
+      # Even if npm correctly hoists the dependencies, the hoisting seems to
+      # confuse tools such as `npm outdated`, `npm update`, and some ESLint
+      # rules.
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: Run the backend tests
+        run: cd src && npm test
+      # Because actions/checkout@v4 is called with "ref: master" and without
+      # "fetch-depth: 0", the local clone does not have the ${GITHUB_SHA}
+      # commit. Fetch ${GITHUB_REF} to get the ${GITHUB_SHA} commit. Note that a
+      # plain "git fetch" only fetches "normal" references (refs/heads/* and
+      # refs/tags/*), and for pull requests none of the normal references
+      # include ${GITHUB_SHA}, so we have to explicitly tell Git to fetch
+      # ${GITHUB_REF}.
+      -
+        name: Fetch the new Git commits
+        run: git fetch --depth=1 origin "${GITHUB_REF}"
+      -
+        name: Upgrade to the new Git revision
+        # For pull requests, ${GITHUB_SHA} is the automatically generated merge
+        # commit that merges the PR's source branch to its destination branch.
+        run: git checkout "${GITHUB_SHA}"
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        run: src/bin/installDeps.sh
+      -
+        name: Run the backend tests
+        run: cd src && npm test
+      -
+        name: Install Cypress
+        run: cd src && npm install cypress --legacy-peer-deps
+      -
+        name: Run Etherpad & Test Frontend
+        run: |
+          node src/node/server.js &
+          curl --connect-timeout 10 --max-time 20 --retry 5 --retry-delay 10 --retry-max-time 60 --retry-connrefused http://127.0.0.1:9001/p/test
+          ./src/node_modules/cypress/bin/cypress run --config-file src/tests/frontend/cypress/cypress.config.js

.github/workflows/windows-installer.yml

@@ -1,61 +0,0 @@
-name: "Windows Installer"
-
-# any branch is useful for testing before a PR is submitted
-on: [push, pull_request]
-
-jobs:
-  build:
-    # run on pushes to any branch
-    # run on PRs from external forks
-    if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
-
-    name: Build Zip & Exe
-    runs-on: windows-latest
-
-    steps:
-    - uses: msys2/setup-msys2@v2
-      with:
-        path-type: inherit
-        install: >-
-          zip
-
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      shell: msys2 {0}
-      run: src/bin/installDeps.sh
-
-    - name: Run the backend tests
-      shell: msys2 {0}
-      run: cd src && npm test
-
-    - name: Build the .zip
-      shell: msys2 {0}
-      run: src/bin/buildForWindows.sh
-
-    - name: Extract the .zip into folder
-      run: 7z x etherpad-lite-win.zip -oetherpad-lite-new
-
-    - name: Grab nsis config
-      run: git clone https://github.com/ether/etherpad_nsis.git
-
-    - name: Create installer
-      uses: joncloud/makensis-action@v3.4
-      with:
-        script-file: 'etherpad_nsis/etherpad.nsi'
-
-    - name: Check something..
-      run: ls etherpad_nsis
-
-    - name: Archive production artifacts
-      uses: actions/upload-artifact@v2
-      with:
-        name: etherpad-server-windows.exe
-        path: etherpad_nsis/etherpad-server-windows.exe

.github/workflows/windows-zip.yml

@@ -1,77 +0,0 @@
-name: "Windows Zip"
-
-# any branch is useful for testing before a PR is submitted
-on: [push, pull_request]
-
-jobs:
-  build:
-    # run on pushes to any branch
-    # run on PRs from external forks
-    if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
-    name: Build
-    runs-on: windows-latest
-
-    steps:
-    - uses: msys2/setup-msys2@v2
-      with:
-        path-type: inherit
-        install: >-
-          zip
-
-    - name: Checkout repository
-      uses: actions/checkout@v2
-
-    - uses: actions/setup-node@v2
-      with:
-        node-version: 12
-
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      shell: msys2 {0}
-      run: src/bin/installDeps.sh
-
-    - name: Run the backend tests
-      shell: msys2 {0}
-      run: cd src && npm test
-
-    - name: Build the .zip
-      shell: msys2 {0}
-      run: src/bin/buildForWindows.sh
-
-    - name: Archive production artifacts
-      uses: actions/upload-artifact@v2
-      with:
-        name: etherpad-lite-win.zip
-        path: etherpad-lite-win.zip
-
-
-  deploy:
-    # run on pushes to any branch
-    # run on PRs from external forks
-    if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
-    name: Deploy
-    needs: build
-    runs-on: windows-latest
-
-    steps:
-    - name: Download zip
-      uses: actions/download-artifact@v2
-      with:
-        name: etherpad-lite-win.zip
-
-    - name: Extract Etherpad
-      run: 7z x etherpad-lite-win.zip -oetherpad
-
-    - name: Install Cypress
-      run: npm install cypress -g
-
-    - name: Run Etherpad
-      run: |
-            cd etherpad
-            node node_modules\ep_etherpad-lite\node\server.js &
-            curl --connect-timeout 10 --max-time 20 --retry 5 --retry-delay 10 --retry-max-time 60 --retry-connrefused http://127.0.0.1:9001/p/test
-            cd src\tests\frontend
-            cypress run --spec cypress\integration\test.js --config-file cypress\cypress.json

.github/workflows/windows.yml

@@ -0,0 +1,135 @@
+name: "Windows Build"
+
+# any branch is useful for testing before a PR is submitted
+on: [push, pull_request]
+
+permissions:
+  contents: read
+
+jobs:
+  build-zip:
+    # run on pushes to any branch
+    # run on PRs from external forks
+    if: |
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+    name: Build .zip
+    runs-on: windows-latest
+    steps:
+      -
+        uses: msys2/setup-msys2@v2
+        with:
+          path-type: inherit
+          install: >-
+            zip
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Install all dependencies and symlink for ep_etherpad-lite
+        shell: msys2 {0}
+        run: src/bin/installDeps.sh
+      -
+        name: Run the backend tests
+        shell: msys2 {0}
+        run: cd src && npm test
+      -
+        name: Build the .zip
+        shell: msys2 {0}
+        run: src/bin/buildForWindows.sh
+      -
+        name: Archive production artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: etherpad-win.zip
+          path: etherpad-win.zip
+
+  build-exe:
+    if: |
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+    name: Build .exe
+    needs: build-zip
+    runs-on: windows-latest
+    steps:
+      -
+        name: Checkout repository
+        uses: actions/checkout@v4
+      -
+        name: Download .zip
+        uses: actions/download-artifact@v3
+        with:
+          name: etherpad-win.zip
+          path: ..
+      -
+        name: Extract .zip
+        working-directory: ..
+        run: 7z x etherpad-win.zip -oetherpad-zip
+      -
+        name: Create installer
+        uses: joncloud/makensis-action@v3.7
+        with:
+          script-file: 'src/bin/nsis/etherpad.nsi'
+      -
+        name: Archive production artifacts
+        uses: actions/upload-artifact@v3
+        with:
+          name: etherpad-win.exe
+          path: etherpad-win.exe
+
+  deploy-zip:
+    # run on pushes to any branch
+    # run on PRs from external forks
+    permissions:
+      contents: write
+    if: |
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+    name: Deploy
+    needs: build-zip
+    runs-on: windows-latest
+    steps:
+      -
+        name: Download zip
+        uses: actions/download-artifact@v3
+        with:
+          name: etherpad-win.zip
+      -
+        name: Extract Etherpad
+        run: 7z x etherpad-win.zip -oetherpad
+      -
+        uses: actions/setup-node@v4
+        with:
+          node-version: 20
+          cache: 'npm'
+          cache-dependency-path: |
+            etherpad/src/package-lock.json
+            etherpad/src/bin/doc/package-lock.json
+      -
+        name: Install Cypress
+        run: cd etherpad && cd src && npm install cypress --legacy-peer-deps
+      -
+        name: Run Etherpad
+        run: |
+          cd etherpad
+          node node_modules\ep_etherpad-lite\node\server.js &
+          curl --connect-timeout 10 --max-time 20 --retry 5 --retry-delay 10 --retry-max-time 60 --retry-connrefused http://127.0.0.1:9001/p/test
+          src\node_modules\cypress\bin\cypress run --config-file src\tests\frontendcypress\cypress.config.js
+      # On release, upload windows zip to GitHub release tab
+      -
+        name: Rename to etherpad-lite-win.zip
+        shell: powershell
+        run: mv etherpad-win.zip etherpad-lite-win.zip
+      - name: upload binaries to release
+        uses: softprops/action-gh-release@v1
+        if: ${{startsWith(github.ref, 'refs/tags/v') }}
+        with:
+            files: etherpad-lite-win.zip

.gitignore

@@ -1,15 +1,15 @@
+/etherpad-win.exe
+/etherpad-win.zip
 node_modules
 /settings.json
 !settings.json.template
 APIKEY.txt
 SESSIONKEY.txt
-etherpad-lite-win.zip
 var/dirty.db
 *~
 *.patch
 npm-debug.log
 *.DS_Store
-.ep_initialized
 *.crt
 *.key
 credentials.json

CHANGELOG.md

@@ -1,3 +1,361 @@
+# 1.9.4
+
+### Compability changes
+
+* Log4js has been updated to the latest version. As it involved a bump of 6 major version. 
+  A lot has changed since then. Most notably the console appender has been deprecated. You can find out more about it [here](https://github.com/log4js-node/log4js-node)
+
+### Notable enhancements and fixes
+
+* Fix for MySQL: The logger calls were incorrectly configured leading to a crash when e.g. somebody uses a different encoding than standard MySQL encoding. 
+
+# 1.9.3
+
+### Compability changes
+
+* express-rate-limit has been bumped to 7.0.0: This involves the breaking change that "max: 0"
+in the importExportRateLimiting is set to always trigger. So set it to your desired value.
+If you haven't changed that value in the settings.json you are all set. 
+
+### Notable enhancements and fixes
+
+* Bugfixes
+  * Fix etherpad crashing with mongodb database
+
+* Enhancements
+  * Add surrealdb database support. You can find out more about this database [here](https://surrealdb.com).
+  * Make sqlite faster: The sqlite library has been switched to better-sqlite3. This should lead to better performance.
+
+# 1.9.2
+
+### Notable enhancements and fixes
+
+* Security
+  * Enable session key rotation: This setting can be enabled in the settings.json. It changes the signing key for the cookie authentication in a fixed interval.
+
+* Bugfixes
+  * Fix appendRevision when creating a new pad via the API without a text. 
+
+
+* Enhancements
+  * Bump JQuery to version 3.7
+  * Update elasticsearch connector to version 8
+
+### Compatibility changes
+
+* No compability changes as JQuery maintains excellent backwards compatibility. 
+
+#### For plugin authors
+
+* Please update to JQuery 3.7. There is an excellent deprecation guide over [here](https://api.jquery.com/category/deprecated/). Version 3.1 to 3.7 are relevant for the upgrade. 
+
+# 1.9.1
+
+### Notable enhancements and fixes
+
+* Security
+  * Limit requested revisions in timeslider and export to head revision. (affects v1.9.0)
+  
+* Bugfixes
+  * revisions in `CHANGESET_REQ` (timeslider) and export (txt, html, custom)
+    are now checked to be numbers.
+  * bump sql for audit fix
+* Enhancements
+  * Add keybinding meta-backspace to delete to beginning of line
+  * Fix automatic Windows build via GitHub Actions
+  * Enable docs to be build cross platform thanks to asciidoctor
+
+### Compatibility changes
+* tests: drop windows 7 test coverage & use chrome latest for admin tests
+* Require Node 16 for Etherpad and target Node 20 for testing
+
+    
+# 1.9.0
+
+### Notable enhancements and fixes
+
+* Windows build:
+  * The bundled `node.exe` was upgraded from v12 to v16.
+  * The bundled `node.exe` is now a 64-bit executable. If you need the 32-bit
+    version you must download and install Node.js yourself.
+* Improvements to login session management:
+  * `express_sid` cookies and `sessionstorage:*` database records are no longer
+    created unless `requireAuthentication` is `true` (or a plugin causes them to
+    be created).
+  * Login sessions now have a finite lifetime by default (10 days after
+    leaving).
+  * `sessionstorage:*` database records are automatically deleted when the login
+    session expires (with some exceptions that will be fixed in the future).
+  * Requests for static content (e.g., `/robots.txt`) and special pages (e.g.,
+    the HTTP API, `/stats`) no longer create login session state.
+  * The secret used to sign the `express_sid` cookie is now automatically
+    regenerated every day (called *key rotation*) by default. If key rotation is
+    enabled, the now-deprecated `SESSIONKEY.txt` file can be safely deleted
+    after Etherpad starts up (its content is read and saved to the database and
+    used to validate signatures from old cookies until they expire).
+* The following settings from `settings.json` are now applied as expected (they
+  were unintentionally ignored before):
+  * `padOptions.lang`
+  * `padOptions.showChat`
+  * `padOptions.userColor`
+  * `padOptions.userName`
+* HTTP API:
+  * Fixed the return value of `getText` when called with a specific revision.
+  * Fixed a potential attribute pool corruption bug with
+    `copyPadWithoutHistory`.
+  * Mappings created by `createGroupIfNotExistsFor` are now removed from the
+    database when the group is deleted.
+  * Fixed race conditions in the `setText`, `appendText`, and `restoreRevision`
+    functions.
+  * Added an optional `authorId` parameter to `appendText`,
+    `copyPadWithoutHistory`, `createGroupPad`, `createPad`, `restoreRevision`,
+    `setHTML`, and `setText`, and bumped the latest API version to 1.3.0.
+* Fixed a crash if the database is busy enough to cause a query timeout.
+* New `/health` endpoint for getting information about Etherpad's health (see
+  [draft-inadarei-api-health-check-06](https://www.ietf.org/archive/id/draft-inadarei-api-health-check-06.html)).
+* Docker now uses the new `/health` endpoint for health checks, which avoids
+  issues when authentication is enabled. It also avoids the unnecessary creation
+  of database records for managing browser sessions.
+* When copying a pad, the pad's records are copied in batches to avoid database
+  timeouts with large pads.
+* Exporting a large pad to `.etherpad` format should be faster thanks to bulk
+  database record fetches.
+* When importing an `.etherpad` file, records are now saved to the database in
+  batches to avoid database timeouts with large pads.
+
+#### For plugin authors
+
+* New `expressPreSession` server-side hook.
+* Pad server-side hook changes:
+  * `padCheck`: New hook.
+  * `padCopy`: New `srcPad` and `dstPad` context properties.
+  * `padDefaultContent`: New hook.
+  * `padRemove`: New `pad` context property.
+* The `db` property on Pad objects is now public.
+* New `getAuthorId` server-side hook.
+* New APIs for processing attributes: `ep_etherpad-lite/static/js/attributes`
+  (low-level API) and `ep_etherpad-lite/static/js/AttributeMap` (high-level
+  API).
+* The `import` server-side hook has a new `ImportError` context property.
+* New `exportEtherpad` and `importEtherpad` server-side hooks.
+* The `handleMessageSecurity` and `handleMessage` server-side hooks have a new
+  `sessionInfo` context property that includes the user's author ID, the pad ID,
+  and whether the user only has read-only access.
+* The `handleMessageSecurity` server-side hook can now be used to grant write
+  access for the current message only.
+* The `init_<pluginName>` server-side hooks have a new `logger` context
+  property that plugins can use to log messages.
+* Prevent infinite loop when exiting the server
+* Bump dependencies
+
+
+### Compatibility changes
+
+* Node.js v14.15.0 or later is now required.
+* The default login session expiration (applicable if `requireAuthentication` is
+  `true`) changed from never to 10 days after the user leaves.
+
+#### For plugin authors
+
+* The `client` context property for the `handleMessageSecurity` and
+  `handleMessage` server-side hooks is deprecated; use the `socket` context
+  property instead.
+* Pad server-side hook changes:
+  * `padCopy`:
+    * The `originalPad` context property is deprecated; use `srcPad` instead.
+    * The `destinationID` context property is deprecated; use `dstPad.id`
+      instead.
+  * `padCreate`: The `author` context property is deprecated; use the new
+    `authorId` context property instead. Also, the hook now runs asynchronously.
+  * `padLoad`: Now runs when a temporary Pad object is created during import.
+    Also, it now runs asynchronously.
+  * `padRemove`: The `padID` context property is deprecated; use `pad.id`
+    instead.
+  * `padUpdate`: The `author` context property is deprecated; use the new
+    `authorId` context property instead. Also, the hook now runs asynchronously.
+* Returning `true` from a `handleMessageSecurity` hook function is deprecated;
+  return `'permitOnce'` instead.
+* Changes to the `src/static/js/Changeset.js` library:
+  * The following attribute processing functions are deprecated (use the new
+    attribute APIs instead):
+    * `attribsAttributeValue()`
+    * `eachAttribNumber()`
+    * `makeAttribsString()`
+    * `opAttributeValue()`
+  * `opIterator()`: Deprecated in favor of the new `deserializeOps()` generator
+    function.
+  * `appendATextToAssembler()`: Deprecated in favor of the new `opsFromAText()`
+    generator function.
+  * `newOp()`: Deprecated in favor of the new `Op` class.
+* The `AuthorManager.getAuthor4Token()` function is deprecated; use the new
+  `AuthorManager.getAuthorId()` function instead.
+* The exported database records covered by the `exportEtherpadAdditionalContent`
+  server-side hook now include keys like `${customPrefix}:${padId}:*`, not just
+  `${customPrefix}:${padId}`.
+* Plugin locales should overwrite core's locales Stale
+* Plugin locales overwrite core locales
+
+# 1.8.18
+
+Released: 2022-05-05
+
+### Notable enhancements and fixes
+
+  * Upgraded ueberDB to fix a regression with CouchDB.
+
+# 1.8.17
+
+Released: 2022-02-23
+
+### Security fixes
+
+* Fixed a vunlerability in the `CHANGESET_REQ` message handler that allowed a
+  user with any access to read any pad if the pad ID is known.
+
+### Notable enhancements and fixes
+
+* Fixed a bug that caused all pad edit messages received at the server to go
+  through a single queue. Now there is a separate queue per pad as intended,
+  which should reduce message processing latency when many pads are active at
+  the same time.
+
+# 1.8.16
+
+### Security fixes
+
+If you cannot upgrade to v1.8.16 for some reason, you are encouraged to try
+cherry-picking the fixes to the version you are running:
+
+```shell
+git cherry-pick b7065eb9a0ec..77bcb507b30e
+```
+
+* Maliciously crafted `.etherpad` files can no longer overwrite arbitrary
+  non-pad database records when imported.
+* Imported `.etherpad` files are now subject to numerous consistency checks
+  before any records are written to the database. This should help avoid
+  denial-of-service attacks via imports of malformed `.etherpad` files.
+
+### Notable enhancements and fixes
+
+* Fixed several `.etherpad` import bugs.
+* Improved support for large `.etherpad` imports.
+
+# 1.8.15
+
+### Security fixes
+
+* Fixed leak of the writable pad ID when exporting from the pad's read-only ID.
+  This only matters if you treat the writeable pad IDs as secret (e.g., you are
+  not using [ep_padlist2](https://www.npmjs.com/package/ep_padlist2)) and you
+  share the pad's read-only ID with untrusted users. Instead of treating
+  writeable pad IDs as secret, you are encouraged to take advantage of
+  Etherpad's authentication and authorization mechanisms (e.g., use
+  [ep_openid_connect](https://www.npmjs.com/package/ep_openid_connect) with
+  [ep_readonly_guest](https://www.npmjs.com/package/ep_readonly_guest), or write
+  your own
+  [authentication](https://etherpad.org/doc/v1.8.14/#index_authenticate) and
+  [authorization](https://etherpad.org/doc/v1.8.14/#index_authorize) plugins).
+* Updated dependencies.
+
+### Compatibility changes
+
+* The `logconfig` setting is deprecated.
+
+#### For plugin authors
+
+* Etherpad now uses [jsdom](https://github.com/jsdom/jsdom) instead of
+  [cheerio](https://cheerio.js.org/) for processing HTML imports. There are two
+  consequences of this change:
+  * `require('ep_etherpad-lite/node_modules/cheerio')` no longer works. To fix,
+    your plugin should directly depend on `cheerio` and do `require('cheerio')`.
+  * The `collectContentImage` hook's `node` context property is now an
+    [`HTMLImageElement`](https://developer.mozilla.org/en-US/docs/Web/API/HTMLImageElement)
+    object rather than a Cheerio Node-like object, so the API is slightly
+    different. See
+    [citizenos/ep_image_upload#49](https://github.com/citizenos/ep_image_upload/pull/49)
+    for an example fix.
+* The `clientReady` server-side hook is deprecated; use the new `userJoin` hook
+  instead.
+* The `init_<pluginName>` server-side hooks are now run every time Etherpad
+  starts up, not just the first time after the named plugin is installed.
+* The `userLeave` server-side hook's context properties have changed:
+  * `auth`: Deprecated.
+  * `author`: Deprecated; use the new `authorId` property instead.
+  * `readonly`: Deprecated; use the new `readOnly` property instead.
+  * `rev`: Deprecated.
+* Changes to the `src/static/js/Changeset.js` library:
+  * `opIterator()`: The unused start index parameter has been removed, as has
+    the unused `lastIndex()` method on the returned object.
+  * `smartOpAssembler()`: The returned object's `appendOpWithText()` method is
+    deprecated without a replacement available to plugins (if you need one, let
+    us know and we can make the private `opsFromText()` function public).
+  * Several functions that should have never been public are no longer exported:
+    `applyZip()`, `assert()`, `clearOp()`, `cloneOp()`, `copyOp()`, `error()`,
+    `followAttributes()`, `opString()`, `stringOp()`, `textLinesMutator()`,
+    `toBaseTen()`, `toSplices()`.
+
+### Notable enhancements and fixes
+
+* Accessibility fix for JAWS screen readers.
+* Fixed "clear authorship" error (see issue #5128).
+* Etherpad now considers square brackets to be valid URL characters.
+* The server no longer crashes if an exception is thrown while processing a
+  message from a client.
+* The `useMonospaceFontGlobal` setting now works (thanks @Lastpixl!).
+* Chat improvements:
+  * The message input field is now a text area, allowing multi-line messages
+    (use shift-enter to insert a newline).
+  * Whitespace in chat messages is now preserved.
+* Docker improvements:
+  * New `HEALTHCHECK` instruction (thanks @Gared!).
+  * New `settings.json` variables: `DB_COLLECTION`, `DB_URL`,
+    `SOCKETIO_MAX_HTTP_BUFFER_SIZE`, `DUMP_ON_UNCLEAN_EXIT` (thanks
+    @JustAnotherArchivist!).
+  * `.ep_initialized` files are no longer created.
+* Worked around a [Firefox Content Security Policy
+  bug](https://bugzilla.mozilla.org/show_bug.cgi?id=1721296) that caused CSP
+  failures when `'self'` was in the CSP header. See issue #4975 for details.
+* UeberDB upgraded from v1.4.10 to v1.4.18. For details, see the [ueberDB
+  changelog](https://github.com/ether/ueberDB/blob/master/CHANGELOG.md).
+  Highlights:
+  * The `postgrespool` driver was renamed to `postgres`, replacing the old
+    driver of that name. If you used the old `postgres` driver, you may see an
+    increase in the number of database connections.
+  * For `postgres`, you can now set the `dbSettings` value in `settings.json` to
+    a connection string (e.g., `"postgres://user:password@host/dbname"`) instead
+    of an object.
+  * For `mongodb`, the `dbName` setting was renamed to `database` (but `dbName`
+    still works for backwards compatibility) and is now optional (if unset, the
+    database name in `url` is used).
+* `/admin/settings` now honors the `--settings` command-line argument.
+* Fixed "Author *X* tried to submit changes as author *Y*" detection.
+* Error message display improvements.
+* Simplified pad reload after importing an `.etherpad` file.
+
+#### For plugin authors
+
+* `clientVars` was added to the context for the `postAceInit` client-side hook.
+  Plugins should use this instead of the `clientVars` global variable.
+* New `userJoin` server-side hook.
+* The `userLeave` server-side hook has a new `socket` context property.
+* The `helper.aNewPad()` function (accessible to client-side tests) now
+  accepts hook functions to inject when opening a pad. This can be used to
+  test any new client-side hooks your plugin provides.
+* Chat improvements:
+  * The `chatNewMessage` client-side hook context has new properties:
+    * `message`: Provides access to the raw message object so that plugins can
+      see the original unprocessed message text and any added metadata.
+    * `rendered`: Allows plugins to completely override how the message is
+      rendered in the UI.
+  * New `chatSendMessage` client-side hook that enables plugins to process the
+    text before sending it to the server or augment the message object with
+    custom metadata.
+  * New `chatNewMessage` server-side hook to process new chat messages before
+    they are saved to the database and relayed to users.
+* Readability improvements to browser-side error stack traces.
+* Added support for socket.io message acknowledgments.
+
 # 1.8.14
 
 ### Security fixes
@@ -54,8 +412,8 @@
 * Disabled wtfnode dump by default.
 * Send `USER_NEWINFO` messages on reconnect.
 * Fixed loading in a hidden iframe.
-* Fixed a race condition with composition. (Thanks @ingoncalves for an exceptionally
-  detailed analysis and @rhansen for the fix.)
+* Fixed a race condition with composition. (Thanks @ingoncalves for an
+  exceptionally detailed analysis and @rhansen for the fix.)
 
 # 1.8.13
 
@@ -82,11 +440,13 @@
 
 # 1.8.12
 
-Special mention: Thanks to Sauce Labs for additional testing tunnels to help us grow! :)
+Special mention: Thanks to Sauce Labs for additional testing tunnels to help us
+grow! :)
 
 ### Security patches
 
-* Fixed a regression in v1.8.11 which caused some pad names to cause Etherpad to restart.
+* Fixed a regression in v1.8.11 which caused some pad names to cause Etherpad to
+  restart.
 
 ### Notable fixes
 
@@ -95,8 +455,8 @@ Special mention: Thanks to Sauce Labs for additional testing tunnels to help us
 * Fixed a regression in v1.8.8 that caused "Uncaught TypeError: Cannot read
   property '0' of undefined" with some plugins (#4885)
 * Less warnings in server console for supported element types on import.
-* Support Azure and other network share installations by using a 
-  more truthful relative path.
+* Support Azure and other network share installations by using a more truthful
+  relative path.
 
 ### Notable enhancements
 

CONTRIBUTING.md

@@ -15,9 +15,17 @@
   number of the issue that is being fixed, in the form: Fixes #someIssueNumber
   ```
 * if the PR is a **bug fix**:
-  * the first commit in the series must be a test that shows the failure
-  * subsequent commits will fix the bug and make the test pass
-  * the final commit message should include the text `Fixes: #xxx` to link it to its bug report
+  * The commit that fixes the bug should **include a regression test** that
+    would fail if the bug fix was reverted. Adding the regression test in the
+    same commit as the bug fix makes it easier for a reviewer to verify that the
+    test is appropriate for the bug fix.
+  * If there is a bug report, **the pull request description should include the
+    text "`Fixes #xxx`"** so that the bug report is auto-closed when the PR is
+    merged. It is less useful to say the same thing in a commit message because
+    GitHub will spam the bug report every time the commit is rebased, and
+    because a bug number alone becomes meaningless in forks. (A full URL would
+    be better, but ideally each commit is readable on its own without the need
+    to examine an external reference to understand motivation or context.)
 * think about stability: code has to be backwards compatible as much as possible. Always **assume your code will be run with an older version of the DB/config file**
 * if you want to remove a feature, **deprecate it instead**:
   * write an issue with your deprecation plan
@@ -116,6 +124,7 @@ You can build the docs e.g. produce html, using `make docs`. At some point in th
 Front-end tests are found in the `tests/frontend/` folder in the repository. Run them by pointing your browser to `<yourdomainhere>/tests/frontend`.
 
 Back-end tests can be run from the `src` directory, via `npm test`.
+You can use `npm test -- --inspect-brk` and navigate to `edge://inspect` or `chrome://inspect` to debug the tests.
 
 ## Things you can help with
 Etherpad is much more than software.  So if you aren't a developer then worry not, there is still a LOT you can do!  A big part of what we do is community engagement.  You can help in the following ways

Dockerfile

@@ -4,9 +4,22 @@
 #
 # Author: muxator
 
-FROM node:14-buster-slim
+FROM node:lts-alpine
 LABEL maintainer="Etherpad team, https://github.com/ether/etherpad-lite"
 
+ARG TIMEZONE=
+
+RUN \
+  [ -z "${TIMEZONE}" ] || { \
+    apk add --no-cache tzdata && \
+    cp /usr/share/zoneinfo/${TIMEZONE} /etc/localtime && \
+    echo "${TIMEZONE}" > /etc/timezone; \
+  }
+ENV TIMEZONE=${TIMEZONE}
+
+# Control the configuration file to be copied into the container.
+ARG SETTINGS=./settings.json.docker
+
 # plugins to install while building the container. By default no plugins are
 # installed.
 # If given a value, it has to be a space-separated, quoted list of plugin names.
@@ -35,7 +48,9 @@ ARG INSTALL_SOFFICE=
 # leaner (development dependencies are not installed) and runs faster (among
 # other things, assets are minified & compressed).
 ENV NODE_ENV=production
-
+ENV ETHERPAD_PRODUCTION=true
+# Install dependencies required for modifying access.
+RUN apk add shadow bash
 # Follow the principle of least privilege: run as unprivileged user.
 #
 # Running as non-root enables running this image in platforms like OpenShift
@@ -47,6 +62,9 @@ ARG EP_HOME=
 ARG EP_UID=5001
 ARG EP_GID=0
 ARG EP_SHELL=
+
+ENV NODE_ENV=production
+
 RUN groupadd --system ${EP_GID:+--gid "${EP_GID}" --non-unique} etherpad && \
     useradd --system ${EP_UID:+--uid "${EP_UID}" --non-unique} --gid etherpad \
         ${EP_HOME:+--home-dir "${EP_HOME}"} --create-home \
@@ -57,17 +75,14 @@ RUN mkdir -p "${EP_DIR}" && chown etherpad:etherpad "${EP_DIR}"
 
 # the mkdir is needed for configuration of openjdk-11-jre-headless, see
 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863199
-RUN export DEBIAN_FRONTEND=noninteractive; \
+RUN  \
     mkdir -p /usr/share/man/man1 && \
-    apt-get -qq update && \
-    apt-get -qq --no-install-recommends install \
+    apk update && apk upgrade && \
+    apk add  \
         ca-certificates \
         git \
-        ${INSTALL_ABIWORD:+abiword} \
-        ${INSTALL_SOFFICE:+libreoffice} \
-        && \
-    apt-get -qq clean && \
-    rm -rf /var/lib/apt/lists/*
+        ${INSTALL_ABIWORD:+abiword abiword-plugin-command} \
+        ${INSTALL_SOFFICE:+libreoffice openjdk8-jre libreoffice-common}
 
 USER etherpad
 
@@ -84,15 +99,21 @@ COPY --chown=etherpad:etherpad ./ ./
 # seems to confuse tools such as `npm outdated`, `npm update`, and some ESLint
 # rules.
 RUN { [ -z "${ETHERPAD_PLUGINS}" ] || \
-      npm install --no-save ${ETHERPAD_PLUGINS}; } && \
+      npm install --no-save --legacy-peer-deps ${ETHERPAD_PLUGINS}; } && \
     src/bin/installDeps.sh && \
     rm -rf ~/.npm
 
 # Copy the configuration file.
-COPY --chown=etherpad:etherpad ./settings.json.docker "${EP_DIR}"/settings.json
+COPY --chown=etherpad:etherpad ${SETTINGS} "${EP_DIR}"/settings.json
 
 # Fix group permissions
 RUN chmod -R g=u .
 
+USER root
+RUN cd src && npm link
+USER etherpad
+
+HEALTHCHECK --interval=20s --timeout=3s CMD ["etherpad-healthcheck"]
+
 EXPOSE 9001
-CMD ["node", "src/node/server.js"]
+CMD ["etherpad"]

Makefile

@@ -1,32 +0,0 @@
-doc_sources = $(wildcard doc/*/*.md) $(wildcard doc/*.md)
-outdoc_files = $(addprefix out/,$(doc_sources:.md=.html))
-
-docassets = $(addprefix out/,$(wildcard doc/assets/*))
-
-VERSION = $(shell node -e "console.log( require('./src/package.json').version )")
-UNAME := $(shell uname -s)
-
-ensure_marked_is_installed:
-	set -eu; \
-	hash npm; \
-	if [ $(shell npm list --prefix src/bin/doc >/dev/null 2>/dev/null; echo $$?) -ne "0" ]; then \
-		npm ci --prefix=src/bin/doc; \
-	fi
-
-docs: ensure_marked_is_installed $(outdoc_files) $(docassets)
-
-out/doc/assets/%: doc/assets/%
-	mkdir -p $(@D)
-	cp $< $@
-
-out/doc/%.html: doc/%.md
-	mkdir -p $(@D)
-	node src/bin/doc/generate.js --format=html --template=doc/template.html $< > $@
-ifeq ($(UNAME),Darwin)
-	sed -i '' 's/__VERSION__/${VERSION}/' $@
-else
-	sed -i 's/__VERSION__/${VERSION}/' $@
-endif
-
-clean:
-	rm -rf out/

README.md

@@ -1,43 +1,58 @@
-# A real-time collaborative editor for the web
+# Etherpad: A real-time collaborative editor for the web
 
 ![Demo Etherpad Animated Jif](doc/images/etherpad_demo.gif "Etherpad in action")
 
-# About
-Etherpad is a real-time collaborative editor [scalable to thousands of simultaneous real time users](http://scale.etherpad.org/). It provides [full data export](https://github.com/ether/etherpad-lite/wiki/Understanding-Etherpad's-Full-Data-Export-capabilities) capabilities, and runs on _your_ server, under _your_ control.
+## About
 
-# Try it out
-Etherpad is extremely flexible providing you the means to modify it to solve whatever problem your community has.  We provide some demo instances for you try different experiences available within Etherpad.  Pad content is automatically removed after 24 hours.
+Etherpad is a real-time collaborative editor [scalable to thousands of
+simultaneous real time users](http://scale.etherpad.org/). It provides [full
+data
+export](https://github.com/ether/etherpad-lite/wiki/Understanding-Etherpad's-Full-Data-Export-capabilities)
+capabilities, and runs on _your_ server, under _your_ control.
 
-* [Rich Editing](https://rich.etherpad.com) - A full rich text WYSIWYG editor.
-* [Minimalist editor](https://minimalist.etherpad.com) - A minimalist editor that can be embedded within your tool.
-* [Dark Mode](https://dark.etherpad.com) - Theme settings to have Etherpad start in dark mode, ideal for using Etherpad at night or for long durations.
-* [Images](https://image.etherpad.com) - Plugins to improve provide Image support within a pad.
-* [Video Chat](https://video.etherpad.com) - Plugins to enable Video and Audio chat in a pad.
-* [Collaboration++](https://collab.etherpad.com) - Plugins to improve the really-real time collaboration experience, suitable for busy pads.
-* [Document Analysis](https://analysis.etherpad.com) - Plugins to improve author and document analysis during and post creation.
-* [Scale](https://shard.etherpad.com) - Etherpad running at scale with pad sharding which allows Etherpad to scale to ∞ number of Active Pads with up to ~20,000 edits per second, per pad.
+## Try it out
 
-# Project Status
+Wikimedia provide a [public Etherpad instance for you to Try Etherpad out.](https://etherpad.wikimedia.org) or [use another public Etherpad instance to see other features](https://github.com/ether/etherpad-lite/wiki/Sites-That-Run-Etherpad#sites-that-run-etherpad)
+
+## Project Status
+
+We're looking for maintainers and have some funding available.  Please contact John McLear if you can help.
 
 ### Code Quality
-[![Code Quality](https://github.com/ether/etherpad-lite/actions/workflows/codeql-analysis.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/codeql-analysis.yml) [![Total alerts](https://img.shields.io/lgtm/alerts/g/ether/etherpad-lite.svg?logo=lgtm&logoWidth=18&color=%2344b492)](https://lgtm.com/projects/g/ether/etherpad-lite/alerts/) [![Language grade: JavaScript](https://img.shields.io/lgtm/grade/javascript/g/ether/etherpad-lite.svg?logo=lgtm&logoWidth=18&color=%2344b492)](https://lgtm.com/projects/g/ether/etherpad-lite/context:javascript) [![package.lock](https://github.com/ether/etherpad-lite/actions/workflows/lint-package-lock.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/lint-package-lock.yml)
+
+[![Code Quality](https://github.com/ether/etherpad-lite/actions/workflows/codeql-analysis.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/codeql-analysis.yml)
+[![package.lock](https://github.com/ether/etherpad-lite/actions/workflows/lint-package-lock.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/lint-package-lock.yml)
 
 ### Testing
-[![Backend tests](https://github.com/ether/etherpad-lite/actions/workflows/backend-tests.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/backend-tests.yml) [![Simulated Load](https://github.com/ether/etherpad-lite/actions/workflows/load-test.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/load-test.yml) [![Rate Limit](https://github.com/ether/etherpad-lite/actions/workflows/rate-limit.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/rate-limit.yml) [![Windows Zip](https://github.com/ether/etherpad-lite/actions/workflows/windows-zip.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/windows-zip.yml) [![Docker file](https://github.com/ether/etherpad-lite/actions/workflows/dockerfile.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/dockerfile.yml)
-[![Frontend admin tests powered by Sauce Labs](https://github.com/ether/etherpad-lite/actions/workflows/frontend-admin-tests.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/frontend-admin-tests.yml) [![Frontend tests powered by Sauce Labs](https://github.com/ether/etherpad-lite/actions/workflows/frontend-tests.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/frontend-tests.yml) [![Sauce Test Status](https://saucelabs.com/buildstatus/etherpad.svg)](https://saucelabs.com/u/etherpad) [![Windows Installer](https://github.com/ether/etherpad-lite/actions/workflows/windows-installer.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/windows-installer.yml)
+
+[![Backend tests](https://github.com/ether/etherpad-lite/actions/workflows/backend-tests.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/backend-tests.yml)
+[![Simulated Load](https://github.com/ether/etherpad-lite/actions/workflows/load-test.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/load-test.yml)
+[![Rate Limit](https://github.com/ether/etherpad-lite/actions/workflows/rate-limit.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/rate-limit.yml)
+[![Docker file](https://github.com/ether/etherpad-lite/actions/workflows/dockerfile.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/dockerfile.yml)
+[![Frontend admin tests powered by Sauce Labs](https://github.com/ether/etherpad-lite/actions/workflows/frontend-admin-tests.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/frontend-admin-tests.yml)
+[![Frontend tests powered by Sauce Labs](https://github.com/ether/etherpad-lite/actions/workflows/frontend-tests.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/frontend-tests.yml)
+[![Sauce Test Status](https://saucelabs.com/buildstatus/etherpad.svg)](https://saucelabs.com/u/etherpad)
+[![Windows Build](https://github.com/ether/etherpad-lite/actions/workflows/windows.yml/badge.svg?color=%2344b492)](https://github.com/ether/etherpad-lite/actions/workflows/windows.yml)
 
 ### Engagement
-<a href="https://hub.docker.com/r/etherpad/etherpad"><img alt="Docker Pulls" src="https://img.shields.io/docker/pulls/etherpad/etherpad?color=%2344b492"></a> [![Discord](https://img.shields.io/discord/741309013593030667?color=%2344b492)](https://discord.com/invite/daEjfhw) [![Etherpad plugins](https://img.shields.io/endpoint?url=https%3A%2F%2Fstatic.etherpad.org%2Fshields.json&color=%2344b492 "Etherpad plugins")](https://static.etherpad.org/index.html) ![Languages](https://img.shields.io/static/v1?label=Languages&message=105&color=%2344b492) ![Translation Coverage](https://img.shields.io/static/v1?label=Languages&message=98%&color=%2344b492)
 
-# Installation
+[![Docker Pulls](https://img.shields.io/docker/pulls/etherpad/etherpad?color=%2344b492)](https://hub.docker.com/r/etherpad/etherpad)
+[![Discord](https://img.shields.io/discord/741309013593030667?color=%2344b492)](https://discord.com/invite/daEjfhw)
+[![Etherpad plugins](https://img.shields.io/endpoint?url=https%3A%2F%2Fstatic.etherpad.org%2Fshields.json&color=%2344b492 "Etherpad plugins")](https://static.etherpad.org/index.html)
+![Languages](https://img.shields.io/static/v1?label=Languages&message=105&color=%2344b492)
+![Translation Coverage](https://img.shields.io/static/v1?label=Languages&message=98%&color=%2344b492)
 
-## Requirements
-- [Node.js](https://nodejs.org/) >= **12.13.0**.
+## Installation
 
-## GNU/Linux and other UNIX-like systems
+### Requirements
 
-### Quick install on Debian/Ubuntu
-```
+[Node.js](https://nodejs.org/) >= **16.20.1**.
+
+### GNU/Linux and other UNIX-like systems
+
+#### Quick install on Debian/Ubuntu
+
+```sh
 curl -sL https://deb.nodesource.com/setup_14.x | sudo -E bash -
 sudo apt install -y nodejs
 git clone --branch master https://github.com/ether/etherpad-lite.git &&
@@ -45,103 +60,172 @@ cd etherpad-lite &&
 src/bin/run.sh
 ```
 
-### Manual install
+#### Manual install
 
 You'll need Git and [Node.js](https://nodejs.org/) installed.
 
 **As any user (we recommend creating a separate user called etherpad):**
 
-1. Move to a folder where you want to install Etherpad. Clone the git repository: `git clone --branch master git://github.com/ether/etherpad-lite.git`
-2. Change into the new directory containing the cloned source code: `cd etherpad-lite`
-3. run `src/bin/run.sh` and open <http://127.0.0.1:9001> in your browser.
+  1. Move to a folder where you want to install Etherpad.
+  2. Clone the Git repository: `git clone --branch master
+     https://github.com/ether/etherpad-lite.git`
+  3. Change into the new directory containing the cloned source code: `cd
+     etherpad-lite`
+  4. Run `src/bin/run.sh` and open http://127.0.0.1:9001 in your browser.
 
 To update to the latest released version, execute `git pull origin`. The next
 start with `src/bin/run.sh` will update the dependencies.
 
-[Next steps](#next-steps).
+### Windows
 
-## Windows
+#### Prebuilt Windows package
 
-### Prebuilt Windows package
-This package runs on any Windows machine. You can perform a manual installation via git for development purposes, but as this uses symlinks which performs unreliably on Windows, please stick to the prebuilt package if possible.
+This package runs on any Windows machine. You can perform a manual installation
+via git for development purposes, but as this uses symlinks which performs
+unreliably on Windows, please stick to the prebuilt package if possible.
 
-1. [Download the latest Windows package](https://etherpad.org/#download)
-2. Extract the folder
+  1. [Download the latest Windows package](https://etherpad.org/#download)
+  2. Extract the folder
 
-Run `start.bat` and open <http://localhost:9001> in your browser. You like it? [Next steps](#next-steps).
+Run `start.bat` and open <http://localhost:9001> in your browser.
 
-### Manually install on Windows
-You'll need [node.js](https://nodejs.org) and (optionally, though recommended) git.
+#### Manually install on Windows
 
-1. Grab the source, either
-  - download <https://github.com/ether/etherpad-lite/zipball/master>
-  - or `git clone --branch master https://github.com/ether/etherpad-lite.git`
-2. With a "Run as administrator" command prompt execute
-   `src\bin\installOnWindows.bat`
+You'll need [Node.js](https://nodejs.org) and (optionally, though recommended)
+git.
 
-Now, run `start.bat` and open <http://localhost:9001> in your browser.
+  1. Grab the source, either:
+      * download <https://github.com/ether/etherpad-lite/zipball/master>
+      * or `git clone --branch master
+        https://github.com/ether/etherpad-lite.git`
+  2. With a "Run as administrator" command prompt execute
+     `src\bin\installOnWindows.bat`
+
+Now, run `start.bat` and open http://localhost:9001 in your browser.
 
 Update to the latest version with `git pull origin`, then run
 `src\bin\installOnWindows.bat`, again.
 
-If cloning to a subdirectory within another project, you may need to do the following:
+If cloning to a subdirectory within another project, you may need to do the
+following:
 
-1. Start the server manually (e.g. `node src/node/server.js`)
-2. Edit the db `filename` in `settings.json` to the relative directory with the file (e.g. `application/lib/etherpad-lite/var/dirty.db`)
-3. Add auto-generated files to the main project `.gitignore`
+  1. Start the server manually (e.g. `node src/node/server.js`)
+  2. Edit the db `filename` in `settings.json` to the relative directory with
+     the file (e.g. `application/lib/etherpad-lite/var/dirty.db`)
+  3. Add auto-generated files to the main project `.gitignore`
 
-## Docker container
+### Docker container
 
-Find [here](doc/docker.md) information on running Etherpad in a container.
+Find [here](doc/docker.adoc) information on running Etherpad in a container.
 
-# Next Steps
+## Plugins
 
-## Tweak the settings
-You can modify the settings in `settings.json`.
-If you need to handle multiple settings files, you can pass the path to a
-settings file to `src/bin/run.sh` using the `-s|--settings` option: this allows
-you to run multiple Etherpad instances from the same installation.
-Similarly, `--credentials` can be used to give a settings override file, `--apikey` to give a different APIKEY.txt file and `--sessionkey` to give a non-default SESSIONKEY.txt.
-**Each configuration parameter can also be set via an environment variable**, using the syntax `"${ENV_VAR}"` or `"${ENV_VAR:default_value}"`. For details, refer to `settings.json.template`.
-Once you have access to your `/admin` section settings can be modified through the web browser.
-
-If you are planning to use Etherpad in a production environment, you should use a dedicated database such as `mysql`, since the `dirtyDB` database driver is only for testing and/or development purposes.
-
-## Secure your installation
-If you have enabled authentication in `users` section in `settings.json`, it is a good security practice to **store hashes instead of plain text passwords** in that file. This is _especially_ advised if you are running a production installation.
-
-Please install [ep_hash_auth plugin](https://www.npmjs.com/package/ep_hash_auth) and configure it.
-If you prefer, `ep_hash_auth` also gives you the option of storing the users in a custom directory in the file system, without having to edit `settings.json` and restart Etherpad each time.
-
-## Customize functionalities with plugins
+Etherpad is very customizable through plugins.
 
 ![Basic install](doc/images/etherpad_basic.png "Basic Installation")
 
 ![Full Features](doc/images/etherpad_full_features.png "You can add a lot of plugins !")
 
-Etherpad is very customizable through plugins. Instructions for installing themes and plugins can be found in [the plugin wiki article](https://github.com/ether/etherpad-lite/wiki/Available-Plugins).
+### Available Plugins
 
-## Getting the full features
-Run the following command in your Etherpad folder to get all of the features visible in the demo gif:
+For a list of available plugins, see the [plugins
+site](https://static.etherpad.org).
 
-```
-npm install --no-save --legacy-peer-deps ep_headings2 ep_markdown ep_comments_page ep_align ep_font_color ep_webrtc ep_embedded_hyperlinks2
+### Plugin Installation
+
+You can install plugins from the admin web interface (e.g.,
+http://127.0.0.1:9001/admin/plugins).
+
+Alternatively, you can install plugins from the command line:
+
+```sh
+cd /path/to/etherpad-lite
+# The `--no-save` and `--legacy-peer-deps` arguments are necessary to work
+# around npm quirks.
+npm install --no-save --legacy-peer-deps ep_${plugin_name}
 ```
 
-## Customize the style with skin variants
+Also see [the plugin wiki
+article](https://github.com/ether/etherpad-lite/wiki/Available-Plugins).
 
-Open <http://127.0.0.1:9001/p/test#skinvariantsbuilder> in your browser and start playing !
+### Suggested Plugins
+
+Run the following command in your Etherpad folder to get all of the features
+visible in the above demo gif:
+
+```sh
+npm install --no-save --legacy-peer-deps \
+  ep_align \
+  ep_comments_page \
+  ep_embedded_hyperlinks2 \
+  ep_font_color \
+  ep_headings2 \
+  ep_markdown \
+  ep_webrtc
+```
+
+For user authentication, you are encouraged to run an [OpenID
+Connect](https://openid.net/connect/) identity provider (OP) and install the
+following plugins:
+
+  * [ep_openid_connect](https://github.com/ether/ep_openid_connect#readme) to
+    authenticate against your OP.
+  * [ep_guest](https://github.com/ether/ep_guest#readme) to create a
+    "guest" account that has limited access (e.g., read-only access).
+  * [ep_user_displayname](https://github.com/ether/ep_user_displayname#readme)
+    to automatically populate each user's displayed name from your OP.
+  * [ep_stable_authorid](https://github.com/ether/ep_stable_authorid#readme) so
+    that each user's chosen color, display name, comment ownership, etc. is
+    strongly linked to their account.
+
+## Next Steps
+
+### Tweak the settings
+
+You can modify the settings in `settings.json`. If you need to handle multiple
+settings files, you can pass the path to a settings file to `src/bin/run.sh`
+using the `-s|--settings` option: this allows you to run multiple Etherpad
+instances from the same installation. Similarly, `--credentials` can be used to
+give a settings override file, `--apikey` to give a different APIKEY.txt file
+and `--sessionkey` to give a non-default `SESSIONKEY.txt`. **Each configuration
+parameter can also be set via an environment variable**, using the syntax
+`"${ENV_VAR}"` or `"${ENV_VAR:default_value}"`. For details, refer to
+`settings.json.template`. Once you have access to your `/admin` section,
+settings can be modified through the web browser.
+
+If you are planning to use Etherpad in a production environment, you should use
+a dedicated database such as `mysql`, since the `dirtyDB` database driver is
+only for testing and/or development purposes.
+
+### Secure your installation
+
+If you have enabled authentication in `users` section in `settings.json`, it is
+a good security practice to **store hashes instead of plain text passwords** in
+that file. This is _especially_ advised if you are running a production
+installation.
+
+Please install [ep_hash_auth plugin](https://www.npmjs.com/package/ep_hash_auth)
+and configure it. If you prefer, `ep_hash_auth` also gives you the option of
+storing the users in a custom directory in the file system, without having to
+edit `settings.json` and restart Etherpad each time.
+
+### Customize the style with skin variants
+
+Open http://127.0.0.1:9001/p/test#skinvariantsbuilder in your browser and start
+playing!
 
 ![Skin Variant](doc/images/etherpad_skin_variants.gif "Skin variants")
 
 ## Helpful resources
-The [wiki](https://github.com/ether/etherpad-lite/wiki) is your one-stop resource for Tutorials and How-to's.
+
+The [wiki](https://github.com/ether/etherpad-lite/wiki) is your one-stop
+resource for Tutorials and How-to's.
 
 Documentation can be found in `doc/`.
 
-# Development
+## Development
 
-## Things you should know
+### Things you should know
 
 You can debug Etherpad using `src/bin/debugRun.sh`.
 
@@ -150,36 +234,63 @@ developers and advanced users. Be aware that it will skip the dependencies
 update, so remember to run `src/bin/installDeps.sh` after installing a new
 dependency or upgrading version.
 
-If you want to find out how Etherpad's `Easysync` works (the library that makes it really realtime), start with this [PDF](https://github.com/ether/etherpad-lite/raw/master/doc/easysync/easysync-full-description.pdf) (complex, but worth reading).
+If you want to find out how Etherpad's `Easysync` works (the library that makes
+it really realtime), start with this
+[PDF](https://github.com/ether/etherpad-lite/raw/master/doc/easysync/easysync-full-description.pdf)
+(complex, but worth reading).
 
-## Contributing
-Read our [**Developer Guidelines**](https://github.com/ether/etherpad-lite/blob/master/CONTRIBUTING.md)
+### Contributing
 
-# Get in touch
-The official channel for contacting the development team is via the [Github issues](https://github.com/ether/etherpad-lite/issues).
+Read our [**Developer
+Guidelines**](https://github.com/ether/etherpad-lite/blob/master/CONTRIBUTING.md)
 
-For **responsible disclosure of vulnerabilities**, please write a mail to the maintainers (a.mux@inwind.it and contact@etherpad.org).
-Join the official [Etherpad Discord Channel](https://discord.com/invite/daEjfhw)
+### HTTP API
 
-# HTTP API
-Etherpad is designed to be easily embeddable and provides a [HTTP API](https://github.com/ether/etherpad-lite/wiki/HTTP-API)
-that allows your web application to manage pads, users and groups. It is recommended to use the [available client implementations](https://github.com/ether/etherpad-lite/wiki/HTTP-API-client-libraries) in order to interact with this API.
+Etherpad is designed to be easily embeddable and provides a [HTTP
+API](https://github.com/ether/etherpad-lite/wiki/HTTP-API) that allows your web
+application to manage pads, users and groups. It is recommended to use the
+[available client
+implementations](https://github.com/ether/etherpad-lite/wiki/HTTP-API-client-libraries)
+in order to interact with this API.
 
-OpenAPI (previously swagger) definitions for the API are exposed under `/api/openapi.json`.
+OpenAPI (previously swagger) definitions for the API are exposed under
+`/api/openapi.json`.
 
-# jQuery plugin
-There is a [jQuery plugin](https://github.com/ether/etherpad-lite-jquery-plugin) that helps you to embed Pads into your website.
+### jQuery plugin
 
-# Plugin Framework
-Etherpad offers a plugin framework, allowing you to easily add your own features. By default your Etherpad is extremely light-weight and it's up to you to customize your experience. Once you have Etherpad installed you should [visit the plugin page](https://static.etherpad.org/) and take control.
+There is a [jQuery plugin](https://github.com/ether/etherpad-lite-jquery-plugin)
+that helps you to embed Pads into your website.
 
-# Translations / Localizations  (i18n / l10n)
-Etherpad comes with translations into all languages thanks to the team at [TranslateWiki](https://translatewiki.net/).
+### Plugin Framework
 
-If you require translations in [plugins](https://static.etherpad.org/) please send pull request to each plugin individually.
+Etherpad offers a plugin framework, allowing you to easily add your own
+features. By default your Etherpad is extremely light-weight and it's up to you
+to customize your experience. Once you have Etherpad installed you should [visit
+the plugin page](https://static.etherpad.org/) and take control.
+
+### Translations / Localizations  (i18n / l10n)
+
+Etherpad comes with translations into all languages thanks to the team at
+[TranslateWiki](https://translatewiki.net/).
+
+If you require translations in [plugins](https://static.etherpad.org/) please
+send pull request to each plugin individually.
+
+## FAQ
 
-# FAQ
 Visit the **[FAQ](https://github.com/ether/etherpad-lite/wiki/FAQ)**.
 
-# License
+## Get in touch
+
+The official channel for contacting the development team is via the [GitHub
+issues](https://github.com/ether/etherpad-lite/issues).
+
+For **responsible disclosure of vulnerabilities**, please write a mail to the
+maintainers (a.mux@inwind.it and contact@etherpad.org).
+
+Join the official [Etherpad Discord
+Channel](https://discord.com/invite/daEjfhw).
+
+## License
+
 [Apache License v2](http://www.apache.org/licenses/LICENSE-2.0.html)

doc/api/api.adoc

@@ -0,0 +1,19 @@
+include::./embed_parameters.adoc[]
+
+include::./http_api.adoc[]
+
+include::./hooks_overview.adoc[]
+
+include::./hooks_client-side.adoc[]
+
+include::./hooks_server-side.adoc[]
+
+include::./editorInfo.adoc[]
+
+include::./changeset_library.adoc[]
+
+include::./pluginfw.adoc[]
+
+include::./toolbar.adoc[]
+
+include::./editbar.adoc[]

doc/api/api.md

@@ -1,10 +0,0 @@
-@include embed_parameters
-@include http_api
-@include hooks_overview
-@include hooks_client-side
-@include hooks_server-side
-@include editorInfo
-@include changeset_library
-@include pluginfw
-@include toolbar
-@include editbar

doc/api/changeset_library.adoc

@@ -0,0 +1,46 @@
+== Changeset Library
+
+The https://github.com/ether/etherpad-lite/blob/develop/src/static/js/Changeset.js[changeset
+library]
+provides tools to create, read, and apply changesets.
+
+=== Changeset
+
+[source,javascript]
+----
+const Changeset = require('ep_etherpad-lite/static/js/Changeset');
+----
+
+A changeset describes the difference between two revisions of a document. When a
+user edits a pad, the browser generates and sends a changeset to the server,
+which relays it to the other users and saves a copy (so that every past revision
+is accessible).
+
+A transmitted changeset looks like this:
+
+[source]
+----
+'Z:z>1|2=m=b*0|1+1$\n'
+----
+
+=== Attribute Pool
+
+[source,javascript]
+----
+const AttributePool = require('ep_etherpad-lite/static/js/AttributePool');
+----
+
+Changesets do not include any attribute key–value pairs. Instead, they use
+numeric identifiers that reference attributes kept in an https://github.com/ether/etherpad-lite/blob/develop/src/static/js/AttributePool.js[attribute pool].
+This attribute interning reduces the transmission overhead of attributes that
+are used many times.
+
+There is one attribute pool per pad, and it includes every current and
+historical attribute used in the pad.
+
+=== Further Reading
+
+Detailed information about the changesets & Easysync protocol:
+
+* https://github.com/ether/etherpad-lite/blob/develop/doc/easysync/easysync-notes.pdf[Easysync Protocol]
+* https://github.com/ether/etherpad-lite/blob/develop/doc/easysync/easysync-full-description.pdf[Etherpad and EasySync Technical Manual]

doc/api/changeset_library.md

@@ -1,156 +0,0 @@
-# Changeset Library
-
-```
-"Z:z>1|2=m=b*0|1+1$\n"
-```
-
-This is a Changeset. It's just a string and it's very difficult to read in this form. But the Changeset Library gives us some tools to read it.
-
-A changeset describes the diff between two revisions of the document. The Browser sends changesets to the server and the server sends them to the clients to update them. These Changesets also get saved into the history of a pad. This allows us to go back to every revision from the past.
-
-## Changeset.unpack(changeset)
-
- * `changeset` {String}
-
-This function returns an object representation of the changeset, similar to this:
-
-```
-{ oldLen: 35, newLen: 36, ops: '|2=m=b*0|1+1', charBank: '\n' }
-```
-
- * `oldLen` {Number} the original length of the document.
- * `newLen` {Number} the length of the document after the changeset is applied.
- * `ops` {String} the actual changes, introduced by this changeset.
- * `charBank` {String} All characters that are added by this changeset.
-
-## Changeset.opIterator(ops)
-
- * `ops` {String} The operators, returned by `Changeset.unpack()`
-
-Returns an operator iterator. This iterator allows us to iterate over all operators that are in the changeset.
-
-You can iterate with an opIterator using its `next()` and `hasNext()` methods. Next returns the `next()` operator object and `hasNext()` indicates, whether there are any operators left.
-
-## The Operator object
-There are 3 types of operators: `+`,`-` and `=`. These operators describe different changes to the document, beginning with the first character of the document. A `=` operator doesn't change the text, but it may add or remove text attributes. A `-` operator removes text. And a `+` Operator adds text and optionally adds some attributes to it.
-
- * `opcode` {String} the operator type
- * `chars` {Number} the length of the text changed by this operator.
- * `lines` {Number} the number of lines changed by this operator.
- * `attribs` {attribs} attributes set on this text.
-
-### Example
-```
-{ opcode: '+',
-  chars: 1,
-  lines: 1,
-  attribs: '*0' }
-```
-
-## APool
-
-```
-> var AttributePoolFactory = require("./utils/AttributePoolFactory");
-> var apool = AttributePoolFactory.createAttributePool();
-> console.log(apool)
-{ numToAttrib: {},
-  attribToNum: {},
-  nextNum: 0,
-  putAttrib: [Function],
-  getAttrib: [Function],
-  getAttribKey: [Function],
-  getAttribValue: [Function],
-  eachAttrib: [Function],
-  toJsonable: [Function],
-  fromJsonable: [Function] }
-```
-
-This creates an empty apool. An apool saves which attributes were used during the history of a pad. There is one apool for each pad. It only saves the attributes that were really used, it doesn't save unused attributes. Let's fill this apool with some values
-
-```
-> apool.fromJsonable({"numToAttrib":{"0":["author","a.kVnWeomPADAT2pn9"],"1":["bold","true"],"2":["italic","true"]},"nextNum":3});
-> console.log(apool)
-{ numToAttrib:
-   { '0': [ 'author', 'a.kVnWeomPADAT2pn9' ],
-     '1': [ 'bold', 'true' ],
-     '2': [ 'italic', 'true' ] },
-  attribToNum:
-   { 'author,a.kVnWeomPADAT2pn9': 0,
-     'bold,true': 1,
-     'italic,true': 2 },
-  nextNum: 3,
-  putAttrib: [Function],
-  getAttrib: [Function],
-  getAttribKey: [Function],
-  getAttribValue: [Function],
-  eachAttrib: [Function],
-  toJsonable: [Function],
-  fromJsonable: [Function] }
-```
-
-We used the fromJsonable function to fill the empty apool with values. the fromJsonable and toJsonable functions are used to serialize and deserialize an apool. You can see that it stores the relation between numbers and attributes. So for example the attribute 1 is the attribute bold and vise versa. An attribute is always a key value pair. For stuff like bold and italic it's just  'italic':'true'. For authors it's author:$AUTHORID. So a character can be bold and italic. But it can't belong to multiple authors
-
-```
-> apool.getAttrib(1)
-[ 'bold', 'true' ]
-```
-
-Simple example of how to get the key value pair for the attribute 1
-
-## AText
-
-```
-> var atext = {"text":"bold text\nitalic text\nnormal text\n\n","attribs":"*0*1+9*0|1+1*0*1*2+b|1+1*0+b|2+2"};
-> console.log(atext)
-{ text: 'bold text\nitalic text\nnormal text\n\n',
-  attribs: '*0*1+9*0|1+1*0*1*2+b|1+1*0+b|2+2' }
-```
-
-This is an atext. An atext has two parts: text and attribs. The text is just the text of the pad as a string. We will look closer at the attribs at the next steps
-
-```
-> var opiterator = Changeset.opIterator(atext.attribs)
-> console.log(opiterator)
-{ next: [Function: next],
-  hasNext: [Function: hasNext],
-  lastIndex: [Function: lastIndex] }
-> opiterator.next()
-{ opcode: '+',
-  chars: 9,
-  lines: 0,
-  attribs: '*0*1' }
-> opiterator.next()
-{ opcode: '+',
-  chars: 1,
-  lines: 1,
-  attribs: '*0' }
-> opiterator.next()
-{ opcode: '+',
-  chars: 11,
-  lines: 0,
-  attribs: '*0*1*2' }
-> opiterator.next()
-{ opcode: '+',
-  chars: 1,
-  lines: 1,
-  attribs: '' }
-> opiterator.next()
-{ opcode: '+',
-  chars: 11,
-  lines: 0,
-  attribs: '*0' }
-> opiterator.next()
-{ opcode: '+',
-  chars: 2,
-  lines: 2,
-  attribs: '' }
-```
-
-The attribs are again a bunch of operators like .ops in the changeset was. But these operators are only + operators. They describe which part of the text has which attributes
-
-## Resources / further reading
-
-Detailed information about the changesets & Easysync protocol:
-
-* Easysync Protocol - [/doc/easysync/easysync-notes.pdf](https://github.com/ether/etherpad-lite/blob/develop/doc/easysync/easysync-notes.pdf)
-* Etherpad and EasySync Technical Manual - [/doc/easysync/easysync-full-description.pdf](https://github.com/ether/etherpad-lite/blob/develop/doc/easysync/easysync-full-description.pdf)

doc/api/editbar.adoc

@@ -1,28 +1,30 @@
-# Editbar
+== Editbar
 src/static/js/pad_editbar.js
 
-## isEnabled()
+=== isEnabled()
 
-## disable()
+=== disable()
 
-## toggleDropDown(dropdown, callback)
+=== toggleDropDown(dropdown)
 Shows the dropdown `div.popup` whose `id` equals `dropdown`.
 
-## registerCommand(cmd, callback)
+=== registerCommand(cmd, callback)
 Register a handler for a specific command. Commands are fired if the corresponding button is clicked or the corresponding select is changed.
 
-## registerAceCommand(cmd, callback)
+=== registerAceCommand(cmd, callback)
 Creates an ace callstack and calls the callback with an ace instance (and a toolbar item, if applicable): `callback(cmd, ace, item)`.
 
 Example:
-```
+
+[source, javascript]
+----
 toolbar.registerAceCommand("insertorderedlist", function (cmd, ace) {
   ace.ace_doInsertOrderedList();
 });
-```
+----
 
-## registerDropdownCommand(cmd, dropdown)
+=== registerDropdownCommand(cmd, dropdown)
 Ties a `div.popup` where `id` equals `dropdown` to a `command` fired by clicking a button.
 
-## triggerCommand(cmd[, item])
+=== triggerCommand(cmd[, item])
 Triggers a command (optionally with some internal representation of the toolbar item that triggered it).

doc/api/editorInfo.adoc

@@ -0,0 +1,125 @@
+== editorInfo
+
+=== editorInfo.ace_replaceRange(start, end, text)
+This function replaces a range (from `start` to `end`) with `text`.
+
+=== editorInfo.ace_getRep()
+Returns the `rep` object.
+
+=== editorInfo.ace_getAuthor()
+
+=== editorInfo.ace_inCallStack()
+
+=== editorInfo.ace_inCallStackIfNecessary(?)
+
+=== editorInfo.ace_focus(?)
+
+=== editorInfo.ace_importText(?)
+
+=== editorInfo.ace_importAText(?)
+
+=== editorInfo.ace_exportText(?)
+
+=== editorInfo.ace_editorChangedSize(?)
+
+=== editorInfo.ace_setOnKeyPress(?)
+
+=== editorInfo.ace_setOnKeyDown(?)
+
+=== editorInfo.ace_setNotifyDirty(?)
+
+=== editorInfo.ace_dispose(?)
+
+=== editorInfo.ace_setEditable(bool)
+
+=== editorInfo.ace_execCommand(?)
+
+=== editorInfo.ace_callWithAce(fn, callStack, normalize)
+
+=== editorInfo.ace_setProperty(key, value)
+
+=== editorInfo.ace_setBaseText(txt)
+
+=== editorInfo.ace_setBaseAttributedText(atxt, apoolJsonObj)
+
+=== editorInfo.ace_applyChangesToBase(c, optAuthor, apoolJsonObj)
+
+=== editorInfo.ace_prepareUserChangeset()
+
+=== editorInfo.ace_applyPreparedChangesetToBase()
+
+=== editorInfo.ace_setUserChangeNotificationCallback(f)
+
+=== editorInfo.ace_setAuthorInfo(author, info)
+
+=== editorInfo.ace_fastIncorp(?)
+
+=== editorInfo.ace_isCaret(?)
+
+=== editorInfo.ace_getLineAndCharForPoint(?)
+
+=== editorInfo.ace_performDocumentApplyAttributesToCharRange(?)
+
+=== editorInfo.ace_setAttributeOnSelection(attribute, enabled)
+
+Sets an attribute on current range.
+Example: `call.editorInfo.ace_setAttributeOnSelection("turkey::balls", true); // turkey is the attribute here, balls is the value
+Notes: to remove the attribute pass enabled as false
+
+=== editorInfo.ace_toggleAttributeOnSelection(?)
+
+=== editorInfo.ace_getAttributeOnSelection(attribute, prevChar)
+Returns a boolean if an attribute exists on a selected range.
+prevChar value should be true if you want to get the previous Character attribute instead of the current selection for example
+if the caret is at position 0,1 (after first character) it's probable you want the attributes on the character at 0,0
+The attribute should be the string name of the attribute applied to the selection IE subscript
+Example usage: Apply the activeButton Class to a button if an attribute is on a highlighted/selected caret position or range.
+Example `var isItThere = documentAttributeManager.getAttributeOnSelection("turkey::balls", true);`
+
+See the ep_subscript plugin for an example of this function in action.
+Notes: Does not work on first or last character of a line.  Suffers from a race condition if called with aceEditEvent.
+
+=== editorInfo.ace_performSelectionChange(?)
+
+=== editorInfo.ace_doIndentOutdent(?)
+
+=== editorInfo.ace_doUndoRedo(?)
+
+=== editorInfo.ace_doInsertUnorderedList(?)
+
+=== editorInfo.ace_doInsertOrderedList(?)
+
+=== editorInfo.ace_performDocumentApplyAttributesToRange()
+
+=== editorInfo.ace_getAuthorInfos()
+Returns an info object about the author. Object key = author_id and info includes author's bg color value.
+Use to define your own authorship.
+
+=== editorInfo.ace_performDocumentReplaceRange(start, end, newText)
+This function replaces a range (from [x1,y1] to [x2,y2]) with `newText`.
+
+=== editorInfo.ace_performDocumentReplaceCharRange(startChar, endChar, newText)
+This function replaces a range (from y1 to y2) with `newText`.
+
+=== editorInfo.ace_renumberList(lineNum)
+If you delete a line, calling this method will fix the line numbering.
+
+=== editorInfo.ace_doReturnKey()
+Forces a return key at the current caret position.
+
+=== editorInfo.ace_isBlockElement(element)
+Returns true if your passed element is registered as a block element
+
+=== editorInfo.ace_getLineListType(lineNum)
+Returns the line's html list type.
+
+=== editorInfo.ace_caretLine()
+Returns X position of the caret.
+
+=== editorInfo.ace_caretColumn()
+Returns Y position of the caret.
+
+=== editorInfo.ace_caretDocChar()
+Returns the Y offset starting from [x=0,y=0]
+
+=== editorInfo.ace_isWordChar(?)

doc/api/editorInfo.md

@@ -1,83 +0,0 @@
-# editorInfo
-
-## editorInfo.ace_replaceRange(start, end, text)
-This function replaces a range (from `start` to `end`) with `text`.
-
-## editorInfo.ace_getRep()
-Returns the `rep` object.
-
-## editorInfo.ace_getAuthor()
-## editorInfo.ace_inCallStack()
-## editorInfo.ace_inCallStackIfNecessary(?)
-## editorInfo.ace_focus(?)
-## editorInfo.ace_importText(?)
-## editorInfo.ace_importAText(?)
-## editorInfo.ace_exportText(?)
-## editorInfo.ace_editorChangedSize(?)
-## editorInfo.ace_setOnKeyPress(?)
-## editorInfo.ace_setOnKeyDown(?)
-## editorInfo.ace_setNotifyDirty(?)
-## editorInfo.ace_dispose(?)
-## editorInfo.ace_getFormattedCode(?)
-## editorInfo.ace_setEditable(bool)
-## editorInfo.ace_execCommand(?)
-## editorInfo.ace_callWithAce(fn, callStack, normalize)
-## editorInfo.ace_setProperty(key, value)
-## editorInfo.ace_setBaseText(txt)
-## editorInfo.ace_setBaseAttributedText(atxt, apoolJsonObj)
-## editorInfo.ace_applyChangesToBase(c, optAuthor, apoolJsonObj)
-## editorInfo.ace_prepareUserChangeset()
-## editorInfo.ace_applyPreparedChangesetToBase()
-## editorInfo.ace_setUserChangeNotificationCallback(f)
-## editorInfo.ace_setAuthorInfo(author, info)
-## editorInfo.ace_setAuthorSelectionRange(author, start, end)
-## editorInfo.ace_getUnhandledErrors()
-## editorInfo.ace_getDebugProperty(prop)
-## editorInfo.ace_fastIncorp(?)
-## editorInfo.ace_isCaret(?)
-## editorInfo.ace_getLineAndCharForPoint(?)
-## editorInfo.ace_performDocumentApplyAttributesToCharRange(?)
-## editorInfo.ace_setAttributeOnSelection(attribute, enabled)
-Sets an attribute on current range.
-Example: `call.editorInfo.ace_setAttributeOnSelection("turkey::balls", true); // turkey is the attribute here, balls is the value
-Notes: to remove the attribute pass enabled as false
-## editorInfo.ace_toggleAttributeOnSelection(?)
-## editorInfo.ace_getAttributeOnSelection(attribute, prevChar)
-Returns a boolean if an attribute exists on a selected range.
-prevChar value should be true if you want to get the previous Character attribute instead of the current selection for example
-if the caret is at position 0,1 (after first character) it's probable you want the attributes on the character at 0,0
-The attribute should be the string name of the attribute applied to the selection IE subscript
-Example usage: Apply the activeButton Class to a button if an attribute is on a highlighted/selected caret position or range.
-Example `var isItThere = documentAttributeManager.getAttributeOnSelection("turkey::balls", true);`
-
-See the ep_subscript plugin for an example of this function in action.
-Notes: Does not work on first or last character of a line.  Suffers from a race condition if called with aceEditEvent.
-## editorInfo.ace_performSelectionChange(?)
-## editorInfo.ace_doIndentOutdent(?)
-## editorInfo.ace_doUndoRedo(?)
-## editorInfo.ace_doInsertUnorderedList(?)
-## editorInfo.ace_doInsertOrderedList(?)
-## editorInfo.ace_performDocumentApplyAttributesToRange()
-
-## editorInfo.ace_getAuthorInfos()
-Returns an info object about the author. Object key = author_id and info includes author's bg color value.
-Use to define your own authorship.
-## editorInfo.ace_performDocumentReplaceRange(start, end, newText)
-This function replaces a range (from [x1,y1] to [x2,y2]) with `newText`.
-## editorInfo.ace_performDocumentReplaceCharRange(startChar, endChar, newText)
-This function replaces a range (from y1 to y2) with `newText`.
-## editorInfo.ace_renumberList(lineNum)
-If you delete a line, calling this method will fix the line numbering.
-## editorInfo.ace_doReturnKey()
-Forces a return key at the current caret position.
-## editorInfo.ace_isBlockElement(element)
-Returns true if your passed element is registered as a block element
-## editorInfo.ace_getLineListType(lineNum)
-Returns the line's html list type.
-## editorInfo.ace_caretLine()
-Returns X position of the caret.
-## editorInfo.ace_caretColumn()
-Returns Y position of the caret.
-## editorInfo.ace_caretDocChar()
-Returns the Y offset starting from [x=0,y=0]
-## editorInfo.ace_isWordChar(?)

doc/api/embed_parameters.adoc

@@ -1,72 +1,73 @@
-# Embed parameters
+== Embed parameters
 You can easily embed your etherpad-lite into any webpage by using iframes. You can configure the embedded pad using embed parameters.
 
 Example:
 
 Cut and paste the following code into any webpage to embed a pad. The parameters below will hide the chat and the line numbers and will auto-focus on Line 4.
 
-```
+[source, html]
+----
 <iframe src='http://pad.test.de/p/PAD_NAME#L4?showChat=false&showLineNumbers=false' width=600 height=400></iframe>
-```
+----
 
-## showLineNumbers
+=== showLineNumbers
  * Boolean
 
 Default: true
 
-## showControls
+=== showControls
  * Boolean
 
 Default: true
 
-## showChat
+=== showChat
  * Boolean
 
 Default: true
 
-## useMonospaceFont
+=== useMonospaceFont
  * Boolean
 
 Default: false
 
-## userName
+=== userName
  * String
 
 Default: "unnamed"
 
 Example: `userName=Etherpad%20User`
 
-## userColor
+=== userColor
  * String (css hex color value)
 
 Default: randomly chosen by pad server
 
 Example: `userColor=%23ff9900`
 
-## noColors
+=== noColors
  * Boolean
 
 Default: false
 
-## alwaysShowChat
+=== alwaysShowChat
  * Boolean
 
 Default: false
 
-## lang
+=== lang
  * String
 
 Default: en
 
 Example: `lang=ar` (translates the interface into Arabic)
 
-## rtl
+=== rtl
  * Boolean
 
 Default: true
 Displays pad text from right to left.
 
-## #L
+=== #L
  * Int
 
 Default: 0

doc/api/hooks_client-side.adoc

@@ -1,9 +1,9 @@
-# Client-side hooks
+== Client-side hooks
 
 Most of these hooks are called during or in order to set up the formatting
 process.
 
-## documentReady
+=== documentReady
 Called from: src/templates/pad.html
 
 Things in context:
@@ -12,7 +12,7 @@ nothing
 
 This hook proxies the functionality of jQuery's `$(document).ready` event.
 
-## aceDomLinePreProcessLineAttributes
+=== aceDomLinePreProcessLineAttributes
 
 Called from: src/static/js/domline.js
 
@@ -34,7 +34,7 @@ The preHtml and postHtml values will be added to the HTML display of the
 element, and if processedMarker is true, the engine won't try to process it any
 more.
 
-## aceDomLineProcessLineAttributes
+=== aceDomLineProcessLineAttributes
 
 Called from: src/static/js/domline.js
 
@@ -56,7 +56,7 @@ The preHtml and postHtml values will be added to the HTML display of the
 element, and if processedMarker is true, the engine won't try to process it any
 more.
 
-## aceCreateDomLine
+=== aceCreateDomLine
 
 Called from: src/static/js/domline.js
 
@@ -76,7 +76,7 @@ The return value of this hook should have the following structure:
 extraOpenTags and extraCloseTags will be added before and after the element in
 question, and cls will be the new class of the element going forward.
 
-## acePostWriteDomLineHTML
+=== acePostWriteDomLineHTML
 
 Called from: src/static/js/domline.js
 
@@ -87,7 +87,7 @@ Things in context:
 This hook is for right after a node has been fully formatted and written to the
 page.
 
-## aceAttribsToClasses
+=== aceAttribsToClasses
 
 Called from: src/static/js/linestylefilter.js
 
@@ -105,7 +105,7 @@ into the DOM.
 The return value for this function should be a list of classes, which will then
 be parsed into a valid class string.
 
-## aceAttribClasses
+=== aceAttribClasses
 
 Called from: src/static/js/linestylefilter.js
 
@@ -116,14 +116,16 @@ This hook is called when attributes are investigated on a line. It is useful if
 you want to add another attribute type or property type to a pad.
 
 Example:
-```
+
+[source,javascript]
+----
 exports.aceAttribClasses = function(hook_name, attr, cb){
   attr.sub = 'tag:sub';
   cb(attr);
 }
-```
+----
 
-## aceGetFilterStack
+=== aceGetFilterStack
 
 Called from: src/static/js/linestylefilter.js
 
@@ -139,7 +141,7 @@ links. They use it to find the telltale `[[ ]]` syntax that signifies internal
 links, and finding that syntax, they add in the internalHref attribute to be
 later used by the aceCreateDomLine hook (documented above).
 
-## aceEditorCSS
+=== aceEditorCSS
 
 Called from: src/static/js/ace.js
 
@@ -148,7 +150,7 @@ Things in context: None
 This hook is provided to allow custom CSS files to be loaded. The return value
 should be an array of resource urls or paths relative to the plugins directory.
 
-## aceInitInnerdocbodyHead
+=== aceInitInnerdocbodyHead
 
 Called from: src/static/js/ace.js
 
@@ -161,7 +163,7 @@ have lines of HTML added to it, giving the plugin author a chance to add in
 meta, script, link, and other tags that go into the `<head>` element of the
 editor HTML document.
 
-## aceEditEvent
+=== aceEditEvent
 
 Called from: src/static/js/ace2_inner.js
 
@@ -178,7 +180,7 @@ changes are made. Currently you can change the editor information, some of the
 meanings of the edit, and so on. You can also make internal changes (internal to
 your plugin) that use the information provided by the edit event.
 
-## aceRegisterNonScrollableEditEvents
+=== aceRegisterNonScrollableEditEvents
 
 Called from: src/static/js/ace2_inner.js
 
@@ -191,13 +193,15 @@ not scroll viewport. The return value of this hook should be a list of event
 names.
 
 Example:
-```
+
+[source, javascript]
+----
 exports.aceRegisterNonScrollableEditEvents = function(){
   return [ 'repaginate', 'updatePageCount' ];
 }
-```
+----
 
-## aceRegisterBlockElements
+=== aceRegisterBlockElements
 
 Called from: src/static/js/ace2_inner.js
 
@@ -207,7 +211,7 @@ The return value of this hook will add elements into the "lineMarkerAttribute"
 category, making the aceDomLineProcessLineAttributes hook (documented below)
 call for those elements.
 
-## aceInitialized
+=== aceInitialized
 
 Called from: src/static/js/ace2_inner.js
 
@@ -222,16 +226,19 @@ Things in context:
 This hook is for inserting further information into the ace engine, for later
 use in formatting hooks.
 
-## postAceInit
+=== postAceInit
 
 Called from: src/static/js/pad.js
 
 Things in context:
 
 1. ace - the ace object that is applied to this editor.
-2. pad - the pad object of the current pad.
+2. clientVars - Object containing client-side configuration such as author ID
+   and plugin settings. Your plugin can manipulate this object via the
+   `clientVars` server-side hook.
+3. pad - the pad object of the current pad.
 
-## postToolbarInit
+=== postToolbarInit
 
 Called from: src/static/js/pad_editbar.js
 
@@ -244,16 +251,16 @@ Can be used to register custom actions to the toolbar.
 
 Usage examples:
 
-* [https://github.com/tiblu/ep_authorship_toggle]()
+* https://github.com/tiblu/ep_authorship_toggle
 
-## postTimesliderInit
+=== postTimesliderInit
 
 Called from: src/static/js/timeslider.js
 
 There doesn't appear to be any example available of this particular hook being
 used, but it gets fired after the timeslider is all set up.
 
-## goToRevisionEvent
+=== goToRevisionEvent
 
 Called from: src/static/js/broadcast.js
 
@@ -265,7 +272,7 @@ This hook gets fired both on timeslider load (as timeslider shows a new
 revision) and when the new revision is showed to a user. There doesn't appear to
 be any example available of this particular hook being used.
 
-## userJoinOrUpdate
+=== userJoinOrUpdate
 
 Called from: src/static/js/pad_userlist.js
 
@@ -276,31 +283,55 @@ Things in context:
 This hook is called on the client side whenever a user joins or changes. This
 can be used to create notifications or an alternate user list.
 
-## chatNewMessage
+=== chatNewMessage
 
-Called from: src/static/js/chat.js
+Called from: `src/static/js/chat.js`
 
-Things in context:
+This hook runs on the client side whenever a chat message is received from the
+server. It can be used to create different notifications for chat messages. Hook
+functions can modify the `author`, `authorName`, `duration`, `rendered`,
+`sticky`, `text`, and `timeStr` context properties to change how the message is
+processed. The `text` and `timeStr` properties may contain HTML and come
+pre-sanitized; plugins should be careful to sanitize any added user input to
+avoid introducing an XSS vulnerability.
 
-1. authorName - The user that wrote this message
-2. author - The authorID of the user that wrote the message
-3. text - the message text
-4. sticky (boolean) - if you want the gritter notification bubble to fade out on
-   its own or just sit there
-5. timestamp - the timestamp of the chat message
-6. timeStr - the timestamp as a formatted string
-7. duration - for how long in milliseconds should the gritter notification
-   appear (0 to disable)
+Context properties:
 
-This hook is called on the client side whenever a chat message is received from
-the server. It can be used to create different notifications for chat messages.
-Hoook functions can modify the `author`, `authorName`, `duration`, `sticky`,
-`text`, and `timeStr` context properties to change how the message is processed.
-The `text` and `timeStr` properties may contain HTML, but plugins should be
-careful to sanitize any added user input to avoid introducing an XSS
-vulnerability.
+* `authorName`: The display name of the user that wrote the message.
+* `author`: The author ID of the user that wrote the message.
+* `text`: Sanitized message HTML, with URLs wrapped like `<a
+  href="url">url</a>`. (Note that `message.text` is not sanitized or processed
+  in any way.)
+* `message`: The raw message object as received from the server, except with
+  time correction and a default `authorId` property if missing. Plugins must not
+  modify this object. Warning: Unlike `text`, `message.text` is not
+  pre-sanitized or processed in any way.
+* `rendered` - Used to override the default message rendering. Initially set to
+  `null`. If the hook function sets this to a DOM element object or a jQuery
+  object, then that object will be used as the rendered message UI. Otherwise,
+  if this is set to `null`, then Etherpad will render a default UI for the
+  message using the other context properties.
+* `sticky` (boolean): Whether the gritter notification should fade out on its
+  own or just sit there until manually closed.
+* `timestamp`: When the chat message was sent (milliseconds since epoch),
+  corrected using the difference between the local clock and the server's clock.
+* `timeStr`: The message timestamp as a formatted string.
+* `duration`: How long (in milliseconds) to display the gritter notification (0
+  to disable).
 
-## collectContentPre
+=== chatSendMessage
+
+Called from: `src/static/js/chat.js`
+
+This hook runs on the client side whenever the user sends a new chat message.
+Plugins can mutate the message object to change the message text or add metadata
+to control how the message will be rendered by the `chatNewMessage` hook.
+
+Context properties:
+
+* `message`: The message object that will be sent to the Etherpad server.
+
+=== collectContentPre
 
 Called from: src/static/js/contentcollector.js
 
@@ -324,7 +355,7 @@ If you want to specify also a value, call cc.doAttrib(state,
 "attributeName::value") which results in an attribute attributeName=value.
 
 
-## collectContentImage
+=== collectContentImage
 
 Called from: src/static/js/contentcollector.js
 
@@ -343,14 +374,15 @@ content of the pad.
 
 Example:
 
-```
+[source, javascript]
+----
 exports.collectContentImage = function(name, context){
   context.state.lineAttributes.img = context.node.outerHTML;
 }
 
-```
+----
 
-## collectContentPost
+=== collectContentPost
 
 Called from: src/static/js/contentcollector.js
 
@@ -366,7 +398,7 @@ This hook is called after the content of a node is collected by the usual
 methods. The cc object can be used to do a bunch of things that modify the
 content of the pad. See, for example, the heading1 plugin for etherpad original.
 
-## handleClientMessage_`name`
+=== handleClientMessage_`name`
 
 Called from: `src/static/js/collab_client.js`
 
@@ -383,7 +415,7 @@ also use this to handle existing types.
 `collab_client.js` has a pretty extensive list of message types, if you want to
 take a look.
 
-## aceStartLineAndCharForPoint-aceEndLineAndCharForPoint
+=== aceStartLineAndCharForPoint-aceEndLineAndCharForPoint
 
 Called from: src/static/js/ace2_inner.js
 
@@ -399,7 +431,7 @@ Things in context:
 This hook is provided to allow a plugin to turn DOM node selection into
 [line,char] selection. The return value should be an array of [line,char]
 
-## aceKeyEvent
+=== aceKeyEvent
 
 Called from: src/static/js/ace2_inner.js
 
@@ -414,7 +446,7 @@ Things in context:
 This hook is provided to allow a plugin to handle key events.
 The return value should be true if you have handled the event.
 
-## collectContentLineText
+=== collectContentLineText
 
 Called from: src/static/js/contentcollector.js
 
@@ -435,13 +467,14 @@ server side. To change the text, either:
 
 Example:
 
-```
+[source,javascript]
+----
 exports.collectContentLineText = (hookName, context) => {
   context.text = tweakText(context.text);
 };
-```
+----
 
-## collectContentLineBreak
+=== collectContentLineBreak
 
 Called from: src/static/js/contentcollector.js
 
@@ -454,7 +487,7 @@ Things in context:
 This hook is provided to allow whether the br tag should induce a new magic
 domline or not. The return value should be either true(break the line) or false.
 
-## disableAuthorColorsForThisLine
+=== disableAuthorColorsForThisLine
 
 Called from: src/static/js/linestylefilter.js
 
@@ -470,7 +503,7 @@ multiple authors. Multiple authors in one line cause the creation of magic span
 lines. This might not suit you and now you can disable it and handle your own
 deliniation. The return value should be either true(disable) or false.
 
-## aceSetAuthorStyle
+=== aceSetAuthorStyle
 
 Called from: src/static/js/ace2_inner.js
 
@@ -487,7 +520,7 @@ This hook is provided to allow author highlight style to be modified. Registered
 hooks should return 1 if the plugin handles highlighting. If no plugin returns
 1, the core will use the default background-based highlighting.
 
-## aceSelectionChanged
+=== aceSelectionChanged
 
 Called from: src/static/js/ace2_inner.js
 

doc/api/hooks_overview.adoc

@@ -1,4 +1,4 @@
-# Hooks
+== Hooks
 
 A hook function is registered with a hook via the plugin's `ep.json` file. See
 the Plugins section for details. A hook may have many registered functions from
@@ -8,12 +8,12 @@ Some hooks call their registered functions one at a time until one of them
 returns a value. Others always call all of their registered functions and
 combine the results (if applicable).
 
-## Registered hook functions
+=== Registered hook functions
 
 Note: The documentation in this section applies to every hook unless the
 hook-specific documentation says otherwise.
 
-### Arguments
+==== Arguments
 
 Hook functions are called with three arguments:
 
@@ -26,7 +26,7 @@ Hook functions are called with three arguments:
    section for general information that applies to most hooks). This callback
    always returns `undefined`.
 
-### Expected behavior
+==== Expected behavior
 
 The presence of a callback parameter suggests that every hook function can run
 asynchronously. While that is the eventual goal, there are some legacy hooks
@@ -54,15 +54,13 @@ Note that the acceptable behaviors for asynchronous hook functions is a superset
 of the acceptable behaviors for synchronous hook functions.
 
 WARNING: The number of parameters is determined by examining
-[Function.length](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function/length),
-which does not count [default
-parameters](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Functions/Default_parameters)
-or ["rest"
-parameters](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Functions/rest_parameters).
+https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Function/length[Function.length],
+which does not count https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Functions/Default_parameters[default parameters]
+or https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Functions/rest_parameters["rest" parameters].
 To avoid problems, do not use default or rest parameters when defining hook
 functions.
 
-### Return values
+==== Return values
 
 A hook function can provide a value to Etherpad in one of the following ways:
 
@@ -77,7 +75,8 @@ A hook function can provide a value to Etherpad in one of the following ways:
 
 Examples:
 
-```javascript
+[source,javascript]
+----
 exports.exampleOne = (hookName, context, callback) => {
   return 'valueOne';
 };
@@ -104,7 +103,7 @@ exports.exampleFive = async (hookName, context) => {
   // is resolved to 'valueFive'.
   return 'valueFive';
 };
-```
+----
 
 Etherpad collects the values provided by the hook functions into an array,
 filters out all `undefined` values, then flattens the array one level.

doc/api/hooks_server-side.md

@@ -1,842 +0,0 @@
-# Server-side hooks
-These hooks are called on server-side.
-
-## loadSettings
-Called from: src/node/server.js
-
-Things in context:
-
-1. settings - the settings object
-
-Use this hook to receive the global settings in your plugin.
-
-## shutdown
-Called from: src/node/server.js
-
-Things in context: None
-
-This hook runs before shutdown. Use it to stop timers, close sockets and files,
-flush buffers, etc. The database is not available while this hook is running.
-The shutdown function must not block for long because there is a short timeout
-before the process is forcibly terminated.
-
-The shutdown function must return a Promise, which must resolve to `undefined`.
-Returning `callback(value)` will return a Promise that is resolved to `value`.
-
-Example:
-
-```
-// using an async function
-exports.shutdown = async (hookName, context) => {
-  await flushBuffers();
-};
-```
-
-## pluginUninstall
-Called from: src/static/js/pluginfw/installer.js
-
-Things in context:
-
-1. plugin_name - self-explanatory
-
-If this hook returns an error, the callback to the uninstall function gets an error as well. This mostly seems useful for handling additional features added in based on the installation of other plugins, which is pretty cool!
-
-## pluginInstall
-Called from: src/static/js/pluginfw/installer.js
-
-Things in context:
-
-1. plugin_name - self-explanatory
-
-If this hook returns an error, the callback to the install function gets an error, too. This seems useful for adding in features when a particular plugin is installed.
-
-## init_`<plugin name>`
-Called from: src/static/js/pluginfw/plugins.js
-
-Things in context: None
-
-This function is called after a specific plugin is initialized. This would probably be more useful than the previous two functions if you only wanted to add in features to one specific plugin.
-
-## expressConfigure
-Called from: src/node/hooks/express.js
-
-Things in context:
-
-1. app - the main application object
-
-This is a helpful hook for changing the behavior and configuration of the application. It's called right after the application gets configured.
-
-## expressCreateServer
-Called from: src/node/hooks/express.js
-
-Things in context:
-
-1. app - the main express application object (helpful for adding new paths and such)
-2. server - the http server object
-
-This hook gets called after the application object has been created, but before it starts listening. This is similar to the expressConfigure hook, but it's not guaranteed that the application object will have all relevant configuration variables.
-
-## expressCloseServer
-
-Called from: src/node/hooks/express.js
-
-Things in context: Nothing
-
-This hook is called when the HTTP server is closing, which happens during
-shutdown (see the shutdown hook) and when the server restarts (e.g., when a
-plugin is installed via the `/admin/plugins` page). The HTTP server may or may
-not already be closed when this hook executes.
-
-Example:
-
-```
-exports.expressCloseServer = async () => {
-  await doSomeCleanup();
-};
-```
-
-## eejsBlock_`<name>`
-Called from: src/node/eejs/index.js
-
-Things in context:
-
-1. content - the content of the block
-
-This hook gets called upon the rendering of an ejs template block. For any specific kind of block, you can change how that block gets rendered by modifying the content object passed in.
-
-Available blocks in `pad.html` are:
-
- * `htmlHead` - after `<html>` and immediately before the title tag
- * `styles` - the style `<link>`s
- * `body` - the contents of the body tag
- * `editbarMenuLeft` - the left tool bar (consider using the toolbar controller instead of manually adding html here)
- * `editbarMenuRight` - right tool bar
- * `afterEditbar` - allows you to add stuff immediately after the toolbar
- * `userlist` - the contents of the userlist dropdown
- * `loading` - the initial loading message
- * `mySettings` - the left column of the settings dropdown ("My view"); intended for adding checkboxes only
- * `mySettings.dropdowns` - add your dropdown settings here
- * `globalSettings` - the right column of the settings dropdown ("Global view")
- * `importColumn` - import form
- * `exportColumn` - export form
- * `modals` - Contains all connectivity messages
- * `embedPopup` - the embed dropdown
- * `scripts` - Add your script tags here, if you really have to (consider use client-side hooks instead)
-
-`timeslider.html` blocks:
-
- * `timesliderStyles`
- * `timesliderScripts`
- * `timesliderBody`
- * `timesliderTop`
- * `timesliderEditbarRight`
- * `modals`
-
-`index.html` blocks:
-
- * `indexCustomStyles` - contains the `index.css` `<link>` tag, allows you to add your own or to customize the one provided by the active skin
- * `indexWrapper` - contains the form for creating new pads
- * `indexCustomScripts` - contains the `index.js` `<script>` tag, allows you to add your own or to customize the one provided by the active skin
-
-## padInitToolbar
-Called from: src/node/hooks/express/specialpages.js
-
-Things in context:
-
-1. toolbar - the toolbar controller that will render the toolbar eventually
-
-Here you can add custom toolbar items that will be available in the toolbar config in `settings.json`. For more about the toolbar controller see the API section.
-
-Usage examples:
-
-* https://github.com/tiblu/ep_authorship_toggle
-
-## onAccessCheck
-Called from: src/node/db/SecurityManager.js
-
-Things in context:
-
-1. padID - the real ID (never the read-only ID) of the pad the user wants to
-   access
-2. token - the token of the author
-3. sessionCookie - the session the use has
-
-This hook gets called when the access to the concrete pad is being checked.
-Return `false` to deny access.
-
-## padCreate
-Called from: src/node/db/Pad.js
-
-Things in context:
-
-1. pad - the pad instance
-2. author - the id of the author who created the pad
-
-This hook gets called when a new pad was created.
-
-## padLoad
-Called from: src/node/db/Pad.js
-
-Things in context:
-
-1. pad - the pad instance
-
-This hook gets called when a pad was loaded. If a new pad was created and loaded this event will be emitted too.
-
-## padUpdate
-Called from: src/node/db/Pad.js
-
-Things in context:
-
-1. pad - the pad instance
-2. author - the id of the author who updated the pad
-3. revs - the index of the new revision
-4. changeset - the changeset of this revision (see [Changeset Library](#index_changeset_library))
-
-This hook gets called when an existing pad was updated.
-
-## padCopy
-Called from: src/node/db/Pad.js
-
-Things in context:
-
-1. originalPad - the source pad instance
-2. destinationID - the id of the pad copied from originalPad
-
-This hook gets called when an existing pad was copied.
-
-Usage examples:
-
-* https://github.com/ether/ep_comments
-
-## padRemove
-Called from: src/node/db/Pad.js
-
-Things in context:
-
-1. padID
-
-This hook gets called when an existing pad was removed/deleted.
-
-Usage examples:
-
-* https://github.com/ether/ep_comments
-
-## socketio
-Called from: src/node/hooks/express/socketio.js
-
-Things in context:
-
-1. app - the application object
-2. io - the socketio object
-3. server - the http server object
-
-I have no idea what this is useful for, someone else will have to add this description.
-
-## preAuthorize
-Called from: src/node/hooks/express/webaccess.js
-
-Things in context:
-
-1. req - the request object
-2. res - the response object
-3. next - bypass callback. If this is called instead of the normal callback then
-   all remaining access checks are skipped.
-
-This hook is called for each HTTP request before any authentication checks are
-performed. Example uses:
-
-* Always grant access to static content.
-* Process an OAuth callback.
-* Drop requests from IP addresses that have failed N authentication checks
-  within the past X minutes.
-
-A preAuthorize function is always called for each request unless a preAuthorize
-function from another plugin (if any) has already explicitly granted or denied
-the request.
-
-You can pass the following values to the provided callback:
-
-* `[]` defers the access decision to the normal authentication and authorization
-  checks (or to a preAuthorize function from another plugin, if one exists).
-* `[true]` immediately grants access to the requested resource, unless the
-  request is for an `/admin` page in which case it is treated the same as `[]`.
-  (This prevents buggy plugins from accidentally granting admin access to the
-  general public.)
-* `[false]` immediately denies the request. The preAuthnFailure hook will be
-  called to handle the failure.
-
-Example:
-
-```
-exports.preAuthorize = (hookName, context, cb) => {
-  if (ipAddressIsFirewalled(context.req)) return cb([false]);
-  if (requestIsForStaticContent(context.req)) return cb([true]);
-  if (requestIsForOAuthCallback(context.req)) return cb([true]);
-  return cb([]);
-};
-```
-
-## authorize
-Called from: src/node/hooks/express/webaccess.js
-
-Things in context:
-
-1. req - the request object
-2. res - the response object
-3. next - ?
-4. resource - the path being accessed
-
-This hook is called to handle authorization. It is especially useful for
-controlling access to specific paths.
-
-A plugin's authorize function is only called if all of the following are true:
-
-* The request is not for static content or an API endpoint. (Requests for static
-  content and API endpoints are always authorized, even if unauthenticated.)
-* The `requireAuthentication` and `requireAuthorization` settings are both true.
-* The user has already successfully authenticated.
-* The user is not an admin (admin users are always authorized).
-* The path being accessed is not an `/admin` path (`/admin` paths can only be
-  accessed by admin users, and admin users are always authorized).
-* An authorize function from a different plugin has not already caused
-  authorization to pass or fail.
-
-Note that the authorize hook cannot grant access to `/admin` pages. If admin
-access is desired, the `is_admin` user setting must be set to true. This can be
-set in the settings file or by the authenticate hook.
-
-You can pass the following values to the provided callback:
-
-* `[true]` or `['create']` will grant access to modify or create the pad if the
-  request is for a pad, otherwise access is simply granted. Access to a pad will
-  be downgraded to modify-only if `settings.editOnly` is true or the user's
-  `canCreate` setting is set to `false`, and downgraded to read-only if the
-  user's `readOnly` setting is `true`.
-* `['modify']` will grant access to modify but not create the pad if the request
-  is for a pad, otherwise access is simply granted. Access to a pad will be
-  downgraded to read-only if the user's `readOnly` setting is `true`.
-* `['readOnly']` will grant read-only access.
-* `[false]` will deny access.
-* `[]` or `undefined` will defer the authorization decision to the next
-  authorization plugin (if any, otherwise deny).
-
-Example:
-
-```
-exports.authorize = (hookName, context, cb) => {
-  const user = context.req.session.user;
-  const path = context.req.path;  // or context.resource
-  if (isExplicitlyProhibited(user, path)) return cb([false]);
-  if (isExplicitlyAllowed(user, path)) return cb([true]);
-  return cb([]);  // Let the next authorization plugin decide
-};
-```
-
-## authenticate
-Called from: src/node/hooks/express/webaccess.js
-
-Things in context:
-
-1. req - the request object
-2. res - the response object
-3. users - the users object from settings.json (possibly modified by plugins)
-4. next - ?
-5. username - the username used (optional)
-6. password - the password used (optional)
-
-This hook is called to handle authentication.
-
-Plugins that supply an authenticate function should probably also supply an
-authnFailure function unless falling back to HTTP basic authentication is
-appropriate upon authentication failure.
-
-This hook is only called if either the `requireAuthentication` setting is true
-or the request is for an `/admin` page.
-
-Calling the provided callback with `[true]` or `[false]` will cause
-authentication to succeed or fail, respectively. Calling the callback with `[]`
-or `undefined` will defer the authentication decision to the next authentication
-plugin (if any, otherwise fall back to HTTP basic authentication).
-
-If you wish to provide a mix of restricted and anonymous access (e.g., some pads
-are private, others are public), you can "authenticate" (as a guest account)
-users that have not yet logged in, and rely on other hooks (e.g., authorize,
-onAccessCheck, handleMessageSecurity) to authorize specific privileged actions.
-
-If authentication is successful, the authenticate function MUST set
-`context.req.session.user` to the user's settings object. The `username`
-property of this object should be set to the user's username. The settings
-object should come from global settings (`context.users[username]`).
-
-Example:
-
-```
-exports.authenticate = (hook_name, context, cb) => {
-  if (notApplicableToThisPlugin(context)) {
-    return cb([]);  // Let the next authentication plugin decide
-  }
-  const username = authenticate(context);
-  if (!username) {
-    console.warn(`ep_myplugin.authenticate: Failed authentication from IP ${context.req.ip}`);
-    return cb([false]);
-  }
-  console.info(`ep_myplugin.authenticate: Successful authentication from IP ${context.req.ip} for user ${username}`);
-  const users = context.users;
-  if (!(username in users)) users[username] = {};
-  users[username].username = username;
-  context.req.session.user = users[username];
-  return cb([true]);
-};
-```
-
-## authFailure
-Called from: src/node/hooks/express/webaccess.js
-
-Things in context:
-
-1. req - the request object
-2. res - the response object
-3. next - ?
-
-**DEPRECATED:** Use authnFailure or authzFailure instead.
-
-This hook is called to handle an authentication or authorization failure.
-
-Plugins that supply an authenticate function should probably also supply an
-authnFailure function unless falling back to HTTP basic authentication is
-appropriate upon authentication failure.
-
-A plugin's authFailure function is only called if all of the following are true:
-
-* There was an authentication or authorization failure.
-* The failure was not already handled by an authFailure function from another
-  plugin.
-* For authentication failures: The failure was not already handled by the
-  authnFailure hook.
-* For authorization failures: The failure was not already handled by the
-  authzFailure hook.
-
-Calling the provided callback with `[true]` tells Etherpad that the failure was
-handled and no further error handling is required. Calling the callback with
-`[]` or `undefined` defers error handling to the next authFailure plugin (if
-any, otherwise fall back to HTTP basic authentication for an authentication
-failure or a generic 403 page for an authorization failure).
-
-Example:
-
-```
-exports.authFailure = (hookName, context, cb) => {
-  if (notApplicableToThisPlugin(context)) {
-    return cb([]);  // Let the next plugin handle the error
-  }
-  context.res.redirect(makeLoginURL(context.req));
-  return cb([true]);
-};
-```
-
-## preAuthzFailure
-Called from: src/node/hooks/express/webaccess.js
-
-Things in context:
-
-1. req - the request object
-2. res - the response object
-
-This hook is called to handle a pre-authentication authorization failure.
-
-A plugin's preAuthzFailure function is only called if the pre-authentication
-authorization failure was not already handled by a preAuthzFailure function from
-another plugin.
-
-Calling the provided callback with `[true]` tells Etherpad that the failure was
-handled and no further error handling is required. Calling the callback with
-`[]` or `undefined` defers error handling to a preAuthzFailure function from
-another plugin (if any, otherwise fall back to a generic 403 error page).
-
-Example:
-
-```
-exports.preAuthzFailure = (hookName, context, cb) => {
-  if (notApplicableToThisPlugin(context)) return cb([]);
-  context.res.status(403).send(renderFancy403Page(context.req));
-  return cb([true]);
-};
-```
-
-## authnFailure
-Called from: src/node/hooks/express/webaccess.js
-
-Things in context:
-
-1. req - the request object
-2. res - the response object
-
-This hook is called to handle an authentication failure.
-
-Plugins that supply an authenticate function should probably also supply an
-authnFailure function unless falling back to HTTP basic authentication is
-appropriate upon authentication failure.
-
-A plugin's authnFailure function is only called if the authentication failure
-was not already handled by an authnFailure function from another plugin.
-
-Calling the provided callback with `[true]` tells Etherpad that the failure was
-handled and no further error handling is required. Calling the callback with
-`[]` or `undefined` defers error handling to an authnFailure function from
-another plugin (if any, otherwise fall back to the deprecated authFailure hook).
-
-Example:
-
-```
-exports.authnFailure = (hookName, context, cb) => {
-  if (notApplicableToThisPlugin(context)) return cb([]);
-  context.res.redirect(makeLoginURL(context.req));
-  return cb([true]);
-};
-```
-
-## authzFailure
-Called from: src/node/hooks/express/webaccess.js
-
-Things in context:
-
-1. req - the request object
-2. res - the response object
-
-This hook is called to handle a post-authentication authorization failure.
-
-A plugin's authzFailure function is only called if the authorization failure was
-not already handled by an authzFailure function from another plugin.
-
-Calling the provided callback with `[true]` tells Etherpad that the failure was
-handled and no further error handling is required. Calling the callback with
-`[]` or `undefined` defers error handling to an authzFailure function from
-another plugin (if any, otherwise fall back to the deprecated authFailure hook).
-
-Example:
-
-```
-exports.authzFailure = (hookName, context, cb) => {
-  if (notApplicableToThisPlugin(context)) return cb([]);
-  if (needsPremiumAccount(context.req) && !context.req.session.user.premium) {
-    context.res.status(200).send(makeUpgradeToPremiumAccountPage(context.req));
-    return cb([true]);
-  }
-  // Use the generic 403 forbidden response.
-  return cb([]);
-};
-```
-
-## handleMessage
-Called from: src/node/handler/PadMessageHandler.js
-
-Things in context:
-
-1. message - the message being handled
-2. socket - the socket.io Socket object
-3. client - **deprecated** synonym of socket
-
-This hook allows plugins to drop or modify incoming socket.io messages from
-clients, before Etherpad processes them.
-
-The handleMessage function must return a Promise. If the Promise resolves to
-`null`, the message is dropped. Returning `callback(value)` will return a
-Promise that is resolved to `value`.
-
-Examples:
-
-```
-// Using an async function:
-exports.handleMessage = async (hookName, {message, socket}) => {
-  if (message.type === 'USERINFO_UPDATE') {
-    // Force the display name to the name associated with the account.
-    const user = socket.client.request.session.user || {};
-    if (user.name) message.data.userInfo.name = user.name;
-  }
-};
-
-// Using a regular function:
-exports.handleMessage = (hookName, {message, socket}, callback) => {
-  if (message.type === 'USERINFO_UPDATE') {
-    // Force the display name to the name associated with the account.
-    const user = socket.client.request.session.user || {};
-    if (user.name) message.data.userInfo.name = user.name;
-  }
-  return callback();
-};
-```
-
-## handleMessageSecurity
-Called from: src/node/handler/PadMessageHandler.js
-
-Things in context:
-
-1. message - the message being handled
-2. socket - the socket.io Socket object
-3. client - **deprecated** synonym of socket
-
-This hook allows plugins to grant temporary write access to a pad. It is called
-for each incoming message from a client. If write access is granted, it applies
-to the current message and all future messages from the same socket.io
-connection until the next `CLIENT_READY` or `SWITCH_TO_PAD` message. Read-only
-access is reset **after** each `CLIENT_READY` or `SWITCH_TO_PAD` message, so
-granting write access has no effect for those message types.
-
-The handleMessageSecurity function must return a Promise. If the Promise
-resolves to `true`, write access is granted as described above. Returning
-`callback(value)` will return a Promise that is resolved to `value`.
-
-Examples:
-
-```
-// Using an async function:
-exports.handleMessageSecurity = async (hookName, {message, socket}) => {
-  if (shouldGrantWriteAccess(message, socket)) return true;
-  return;
-};
-
-// Using a regular function:
-exports.handleMessageSecurity = (hookName, {message, socket}, callback) => {
-  if (shouldGrantWriteAccess(message, socket)) return callback(true);
-  return callback();
-};
-```
-
-## clientVars
-Called from: src/node/handler/PadMessageHandler.js
-
-Things in context:
-
-1. clientVars - the basic `clientVars` built by the core
-2. pad - the pad this session is about
-3. socket - the socket.io Socket object
-
-This hook is called after a client connects but before the initial configuration
-is sent to the client. Plugins can use this hook to manipulate the
-configuration. (Example: Add a tracking ID for an external analytics tool that
-is used client-side.)
-
-You can manipulate `clientVars` in two different ways:
-* Return an object. The object will be merged into `clientVars` via
-  `Object.assign()`, so any keys that already exist in `clientVars` will be
-  overwritten by the values in the returned object.
-* Modify `context.clientVars`. Beware: Other plugins might also be reading or
-  manipulating the same `context.clientVars` object. To avoid race conditions,
-  you are encouraged to return an object rather than modify
-  `context.clientVars`.
-
-If needed, you can access the user's account information (if authenticated) via
-`context.socket.client.request.session.user`.
-
-Examples:
-
-```
-// Using an async function
-exports.clientVars = async (hookName, context) => {
-  const user = context.socket.client.request.session.user || {};
-  return {'accountUsername': user.username || '<unknown>'}
-};
-
-// Using a regular function
-exports.clientVars = (hookName, context, callback) => {
-  const user = context.socket.client.request.session.user || {};
-  return callback({'accountUsername': user.username || '<unknown>'});
-};
-```
-
-## getLineHTMLForExport
-Called from: src/node/utils/ExportHtml.js
-
-Things in context:
-
-1. apool - pool object
-2. attribLine - line attributes
-3. text - line text
-
-This hook will allow a plug-in developer to re-write each line when exporting to HTML.
-
-Example:
-```
-var Changeset = require("ep_etherpad-lite/static/js/Changeset");
-
-exports.getLineHTMLForExport = function (hook, context) {
-  var header = _analyzeLine(context.attribLine, context.apool);
-  if (header) {
-    return "<" + header + ">" + context.lineContent + "</" + header + ">";
-  }
-}
-
-function _analyzeLine(alineAttrs, apool) {
-  var header = null;
-  if (alineAttrs) {
-    var opIter = Changeset.opIterator(alineAttrs);
-    if (opIter.hasNext()) {
-      var op = opIter.next();
-      header = Changeset.opAttributeValue(op, 'heading', apool);
-    }
-  }
-  return header;
-}
-```
-
-## exportHTMLAdditionalContent
-Called from: src/node/utils/ExportHtml.js
-
-Things in context:
-
-1. padId
-
-This hook will allow a plug-in developer to include additional HTML content in
-the body of the exported HTML.
-
-Example:
-
-```
-exports.exportHTMLAdditionalContent = async (hookName, {padId}) => {
-  return 'I am groot in ' + padId;
-};
-```
-
-## stylesForExport
-Called from: src/node/utils/ExportHtml.js
-
-Things in context:
-
-1. padId - The Pad Id
-
-This hook will allow a plug-in developer to append Styles to the Exported HTML.
-
-Example:
-
-```
-exports.stylesForExport = function(hook, padId, cb){
-  cb("body{font-size:13.37em !important}");
-}
-```
-
-## aceAttribClasses
-Called from: src/static/js/linestylefilter.js
-
-This hook is called when attributes are investigated on a line. It is useful if
-you want to add another attribute type or property type to a pad.
-
-An attributes object is passed to the aceAttribClasses hook functions instead of
-the usual context object. A hook function can either modify this object directly
-or provide an object whose properties will be assigned to the attributes object.
-
-Example:
-
-```
-exports.aceAttribClasses = (hookName, attrs, cb) => {
-  return cb([{
-    sub: 'tag:sub',
-  }]);
-};
-```
-
-## exportFileName
-Called from src/node/handler/ExportHandler.js
-
-Things in context:
-
-1. padId
-
-This hook will allow a plug-in developer to modify the file name of an exported pad.  This is useful if you want to export a pad under another name and/or hide the padId under export.  Note that the doctype or file extension cannot be modified for security reasons.
-
-Example:
-
-```
-exports.exportFileName = function(hook, padId, callback){
-  callback("newFileName"+padId);
-}
-```
-
-## exportHtmlAdditionalTags
-Called from src/node/utils/ExportHtml.js
-
-Things in context:
-
-1. Pad object
-
-This hook will allow a plug-in developer to include more properties and attributes to support during HTML Export. If tags are stored as `['color', 'red']` on the attribute pool, use `exportHtmlAdditionalTagsWithData` instead. An Array should be returned.
-
-Example:
-```
-// Add the props to be supported in export
-exports.exportHtmlAdditionalTags = function(hook, pad, cb){
-  var padId = pad.id;
-  cb(["massive","jugs"]);
-};
-```
-
-## exportHtmlAdditionalTagsWithData
-Called from src/node/utils/ExportHtml.js
-
-Things in context:
-
-1. Pad object
-
-Identical to `exportHtmlAdditionalTags`, but for tags that are stored with a specific value (not simply `true`) on the attribute pool. For example `['color', 'red']`, instead of `['bold', true]`. This hook will allow a plug-in developer to include more properties and attributes to support during HTML Export. An Array of arrays should be returned. The exported HTML will contain tags like `<span data-color="red">` for the content where attributes are `['color', 'red']`.
-
-Example:
-```
-// Add the props to be supported in export
-exports.exportHtmlAdditionalTagsWithData = function(hook, pad, cb){
-  var padId = pad.id;
-  cb([["color", "red"], ["color", "blue"]]);
-};
-```
-
-## exportEtherpadAdditionalContent
-Called from src/node/utils/ExportEtherpad.js and
-src/node/utils/ImportEtherpad.js
-
-Things in context: Nothing
-
-Useful for exporting and importing pad metadata that is stored in the database
-but not in the pad's content or attributes. For example, in ep_comments_page the
-comments are stored as `comments:padId:uniqueIdOfComment` so a complete export
-of all pad data to an `.etherpad` file must include the `comments:padId:*`
-records.
-
-Example:
-
-```
-// Add support for exporting comments metadata
-exports.exportEtherpadAdditionalContent = () => ['comments'];
-```
-
-## userLeave
-Called from src/node/handler/PadMessageHandler.js
-
-This in context:
-
-1. session (including the pad id and author id)
-
-This hook gets called when an author leaves a pad. This is useful if you want to perform certain actions after a pad has been edited
-
-Example:
-
-```
-exports.userLeave = function(hook, session, callback) {
-  console.log('%s left pad %s', session.author, session.padId);
-};
-```
-
-### clientReady
-Called from src/node/handler/PadMessageHandler.js
-
-This in context:
-
-1. message
-
-This hook gets called when handling a CLIENT_READY which is the first message from the client to the server.
-
-Example:
-
-```
-exports.clientReady = function(hook, message) {
-  console.log('Client has entered the pad' + message.padId);
-};
-```

doc/api/http_api.adoc

@@ -1,6 +1,6 @@
-# HTTP API
+== HTTP API
 
-## What can I do with this API?
+=== What can I do with this API?
 The API gives another web application control of the pads. The basic functions are
 
 * create/delete pads
@@ -9,15 +9,15 @@ The API gives another web application control of the pads. The basic functions a
 
 The API is designed in a way, so you can reuse your existing user system with their permissions, and map it to Etherpad. Means: Your web application still has to do authentication, but you can tell Etherpad via the api, which visitors should get which permissions. This allows Etherpad to fit into any web application and extend it with real-time functionality. You can embed the pads via an iframe into your website.
 
-Take a look at [HTTP API client libraries](https://github.com/ether/etherpad-lite/wiki/HTTP-API-client-libraries) to check if a library in your favorite programming language is available.
+Take a look at https://github.com/ether/etherpad-lite/wiki/HTTP-API-client-libraries[HTTP API client libraries] to check if a library in your favorite programming language is available.
 
-### OpenAPI
+==== OpenAPI
 
-OpenAPI (formerly swagger) definitions are exposed under `/api/openapi.json` (latest) and `/api/{version}/openapi.json`. You can use official tools like [Swagger Editor](https://editor.swagger.io/) to view and explore them.
+OpenAPI (formerly swagger) definitions are exposed under `/api/openapi.json` (latest) and `/api/{version}/openapi.json`. You can use official tools like https://editor.swagger.io/[Swagger Editor] to view and explore them.
 
-## Examples
+=== Examples
 
-### Example 1
+==== Example 1
 
 A portal (such as WordPress) wants to give a user access to a new pad. Let's assume the user have the internal id 7 and his name is michael.
 
@@ -47,7 +47,7 @@ Portal starts the session for the user on the group:
 
 Portal places the cookie "sessionID" with the given value on the client and creates an iframe including the pad.
 
-### Example 2
+==== Example 2
 
 A portal (such as WordPress) wants to transform the contents of a pad that multiple admins edited into a blog post.
 
@@ -62,14 +62,14 @@ Portal submits content into new blog post
 > Portal.AddNewBlog(content)
 >
 
-## Usage
+=== Usage
 
-### API version
-The latest version is `1.2.14`
+==== API version
+The latest version is `1.2.15`
 
 The current version can be queried via /api.
 
-### Request Format
+==== Request Format
 
 The API is accessible via HTTP. Starting from **1.8**, API endpoints can be invoked indifferently via GET or POST.
 
@@ -80,30 +80,37 @@ When invoking via GET (mandatory until **1.7.5** included), parameters must be i
 Starting from Etherpad **1.8** it is also possible to invoke the HTTP API via POST. In this case, querystring parameters will still be accepted, but **any parameter with the same name sent via POST will take precedence**. If you need to send large chunks of text (for example, for `setText()`) it is advisable to invoke via POST.
 
 Example with cURL using GET (toy example, no encoding):
-```
+
+[source,bash]
+----
 curl "http://pad.domain/api/1/setText?apikey=secret&padID=padname&text=this_text_will_NOT_be_encoded_by_curl_use_next_example"
-```
+----
 
 Example with cURL using GET (better example, encodes text):
-```
+
+[source,bash]
+----
 curl "http://pad.domain/api/1/setText?apikey=secret&padID=padname" --get --data-urlencode "text=Text sent via GET with proper encoding. For big documents, please use POST"
-```
+----
 
 Example with cURL using POST:
-```
-curl "http://pad.domain/api/1/setText?apikey=secret&padID=padname" --data-urlencode "text=Text sent via POST with proper encoding. For big texts (>8 KB), use this method"
-```
 
-### Response Format
+[source,bash]
+----
+curl "http://pad.domain/api/1/setText?apikey=secret&padID=padname" --data-urlencode "text=Text sent via POST with proper encoding. For big texts (>8 KB), use this method"
+----
+
+==== Response Format
 Responses are valid JSON in the following format:
 
-```json
+[source,jsonlines]
+----
 {
   "code": number,
   "message": string,
   "data": obj
 }
-```
+----
 
 * **code** a return code
   * **0** everything ok
@@ -114,11 +121,11 @@ Responses are valid JSON in the following format:
 * **message** a status message. It's ok if everything is fine, else it contains an error message
 * **data** the payload
 
-### Overview
+==== Overview
 
-![API Overview](https://i.imgur.com/d0nWp.png)
+image::https://i.imgur.com/d0nWp.png[API Overview]
 
-## Data Types
+=== Data Types
 
 * **groupID**  a string, the unique id of a group. Format is g.16RANDOMCHARS, for example g.s8oes9dhwrvt0zif
 * **sessionID** a string, the unique id of a session. Format is s.16RANDOMCHARS, for example s.s8oes9dhwrvt0zif
@@ -126,223 +133,248 @@ Responses are valid JSON in the following format:
 * **readOnlyID** a string, the unique id of a readonly relation to a pad. Format is r.16RANDOMCHARS, for example r.s8oes9dhwrvt0zif
 * **padID** a string, format is GROUPID$PADNAME, for example the pad test of group g.s8oes9dhwrvt0zif has padID g.s8oes9dhwrvt0zif$test
 
-### Authentication
+==== Authentication
 
 Authentication works via a token that is sent with each request as a post parameter.  There is a single token per Etherpad deployment.  This token will be random string, generated by Etherpad at the first start. It will be saved in APIKEY.txt in the root folder of Etherpad. Only Etherpad and the requesting application knows this key. Token management will not be exposed through this API.
 
-### Node Interoperability
+==== Node Interoperability
 
 All functions will also be available through a node module accessible from other node.js applications.
 
-## API Methods
+=== API Methods
 
-### Groups
+==== Groups
 Pads can belong to a group. The padID of grouppads is starting with a groupID like g.asdfasdfasdfasdf$test
 
-#### createGroup()
+===== createGroup()
  * API >= 1
 
 creates a new group
 
-*Example returns:*
-  * `{code: 0, message:"ok", data: {groupID: g.s8oes9dhwrvt0zif}}`
+_Example returns:_
 
-#### createGroupIfNotExistsFor(groupMapper)
+* `{code: 0, message:"ok", data: {groupID: g.s8oes9dhwrvt0zif}}`
+
+===== createGroupIfNotExistsFor(groupMapper)
  * API >= 1
 
 this functions helps you to map your application group ids to Etherpad group ids
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {groupID: g.s8oes9dhwrvt0zif}}`
 
-#### deleteGroup(groupID)
+===== deleteGroup(groupID)
  * API >= 1
 
 deletes a group
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"groupID does not exist", data: null}`
 
-#### listPads(groupID)
+===== listPads(groupID)
  * API >= 1
 
 returns all pads of this group
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {padIDs : ["g.s8oes9dhwrvt0zif$test", "g.s8oes9dhwrvt0zif$test2"]}`
   * `{code: 1, message:"groupID does not exist", data: null}`
 
-#### createGroupPad(groupID, padName [, text])
+===== createGroupPad(groupID, padName, [text], [authorId])
  * API >= 1
+ * `authorId` in API >= 1.3.0
 
 creates a new pad in this group
 
-*Example returns:*
-  * `{code: 0, message:"ok", data: null}`
-  * `{code: 1, message:"pad does already exist", data: null}`
+_Example returns:_
+
+  * `{code: 0, message:"ok", data: {padID: "g.s8oes9dhwrvt0zif$test"}`
+  * `{code: 1, message:"padName does already exist", data: null}`
   * `{code: 1, message:"groupID does not exist", data: null}`
 
-#### listAllGroups()
+===== listAllGroups()
  * API >= 1.1
 
 lists all existing groups
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {groupIDs: ["g.mKjkmnAbSMtCt8eL", "g.3ADWx6sbGuAiUmCy"]}}`
   * `{code: 0, message:"ok", data: {groupIDs: []}}`
 
-### Author
+==== Author
 These authors are bound to the attributes the users choose (color and name).
 
-#### createAuthor([name])
+===== createAuthor([name])
  * API >= 1
 
 creates a new author
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {authorID: "a.s8oes9dhwrvt0zif"}}`
 
-#### createAuthorIfNotExistsFor(authorMapper [, name])
+===== createAuthorIfNotExistsFor(authorMapper [, name])
  * API >= 1
 
 this functions helps you to map your application author ids to Etherpad author ids
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {authorID: "a.s8oes9dhwrvt0zif"}}`
 
-#### listPadsOfAuthor(authorID)
+===== listPadsOfAuthor(authorID)
  * API >= 1
 
 returns an array of all pads this author contributed to
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {padIDs: ["g.s8oes9dhwrvt0zif$test", "g.s8oejklhwrvt0zif$foo"]}}`
   * `{code: 1, message:"authorID does not exist", data: null}`
 
-#### getAuthorName(authorID)
+===== getAuthorName(authorID)
  * API >= 1.1
 
 Returns the Author Name of the author
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {authorName: "John McLear"}}`
 
 -> can't be deleted cause this would involve scanning all the pads where this author was
 
-### Session
+==== Session
 Sessions can be created between a group and an author. This allows an author to access more than one group. The sessionID will be set as a cookie to the client and is valid until a certain date. The session cookie can also contain multiple comma-separated sessionIDs, allowing a user to edit pads in different groups at the same time. Only users with a valid session for this group, can access group pads. You can create a session after you authenticated the user at your web application, to give them access to the pads. You should save the sessionID of this session and delete it after the user logged out.
 
-#### createSession(groupID, authorID, validUntil)
+===== createSession(groupID, authorID, validUntil)
  * API >= 1
 
 creates a new session. validUntil is an unix timestamp in seconds
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {sessionID: "s.s8oes9dhwrvt0zif"}}`
   * `{code: 1, message:"groupID doesn't exist", data: null}`
   * `{code: 1, message:"authorID doesn't exist", data: null}`
   * `{code: 1, message:"validUntil is in the past", data: null}`
 
-#### deleteSession(sessionID)
+===== deleteSession(sessionID)
  * API >= 1
 
 deletes a session
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"sessionID does not exist", data: null}`
 
-#### getSessionInfo(sessionID)
+===== getSessionInfo(sessionID)
  * API >= 1
 
 returns information about a session
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {authorID: "a.s8oes9dhwrvt0zif", groupID: g.s8oes9dhwrvt0zif, validUntil: 1312201246}}`
   * `{code: 1, message:"sessionID does not exist", data: null}`
 
-#### listSessionsOfGroup(groupID)
+===== listSessionsOfGroup(groupID)
  * API >= 1
 
 returns all sessions of a group
 
-*Example returns:*
+_Example returns:_
+
   * `{"code":0,"message":"ok","data":{"s.oxf2ras6lvhv2132":{"groupID":"g.s8oes9dhwrvt0zif","authorID":"a.akf8finncvomlqva","validUntil":2312905480}}}`
   * `{code: 1, message:"groupID does not exist", data: null}`
 
-#### listSessionsOfAuthor(authorID)
+===== listSessionsOfAuthor(authorID)
  * API >= 1
 
 returns all sessions of an author
 
-*Example returns:*
+_Example returns:_
+
   * `{"code":0,"message":"ok","data":{"s.oxf2ras6lvhv2132":{"groupID":"g.s8oes9dhwrvt0zif","authorID":"a.akf8finncvomlqva","validUntil":2312905480}}}`
   * `{code: 1, message:"authorID does not exist", data: null}`
 
-### Pad Content
+==== Pad Content
 
 Pad content can be updated and retrieved through the API
 
-#### getText(padID, [rev])
+===== getText(padID, [rev])
  * API >= 1
 
 returns the text of a pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {text:"Welcome Text"}}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### setText(padID, text)
+===== setText(padID, text, [authorId])
  * API >= 1
+ * `authorId` in API >= 1.3.0
 
 Sets the text of a pad.
 
 If your text is long (>8 KB), please invoke via POST and include `text` parameter in the body of the request, not in the URL (since Etherpad **1.8**).
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"padID does not exist", data: null}`
   * `{code: 1, message:"text too long", data: null}`
 
-#### appendText(padID, text)
+===== appendText(padID, text, [authorId])
  * API >= 1.2.13
+ * `authorId` in API >= 1.3.0
 
 Appends text to a pad.
 
 If your text is long (>8 KB), please invoke via POST and include `text` parameter in the body of the request, not in the URL (since Etherpad **1.8**).
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"padID does not exist", data: null}`
   * `{code: 1, message:"text too long", data: null}`
 
-#### getHTML(padID, [rev])
+===== getHTML(padID, [rev])
  * API >= 1
 
 returns the text of a pad formatted as HTML
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {html:"Welcome Text<br>More Text"}}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### setHTML(padID, html)
+===== setHTML(padID, html, [authorId])
  * API >= 1
+ * `authorId` in API >= 1.3.0
 
 sets the text of a pad based on HTML, HTML must be well-formed. Malformed HTML will send a warning to the API log.
 
 If `html` is long (>8 KB), please invoke via POST and include `html` parameter in the body of the request, not in the URL (since Etherpad **1.8**).
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### getAttributePool(padID)
+===== getAttributePool(padID)
  * API >= 1.2.8
 
 returns the attribute pool of a pad
 
-*Example returns:*
+_Example returns:_
+
   * `{ "code":0,
        "message":"ok",
        "data": {
@@ -365,12 +397,13 @@ returns the attribute pool of a pad
      }`
   * `{"code":1,"message":"padID does not exist","data":null}`
 
-#### getRevisionChangeset(padID, [rev])
+===== getRevisionChangeset(padID, [rev])
  * API >= 1.2.8
 
 get the changeset at a given revision, or last revision if 'rev' is not defined.
 
-*Example returns:*
+_Example returns:_
+
   * `{ "code" : 0,
        "message" : "ok",
        "data" : "Z:1>6b|5+6b$Welcome to Etherpad!\n\nThis pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!\n\nGet involved with Etherpad at https://etherpad.org\n"
@@ -378,26 +411,30 @@ get the changeset at a given revision, or last revision if 'rev' is not defined.
   * `{"code":1,"message":"padID does not exist","data":null}`
   * `{"code":1,"message":"rev is higher than the head revision of the pad","data":null}`
 
-#### createDiffHTML(padID, startRev, endRev)
+===== createDiffHTML(padID, startRev, endRev)
  * API >= 1.2.7
 
 returns an object of diffs from 2 points in a pad
 
-*Example returns:*
+_Example returns:_
+
   * `{"code":0,"message":"ok","data":{"html":"<style>\n.authora_HKIv23mEbachFYfH {background-color: #a979d9}\n.authora_n4gEeMLsv1GivNeh {background-color: #a9b5d9}\n.removed {text-decoration: line-through; -ms-filter:'progid:DXImageTransform.Microsoft.Alpha(Opacity=80)'; filter: alpha(opacity=80); opacity: 0.8; }\n</style>Welcome to Etherpad!<br><br>This pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents!<br><br>Get involved with Etherpad at <a href=\"http&#x3a;&#x2F;&#x2F;etherpad&#x2e;org\">http:&#x2F;&#x2F;etherpad.org</a><br><span class=\"authora_HKIv23mEbachFYfH\">aw</span><br><br>","authors":["a.HKIv23mEbachFYfH",""]}}`
   * `{"code":4,"message":"no or wrong API Key","data":null}`
 
-#### restoreRevision(padId, rev)
+===== restoreRevision(padId, rev, [authorId])
  * API >= 1.2.11
+ * `authorId` in API >= 1.3.0
 
 Restores revision from past as new changeset
 
-*Example returns:*
+_Example returns:_
+
   * {code:0, message:"ok", data:null}
   * {code: 1, message:"padID does not exist", data: null}
 
-### Chat
-#### getChatHistory(padID, [start, end])
+==== Chat
+
+===== getChatHistory(padID, [start, end])
  * API >= 1.2.7
 
 returns
@@ -406,226 +443,251 @@ returns
 * the whole chat history, when no extra parameters are given
 
 
-*Example returns:*
+_Example returns:_
 
 * `{"code":0,"message":"ok","data":{"messages":[{"text":"foo","userId":"a.foo","time":1359199533759,"userName":"test"},{"text":"bar","userId":"a.foo","time":1359199534622,"userName":"test"}]}}`
 * `{code: 1, message:"start is higher or equal to the current chatHead", data: null}`
 * `{code: 1, message:"padID does not exist", data: null}`
 
-#### getChatHead(padID)
+===== getChatHead(padID)
  * API >= 1.2.7
 
 returns the chatHead (last number of the last chat-message) of the pad
 
 
-*Example returns:*
+_Example returns:_
 
 * `{code: 0, message:"ok", data: {chatHead: 42}}`
 * `{code: 1, message:"padID does not exist", data: null}`
 
-#### appendChatMessage(padID, text, authorID [, time])
+===== appendChatMessage(padID, text, authorID [, time])
  * API >= 1.2.12
 
 creates a chat message, saves it to the database and sends it to all connected clients of this pad
 
 
-*Example returns:*
+_Example returns:_
 
 * `{code: 0, message:"ok", data: null}`
 * `{code: 1, message:"text is no string", data: null}`
 
-### Pad
+=== Pad
 Group pads are normal pads, but with the name schema GROUPID$PADNAME. A security manager controls access of them and it's forbidden for normal pads to include a $ in the name.
 
-#### createPad(padID [, text])
+==== createPad(padID, [text], [authorId])
  * API >= 1
+ * `authorId` in API >= 1.3.0
 
 creates a new (non-group) pad.  Note that if you need to create a group Pad, you should call **createGroupPad**.
 You get an error message if you use one of the following characters in the padID: "/", "?", "&" or "#".
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"padID does already exist", data: null}`
   * `{code: 1, message:"malformed padID: Remove special characters", data: null}`
 
-#### getRevisionsCount(padID)
+==== getRevisionsCount(padID)
  * API >= 1
 
 returns the number of revisions of this pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {revisions: 56}}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### getSavedRevisionsCount(padID)
+==== getSavedRevisionsCount(padID)
  * API >= 1.2.11
 
 returns the number of saved revisions of this pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {savedRevisions: 42}}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### listSavedRevisions(padID)
+==== listSavedRevisions(padID)
  * API >= 1.2.11
 
 returns the list of saved revisions of this pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {savedRevisions: [2, 42, 1337]}}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### saveRevision(padID [, rev])
+==== saveRevision(padID [, rev])
  * API >= 1.2.11
 
 saves a revision
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### padUsersCount(padID)
+==== padUsersCount(padID)
  * API >= 1
 
 returns the number of user that are currently editing this pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {padUsersCount: 5}}`
 
-#### padUsers(padID)
+==== padUsers(padID)
  * API >= 1.1
 
 returns the list of users that are currently editing this pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {padUsers: [{colorId:"#c1a9d9","name":"username1","timestamp":1345228793126,"id":"a.n4gEeMLsvg12452n"},{"colorId":"#d9a9cd","name":"Hmmm","timestamp":1345228796042,"id":"a.n4gEeMLsvg12452n"}]}}`
   * `{code: 0, message:"ok", data: {padUsers: []}}`
 
-#### deletePad(padID)
+==== deletePad(padID)
  * API >= 1
 
 deletes a pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### copyPad(sourceID, destinationID[, force=false])
+==== copyPad(sourceID, destinationID[, force=false])
  * API >= 1.2.8
 
 copies a pad with full history and chat. If force is true and the destination pad exists, it will be overwritten.
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### copyPadWithoutHistory(sourceID, destinationID[, force=false])
+==== copyPadWithoutHistory(sourceID, destinationID, [force=false], [authorId])
 * API >= 1.2.15
+ * `authorId` in API >= 1.3.0
 
 copies a pad without copying the history and chat. If force is true and the destination pad exists, it will be overwritten.
 Note that all the revisions will be lost! In most of the cases one should use `copyPad` API instead.
 
-*Example returns:*
+_Example returns:_
+
 * `{code: 0, message:"ok", data: null}`
 * `{code: 1, message:"padID does not exist", data: null}`
 
-#### movePad(sourceID, destinationID[, force=false])
+==== movePad(sourceID, destinationID[, force=false])
  * API >= 1.2.8
 
 moves a pad. If force is true and the destination pad exists, it will be overwritten.
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### getReadOnlyID(padID)
+==== getReadOnlyID(padID)
  * API >= 1
 
 returns the read only link of a pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {readOnlyID: "r.s8oes9dhwrvt0zif"}}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### getPadID(readOnlyID)
+==== getPadID(readOnlyID)
  * API >= 1.2.10
 
 returns the id of a pad which is assigned to the readOnlyID
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {padID: "p.s8oes9dhwrvt0zif"}}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### setPublicStatus(padID, publicStatus)
+==== setPublicStatus(padID, publicStatus)
  * API >= 1
 
-sets a boolean for the public status of a pad
+sets a boolean for the public status of a group pad
+
+_Example returns:_
 
-*Example returns:*
   * `{code: 0, message:"ok", data: null}`
   * `{code: 1, message:"padID does not exist", data: null}`
+  * `{code: 1, message:"You can only get/set the publicStatus of pads that belong to a group", data: null}`
 
-#### getPublicStatus(padID)
+==== getPublicStatus(padID)
  * API >= 1
 
 return true of false
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {publicStatus: true}}`
   * `{code: 1, message:"padID does not exist", data: null}`
+  * `{code: 1, message:"You can only get/set the publicStatus of pads that belong to a group", data: null}`
 
-#### listAuthorsOfPad(padID)
+==== listAuthorsOfPad(padID)
  * API >= 1
 
 returns an array of authors who contributed to this pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {authorIDs : ["a.s8oes9dhwrvt0zif", "a.akf8finncvomlqva"]}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### getLastEdited(padID)
+==== getLastEdited(padID)
  * API >= 1
 
 returns the timestamp of the last revision of the pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {lastEdited: 1340815946602}}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### sendClientsMessage(padID, msg)
+==== sendClientsMessage(padID, msg)
  * API >= 1.1
 
 sends a custom message of type `msg` to the pad
 
-*Example returns:*
+_Example returns:_
+
   * `{code: 0, message:"ok", data: {}}`
   * `{code: 1, message:"padID does not exist", data: null}`
 
-#### checkToken()
+==== checkToken()
  * API >= 1.2
 
 returns ok when the current api token is valid
 
-*Example returns:*
+_Example returns:_
+
   * `{"code":0,"message":"ok","data":null}`
   * `{"code":4,"message":"no or wrong API Key","data":null}`
 
-### Pads
+=== Pads
 
-#### listAllPads()
+==== listAllPads()
  * API >= 1.2.1
 
 lists all pads on this epl instance
 
-*Example returns:*
+_Example returns:_
+
  * `{code: 0, message:"ok", data: {padIDs: ["testPad", "thePadsOfTheOthers"]}}`
 
-### Global
+==== Global
 
-#### getStats()
+===== getStats()
  *  API >= 1.2.14
 
 get stats of the etherpad instance
 
-*Example returns*
+_Example returns_:
+
  * `{"code":0,"message":"ok","data":{"totalPads":3,"totalSessions": 2,"totalActivePads": 1}}`

doc/api/pluginfw.adoc

@@ -1,22 +1,22 @@
-# Plugin Framework
+== Plugin Framework
 
 `require("ep_etherpad-lite/static/js/plugingfw/plugins")`
 
-## plugins.update
+=== plugins.update
 
 `require("ep_etherpad-lite/static/js/plugingfw/plugins").update()` will use npm
 to list all installed modules and read their ep.json files, registering the
 contained hooks. A hook registration is a pair of a hook name and a function
 reference (filename for require() plus function name)
 
-## hooks.callAll
+=== hooks.callAll
 
 `require("ep_etherpad-lite/static/js/plugingfw/hooks").callAll("hook_name",
 {argname:value})` will call all hook functions registered for `hook_name` with
 `{argname:value}`.
 
-## hooks.aCallAll
+=== hooks.aCallAll
 
 ?
 
-## ...
+=== ...

doc/api/toolbar.adoc

@@ -1,7 +1,7 @@
-# Toolbar controller
+== Toolbar controller
 src/node/utils/toolbar.js
 
-## button(opts)
+=== button(opts)
  * {Object} `opts`
    * `command` - this command fill be fired on the editbar on click
    * `localizationId` - will be set as `data-l10-id`
@@ -10,25 +10,28 @@ src/node/utils/toolbar.js
 Returns: {Button}
 
 Example:
-```
+
+[source, javascript]
+----
 var orderedlist = toolbar.button({
   command: "insertorderedlist",
   localizationId: "pad.toolbar.ol.title",
   class: "buttonicon buttonicon-insertorderedlist"
 })
-```
+----
 
 You can also create buttons with text:
 
-```
+[source, javascript]
+----
 var myButton = toolbar.button({
   command: "myButton",
   localizationId: "myPlugin.toolbar.myButton",
   class: "buttontext"
 })
-```
+----
 
-## selectButton(opts)
+=== selectButton(opts)
  * {Object} `opts`
    * `id` - id of the menu item
    * `selectId` - id of the select element
@@ -36,11 +39,11 @@ var myButton = toolbar.button({
 
 Returns: {SelectButton}
 
-## SelectButton.addOption(value, text, attributes)
+=== SelectButton.addOption(value, text, attributes)
  * {String} value - The value of this option
  * {String} text - the label text used for this option
  * {Object} attributes - any additional html attributes go here (e.g. `data-l10n-id`)
 
-## registerButton(name, item)
+=== registerButton(name, item)
   * {String} name - used to reference the item in the toolbar config in settings.json
-  * {Button|SelectButton} item - the button to add
+  * {Button|SelectButton} item - the button to add

doc/assets/style.css

@@ -1,9 +1,9 @@
 body {
   border-top: solid #44b492 5pt;
-  line-height:150%;
-  font-family: 'Quicksand',sans-serif;
+  line-height: 150%;
+  font-family: "Quicksand", sans-serif;
   color: #313b4a;
-  max-width:800px;
+  max-width: 1440px;
   margin: 0 auto;
   padding: 20px;
 }
@@ -12,9 +12,26 @@ a {
   color: #555;
 }
 
-h1 {
+h1,
+h2 {
   color: #44b492;
-  line-height:100%;
+  line-height: 100%;
+}
+
+h2 {
+  font-size: 48px;
+}
+
+h3 {
+  font-size: 1.8rem;
+}
+
+h4 {
+  font-size: 1.5rem;
+}
+
+h5 {
+  font-size: 1.2rem;
 }
 
 a:hover {
@@ -23,7 +40,7 @@ a:hover {
 
 pre {
   background-color: #e0e0e0;
-  padding:20px;
+  padding: 20px;
 }
 
 code {
@@ -34,7 +51,9 @@ img {
   max-width: 100%;
 }
 
-table, th, td {
+table,
+th,
+td {
   text-align: left;
   border: 1px solid gray;
   border-collapse: collapse;
@@ -42,7 +61,7 @@ table, th, td {
 
 th {
   padding: 0.5em;
-  background: #EEE;
+  background: #eee;
 }
 
 td {

doc/cookies.adoc

@@ -0,0 +1,74 @@
+== Cookies
+Cookies used by Etherpad.
+
+[cols="1,1,1,1,1,1,1,1"]
+|===
+
+| Name
+| Sample value
+| Domain
+| Path
+| Expires/max-age
+| Http-only
+| Secure
+|  Usage description
+|express_sid
+| s%3A7yCNjRmTW8ylGQ53I2IhOwYF9...
+| example.org
+|/
+| Session
+| true
+| true
+| Session ID of the https://expressjs.com[Express web framework]. When Etherpad is behind a reverse proxy, and an administrator wants to use session stickiness, he may use this cookie. If you are behind a reverse proxy, please remember to set `trustProxy: true` in `settings.json`. Set in https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/node/hooks/express/webaccess.js#L131[webaccess.js#L131].
+
+
+|language
+| en
+| example.org
+| /
+| Session
+| false
+| true
+| The language of the UI (e.g.: `en-GB`, `it`). Set in https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad_editor.js#L111[pad_editor.js#L111].
+
+
+|prefs / prefsHttp
+| %7B%22epThemesExtTheme%22...
+| example.org
+| /p
+| year 3000
+| false
+| true
+| Client-side preferences (e.g.: font family, chat always visible, show authorship colors, ...). Set in https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad_cookie.js#L49[pad_cookie.js#L49]. `prefs` is used if Etherpad is accessed over HTTPS, `prefsHttp` if accessed over HTTP. For more info see https://github.com/ether/etherpad-lite/issues/3179.
+
+
+
+|token
+| t.tFzkihhhBf4xKEpCK3PU
+| example.org
+| /
+| 60 days
+| false
+| true
+| A random token representing the author, of the form `t.randomstring_of_lenght_20`. The random string is generated by the client, at https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad.js#L55-L66[pad.js#L55-L66]. This cookie is always set by the client at https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad.js#L153-L158[pad.js#L153-L158] without any solicitation from the server. It is used for all the pads accessed via the web UI (not used for the HTTP API). On the server side, its value is accessed at https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/node/db/SecurityManager.js#L33[SecurityManager.js#L33].
+|===
+
+For more info, visit the related discussion at https://github.com/ether/etherpad-lite/issues/3563.
+
+Etherpad HTTP API clients may make use (if they choose so) to send another cookie:
+
+
+[cols="1,1,1"]
+|===
+
+| Name
+| Sample value
+| Domain
+| Usage description
+
+
+| sessionID
+| s.1c70968b333b25476a2c7bdd0e0bed17
+| example.org
+| Sessions can be created between a group and an author. This allows an author to access more than one group. The sessionID will be set as a cookie to the client and is valid until a certain date. The session cookie can also contain multiple comma-separated sessionIDs, allowing a user to edit pads in different groups at the same time. More info - https://github.com/ether/etherpad-lite/blob/develop/doc/api/http_api.md#session
+|===

doc/cookies.md

@@ -1,18 +0,0 @@
-# Cookies
-
-Cookies used by Etherpad.
-
-| Name            | Sample value                       | Domain      | Path | Expires/max-age | Http-only| Secure |  Usage description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
-|-----------------|------------------------------------|-------------|------|-----------------|----------|--------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-|express_sid      | s%3A7yCNjRmTW8ylGQ53I2IhOwYF9...   | example.org | /    | Session         | true     | true   | Session ID of the [Express web framework](https://expressjs.com). When Etherpad is behind a reverse proxy, and an administrator wants to use session stickiness, he may use this cookie. If you are behind a reverse proxy, please remember to set `trustProxy: true` in `settings.json`. Set in [webaccess.js#L131](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/node/hooks/express/webaccess.js#L131).                                                                                                                                                                                                                                                                                                                                      |
-|language         | en                                 | example.org | /    | Session         | false    | true   | The language of the UI (e.g.: `en-GB`, `it`). Set in [pad_editor.js#L111](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad_editor.js#L111).                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                         |
-|prefs / prefsHttp| %7B%22epThemesExtTheme%22...       | example.org | /p   | year 3000       | false    | true   | Client-side preferences (e.g.: font family, chat always visible, show authorship colors, ...). Set in [pad_cookie.js#L49](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad_cookie.js#L49). `prefs` is used if Etherpad is accessed over HTTPS, `prefsHttp` if accessed over HTTP. For more info see https://github.com/ether/etherpad-lite/issues/3179.                                                                                                                                                                                                                                                                                                                                                                             |
-|token            | t.tFzkihhhBf4xKEpCK3PU             | example.org | /    | 60 days         | false    | true   | A random token representing the author, of the form `t.randomstring_of_lenght_20`. The random string is generated by the client, at ([pad.js#L55-L66](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad.js#L55-L66)). This cookie is always set by the client (at [pad.js#L153-L158](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/static/js/pad.js#L153-L158)) without any solicitation from the server. It is used for all the pads accessed via the web UI (not used for the HTTP API). On the server side, its value is accessed at [SecurityManager.js#L33](https://github.com/ether/etherpad-lite/blob/01497aa399690e44393e91c19917d11d025df71b/src/node/db/SecurityManager.js#L33).|
-
-For more info, visit the related discussion at https://github.com/ether/etherpad-lite/issues/3563.
-
-Etherpad HTTP API clients may make use (if they choose so) to send another cookie:
-
-| Name            | Sample value                       | Domain      | Usage description                                                                                                                                                                                                                                                                                                                                                                                                                          |
-|-----------------|------------------------------------|-------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
-|sessionID        | s.1c70968b333b25476a2c7bdd0e0bed17 | example.org | Sessions can be created between a group and an author. This allows an author to access more than one group. The sessionID will be set as a cookie to the client and is valid until a certain date. The session cookie can also contain multiple comma-separated sessionIDs, allowing a user to edit pads in different groups at the same time. More info - https://github.com/ether/etherpad-lite/blob/develop/doc/api/http_api.md#session |

doc/database.adoc

@@ -1,11 +1,11 @@
-# Database structure
+== Database structure
 
-## Keys and their values
+=== Keys and their values
 
-### groups
+==== groups
 A list of all existing groups (a JSON object with groupIDs as keys and `1` as values).
 
-### pad:$PADID
+==== pad:$PADID
 Contains all information about pads
 
 * **atext** - the latest attributed text
@@ -15,7 +15,7 @@ Contains all information about pads
 * **public** - flag that disables security for this pad
 * **passwordHash** - string that contains a salted sha512 sum of this pad's password
 
-### pad:$PADID:revs:$REVNUM
+==== pad:$PADID:revs:$REVNUM
 Saves a revision $REVNUM of pad $PADID
 
 * **meta**
@@ -23,45 +23,50 @@ Saves a revision $REVNUM of pad $PADID
   * **timestamp** - the timestamp of when this revision was created
 * **changeset** - the changeset of this revision
 
-### pad:$PADID:chat:$CHATNUM
+==== pad:$PADID:chat:$CHATNUM
 Saves a chat entry with num $CHATNUM of pad $PADID
 
 * **text** - the text of this chat entry
 * **userId** - the authorID of this chat entry
 * **time** - the timestamp of this chat entry
 
-### pad2readonly:$PADID
+==== pad2readonly:$PADID
 Translates a padID to a readonlyID
-### readonly2pad:$READONLYID
+
+==== readonly2pad:$READONLYID
 Translates a readonlyID to a padID
-### token2author:$TOKENID
+
+==== token2author:$TOKENID
 Translates a token to an authorID
-### globalAuthor:$AUTHORID
+
+==== globalAuthor:$AUTHORID
 Information about an author
 
 * **name** - the name of this author as shown in the pad
 * **colorID** - the colorID of this author as shown in the pad
 
-### mapper2group:$MAPPER
+==== mapper2group:$MAPPER
 Maps an external application identifier to an internal group
-### mapper2author:$MAPPER
+
+==== mapper2author:$MAPPER
 Maps an external application identifier to an internal author
-### group:$GROUPID
+
+==== group:$GROUPID
 a group of pads
 
 * **pads** - object with pad names in it, values are 1
-### session:$SESSIONID
+==== session:$SESSIONID
 a session between an author and a group
 
 * **groupID** - the groupID the session belongs too
 * **authorID** - the authorID the session belongs too
 * **validUntil** - the timestamp until this session is valid
 
-### author2sessions:$AUTHORID
+==== author2sessions:$AUTHORID
 saves the sessions of an author
 
 * **sessionsIDs** - object with sessionIDs in it, values are 1
 
-### group2sessions:$GROUPID
+==== group2sessions:$GROUPID
 
 * **sessionsIDs** - object with sessionIDs in it, values are 1

doc/docker.adoc

@@ -0,0 +1,538 @@
+== Docker
+
+The official Docker image is available on https://hub.docker.com/r/etherpad/etherpad.
+
+=== Downloading from Docker Hub
+If you are ok downloading a https://hub.docker.com/r/etherpad/etherpad[prebuilt image from Docker Hub], these are the commands:
+
+[source, bash]
+----
+# gets the latest published version
+docker pull etherpad/etherpad
+
+# gets a specific version
+docker pull etherpad/etherpad:1.8.0
+----
+
+=== Build a personalized container
+
+If you want to use a personalized settings file, **you will have to rebuild your image**.
+All of the following instructions are as a member of the `docker` group.
+By default, the Etherpad Docker image is built and run in `production` mode: no development dependencies are installed, and asset bundling speeds up page load time.
+
+==== Rebuilding with custom settings
+Edit `<BASEDIR>/settings.json.docker` at your will. When rebuilding the image, this file will be copied inside your image and renamed to `settings.json`.
+
+**Each configuration parameter can also be set via an environment variable**, using the syntax `"${ENV_VAR}"` or `"${ENV_VAR:default_value}"`. For details, refer to `settings.json.template`.
+
+==== Rebuilding including some plugins
+If you want to install some plugins in your container, it is sufficient to list them in the ETHERPAD_PLUGINS build variable.
+The variable value has to be a space separated, double quoted list of plugin names (see examples).
+
+Some plugins will need personalized settings. Just refer to the previous section, and include them in your custom `settings.json.docker`.
+
+==== Rebuilding including export functionality for DOC/PDF/ODT
+
+If you want to be able to export your pads to DOC/PDF/ODT files, you can install
+either Abiword or Libreoffice via setting a build variable.
+
+===== Via Abiword
+
+For installing Abiword, set the `INSTALL_ABIWORD` build variable to any value.
+
+Also, you will need to configure the path to the abiword executable
+via setting the `abiword` property in `<BASEDIR>/settings.json.docker` to
+`/usr/bin/abiword` or via setting the environment variable  `ABIWORD` to
+`/usr/bin/abiword`.
+
+===== Via Libreoffice
+
+For installing Libreoffice instead, set the `INSTALL_SOFFICE` build variable
+to any value.
+
+Also, you will need to configure the path to the libreoffice executable
+via setting the `soffice` property in `<BASEDIR>/settings.json.docker` to
+`/usr/bin/soffice` or via setting the environment variable  `SOFFICE` to
+`/usr/bin/soffice`.
+
+==== Examples
+
+Build a Docker image from the currently checked-out code:
+
+[source,bash]
+----
+docker build --tag <YOUR_USERNAME>/etherpad .
+----
+
+Include two plugins in the container:
+
+[source,bash]
+----
+docker build --build-arg ETHERPAD_PLUGINS="ep_comments_page ep_author_neat" --tag <YOUR_USERNAME>/etherpad .
+----
+
+=== Running your instance:
+
+To run your instance:
+
+[source,bash]
+----
+docker run --detach --publish <DESIRED_PORT>:9001 <YOUR_USERNAME>/etherpad
+----
+
+And point your browser to `http://<YOUR_IP>:<DESIRED_PORT>`
+
+=== Options available by default
+
+The `settings.json.docker` available by default allows to control almost every setting via environment variables.
+
+==== General
+
+[cols="1,1,1"]
+|===
+| Variable
+| Description
+| Default
+| `TITLE`
+| The name of the instance
+| `Etherpad`
+
+| `FAVICON`
+| favicon default name, or a fully specified URL to your own favicon
+| `favicon.ico`
+| `DEFAULT_PAD_TEXT`
+| The default text of a pad
+| `Welcome to Etherpad! This pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents! Get involved with Etherpad at https://etherpad.org`
+
+| `IP`
+| IP which etherpad should bind at. Change to `::` for IPv6
+| `0.0.0.0`
+| `PORT`
+| port which etherpad should bind at
+| `9001`
+| `ADMIN_PASSWORD`
+| the password for the `admin` user (leave unspecified if you do not want to create it)
+|
+| `USER_PASSWORD`
+| the password for the first user `user` (leave unspecified if you do not want to create it)
+|
+|===
+
+==== Database
+
+[cols="1,1,1"]
+|===
+| Variable
+| Description
+| Default
+
+| `DB_TYPE`     | a database supported by https://www.npmjs.com/package/ueberdb2 | not set, thus will fall back to `DirtyDB` (please choose one instead)
+| `DB_HOST`     | the host of the database
+|
+
+| `DB_PORT`
+| the port of the database
+|
+
+| `DB_NAME`
+| the database name
+|
+
+| `DB_USER`
+| a database user with sufficient permissions to create tables
+|
+
+| `DB_PASS`
+| the password for the database username
+|
+
+| `DB_CHARSET`
+| the character set for the tables (only required for MySQL)
+|
+
+| `DB_FILENAME`
+| in case `DB_TYPE` is `DirtyDB` or `sqlite`, the database file.
+| `var/dirty.db`, `var/etherpad.sq3`
+|===
+
+If your database needs additional settings, you will have to use a personalized `settings.json.docker` and rebuild the container (or otherwise put the updated `settings.json` inside your image).
+
+
+==== Pad Options
+
+[cols="1,1,1"]
+|===
+
+| Variable
+| Description
+| Default
+
+
+| `PAD_OPTIONS_NO_COLORS`
+|
+| `false`
+
+
+| `PAD_OPTIONS_SHOW_CONTROLS`
+|
+| `true`
+
+| `PAD_OPTIONS_SHOW_CHAT`
+|
+| `true`
+
+| `PAD_OPTIONS_SHOW_LINE_NUMBERS`
+|
+| `true`
+
+| `PAD_OPTIONS_USE_MONOSPACE_FONT`
+|
+| `false`
+
+| `PAD_OPTIONS_USER_NAME`
+|
+| `null`
+
+| `PAD_OPTIONS_USER_COLOR`
+|
+| `null`
+
+| `PAD_OPTIONS_RTL`
+|
+| `false`
+
+| `PAD_OPTIONS_ALWAYS_SHOW_CHAT`
+|
+| `false`
+
+| `PAD_OPTIONS_CHAT_AND_USERS`
+|
+|  `false`
+
+| `PAD_OPTIONS_LANG`
+|
+| `null`
+|===
+
+==== Shortcuts
+
+[cols="1,1,1"]
+|===
+| Variable
+| Description
+| Default
+
+
+| `PAD_SHORTCUTS_ENABLED_ALT_F9`
+| focus on the File Menu and/or editbar
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_ALT_C`
+| focus on the Chat window
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_S`
+| save a revision
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_Z`
+| undo/redo
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_Y`
+| redo
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_I`
+| italic
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_B`
+| bold
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_U`
+| underline
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_H`
+| backspace
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_5`
+| strike through
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_1`
+| ordered list
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_2`
+| shows a gritter popup showing a line author
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_L`
+| unordered list
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_N`
+| ordered list
+|`true`
+
+| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_C`
+| clear authorship
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_DELETE`
+|
+| `true`
+
+
+| `PAD_SHORTCUTS_ENABLED_RETURN`
+|
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_ESC`
+| in mozilla versions 14-19 avoid reconnecting pad
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_TAB`
+| indent
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_CTRL_HOME`
+| scroll to top of pad
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_PAGE_UP`
+|
+| `true`
+
+| `PAD_SHORTCUTS_ENABLED_PAGE_DOWN`
+|
+| `true`
+|===
+
+==== Skins
+
+You can use the UI skin variants builder at `/p/test#skinvariantsbuilder`
+
+For the colibris skin only, you can choose how to render the three main containers:
+  * toolbar (top menu with icons)
+  * editor (containing the text of the pad)
+  * background (area outside of editor, mostly visible when using page style)
+
+For each of the 3 containers you can choose 4 color combinations:
+   * super-light
+   * light
+   * dark
+   * super-dark
+
+For the editor container, you can also make it full width by adding `full-width-editor` variant (by default editor is rendered as a page, with a max-width of 900px).
+
+[cols="1,1,1"]
+|===
+| Variable
+| Description
+| Default
+
+| `SKIN_NAME`
+| either `no-skin`, `colibris` or an existing directory under `src/static/skins`
+| `colibris`
+
+| `SKIN_VARIANTS`
+| multiple skin variants separated by spaces
+| `super-light-toolbar super-light-editor light-background`
+|===
+
+==== Logging
+
+[cols="1,1,1"]
+|===
+| Variable
+| Description
+| Default
+
+
+| `LOGLEVEL`
+| valid values are `DEBUG`, `INFO`, `WARN` and `ERROR` | `INFO`
+
+| `DISABLE_IP_LOGGING`
+| Privacy: disable IP logging
+| `false`
+|===
+
+==== Advanced
+
+[cols="1,1,1"]
+|===
+| Variable
+| Description
+| Default
+
+|`COOKIE_KEY_ROTATION_INTERVAL`
+|How often (ms) to rotate in a new secret for signing cookies
+|`86400000` (1 day)
+
+| `COOKIE_SAME_SITE`
+| Value of the SameSite cookie property.
+| `"Lax"`
+
+| `COOKIE_SESSION_LIFETIME`
+| How long (ms) a user can be away before they must log in again.
+| `864000000` (10 days)
+
+| `COOKIE_SESSION_REFRESH_INTERVAL`
+| How often (ms) to write the latest cookie expiration time.
+| `86400000` (1 day)
+
+| `SHOW_SETTINGS_IN_ADMIN_PAGE`
+| hide/show the settings.json in admin page
+| `true`
+
+| `TRUST_PROXY`
+| set to `true` if you are using a reverse proxy in front of Etherpad (for example: Traefik for SSL termination via Let's Encrypt). This will affect security and correctness of the logs if not done
+| `false`
+
+| `IMPORT_MAX_FILE_SIZE`
+| maximum allowed file size when importing a pad, in bytes.
+| `52428800` (50 MB)
+
+| `IMPORT_EXPORT_MAX_REQ_PER_IP`
+| maximum number of import/export calls per IP.
+| `10`
+
+| `IMPORT_EXPORT_RATE_LIMIT_WINDOW`
+| the call rate for import/export requests will be estimated in this time window (in milliseconds)
+| `90000`
+
+| `COMMIT_RATE_LIMIT_DURATION`
+| duration of the rate limit window for commits by individual users/IPs (in seconds)                               | `1`
+
+| `COMMIT_RATE_LIMIT_POINTS`
+| maximum number of changes per IP to allow during the rate limit window
+| `10`
+
+| `SUPPRESS_ERRORS_IN_PAD_TEXT`
+| Should we suppress errors from being visible in the default Pad Text?
+| `false
+
+| `REQUIRE_SESSION`
+| If this option is enabled, a user must have a session to access pads. This effectively allows only group pads to be accessed.
+| `false`
+
+| `EDIT_ONLY`
+| Users may edit pads but not create new ones. Pad creation is only via the API. This applies both to group pads and regular pads.
+| `false`
+
+| `MINIFY`
+| If true, all css & js will be minified before sending to the client. This will improve the loading performance massively, but makes it difficult to debug the javascript/css
+| `true`
+
+| `MAX_AGE`
+| How long may clients use served javascript code (in seconds)? Not setting this may cause problems during deployment. Set to 0 to disable caching.
+| `21600` (6 hours)
+
+| `ABIWORD`
+| Absolute path to the Abiword executable. Abiword is needed to get advanced import/export features of pads. Setting it to null disables Abiword and will only allow plain text and HTML import/exports.
+| `null`
+
+| `SOFFICE`
+| This is the absolute path to the soffice executable. LibreOffice can be used in lieu of Abiword to export pads. Setting it to null disables LibreOffice exporting.
+| `null`
+
+| `TIDY_HTML`
+| Path to the Tidy executable. Tidy is used to improve the quality of exported pads. Setting it to null disables Tidy.
+| `null`
+
+| `ALLOW_UNKNOWN_FILE_ENDS`
+| Allow import of file types other than the supported ones: txt, doc, docx, rtf, odt, html & htm
+| `true`
+
+| `REQUIRE_AUTHENTICATION`
+| This setting is used if you require authentication of all users. Note: "/admin" always requires authentication.
+| `false`
+
+| `REQUIRE_AUTHORIZATION`
+| Require authorization by a module, or a user with is_admin set, see below.
+| `false`
+
+| `AUTOMATIC_RECONNECTION_TIMEOUT`
+| Time (in seconds) to automatically reconnect pad when a "Force reconnect" message is shown to user. Set to 0 to disable automatic reconnection.
+| `0`
+
+| `FOCUS_LINE_PERCENTAGE_ABOVE`
+| Percentage of viewport height to be additionally scrolled. e.g. 0.5, to place caret line in the middle of viewport, when user edits a line above of the viewport. Set to 0 to disable extra scrolling
+| `0`
+
+| `FOCUS_LINE_PERCENTAGE_BELOW`
+| Percentage of viewport height to be additionally scrolled. e.g. 0.5, to place caret line in the middle of viewport, when user edits a line below of the viewport. Set to 0 to disable extra scrolling
+| `0`
+
+| `FOCUS_LINE_PERCENTAGE_ARROW_UP`
+| Percentage of viewport height to be additionally scrolled when user presses arrow up in the line of the top of the viewport. Set to 0 to let the scroll to be handled as default by Etherpad
+| `0`
+
+| `FOCUS_LINE_DURATION`
+| Time (in milliseconds) used to animate the scroll transition. Set to 0 to disable animation
+| `0`
+
+| `FOCUS_LINE_CARET_SCROLL`
+| Flag to control if it should scroll when user places the caret in the last line of the viewport
+| `false`
+
+| `SOCKETIO_MAX_HTTP_BUFFER_SIZE`
+| The maximum size (in bytes) of a single message accepted via Socket.IO. If a client sends a larger message, its connection gets closed to prevent DoS (memory exhaustion) attacks.
+| `10000`
+
+| `LOAD_TEST`
+| Allow Load Testing tools to hit the Etherpad Instance. WARNING: this will disable security on the instance.
+| `false`
+
+| `DUMP_ON_UNCLEAN_EXIT`
+| Enable dumping objects preventing a clean exit of Node.js. WARNING: this has a significant performance impact.
+| `false`
+
+| `EXPOSE_VERSION`
+| Expose Etherpad version in the web interface and in the Server http header. Do not enable on production machines.
+| `false`
+|===
+
+==== Examples
+
+Use a Postgres database, no admin user enabled:
+
+[source,bash]
+----
+docker run -d \
+	--name etherpad         \
+	-p 9001:9001            \
+	-e 'DB_TYPE=postgres'   \
+	-e 'DB_HOST=db.local'   \
+	-e 'DB_PORT=4321'       \
+	-e 'DB_NAME=etherpad'   \
+	-e 'DB_USER=dbusername' \
+	-e 'DB_PASS=mypassword' \
+	etherpad/etherpad
+----
+
+Run enabling the administrative user `admin`:
+
+[source,bash]
+----
+docker run -d \
+	--name etherpad \
+	-p 9001:9001 \
+	-e 'ADMIN_PASSWORD=supersecret' \
+	etherpad/etherpad
+----
+
+Run a test instance running DirtyDB on a persistent volume:
+
+[source, bash]
+----
+docker run -d \
+	-v etherpad_data:/opt/etherpad-lite/var \
+	-p 9001:9001 \
+	etherpad/etherpad
+----

doc/docker.md

@@ -1,252 +0,0 @@
-# Docker
-
-The official Docker image is available on https://hub.docker.com/r/etherpad/etherpad.
-
-## Downloading from Docker Hub
-If you are ok downloading a [prebuilt image from Docker Hub](https://hub.docker.com/r/etherpad/etherpad), these are the commands:
-```bash
-# gets the latest published version
-docker pull etherpad/etherpad
-
-# gets a specific version
-docker pull etherpad/etherpad:1.8.0
-```
-
-## Build a personalized container
-
-If you want to use a personalized settings file, **you will have to rebuild your image**.
-All of the following instructions are as a member of the `docker` group.
-By default, the Etherpad Docker image is built and run in `production` mode: no development dependencies are installed, and asset bundling speeds up page load time.
-
-### Rebuilding with custom settings
-Edit `<BASEDIR>/settings.json.docker` at your will. When rebuilding the image, this file will be copied inside your image and renamed to `setting.json`.
-
-**Each configuration parameter can also be set via an environment variable**, using the syntax `"${ENV_VAR}"` or `"${ENV_VAR:default_value}"`. For details, refer to `settings.json.template`.
-
-### Rebuilding including some plugins
-If you want to install some plugins in your container, it is sufficient to list them in the ETHERPAD_PLUGINS build variable.
-The variable value has to be a space separated, double quoted list of plugin names (see examples).
-
-Some plugins will need personalized settings. Just refer to the previous section, and include them in your custom `settings.json.docker`.
-
-### Rebuilding including export functionality for DOC/PDF/ODT
-
-If you want to be able to export your pads to DOC/PDF/ODT files, you can install
-either Abiword or Libreoffice via setting a build variable.
-
-#### Via Abiword
-
-For installing Abiword, set the `INSTALL_ABIWORD` build variable to any value.
-
-Also, you will need to configure the path to the abiword executable
-via setting the `abiword` property in `<BASEDIR>/settings.json.docker` to 
-`/usr/bin/abiword` or via setting the environment variable  `ABIWORD` to 
-`/usr/bin/abiword`.
-
-#### Via Libreoffice
-
-For installing Libreoffice instead, set the `INSTALL_SOFFICE` build variable
-to any value.
-
-Also, you will need to configure the path to the libreoffice executable
-via setting the `soffice` property in `<BASEDIR>/settings.json.docker` to 
-`/usr/bin/soffice` or via setting the environment variable  `SOFFICE` to 
-`/usr/bin/soffice`.
-
-### Examples
-
-Build a Docker image from the currently checked-out code:
-```bash
-docker build --tag <YOUR_USERNAME>/etherpad .
-```
-
-Include two plugins in the container:
-```bash
-docker build --build-arg ETHERPAD_PLUGINS="ep_comments_page ep_author_neat" --tag <YOUR_USERNAME>/etherpad .
-```
-
-## Running your instance:
-
-To run your instance:
-```bash
-docker run --detach --publish <DESIRED_PORT>:9001 <YOUR_USERNAME>/etherpad
-```
-
-And point your browser to `http://<YOUR_IP>:<DESIRED_PORT>`
-
-## Options available by default
-
-The `settings.json.docker` available by default allows to control almost every setting via environment variables.
-
-### General
-
-| Variable           | Description                                                                                | Default                                                                                                                                                                                                                             |
-| ------------------ | ------------------------------------------------------------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `TITLE`            | The name of the instance                                                                   | `Etherpad`                                                                                                                                                                                                                          |
-| `FAVICON`          | favicon default name, or a fully specified URL to your own favicon                         | `favicon.ico`                                                                                                                                                                                                                       |
-| `DEFAULT_PAD_TEXT` | The default text of a pad                                                                  | `Welcome to Etherpad! This pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents! Get involved with Etherpad at https://etherpad.org` |
-| `IP`               | IP which etherpad should bind at. Change to `::` for IPv6                                  | `0.0.0.0`                                                                                                                                                                                                                           |
-| `PORT`             | port which etherpad should bind at                                                         | `9001`                                                                                                                                                                                                                              |
-| `ADMIN_PASSWORD`   | the password for the `admin` user (leave unspecified if you do not want to create it)      |                                                                                                                                                                                                                                     |
-| `USER_PASSWORD`    | the password for the first user `user` (leave unspecified if you do not want to create it) |                                                                                                                                                                                                                                     |
-
-
-### Database
-
-| Variable      | Description                                                    | Default                                                               |
-| ------------- | -------------------------------------------------------------- | --------------------------------------------------------------------- |
-| `DB_TYPE`     | a database supported by https://www.npmjs.com/package/ueberdb2 | not set, thus will fall back to `DirtyDB` (please choose one instead) |
-| `DB_HOST`     | the host of the database                                       |                                                                       |
-| `DB_PORT`     | the port of the database                                       |                                                                       |
-| `DB_NAME`     | the database name                                              |                                                                       |
-| `DB_USER`     | a database user with sufficient permissions to create tables   |                                                                       |
-| `DB_PASS`     | the password for the database username                         |                                                                       |
-| `DB_CHARSET`  | the character set for the tables (only required for MySQL)     |                                                                       |
-| `DB_FILENAME` | in case `DB_TYPE` is `DirtyDB` or `sqlite`, the database file. | `var/dirty.db`, `var/etherpad.sq3`                                    |
-
-If your database needs additional settings, you will have to use a personalized `settings.json.docker` and rebuild the container (or otherwise put the updated `settings.json` inside your image).
-
-
-### Pad Options
-
-| Variable                         | Description | Default |
-| -------------------------------- | ----------- | ------- |
-| `PAD_OPTIONS_NO_COLORS`          |             | `false` |
-| `PAD_OPTIONS_SHOW_CONTROLS`      |             | `true`  |
-| `PAD_OPTIONS_SHOW_CHAT`          |             | `true`  |
-| `PAD_OPTIONS_SHOW_LINE_NUMBERS`  |             | `true`  |
-| `PAD_OPTIONS_USE_MONOSPACE_FONT` |             | `false` |
-| `PAD_OPTIONS_USER_NAME`          |             | `false` |
-| `PAD_OPTIONS_USER_COLOR`         |             | `false` |
-| `PAD_OPTIONS_RTL`                |             | `false` |
-| `PAD_OPTIONS_ALWAYS_SHOW_CHAT`   |             | `false` |
-| `PAD_OPTIONS_CHAT_AND_USERS`     |             | `false` |
-| `PAD_OPTIONS_LANG`               |             | `en-gb` |
-
-
-### Shortcuts
-
-| Variable                            | Description                                      | Default |
-| ----------------------------------- | ------------------------------------------------ | ------- |
-| `PAD_SHORTCUTS_ENABLED_ALT_F9`      | focus on the File Menu and/or editbar            | `true`  |
-| `PAD_SHORTCUTS_ENABLED_ALT_C`       | focus on the Chat window                         | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_S`       | save a revision                                  | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_Z`       | undo/redo                                        | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_Y`       | redo                                             | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_I`       | italic                                           | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_B`       | bold                                             | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_U`       | underline                                        | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_H`       | backspace                                        | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_5`       | strike through                                   | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_1` | ordered list                                     | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_2` | shows a gritter popup showing a line author      | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_L` | unordered list                                   | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_N` | ordered list                                     | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CMD_SHIFT_C` | clear authorship                                 | `true`  |
-| `PAD_SHORTCUTS_ENABLED_DELETE`      |                                                  | `true`  |
-| `PAD_SHORTCUTS_ENABLED_RETURN`      |                                                  | `true`  |
-| `PAD_SHORTCUTS_ENABLED_ESC`         | in mozilla versions 14-19 avoid reconnecting pad | `true`  |
-| `PAD_SHORTCUTS_ENABLED_TAB`         | indent                                           | `true`  |
-| `PAD_SHORTCUTS_ENABLED_CTRL_HOME`   | scroll to top of pad                             | `true`  |
-| `PAD_SHORTCUTS_ENABLED_PAGE_UP`     |                                                  | `true`  |
-| `PAD_SHORTCUTS_ENABLED_PAGE_DOWN`   |                                                  | `true`  |
-
-
-### Skins
-
-You can use the UI skin variants builder at `/p/test#skinvariantsbuilder`
-
-For the colibris skin only, you can choose how to render the three main containers:
-  * toolbar (top menu with icons)
-  * editor (containing the text of the pad)
-  * background (area outside of editor, mostly visible when using page style)
-
-For each of the 3 containers you can choose 4 color combinations:
-   * super-light
-   * light
-   * dark
-   * super-dark
-
-For the editor container, you can also make it full width by adding `full-width-editor` variant (by default editor is rendered as a page, with a max-width of 900px).
-
-| Variable        | Description                                                                    | Default                                                   |
-| --------------- | ------------------------------------------------------------------------------ | --------------------------------------------------------- |
-| `SKIN_NAME`     | either `no-skin`, `colibris` or an existing directory under `src/static/skins` | `colibris`                                                |
-| `SKIN_VARIANTS` | multiple skin variants separated by spaces                                     | `super-light-toolbar super-light-editor light-background` |
-
-
-### Logging
-
-| Variable             | Description                                          | Default |
-| -------------------- | ---------------------------------------------------- | ------- |
-| `LOGLEVEL`           | valid values are `DEBUG`, `INFO`, `WARN` and `ERROR` | `INFO`  |
-| `DISABLE_IP_LOGGING` | Privacy: disable IP logging                          | `false` |
-
-
-### Advanced
-
-| Variable                          | Description                                                                                                                                                                                            | Default            |
-| --------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------ |
-| `SHOW_SETTINGS_IN_ADMIN_PAGE`     | hide/show the settings.json in admin page                                                                                                                                                              | `true`             |
-| `TRUST_PROXY`                     | set to `true` if you are using a reverse proxy in front of Etherpad (for example: Traefik for SSL termination via Let's Encrypt). This will affect security and correctness of the logs if not done    | `false`            |
-| `IMPORT_MAX_FILE_SIZE`            | maximum allowed file size when importing a pad, in bytes.                                                                                                                                              | `52428800` (50 MB) |
-| `IMPORT_EXPORT_MAX_REQ_PER_IP`    | maximum number of import/export calls per IP.                                                                                                                                                          | `10`               |
-| `IMPORT_EXPORT_RATE_LIMIT_WINDOW` | the call rate for import/export requests will be estimated in this time window (in milliseconds)                                                                                                       | `90000`            |
-| `COMMIT_RATE_LIMIT_DURATION`      | duration of the rate limit window for commits by individual users/IPs (in seconds)                                                                                                                     | `1`                |
-| `COMMIT_RATE_LIMIT_POINTS`        | maximum number of changes per IP to allow during the rate limit window                                                                                                                                 | `10`               |
-| `SUPPRESS_ERRORS_IN_PAD_TEXT`     | Should we suppress errors from being visible in the default Pad Text?                                                                                                                                  | `false`            |
-| `REQUIRE_SESSION`                 | If this option is enabled, a user must have a session to access pads. This effectively allows only group pads to be accessed.                                                                          | `false`            |
-| `EDIT_ONLY`                       | Users may edit pads but not create new ones. Pad creation is only via the API. This applies both to group pads and regular pads.                                                                       | `false`            |
-| `MINIFY`                          | If true, all css & js will be minified before sending to the client. This will improve the loading performance massively, but makes it difficult to debug the javascript/css                           | `true`             |
-| `MAX_AGE`                         | How long may clients use served javascript code (in seconds)? Not setting this may cause problems during deployment. Set to 0 to disable caching.                                                      | `21600` (6 hours)  |
-| `ABIWORD`                         | Absolute path to the Abiword executable. Abiword is needed to get advanced import/export features of pads. Setting it to null disables Abiword and will only allow plain text and HTML import/exports. | `null`             |
-| `SOFFICE`                         | This is the absolute path to the soffice executable. LibreOffice can be used in lieu of Abiword to export pads. Setting it to null disables LibreOffice exporting.                                     | `null`             |
-| `TIDY_HTML`                       | Path to the Tidy executable. Tidy is used to improve the quality of exported pads. Setting it to null disables Tidy.                                                                                   | `null`             |
-| `ALLOW_UNKNOWN_FILE_ENDS`         | Allow import of file types other than the supported ones: txt, doc, docx, rtf, odt, html & htm                                                                                                         | `true`             |
-| `REQUIRE_AUTHENTICATION`          | This setting is used if you require authentication of all users. Note: "/admin" always requires authentication.                                                                                        | `false`            |
-| `REQUIRE_AUTHORIZATION`           | Require authorization by a module, or a user with is_admin set, see below.                                                                                                                             | `false`            |
-| `AUTOMATIC_RECONNECTION_TIMEOUT`  | Time (in seconds) to automatically reconnect pad when a "Force reconnect" message is shown to user. Set to 0 to disable automatic reconnection.                                                        | `0`                |
-| `FOCUS_LINE_PERCENTAGE_ABOVE`     | Percentage of viewport height to be additionally scrolled. e.g. 0.5, to place caret line in the middle of viewport, when user edits a line above of the viewport. Set to 0 to disable extra scrolling  | `0`                |
-| `FOCUS_LINE_PERCENTAGE_BELOW`     | Percentage of viewport height to be additionally scrolled. e.g. 0.5, to place caret line in the middle of viewport, when user edits a line below of the viewport. Set to 0 to disable extra scrolling  | `0`                |
-| `FOCUS_LINE_PERCENTAGE_ARROW_UP`  | Percentage of viewport height to be additionally scrolled when user presses arrow up in the line of the top of the viewport. Set to 0 to let the scroll to be handled as default by Etherpad           | `0`                |
-| `FOCUS_LINE_DURATION`             | Time (in milliseconds) used to animate the scroll transition. Set to 0 to disable animation                                                                                                            | `0`                |
-| `FOCUS_LINE_CARET_SCROLL`         | Flag to control if it should scroll when user places the caret in the last line of the viewport                                                                                                        | `false`            |
-| `LOAD_TEST`                       | Allow Load Testing tools to hit the Etherpad Instance. WARNING: this will disable security on the instance.                                                                                            | `false`            |
-| `EXPOSE_VERSION`                  | Expose Etherpad version in the web interface and in the Server http header. Do not enable on production machines.                                                                                      | `false`            |
-
-
-### Examples
-
-Use a Postgres database, no admin user enabled:
-
-```shell
-docker run -d \
-	--name etherpad         \
-	-p 9001:9001            \
-	-e 'DB_TYPE=postgres'   \
-	-e 'DB_HOST=db.local'   \
-	-e 'DB_PORT=4321'       \
-	-e 'DB_NAME=etherpad'   \
-	-e 'DB_USER=dbusername' \
-	-e 'DB_PASS=mypassword' \
-	etherpad/etherpad
-```
-
-Run enabling the administrative user `admin`:
-
-```shell
-docker run -d \
-	--name etherpad \
-	-p 9001:9001 \
-	-e 'ADMIN_PASSWORD=supersecret' \
-	etherpad/etherpad
-```
-
-Run a test instance running DirtyDB on a persistent volume:
-
-```
-docker run -d \
-	-v etherpad_data:/opt/etherpad-lite/var \
-	-p 9001:9001 \
-	etherpad/etherpad
-```

doc/documentation.adoc

@@ -1,6 +1,4 @@
-# About this Documentation
-
-<!-- type=misc -->
+== About this Documentation
 
 The goal of this documentation is to comprehensively explain Etherpad,
 both from a reference as well as a conceptual point of view.

doc/index.adoc

@@ -0,0 +1,25 @@
+:version: {VERSION}
+
+= Etherpad v{version} Manual & Documentation
+:stylesheet: assets/style.css
+:toc:
+:toclevels: 4
+:source-highlighter: highlight.js
+
+include::./documentation.adoc[]
+
+include::./stats.adoc[]
+
+include::./localization.adoc[]
+
+include::./docker.adoc[]
+
+include::./skins.adoc[]
+
+include::./api/api.adoc[]
+
+include::./plugins.adoc[]
+
+include::./cookies.adoc[]
+
+include::./database.adoc[]

doc/index.md

@@ -1,9 +0,0 @@
-@include documentation
-@include stats
-@include localization
-@include docker
-@include skins
-@include api/api
-@include plugins
-@include cookies
-@include database

doc/localization.adoc

@@ -1,105 +1,125 @@
-# Localization
+== Localization
 Etherpad provides a multi-language user interface, that's apart from your users' content, so users from different countries can collaborate on a single document, while still having the user interface displayed in their mother tongue.
 
 
-## Translating
+=== Translating
 We rely on https://translatewiki.net to handle the translation process for us, so if you'd like to help...
 
 1. Sign up at https://translatewiki.net
-2. Visit our [TWN project page](https://translatewiki.net/wiki/Translating:Etherpad_lite)
+2. Visit our https://translatewiki.net/wiki/Translating:Etherpad_lite[TWN project page]
 3. Click on `Translate Etherpad lite interface`
 4. Choose a target language, you'd like to translate our interface to, and hit `Fetch`
 5. Start translating!
 
 Translations will be send back to us regularly and will eventually appear in the next release.
 
-## Implementation
+=== Implementation
 
-### Server-side
+==== Server-side
 `/src/locales` contains files for all supported languages which contain the translated strings. Translation files are simple `*.json` files and look like this:
 
-```json
-{ "pad.modals.connected": "Connecté."
-, "pad.modals.uderdup": "Ouvrir dans une nouvelle fenêtre."
-, "pad.toolbar.unindent.title": "Dèsindenter"
-, "pad.toolbar.undo.title": "Annuler (Ctrl-Z)"
-, "timeslider.pageTitle": "{{appTitle}} Curseur temporel"
-, ...
+[source,json]
+----
+{ 
+  "pad.modals.connected": "Connecté.",
+  "pad.modals.uderdup": "Ouvrir dans une nouvelle fenêtre.",
+  "pad.toolbar.unindent.title": "Dèsindenter",
+  "pad.toolbar.undo.title": "Annuler (Ctrl-Z)",
+  "timeslider.pageTitle": "{{appTitle}} Curseur temporel",
+  ...
 }
-```
+----
 
 Each translation consists of a key (the id of the string that is to be translated) and the translated string. Terms in curly braces must not be touched but left as they are, since they represent a dynamically changing part of the string like a variable. Imagine a message welcoming a user: `Welcome, {{userName}}!` would be translated as `Ahoy, {{userName}}!` in pirate.
 
-### Client-side
-We use a `language` cookie to save your language settings if you change them. If you don't, we autodetect your locale using information from your browser. Then, the preferred language is fed into a library called [html10n.js](https://github.com/marcelklehr/html10n.js), which loads the appropriate translations and applies them to our templates. Its features include translation params, pluralization, include rules and a nice javascript API.
+==== Client-side
+We use a `language` cookie to save your language settings if you change them. If you don't, we autodetect your locale using information from your browser. Then, the preferred language is fed into a library called https://github.com/marcelklehr/html10n.js[html10n.js], which loads the appropriate translations and applies them to our templates. Its features include translation params, pluralization, include rules and a nice javascript API.
 
 
 
-## Localizing plugins
+=== Localizing plugins
 
-### 1. Mark the strings to translate
+==== 1. Mark the strings to translate
 
 In the template files of your plugin, change all hardcoded messages/strings...
 
 from:
-```html
+
+[source,html]
+----
 <option value="0">Heading 1</option>
-```
+----
 to:
-```html
+
+[source,html]
+----
 <option data-l10n-id="ep_heading.h1" value="0"></option>
-```
+----
 
 In the javascript files of your plugin, change all hardcoded messages/strings...
 
 from:
-```js
-alert ('Chat');
-```
-to:
-```js
-alert(window._('pad.chat'));
-```
-### 2. Create translate files in the locales directory of your plugin
 
-* The name of the file must be the language code of the language it contains translations for (see [supported lang codes](https://joker-x.github.com/languages4translatewiki/test/); e.g. en ? English, es ? Spanish...)
+[source,js]
+----
+alert ('Chat');
+----
+to:
+
+[source,js]
+----
+alert(window._('pad.chat'));
+----
+==== 2. Create translate files in the locales directory of your plugin
+
+* The name of the file must be the language code of the language it contains translations for (see https://joker-x.github.io/languages4translatewiki/test/[supported lang codes]; e.g. en ? English, es ? Spanish...)
 * The extension of the file must be `.json`
 * The default language is English, so your plugin should always provide `en.json`
 * In order to avoid naming conflicts, your message keys should start with the name of your plugin followed by a dot (see below)
 
 *ep_your-plugin/locales/en.json*
-```
-{ "ep_your-plugin.h1": "Heading 1"
+
+[source, json]
+----
+{ 
+  "ep_your-plugin.h1": "Heading 1"
 }
-```
+----
 
 *ep_your-plugin/locales/es.json*
-```
-{ "ep_your-plugin.h1": "Título 1"
+
+[source, json]
+----
+{ 
+  "ep_your-plugin.h1": "Título 1"
 }
-```
+----
 
 Every time the http server is started, it will auto-detect your messages and merge them automatically with the core messages.
 
-### Overwrite core messages
+==== Overwrite core messages
 
 You can overwrite Etherpad's core messages in your plugin's locale files.
 For example, if you want to replace `Chat` with `Notes`, simply add...
 
 *ep_your-plugin/locales/en.json*
-```
-{ "ep_your-plugin.h1": "Heading 1"
-, "pad.chat": "Notes"
-}
-```
 
-## Customization for Administrators
+[source,json]
+----
+{ 
+  "ep_your-plugin.h1": "Heading 1",
+  "pad.chat": "Notes"
+}
+----
+
+=== Customization for Administrators
 
 As an Etherpad administrator, it is possible to overwrite core messages as well as messages in plugins. These include error messages, labels, and user instructions. Whereas the localization in the source code is in separate files separated by locale, an administrator's custom localizations are in `settings.json` under the `customLocaleStrings` key, with each locale separated by a sub-key underneath.
 
 For example, let's say you want to change the text on the "New Pad" button on Etherpad's home page. If you look in `locales/en.json` (or `locales/en-gb.json`) you'll see the key for this text is `"index.newPad"`. You could add the following to `settings.json`:
 
-```
+[source,json]
+----
   "customLocaleStrings": {
     "fr": {
       "index.newPad": "Créer un document"
@@ -111,4 +131,4 @@ For example, let's say you want to change the text on the "New Pad" button on Et
       "index.newPad": "Create a document"
     }
   }
-```
+----

doc/plugins.adoc

@@ -1,4 +1,4 @@
-# Plugins
+== Plugins
 
 Etherpad allows you to extend its functionality with plugins. A plugin registers
 hooks (functions) for certain events (thus certain features) in Etherpad to
@@ -14,11 +14,12 @@ You can also browse to `http://yourEtherpadInstan.ce/admin/plugins`, which will
 list all installed plugins and those available on npm. It even provides
 functionality to search through all available plugins.
 
-## Folder structure
+=== Folder structure
 
 Ideally a plugin has the following folder structure:
 
-```
+[source]
+----
 ep_<plugin>/
  ├ .github/
  │  └ workflows/
@@ -44,7 +45,7 @@ ep_<plugin>/
  ├ index.js              ◄─ server-side code
  ├ package.json
  └ package-lock.json
-```
+----
 
 If your plugin includes client-side hooks, put them in `static/js/`. If you're
 adding in CSS or image files, you should put those files in `static/css/ `and
@@ -58,14 +59,15 @@ plugin run. If you want to make use of our i18n system, you need to put your
 translations into `locales/`, though, in order to have them integrated. (See
 "Localization" for more info on how to localize your plugin.)
 
-## Plugin definition
+=== Plugin definition
 
 Your plugin definition goes into `ep.json`. In this file you register your hook
 functions, indicate the parts of your plugin and the order of execution. (A
 documentation of all available events to hook into can be found in chapter
-[hooks](#all_hooks).)
+<<Server-side hooks>>.)
 
-```json
+[source,json]
+----
 {
   "parts": [
     {
@@ -80,13 +82,13 @@ documentation of all available events to hook into can be found in chapter
     }
   ]
 }
-```
+----
 
 A hook function registration maps a hook name to a hook function specification.
 The hook function specification looks like `ep_example/file.js:functionName`. It
 consists of two parts separated by a colon: a module name to `require()` and the
 name of a function exported by the named module. See
-[`module.exports`](https://nodejs.org/docs/latest/api/modules.html#modules_module_exports)
+https://nodejs.org/docs/latest/api/modules.html#modules_module_exports[`module.exports`]
 for how to export a function.
 
 For the module name you can omit the `.js` suffix, and if the file is `index.js`
@@ -119,7 +121,7 @@ function in `index.js` from the `ep_example` plugin:
 * `"authorize": ":"`
 * `"authorize": ""`
 
-### Client hooks and server hooks
+==== Client hooks and server hooks
 
 There are server hooks, which will be executed on the server (e.g.
 `expressCreateServer`), and there are client hooks, which are executed on the
@@ -128,7 +130,7 @@ environment your code is running in, e.g. don't try to access `process`, if you
 know your code will be run on the client, and likewise, don't try to access
 `window` on the server...
 
-### Styling
+==== Styling
 
 When you install a client-side plugin (e.g. one that implements at least one
 client-side hook), the plugin name is added to the `class` attribute of the div
@@ -137,35 +139,38 @@ tuning the appearance of the main UI in your plugin.
 
 For example, this is the markup with no plugins installed:
 
-```html
+[source,html]
+----
 <div id="editorcontainerbox" class="">
-```
+----
 
 and this is the contents after installing `someplugin`:
 
-```html
+[source,html]
+----
 <div id="editorcontainerbox" class="ep_someplugin">
-```
+----
 
 This feature was introduced in Etherpad **1.8**.
 
-### Parts
+==== Parts
 
 As your plugins become more and more complex, you will find yourself in the need
 to manage dependencies between plugins. E.g. you want the hooks of a certain
 plugin to be executed before (or after) yours. You can also manage these
 dependencies in your plugin definition file `ep.json`:
 
-```json
+[source,json]
+----
 {
   "parts": [
     {
       "name": "onepart",
       "pre": [],
-      "post": ["ep_onemoreplugin/partone"]
+      "post": ["ep_onemoreplugin/partone"],
       "hooks": {
         "storeBar": "ep_monospace/plugin:storeBar",
-        "getFoo": "ep_monospace/plugin:getFoo",
+        "getFoo": "ep_monospace/plugin:getFoo"
       }
     },
     {
@@ -179,14 +184,14 @@ dependencies in your plugin definition file `ep.json`:
     }
   ]
 }
-```
+----
 
 Usually a plugin will add only one functionality at a time, so it will probably
 only use one `part` definition to register its hooks. However, sometimes you
 have to put different (unrelated) functionalities into one plugin. For this you
 will want use parts, so other plugins can depend on them.
 
-#### pre/post
+===== pre/post
 
 The `"pre"` and `"post"` definitions, affect the order in which parts of a
 plugin are executed. This ensures that plugins and their hooks are executed in
@@ -207,17 +212,18 @@ environment, `"post"` could definitely be useful.
 Also, note that dependencies should *also* be listed in your package.json, so
 they can be `npm install`'d automagically when your plugin gets installed.
 
-## Package definition
+=== Package definition
 
-Your plugin must also contain a [package definition
-file](https://docs.npmjs.com/files/package.json), called package.json, in the
+Your plugin must also contain a https://docs.npmjs.com/files/package.json[package definition
+file], called package.json, in the
 project root - this file contains various metadata relevant to your plugin, such
 as the name and version number, author, project hompage, contributors, a short
 description, etc. If you publish your plugin on npm, these metadata are used for
 package search etc., but it's necessary for Etherpad plugins, even if you don't
 publish your plugin.
 
-```json
+[source,json]
+----
 {
   "name": "ep_PLUGINNAME",
   "version": "0.0.1",
@@ -225,11 +231,11 @@ publish your plugin.
   "author": "USERNAME (REAL NAME) <MAIL@EXAMPLE.COM>",
   "contributors": [],
   "dependencies": {"MODULE": "0.3.20"},
-  "engines": {"node": ">=12.13.0"}
+  "engines": {"node": ">=12.17.0"}
 }
-```
+----
 
-## Templates
+=== Templates
 
 If your plugin adds or modifies the front end HTML (e.g. adding buttons or
 changing their functions), you should put the necessary HTML code for such
@@ -237,7 +243,7 @@ operations in `templates/`, in files of type ".ejs", since Etherpad uses EJS for
 HTML templating. See the following link for more information about EJS:
 <https://github.com/visionmedia/ejs>.
 
-## Writing and running front-end tests for your plugin
+=== Writing and running front-end tests for your plugin
 
 Etherpad allows you to easily create front-end tests for plugins.
 

doc/skins.adoc

@@ -1,4 +1,4 @@
-# Skins
+== Skins
 You can customize Etherpad appearance using skins.
 A skin is a directory located under `static/skins/<skin_name>`, with the following contents:
 

doc/stats.adoc

@@ -1,4 +1,5 @@
-# Statistics
+== Statistics
+
 Etherpad keeps track of the goings-on inside the edit machinery. If you'd like to have a look at this, just point your browser to `/stats`.
 
 We currently measure:
@@ -13,6 +14,6 @@ We currently measure:
  - http500 (meter)
  - memoryUsage (gauge)
 
-Under the hood, we are happy to rely on [measured](https://github.com/felixge/node-measured) for all our metrics needs.
+Under the hood, we are happy to rely on https://github.com/felixge/node-measured[measured] for all our metrics needs.
 
-To modify or simply access our stats in your plugin, simply `require('ep_etherpad-lite/stats')` which is a [`measured.Collection`](https://yaorg.github.io/node-measured/packages/measured-core/Collection.html).
+To modify or simply access our stats in your plugin, simply `require('ep_etherpad-lite/stats')` which is a https://yaorg.github.io/node-measured/packages/measured-core/Collection.html[`measured.Collection`].

doc/template.html

@@ -1,23 +0,0 @@
-<!doctype html>
-<html lang="en">
-<head>
-  <meta charset="utf-8">
-  <title>__SECTION__ - Etherpad v__VERSION__ Manual &amp; Documentation</title>
-  <link rel="stylesheet" href="assets/style.css">
-</head>
-<body class="apidoc" id="api-section-__FILENAME__">
-  <header id="header">
-    <h1>Etherpad v__VERSION__ Manual &amp; Documentation</h1>
-  </header>
-
-  <div id="toc">
-    <h2>Table of Contents</h2>
-    __TOC__
-  </div>
-
-  <div id="apicontent">
-    __CONTENT__
-  </div>
-
-</body>
-</html>

make_docs.js

@@ -0,0 +1,58 @@
+const { exec } = require('child_process');
+const fs = require('fs')
+const path = require('path')
+
+
+const pjson = require('./src/package.json')
+const VERSION=pjson.version
+console.log(`Building docs for version ${VERSION}`)
+
+const createDirIfNotExists = (dir) => {
+    if (!fs.existsSync(dir)){
+        fs.mkdirSync(dir)
+    }
+}
+
+
+function copyFolderSync(from, to) {
+   if(fs.existsSync(to)){
+       const stat = fs.lstatSync(to)
+       if (stat.isDirectory()){
+           fs.rmSync(to, { recursive: true })
+       }
+       else{
+           fs.rmSync(to)
+       }
+   }
+    fs.mkdirSync(to);
+    fs.readdirSync(from).forEach(element => {
+        if (fs.lstatSync(path.join(from, element)).isFile()) {
+            fs.copyFileSync(path.join(from, element), path.join(to, element))
+        } else {
+            copyFolderSync(path.join(from, element), path.join(to, element))
+        }
+    });
+}
+
+exec('asciidoctor -v', (err,stdout)=>{
+    if (err){
+        console.log('Please install asciidoctor')
+        console.log('https://asciidoctor.org/docs/install-toolchain/')
+        process.exit(1)
+    }
+});
+
+
+createDirIfNotExists('./out')
+createDirIfNotExists('./out/doc')
+createDirIfNotExists('./out/doc/api')
+
+
+
+exec(`asciidoctor -D out/doc doc/index.adoc */**.adoc -a VERSION=${VERSION}`)
+exec(`asciidoctor -D out/doc/api  ./doc/api/*.adoc -a VERSION=${VERSION}`)
+
+copyFolderSync('./doc/easysync', './out/doc/easysync')
+copyFolderSync('./doc/assets', './out/doc/assets')
+copyFolderSync('./doc/easysync', './out/doc/easysync')
+copyFolderSync('./doc/images', './out/doc/images')

settings.json.docker

@@ -207,13 +207,15 @@
 
   "dbType": "${DB_TYPE:dirty}",
   "dbSettings": {
-    "host":     "${DB_HOST:undefined}",
-    "port":     "${DB_PORT:undefined}",
-    "database": "${DB_NAME:undefined}",
-    "user":     "${DB_USER:undefined}",
-    "password": "${DB_PASS:undefined}",
-    "charset":  "${DB_CHARSET:undefined}",
-    "filename": "${DB_FILENAME:var/dirty.db}"
+    "host":       "${DB_HOST:undefined}",
+    "port":       "${DB_PORT:undefined}",
+    "database":   "${DB_NAME:undefined}",
+    "user":       "${DB_USER:undefined}",
+    "password":   "${DB_PASS:undefined}",
+    "charset":    "${DB_CHARSET:undefined}",
+    "filename":   "${DB_FILENAME:var/dirty.db}",
+    "collection": "${DB_COLLECTION:undefined}",
+    "url":        "${DB_URL:undefined}"
   },
 
   /*
@@ -232,12 +234,12 @@
     "showChat":         "${PAD_OPTIONS_SHOW_CHAT:true}",
     "showLineNumbers":  "${PAD_OPTIONS_SHOW_LINE_NUMBERS:true}",
     "useMonospaceFont": "${PAD_OPTIONS_USE_MONOSPACE_FONT:false}",
-    "userName":         "${PAD_OPTIONS_USER_NAME:false}",
-    "userColor":        "${PAD_OPTIONS_USER_COLOR:false}",
+    "userName":         "${PAD_OPTIONS_USER_NAME:null}",
+    "userColor":        "${PAD_OPTIONS_USER_COLOR:null}",
     "rtl":              "${PAD_OPTIONS_RTL:false}",
     "alwaysShowChat":   "${PAD_OPTIONS_ALWAYS_SHOW_CHAT:false}",
     "chatAndUsers":     "${PAD_OPTIONS_CHAT_AND_USERS:false}",
-    "lang":             "${PAD_OPTIONS_LANG:en-gb}"
+    "lang":             "${PAD_OPTIONS_LANG:null}"
   },
 
   /*
@@ -361,6 +363,23 @@
    * Settings controlling the session cookie issued by Etherpad.
    */
   "cookie": {
+    /*
+     * How often (in milliseconds) the key used to sign the express_sid cookie
+     * should be rotated. Long rotation intervals reduce signature verification
+     * overhead (because there are fewer historical keys to check) and database
+     * load (fewer historical keys to store, and less frequent queries to
+     * get/update the keys). Short rotation intervals are slightly more secure.
+     *
+     * Multiple Etherpad processes sharing the same database (table) is
+     * supported as long as the clock sync error is significantly less than this
+     * value.
+     *
+     * Key rotation can be disabled (not recommended) by setting this to 0 or
+     * null, or by disabling session expiration (see sessionLifetime).
+     */
+    // 86400000 = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
+    "keyRotationInterval": "${COOKIE_KEY_ROTATION_INTERVAL:86400000}",
+
     /*
      * Value of the SameSite cookie property. "Lax" is recommended unless
      * Etherpad will be embedded in an iframe from another site, in which case
@@ -372,7 +391,53 @@
      * significant usability drawbacks vs. "Lax". See
      * https://stackoverflow.com/q/41841880 for discussion.
      */
-    "sameSite": "${COOKIE_SAME_SITE:Lax}"
+    "sameSite": "${COOKIE_SAME_SITE:Lax}",
+
+    /*
+     * How long (in milliseconds) after navigating away from Etherpad before the
+     * user is required to log in again. (The express_sid cookie is set to
+     * expire at time now + sessionLifetime when first created, and its
+     * expiration time is periodically refreshed to a new now + sessionLifetime
+     * value.) If requireAuthentication is false then this value does not really
+     * matter.
+     *
+     * The "best" value depends on your users' usage patterns and the amount of
+     * convenience you desire. A long lifetime is more convenient (users won't
+     * have to log back in as often) but has some drawbacks:
+     *   - It increases the amount of state kept in the database.
+     *   - It might weaken security somewhat: The cookie expiration is refreshed
+     *     indefinitely without consulting authentication or authorization
+     *     hooks, so once a user has accessed a pad, the user can continue to
+     *     use the pad until the user leaves for longer than sessionLifetime.
+     *   - More historical keys (sessionLifetime / keyRotationInterval) must be
+     *     checked when verifying signatures.
+     *
+     * Session lifetime can be set to infinity (not recommended) by setting this
+     * to null or 0. Note that if the session does not expire, most browsers
+     * will delete the cookie when the browser exits, but a session record is
+     * kept in the database forever.
+     */
+    // 864000000 = 10d * 24h/d * 60m/h * 60s/m * 1000ms/s
+    "sessionLifetime": "${COOKIE_SESSION_LIFETIME:864000000}",
+
+    /*
+     * How long (in milliseconds) before the expiration time of an active user's
+     * session is refreshed (to now + sessionLifetime). This setting affects the
+     * following:
+     *   - How often a new session expiration time will be written to the
+     *     database.
+     *   - How often each user's browser will ping the Etherpad server to
+     *     refresh the expiration time of the session cookie.
+     *
+     * High values reduce the load on the database and the load from browsers,
+     * but can shorten the effective session lifetime if Etherpad is restarted
+     * or the user navigates away.
+     *
+     * Automatic session refreshes can be disabled (not recommended) by setting
+     * this to null.
+     */
+    // 86400000 = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
+    "sessionRefreshInterval": "${COOKIE_SESSION_REFRESH_INTERVAL:86400000}"
   },
 
   /*
@@ -480,7 +545,7 @@
      * value to work properly, but increasing the value increases susceptibility
      * to denial of service attacks (malicious clients can exhaust memory).
      */
-    "maxHttpBufferSize": 10000
+    "maxHttpBufferSize": "${SOCKETIO_MAX_HTTP_BUFFER_SIZE:10000}"
   },
 
   /*
@@ -493,7 +558,7 @@
   /**
   * Disable dump of objects preventing a clean exit
   */
-  "dumpOnUncleanExit": false,
+  "dumpOnUncleanExit": "${DUMP_ON_UNCLEAN_EXIT:false}",
 
   /*
    * Disable indentation on new line when previous line ends with some special
@@ -584,58 +649,14 @@
    */
   "loglevel": "${LOGLEVEL:INFO}",
 
-  /*
-   * Logging configuration. See log4js documentation for further information:
-   * https://github.com/nomiddlename/log4js-node
-   *
-   * You can add as many appenders as you want here.
-   */
-  "logconfig" :
-    { "appenders": [
-        { "type": "console"
-        //, "category": "access"// only logs pad access
-        }
-
-      /*
-      , { "type": "file"
-      , "filename": "your-log-file-here.log"
-      , "maxLogSize": 1024
-      , "backups": 3 // how many log files there're gonna be at max
-      //, "category": "test" // only log a specific category
-        }
-      */
-
-      /*
-      , { "type": "logLevelFilter"
-        , "level": "warn" // filters out all log messages that have a lower level than "error"
-        , "appender":
-          {  Use whatever appender you want here  }
-        }
-      */
-
-      /*
-      , { "type": "logLevelFilter"
-        , "level": "error" // filters out all log messages that have a lower level than "error"
-        , "appender":
-          { "type": "smtp"
-          , "subject": "An error occurred in your EPL instance!"
-          , "recipients": "bar@blurdybloop.com, baz@blurdybloop.com"
-          , "sendInterval": 300 // 60 * 5 = 5 minutes -- will buffer log messages; set to 0 to send a mail for every message
-          , "transport": "SMTP", "SMTP": { // see https://github.com/andris9/Nodemailer#possible-transport-methods
-              "host": "smtp.example.com", "port": 465,
-              "secureConnection": true,
-              "auth": {
-                  "user": "foo@example.com",
-                  "pass": "bar_foo"
-              }
-            }
-          }
-        }
-      */
-
-      ]
-    }, // logconfig
-
   /* Override any strings found in locale directories */
-  "customLocaleStrings": {}
+  "customLocaleStrings": {},
+
+  /* Disable Admin UI tests */
+  "enableAdminUITests": false,
+
+  /*
+   * Enable/Disable case-insensitive pad names.
+   */
+  "lowerCasePadIds": "${LOWER_CASE_PAD_IDS:false}"
 }

settings.json.template

@@ -235,12 +235,12 @@
     "showChat":         true,
     "showLineNumbers":  true,
     "useMonospaceFont": false,
-    "userName":         false,
-    "userColor":        false,
+    "userName":         null,
+    "userColor":        null,
     "rtl":              false,
     "alwaysShowChat":   false,
     "chatAndUsers":     false,
-    "lang":             "en-gb"
+    "lang":             null
   },
 
   /*
@@ -364,6 +364,22 @@
    * Settings controlling the session cookie issued by Etherpad.
    */
   "cookie": {
+    /*
+     * How often (in milliseconds) the key used to sign the express_sid cookie
+     * should be rotated. Long rotation intervals reduce signature verification
+     * overhead (because there are fewer historical keys to check) and database
+     * load (fewer historical keys to store, and less frequent queries to
+     * get/update the keys). Short rotation intervals are slightly more secure.
+     *
+     * Multiple Etherpad processes sharing the same database (table) is
+     * supported as long as the clock sync error is significantly less than this
+     * value.
+     *
+     * Key rotation can be disabled (not recommended) by setting this to 0 or
+     * null, or by disabling session expiration (see sessionLifetime).
+     */
+    "keyRotationInterval": 86400000, // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
+
     /*
      * Value of the SameSite cookie property. "Lax" is recommended unless
      * Etherpad will be embedded in an iframe from another site, in which case
@@ -375,7 +391,51 @@
      * significant usability drawbacks vs. "Lax". See
      * https://stackoverflow.com/q/41841880 for discussion.
      */
-    "sameSite": "Lax"
+    "sameSite": "Lax",
+
+    /*
+     * How long (in milliseconds) after navigating away from Etherpad before the
+     * user is required to log in again. (The express_sid cookie is set to
+     * expire at time now + sessionLifetime when first created, and its
+     * expiration time is periodically refreshed to a new now + sessionLifetime
+     * value.) If requireAuthentication is false then this value does not really
+     * matter.
+     *
+     * The "best" value depends on your users' usage patterns and the amount of
+     * convenience you desire. A long lifetime is more convenient (users won't
+     * have to log back in as often) but has some drawbacks:
+     *   - It increases the amount of state kept in the database.
+     *   - It might weaken security somewhat: The cookie expiration is refreshed
+     *     indefinitely without consulting authentication or authorization
+     *     hooks, so once a user has accessed a pad, the user can continue to
+     *     use the pad until the user leaves for longer than sessionLifetime.
+     *   - More historical keys (sessionLifetime / keyRotationInterval) must be
+     *     checked when verifying signatures.
+     *
+     * Session lifetime can be set to infinity (not recommended) by setting this
+     * to null or 0. Note that if the session does not expire, most browsers
+     * will delete the cookie when the browser exits, but a session record is
+     * kept in the database forever.
+     */
+    "sessionLifetime": 864000000, // = 10d * 24h/d * 60m/h * 60s/m * 1000ms/s
+
+    /*
+     * How long (in milliseconds) before the expiration time of an active user's
+     * session is refreshed (to now + sessionLifetime). This setting affects the
+     * following:
+     *   - How often a new session expiration time will be written to the
+     *     database.
+     *   - How often each user's browser will ping the Etherpad server to
+     *     refresh the expiration time of the session cookie.
+     *
+     * High values reduce the load on the database and the load from browsers,
+     * but can shorten the effective session lifetime if Etherpad is restarted
+     * or the user navigates away.
+     *
+     * Automatic session refreshes can be disabled (not recommended) by setting
+     * this to null.
+     */
+    "sessionRefreshInterval": 86400000 // = 1d * 24h/d * 60m/h * 60s/m * 1000ms/s
   },
 
   /*
@@ -550,7 +610,6 @@
     "points": 10
   },
 
-
   /*
    * Toolbar buttons configuration.
    *
@@ -590,61 +649,14 @@
    */
   "loglevel": "INFO",
 
-  /*
-   * Logging configuration. See log4js documentation for further information:
-   * https://github.com/nomiddlename/log4js-node
-   *
-   * You can add as many appenders as you want here.
-   */
-  "logconfig" :
-    { "appenders": [
-        { "type": "console"
-        //, "category": "access"// only logs pad access
-        }
-
-      /*
-      , { "type": "file"
-      , "filename": "your-log-file-here.log"
-      , "maxLogSize": 1024
-      , "backups": 3 // how many log files there're gonna be at max
-      //, "category": "test" // only log a specific category
-        }
-      */
-
-      /*
-      , { "type": "logLevelFilter"
-        , "level": "warn" // filters out all log messages that have a lower level than "error"
-        , "appender":
-          {  Use whatever appender you want here  }
-        }
-      */
-
-      /*
-      , { "type": "logLevelFilter"
-        , "level": "error" // filters out all log messages that have a lower level than "error"
-        , "appender":
-          { "type": "smtp"
-          , "subject": "An error occurred in your EPL instance!"
-          , "recipients": "bar@blurdybloop.com, baz@blurdybloop.com"
-          , "sendInterval": 300 // 60 * 5 = 5 minutes -- will buffer log messages; set to 0 to send a mail for every message
-          , "transport": "SMTP", "SMTP": { // see https://github.com/andris9/Nodemailer#possible-transport-methods
-              "host": "smtp.example.com", "port": 465,
-              "secureConnection": true,
-              "auth": {
-                  "user": "foo@example.com",
-                  "pass": "bar_foo"
-              }
-            }
-          }
-        }
-      */
-
-      ]
-    }, // logconfig
-
   /* Override any strings found in locale directories */
   "customLocaleStrings": {},
 
   /* Disable Admin UI tests */
-  "enableAdminUITests": false
+  "enableAdminUITests": false,
+
+  /*
+   * Enable/Disable case-insensitive pad names.
+   */
+  "lowerCasePadIds": false
 }

src/.eslintrc.cjs

@@ -0,0 +1,141 @@
+'use strict';
+
+// This is a workaround for https://github.com/eslint/eslint/issues/3458
+require('eslint-config-etherpad/patch/modern-module-resolution');
+
+module.exports = {
+  ignorePatterns: [
+    '/static/js/admin/jquery.autosize.js',
+    '/static/js/admin/minify.json.js',
+    '/static/js/vendors/browser.js',
+    '/static/js/vendors/farbtastic.js',
+    '/static/js/vendors/gritter.js',
+    '/static/js/vendors/html10n.js',
+    '/static/js/vendors/jquery.js',
+    '/static/js/vendors/nice-select.js',
+    '/tests/frontend/lib/',
+  ],
+  overrides: [
+    {
+      files: [
+        '**/.eslintrc.*',
+      ],
+      extends: 'etherpad/node',
+    },
+    {
+      files: [
+        '**/*',
+      ],
+      excludedFiles: [
+        '**/.eslintrc.*',
+        'tests/frontend/**/*',
+      ],
+      extends: 'etherpad/node',
+    },
+    {
+      files: [
+        'static/**/*',
+        'tests/frontend/helper.js',
+        'tests/frontend/helper/**/*',
+      ],
+      excludedFiles: [
+        '**/.eslintrc.*',
+      ],
+      extends: 'etherpad/browser',
+      env: {
+        'shared-node-browser': true,
+      },
+      overrides: [
+        {
+          files: [
+            'tests/frontend/helper/**/*',
+          ],
+          globals: {
+            helper: 'readonly',
+          },
+        },
+      ],
+    },
+    {
+      files: [
+        'tests/**/*',
+      ],
+      excludedFiles: [
+        '**/.eslintrc.*',
+        'tests/frontend/cypress/**/*',
+        'tests/frontend/helper.js',
+        'tests/frontend/helper/**/*',
+        'tests/frontend/travis/**/*',
+        'tests/ratelimit/**/*',
+      ],
+      extends: 'etherpad/tests',
+      rules: {
+        'mocha/no-exports': 'off',
+        'mocha/no-top-level-hooks': 'off',
+      },
+    },
+    {
+      files: [
+        'tests/backend/**/*',
+      ],
+      excludedFiles: [
+        '**/.eslintrc.*',
+      ],
+      extends: 'etherpad/tests/backend',
+      overrides: [
+        {
+          files: [
+            'tests/backend/**/*',
+          ],
+          excludedFiles: [
+            'tests/backend/specs/**/*',
+          ],
+          rules: {
+            'mocha/no-exports': 'off',
+            'mocha/no-top-level-hooks': 'off',
+          },
+        },
+      ],
+    },
+    {
+      files: [
+        'tests/frontend/**/*',
+      ],
+      excludedFiles: [
+        '**/.eslintrc.*',
+        'tests/frontend/cypress/**/*',
+        'tests/frontend/helper.js',
+        'tests/frontend/helper/**/*',
+        'tests/frontend/travis/**/*',
+      ],
+      extends: 'etherpad/tests/frontend',
+      overrides: [
+        {
+          files: [
+            'tests/frontend/**/*',
+          ],
+          excludedFiles: [
+            'tests/frontend/specs/**/*',
+          ],
+          rules: {
+            'mocha/no-exports': 'off',
+            'mocha/no-top-level-hooks': 'off',
+          },
+        },
+      ],
+    },
+    {
+      files: [
+        'tests/frontend/cypress/**/*',
+      ],
+      extends: 'etherpad/tests/cypress',
+    },
+    {
+      files: [
+        'tests/frontend/travis/**/*',
+      ],
+      extends: 'etherpad/node',
+    },
+  ],
+  root: true,
+};

src/bin/buildForWindows.sh

@@ -1,62 +1,62 @@
 #!/bin/sh
 
+set -e
+
 pecho() { printf %s\\n "$*"; }
 log() { pecho "$@"; }
 error() { log "ERROR: $@" >&2; }
 fatal() { error "$@"; exit 1; }
+try() { "$@" || fatal "'$@' failed"; }
 is_cmd() { command -v "$@" >/dev/null 2>&1; }
 
-# Move to the folder where ep-lite is installed
-cd "$(cd "${0%/*}" && pwd -P)/../.."
+for x in git unzip wget zip; do
+  is_cmd "${x}" || fatal "Please install ${x}"
+done
 
-# Is wget installed?
-is_cmd wget || fatal "Please install wget"
+# Move to the folder where Etherpad is checked out
+try cd "${0%/*}"
+workdir=$(try git rev-parse --show-toplevel) || exit 1
+try cd "${workdir}"
+[ -f src/package.json ] || fatal "failed to cd to etherpad root directory"
 
-# Is zip installed?
-is_cmd zip || fatal "Please install zip"
+# See https://github.com/msys2/MSYS2-packages/issues/1216
+export MSYSTEM=winsymlinks:lnk
 
-# Is zip installed?
-is_cmd unzip || fatal "Please install unzip"
+OUTPUT=${workdir}/etherpad-win.zip
 
-START_FOLDER=$(pwd);
-TMP_FOLDER=$(mktemp -d)
+TMP_FOLDER=$(try mktemp -d) || exit 1
+trap 'exit 1' HUP INT TERM
+trap 'log "cleaning up..."; try cd / && try rm -rf "${TMP_FOLDER}"' EXIT
 
 log "create a clean environment in $TMP_FOLDER..."
-cp -ar . "$TMP_FOLDER"
-cd "$TMP_FOLDER"
-rm -rf node_modules
-rm -f etherpad-lite-win.zip
+try export GIT_WORK_TREE=${TMP_FOLDER}; git checkout HEAD -f \
+    || fatal "failed to copy etherpad to temporary folder"
+try mkdir "${TMP_FOLDER}"/.git
+try git rev-parse HEAD >${TMP_FOLDER}/.git/HEAD
+try cp -r ./src/node_modules "${TMP_FOLDER}"/src/node_modules
+
+try cd "${TMP_FOLDER}"
+[ -f src/package.json ] || fatal "failed to copy etherpad to temporary folder"
 
 # setting NODE_ENV=production ensures that dev dependencies are not installed,
 # making the windows package smaller
 export NODE_ENV=production
 
 log "do a normal unix install first..."
-src/bin/installDeps.sh || exit 1
+try ./src/bin/installDeps.sh
 
 log "copy the windows settings template..."
-cp settings.json.template settings.json
+try cp settings.json.template settings.json
 
 log "resolve symbolic links..."
-cp -rL node_modules node_modules_resolved
-rm -rf node_modules
-mv node_modules_resolved node_modules
+try cp -rL node_modules node_modules_resolved
+try rm -rf node_modules
+try mv node_modules_resolved node_modules
 
 log "download windows node..."
-wget "https://nodejs.org/dist/latest-erbium/win-x86/node.exe" -O node.exe
-
-log "remove git history to reduce folder size"
-rm -rf .git/objects
-
-log "remove windows jsdom-nocontextify/test folder"
-rm -rf "$TMP_FOLDER"/src/node_modules/wd/node_modules/request/node_modules/form-data/node_modules/combined-stream/test
-rm -rf "$TMP_FOLDER"/src/node_modules/nodemailer/node_modules/mailcomposer/node_modules/mimelib/node_modules/encoding/node_modules/iconv-lite/encodings/tables
+try wget "https://nodejs.org/dist/latest-v16.x/win-x64/node.exe" -O node.exe
 
 log "create the zip..."
-cd "$TMP_FOLDER"
-zip -9 -r "$START_FOLDER"/etherpad-lite-win.zip ./* -x var
+try zip -9 -r "${OUTPUT}" ./*
 
-log "clean up..."
-rm -rf "$TMP_FOLDER"
-
-log "Finished. You can find the zip in the Etherpad root folder, it's called etherpad-lite-win.zip"
+log "Finished. You can find the zip at ${OUTPUT}"

src/bin/checkAllPads.js

@@ -10,79 +10,18 @@ process.on('unhandledRejection', (err) => { throw err; });
 if (process.argv.length !== 2) throw new Error('Use: node src/bin/checkAllPads.js');
 
 (async () => {
-  // initialize the database
-  require('../node/utils/Settings');
   const db = require('../node/db/DB');
   await db.init();
-
-  // load modules
-  const Changeset = require('../static/js/Changeset');
   const padManager = require('../node/db/PadManager');
-
-  let revTestedCount = 0;
-
-  // get all pads
-  const res = await padManager.listAllPads();
-  for (const padId of res.padIDs) {
+  await Promise.all((await padManager.listAllPads()).padIDs.map(async (padId) => {
     const pad = await padManager.getPad(padId);
-
-    // check if the pad has a pool
-    if (pad.pool == null) {
-      console.error(`[${pad.id}] Missing attribute pool`);
-      continue;
+    try {
+      await pad.check();
+    } catch (err) {
+      console.error(`Error in pad ${padId}: ${err.stack || err}`);
+      return;
     }
-    // create an array with key kevisions
-    // key revisions always save the full pad atext
-    const head = pad.getHeadRevisionNumber();
-    const keyRevisions = [];
-    for (let rev = 0; rev < head; rev += 100) {
-      keyRevisions.push(rev);
-    }
-
-    // run through all key revisions
-    for (const keyRev of keyRevisions) {
-      // create an array of revisions we need till the next keyRevision or the End
-      const revisionsNeeded = [];
-      for (let rev = keyRev; rev <= keyRev + 100 && rev <= head; rev++) {
-        revisionsNeeded.push(rev);
-      }
-
-      // this array will hold all revision changesets
-      const revisions = [];
-
-      // run through all needed revisions and get them from the database
-      for (const revNum of revisionsNeeded) {
-        const revision = await db.get(`pad:${pad.id}:revs:${revNum}`);
-        revisions[revNum] = revision;
-      }
-
-      // check if the revision exists
-      if (revisions[keyRev] == null) {
-        console.error(`[${pad.id}] Missing revision ${keyRev}`);
-        continue;
-      }
-
-      // check if there is a atext in the keyRevisions
-      let {meta: {atext} = {}} = revisions[keyRev];
-      if (atext == null) {
-        console.error(`[${pad.id}] Missing atext in revision ${keyRev}`);
-        continue;
-      }
-
-      const apool = pad.pool;
-      for (let rev = keyRev + 1; rev <= keyRev + 100 && rev <= head; rev++) {
-        try {
-          const cs = revisions[rev].changeset;
-          atext = Changeset.applyToAText(cs, atext, apool);
-          revTestedCount++;
-        } catch (e) {
-          console.error(`[${pad.id}] Bad changeset at revision ${rev} - ${e.message}`);
-        }
-      }
-    }
-  }
-  if (revTestedCount === 0) {
-    throw new Error('No revisions tested');
-  }
-  console.log(`Finished: Tested ${revTestedCount} revisions`);
+    console.log(`Pad ${padId}: OK`);
+  }));
+  console.log('Finished.');
 })();

src/bin/checkPad.js

@@ -8,75 +8,13 @@
 process.on('unhandledRejection', (err) => { throw err; });
 
 if (process.argv.length !== 3) throw new Error('Use: node src/bin/checkPad.js $PADID');
-
-// get the padID
 const padId = process.argv[2];
-let checkRevisionCount = 0;
-
 (async () => {
-  // initialize database
-  require('../node/utils/Settings');
   const db = require('../node/db/DB');
   await db.init();
-
-  // load modules
-  const Changeset = require('../static/js/Changeset');
   const padManager = require('../node/db/PadManager');
-
-  const exists = await padManager.doesPadExists(padId);
-  if (!exists) throw new Error('Pad does not exist');
-
-  // get the pad
+  if (!await padManager.doesPadExists(padId)) throw new Error('Pad does not exist');
   const pad = await padManager.getPad(padId);
-
-  // create an array with key revisions
-  // key revisions always save the full pad atext
-  const head = pad.getHeadRevisionNumber();
-  const keyRevisions = [];
-  for (let rev = 0; rev < head; rev += 100) {
-    keyRevisions.push(rev);
-  }
-
-  // run through all key revisions
-  for (let keyRev of keyRevisions) {
-    keyRev = parseInt(keyRev);
-    // create an array of revisions we need till the next keyRevision or the End
-    const revisionsNeeded = [];
-    for (let rev = keyRev; rev <= keyRev + 100 && rev <= head; rev++) {
-      revisionsNeeded.push(rev);
-    }
-
-    // this array will hold all revision changesets
-    const revisions = [];
-
-    // run through all needed revisions and get them from the database
-    for (const revNum of revisionsNeeded) {
-      const revision = await db.get(`pad:${padId}:revs:${revNum}`);
-      revisions[revNum] = revision;
-    }
-
-    // check if the pad has a pool
-    if (pad.pool == null) throw new Error('Attribute pool is missing');
-
-    // check if there is an atext in the keyRevisions
-    let {meta: {atext} = {}} = revisions[keyRev] || {};
-    if (atext == null) {
-      console.error(`No atext in key revision ${keyRev}`);
-      continue;
-    }
-
-    const apool = pad.pool;
-
-    for (let rev = keyRev + 1; rev <= keyRev + 100 && rev <= head; rev++) {
-      checkRevisionCount++;
-      try {
-        const cs = revisions[rev].changeset;
-        atext = Changeset.applyToAText(cs, atext, apool);
-      } catch (e) {
-        console.error(`Bad changeset at revision ${rev} - ${e.message}`);
-        continue;
-      }
-    }
-    console.log(`Finished: Checked ${checkRevisionCount} revisions`);
-  }
+  await pad.check();
+  console.log('Finished.');
 })();

src/bin/checkPadDeltas.js

@@ -1,103 +0,0 @@
-'use strict';
-/*
- * This is a debug tool. It checks all revisions for data corruption
- */
-
-// As of v14, Node.js does not exit when there is an unhandled Promise rejection. Convert an
-// unhandled rejection into an uncaught exception, which does cause Node.js to exit.
-process.on('unhandledRejection', (err) => { throw err; });
-
-if (process.argv.length !== 3) throw new Error('Use: node src/bin/checkPadDeltas.js $PADID');
-
-// get the padID
-const padId = process.argv[2];
-
-const expect = require('../tests/frontend/lib/expect');
-const diff = require('diff');
-
-(async () => {
-  // initialize database
-  require('../node/utils/Settings');
-  const db = require('../node/db/DB');
-  await db.init();
-
-  // load modules
-  const Changeset = require('../static/js/Changeset');
-  const padManager = require('../node/db/PadManager');
-
-  const exists = await padManager.doesPadExists(padId);
-  if (!exists) throw new Error('Pad does not exist');
-
-  // get the pad
-  const pad = await padManager.getPad(padId);
-
-  // create an array with key revisions
-  // key revisions always save the full pad atext
-  const head = pad.getHeadRevisionNumber();
-  const keyRevisions = [];
-  for (let i = 0; i < head; i += 100) {
-    keyRevisions.push(i);
-  }
-
-  // create an array with all revisions
-  const revisions = [];
-  for (let i = 0; i <= head; i++) {
-    revisions.push(i);
-  }
-
-  let atext = Changeset.makeAText('\n');
-
-  // run through all revisions
-  for (const revNum of revisions) {
-    // console.log('Fetching', revNum)
-    const revision = await db.get(`pad:${padId}:revs:${revNum}`);
-    // check if there is a atext in the keyRevisions
-    const {meta: {atext: revAtext} = {}} = revision || {};
-    if (~keyRevisions.indexOf(revNum) && revAtext == null) {
-      console.error(`No atext in key revision ${revNum}`);
-      continue;
-    }
-
-    // try glue everything together
-    try {
-      // console.log("check revision ", revNum);
-      const cs = revision.changeset;
-      atext = Changeset.applyToAText(cs, atext, pad.pool);
-    } catch (e) {
-      console.error(`Bad changeset at revision ${revNum} - ${e.message}`);
-      continue;
-    }
-
-    // check things are working properly
-    if (~keyRevisions.indexOf(revNum)) {
-      try {
-        expect(revision.meta.atext.text).to.eql(atext.text);
-        expect(revision.meta.atext.attribs).to.eql(atext.attribs);
-      } catch (e) {
-        console.error(`Atext in key revision ${revNum} doesn't match computed one.`);
-        console.log(diff.diffChars(atext.text, revision.meta.atext.text).map((op) => {
-          if (!op.added && !op.removed) op.value = op.value.length;
-          return op;
-        }));
-        // console.error(e)
-        // console.log('KeyRev. :', revision.meta.atext)
-        // console.log('Computed:', atext)
-        continue;
-      }
-    }
-  }
-
-  // check final text is right...
-  if (pad.atext.text === atext.text) {
-    console.log('ok');
-  } else {
-    console.error('Pad AText doesn\'t match computed one! (Computed ',
-        atext.text.length, ', db', pad.atext.text.length, ')');
-    console.log(diff.diffChars(atext.text, pad.atext.text).map((op) => {
-      if (!op.added && !op.removed) {
-        op.value = op.value.length;
-        return op;
-      }
-    }));
-  }
-})();

src/bin/createRelease.sh

@@ -145,12 +145,12 @@ function push_builds {
   cd $TMP_DIR/etherpad-lite/
   echo "Copying windows build and docs to website repo..."
   GIT_SHA=$(git rev-parse HEAD | cut -c1-10)
-  mv etherpad-lite-win.zip $TMP_DIR/ether.github.com/downloads/etherpad-lite-win-$VERSION-$GIT_SHA.zip
+  mv etherpad-win.zip $TMP_DIR/ether.github.com/downloads/etherpad-win-$VERSION-$GIT_SHA.zip
 
   mv out/doc $TMP_DIR/ether.github.com/doc/v$VERSION
 
   cd $TMP_DIR/ether.github.com/
-  sed -i "s/etherpad-lite-win.*\.zip/etherpad-lite-win-$VERSION-$GIT_SHA.zip/" index.html
+  sed -i "s/etherpad-win.*\.zip/etherpad-win-$VERSION-$GIT_SHA.zip/" index.html
   sed -i "s/$LATEST_GIT_TAG/$VERSION/g" index.html
   git checkout -b release_$VERSION
   [[ $? != 0 ]] && echo "Aborting: Error creating new release branch" && exit 1

src/bin/doc/package-lock.json

@@ -0,0 +1,13 @@
+{
+  "name": "node-doc-generator",
+  "version": "0.0.0",
+  "lockfileVersion": 1,
+  "requires": true,
+  "dependencies": {
+    "marked": {
+      "version": "9.1.4",
+      "resolved": "https://registry.npmjs.org/marked/-/marked-9.1.4.tgz",
+      "integrity": "sha512-Mq83CCaClhXqhf8sLQ57c1unNelHEuFadK36ga+GeXR4FeT/5ssaC5PaCRVqMA74VYorzYRqdAaxxteIanh3Kw=="
+    }
+  }
+}

src/bin/doc/package.json

@@ -4,10 +4,10 @@
   "description": "Internal tool for generating Node.js API docs",
   "version": "0.0.0",
   "engines": {
-    "node": ">=12.13.0"
+    "node": ">=12.17.0"
   },
   "dependencies": {
-    "marked": "^2.0.0"
+    "marked": "^9.1.4"
   },
   "devDependencies": {},
   "optionalDependencies": {},

src/bin/etherpad-healthcheck

@@ -0,0 +1,26 @@
+#!/usr/bin/env node
+
+// Checks the health of Etherpad by visiting http://localhost:9001/health. Returns 0 on success, 1
+// on error as required by the Dockerfile HEALTHCHECK instruction.
+
+'use strict';
+
+// As of v14, Node.js does not exit when there is an unhandled Promise rejection. Convert an
+// unhandled rejection into an uncaught exception, which does cause Node.js to exit.
+process.on('unhandledRejection', (err) => { throw err; });
+
+const assert = require('assert').strict;
+const superagent = require('superagent');
+
+(async () => {
+  const res = await superagent.get('http://localhost:9001/health')
+      .accept('application/health+json')
+      .buffer(true)
+      .parse(superagent.parse['application/json']);
+  assert(res.ok, `Unexpected HTTP status: ${res.status}`);
+  assert.equal(res.type, 'application/health+json');
+  const {body: {status} = {}} = res;
+  assert(status != null);
+  assert.equal(typeof status, 'string');
+  assert(['pass', 'ok', 'up'].includes(status.toLowerCase()), `Unexpected status: ${status}`);
+})();

src/bin/extractPadData.js

@@ -30,9 +30,7 @@ const padId = process.argv[2];
   // initialize output database
   const dirty = dirtyDB(`${padId}.db`);
 
-  // Promise wrapped get and set function
-  const wrapped = db.db.db.wrappedDB;
-  const get = util.promisify(wrapped.get.bind(wrapped));
+  // Promise set function
   const set = util.promisify(dirty.set.bind(dirty));
 
   // array in which required key values will be accumulated
@@ -55,7 +53,7 @@ const padId = process.argv[2];
   }
 
   for (const dbkey of neededDBValues) {
-    let dbvalue = await get(dbkey);
+    let dbvalue = await db.get(dbkey);
     if (dbvalue && typeof dbvalue !== 'object') {
       dbvalue = JSON.parse(dbvalue);
     }

src/bin/installDeps.sh

@@ -1,5 +1,6 @@
 #!/bin/sh
 
+
 # Move to the Etherpad base directory.
 MY_DIR=$(cd "${0%/*}" && pwd -P) || exit 1
 cd "${MY_DIR}/../.." || exit 1
@@ -15,10 +16,12 @@ is_cmd node || fatal "Please install node.js ( https://nodejs.org )"
 is_cmd npm || fatal "Please install npm ( https://npmjs.org )"
 
 # Check npm version
-require_minimal_version "npm" $(get_program_version "npm") "$REQUIRED_NPM_MAJOR" "$REQUIRED_NPM_MINOR"
+require_minimal_version "npm" "$(get_program_version "npm")" \
+    "$REQUIRED_NPM_MAJOR" "$REQUIRED_NPM_MINOR"
 
 # Check node version
-require_minimal_version "nodejs" $(get_program_version "node") "$REQUIRED_NODE_MAJOR" "$REQUIRED_NODE_MINOR"
+require_minimal_version "nodejs" "$(get_program_version "node")" \
+    "$REQUIRED_NODE_MAJOR" "$REQUIRED_NODE_MINOR"
 
 # Get the name of the settings file
 settings="settings.json"
@@ -34,17 +37,22 @@ if [ ! -f "$settings" ]; then
   cp settings.json.template "$settings" || exit 1
 fi
 
-log "Ensure that all dependencies are up to date...  If this is the first time you have run Etherpad please be patient."
-(
-  mkdir -p node_modules
-  cd node_modules
-  [ -e ep_etherpad-lite ] || ln -s ../src ep_etherpad-lite
-  cd ep_etherpad-lite
-  npm ci --no-optional
-) || {
-  rm -rf src/node_modules
-  exit 1
-}
+
+log "Installing dependencies..."
+(mkdir -p node_modules &&
+cd node_modules &&
+{ [ -d ep_etherpad-lite ] || ln -sf ../src ep_etherpad-lite; } &&
+cd ep_etherpad-lite)
+
+cd src
+
+if [ -z "${ETHERPAD_PRODUCTION}" ]; then
+  log "Installing dev dependencies"
+ npm ci --no-optional --omit=optional --include=dev --lockfile-version 1 || exit 1
+else
+  log "Installing production dependencies"
+  npm ci --no-optional --omit=optional --omit=dev --lockfile-version 1 --production || exit 1
+fi
 
 # Remove all minified data to force node creating it new
 log "Clearing minified cache..."

src/bin/installOnWindows.bat

@@ -1,7 +1,7 @@
 @echo off
 
 :: Change directory to etherpad-lite root
-cd /D "%~dp0\.."
+cd /D "%~dp0\..\.."
 
 :: Is node installed?
 cmd /C node -e "" || ( echo "Please install node.js ( https://nodejs.org )" && exit /B 1 )
@@ -14,9 +14,9 @@ cd /D node_modules
 mklink /D "ep_etherpad-lite" "..\src"
 
 cd /D "ep_etherpad-lite"
-cmd /C npm ci || exit /B 1
+cmd /C npm ci --legacy-peer-deps || exit /B 1
 
-cd /D "%~dp0\.."
+cd /D "%~dp0\..\.."
 
 echo _
 echo Clearing cache...

src/bin/nsis/README.md

@@ -0,0 +1,9 @@
+A simple NSIS script to Install Etherpad (Server) on Windows and start it.
+
+# TODO
+1. i18n
+1. Run as Service
+1. Display messages during install
+
+# License
+Apache 2

src/bin/nsis/etherpad.nsi

@@ -0,0 +1,55 @@
+;Include Modern UI
+!include "MUI2.nsh"
+!include x64.nsh
+
+;--------------------------------
+;Styling
+!define MUI_ICON "brand.ico"
+Icon "brand.ico"
+BrandingText "Etherpad Foundation"
+Name "Etherpad Server"
+OutFile "..\..\..\etherpad-win.exe"
+
+!insertmacro MUI_LANGUAGE "English"
+
+Page directory
+Page instfiles
+
+; The default installation directory
+InstallDir "$PROGRAMFILES64\Etherpad Foundation\Etherpad Server"
+
+Section
+  SectionIn RO
+
+  ${If} ${RunningX64}
+    DetailPrint "Installer running on x64 host"
+  ${Else}
+    Abort "Unsupported CPU architecture (only x64 is supported)"
+  ${Endif}
+
+  ; Set output path to the installation directory.
+  SetOutPath $INSTDIR
+
+  ; Put files there
+  File /r "..\..\..\..\etherpad-zip\*"
+
+SectionEnd
+
+Section
+  CreateDirectory "$SMPROGRAMS\Etherpad Foundation"
+  CreateShortCut "$SMPROGRAMS\Etherpad Foundation\Etherpad Server.lnk" "$INSTDIR\start.bat" "brand.ico" "Etherpad Server"
+  CreateShortCut "$SMPROGRAMS\Etherpad Foundation\Etherpad.lnk" "http://127.0.0.1:9001" "brand.ico" "Etherpad"
+  CreateShortCut "$SMPROGRAMS\Etherpad Foundation\Etherpad Admin.lnk" "http://127.0.0.1:9001/admin" "brand.ico" "Etherpad Admin"
+  CreateShortCut "$SMPROGRAMS\Etherpad Foundation\Uninstall Etherpad Server.lnk" "$INSTDIR\uninstall.exe"
+  WriteUninstaller "$INSTDIR\uninstall.exe"
+  Exec '$INSTDIR\start.bat'
+SectionEnd
+
+UninstPage instfiles
+
+Section Uninstall
+  Delete "$INSTDIR\*"
+  Delete "$INSTDIR\uninstall.exe"
+  RMDir "$INSTDIR"
+  SetAutoClose false
+SectionEnd

src/bin/plugins/README.md

@@ -21,12 +21,18 @@ node src/bin/plugins/checkPlugin.js ep_webrtc
 node src/bin/plugins/checkPlugin.js ep_whatever autofix
 ```
 
-## Autocommitting, push, npm minor patch and npm publish (highly dangerous)
+## Autocommitting - fix issues and commit
 
 ```
 node src/bin/plugins/checkPlugin.js ep_whatever autocommit
 ```
 
+## Autopush - fix issues, commit, push, and publish (highly dangerous)
+
+```
+node src/bin/plugins/checkPlugin.js ep_whatever autopush
+```
+
 # All the plugins
 
 Replace johnmclear with your github username

src/bin/plugins/checkPlugin.js

@@ -5,423 +5,377 @@
  *
  * Normal usage:                node src/bin/plugins/checkPlugin.js ep_whatever
  * Auto fix the things it can:  node src/bin/plugins/checkPlugin.js ep_whatever autofix
- * Auto commit, push and publish to npm (highly dangerous):
- *                              node src/bin/plugins/checkPlugin.js ep_whatever autocommit
+ * Auto fix and commit:         node src/bin/plugins/checkPlugin.js ep_whatever autocommit
+ * Auto fix, commit, push and publish to npm (highly dangerous):
+ *                              node src/bin/plugins/checkPlugin.js ep_whatever autopush
  */
 
+const process = require('process');
+
 // As of v14, Node.js does not exit when there is an unhandled Promise rejection. Convert an
 // unhandled rejection into an uncaught exception, which does cause Node.js to exit.
 process.on('unhandledRejection', (err) => { throw err; });
 
+const assert = require('assert').strict;
 const fs = require('fs');
+const fsp = fs.promises;
 const childProcess = require('child_process');
+const log4js = require('log4js');
+const path = require('path');
 
-// get plugin name & path from user input
-const pluginName = process.argv[2];
+const logger = log4js.getLogger('checkPlugin');
 
-if (!pluginName) throw new Error('no plugin name specified');
+(async () => {
+  // get plugin name & path from user input
+  const pluginName = process.argv[2];
 
-const pluginPath = `node_modules/${pluginName}`;
+  if (!pluginName) throw new Error('no plugin name specified');
+  logger.info(`Checking the plugin: ${pluginName}`);
 
-console.log(`Checking the plugin: ${pluginName}`);
+  const epRootDir = await fsp.realpath(path.join(await fsp.realpath(__dirname), '../../..'));
+  logger.info(`Etherpad root directory: ${epRootDir}`);
+  process.chdir(epRootDir);
+  const pluginPath = await fsp.realpath(`node_modules/${pluginName}`);
+  logger.info(`Plugin directory: ${pluginPath}`);
+  const epSrcDir = await fsp.realpath(path.join(epRootDir, 'src'));
 
-const optArgs = process.argv.slice(3);
-const autoCommit = optArgs.indexOf('autocommit') !== -1;
-const autoFix = autoCommit || optArgs.indexOf('autofix') !== -1;
+  const optArgs = process.argv.slice(3);
+  const autoPush = optArgs.includes('autopush');
+  const autoCommit = autoPush || optArgs.includes('autocommit');
+  const autoFix = autoCommit || optArgs.includes('autofix');
 
-const execSync = (cmd, opts = {}) => (childProcess.execSync(cmd, {
-  cwd: `${pluginPath}/`,
-  ...opts,
-}) || '').toString().replace(/\n+$/, '');
+  const execSync = (cmd, opts = {}) => (childProcess.execSync(cmd, {
+    cwd: `${pluginPath}/`,
+    ...opts,
+  }) || '').toString().replace(/\n+$/, '');
 
-const writePackageJson = (obj) => {
-  let s = JSON.stringify(obj, null, 2);
-  if (s.length && s.slice(s.length - 1) !== '\n') s += '\n';
-  return fs.writeFileSync(`${pluginPath}/package.json`, s);
-};
+  const writePackageJson = async (obj) => {
+    let s = JSON.stringify(obj, null, 2);
+    if (s.length && s.slice(s.length - 1) !== '\n') s += '\n';
+    return await fsp.writeFile(`${pluginPath}/package.json`, s);
+  };
 
-const updateDeps = (parsedPackageJson, key, wantDeps) => {
-  const {[key]: deps = {}} = parsedPackageJson;
-  let changed = false;
-  for (const [pkg, verInfo] of Object.entries(wantDeps)) {
-    const {ver, overwrite = true} = typeof verInfo === 'string' ? {ver: verInfo} : verInfo;
-    if (deps[pkg] === ver) continue;
-    if (deps[pkg] == null) {
-      console.warn(`Missing dependency in ${key}: '${pkg}': '${ver}'`);
-    } else {
-      if (!overwrite) continue;
-      console.warn(`Dependency mismatch in ${key}: '${pkg}': '${ver}' (current: ${deps[pkg]})`);
+  const checkEntries = (got, want) => {
+    let changed = false;
+    for (const [key, val] of Object.entries(want)) {
+      try {
+        assert.deepEqual(got[key], val);
+      } catch (err) {
+        logger.warn(`${key} possibly outdated.`);
+        logger.warn(err.message);
+        if (autoFix) {
+          got[key] = val;
+          changed = true;
+        }
+      }
     }
-    if (autoFix) {
-      deps[pkg] = ver;
-      changed = true;
+    return changed;
+  };
+
+  const updateDeps = async (parsedPackageJson, key, wantDeps) => {
+    const {[key]: deps = {}} = parsedPackageJson;
+    let changed = false;
+    for (const [pkg, verInfo] of Object.entries(wantDeps)) {
+      const {ver, overwrite = true} =
+          typeof verInfo === 'string' || verInfo == null ? {ver: verInfo} : verInfo;
+      if (deps[pkg] === ver || (deps[pkg] == null && ver == null)) continue;
+      if (deps[pkg] == null) {
+        logger.warn(`Missing dependency in ${key}: '${pkg}': '${ver}'`);
+      } else {
+        if (!overwrite) continue;
+        logger.warn(`Dependency mismatch in ${key}: '${pkg}': '${ver}' (current: ${deps[pkg]})`);
+      }
+      if (autoFix) {
+        if (ver == null) delete deps[pkg];
+        else deps[pkg] = ver;
+        changed = true;
+      }
     }
-  }
-  if (changed) {
-    parsedPackageJson[key] = deps;
-    writePackageJson(parsedPackageJson);
-  }
-};
+    if (changed) {
+      parsedPackageJson[key] = deps;
+      await writePackageJson(parsedPackageJson);
+    }
+  };
 
-const prepareRepo = () => {
-  let branch = execSync('git symbolic-ref HEAD');
-  if (branch !== 'refs/heads/master' && branch !== 'refs/heads/main') {
-    throw new Error('master/main must be checked out');
-  }
-  branch = branch.replace(/^refs\/heads\//, '');
-  execSync('git rev-parse --verify -q HEAD^0 || ' +
-           `{ echo "Error: no commits on ${branch}" >&2; exit 1; }`);
-  execSync('git rev-parse --verify @{u}'); // Make sure there's a remote tracking branch.
-  const modified = execSync('git diff-files --name-status');
-  if (modified !== '') throw new Error(`working directory has modifications:\n${modified}`);
-  const untracked = execSync('git ls-files -o --exclude-standard');
-  if (untracked !== '') throw new Error(`working directory has untracked files:\n${untracked}`);
-  const indexStatus = execSync('git diff-index --cached --name-status HEAD');
-  if (indexStatus !== '') throw new Error(`uncommitted staged changes to files:\n${indexStatus}`);
-  execSync('git pull --ff-only', {stdio: 'inherit'});
-  if (execSync('git rev-list @{u}...') !== '') throw new Error('repo contains unpushed commits');
-  if (autoCommit) {
-    execSync('git config --get user.name');
-    execSync('git config --get user.email');
-  }
-};
+  const prepareRepo = () => {
+    const modified = execSync('git diff-files --name-status');
+    if (modified !== '') throw new Error(`working directory has modifications:\n${modified}`);
+    const untracked = execSync('git ls-files -o --exclude-standard');
+    if (untracked !== '') throw new Error(`working directory has untracked files:\n${untracked}`);
+    const indexStatus = execSync('git diff-index --cached --name-status HEAD');
+    if (indexStatus !== '') throw new Error(`uncommitted staged changes to files:\n${indexStatus}`);
+    let br;
+    if (autoCommit) {
+      br = execSync('git symbolic-ref HEAD');
+      if (!br.startsWith('refs/heads/')) throw new Error('detached HEAD');
+      br = br.replace(/^refs\/heads\//, '');
+      execSync('git rev-parse --verify -q HEAD^0 || ' +
+               `{ echo "Error: no commits on ${br}" >&2; exit 1; }`);
+      execSync('git config --get user.name');
+      execSync('git config --get user.email');
+    }
+    if (autoPush) {
+      if (!['master', 'main'].includes(br)) throw new Error('master/main not checked out');
+      execSync('git rev-parse --verify @{u}');
+      execSync('git pull --ff-only', {stdio: 'inherit'});
+      if (execSync('git rev-list @{u}...') !== '') throw new Error('repo contains unpushed commits');
+    }
+  };
 
-if (autoCommit) {
-  console.warn('Auto commit is enabled, I hope you know what you are doing...');
-}
+  const checkFile = async (srcFn, dstFn, overwrite = true) => {
+    const outFn = path.join(pluginPath, dstFn);
+    const wantContents = await fsp.readFile(srcFn, {encoding: 'utf8'});
+    let gotContents = null;
+    try {
+      gotContents = await fsp.readFile(outFn, {encoding: 'utf8'});
+    } catch (err) { /* treat as if the file doesn't exist */ }
+    try {
+      assert.equal(gotContents, wantContents);
+    } catch (err) {
+      logger.warn(`File ${dstFn} does not match the default`);
+      logger.warn(err.message);
+      if (!overwrite && gotContents != null) {
+        logger.warn('Leaving existing contents alone.');
+        return;
+      }
+      if (autoFix) {
+        await fsp.mkdir(path.dirname(outFn), {recursive: true});
+        await fsp.writeFile(outFn, wantContents);
+      }
+    }
+  };
 
-fs.readdir(pluginPath, (err, rootFiles) => {
-  // handling error
-  if (err) {
-    return console.log(`Unable to scan directory: ${err}`);
+  if (autoPush) {
+    logger.warn('Auto push is enabled, I hope you know what you are doing...');
   }
 
-  // rewriting files to lower case
-  const files = [];
+  const files = await fsp.readdir(pluginPath);
 
   // some files we need to know the actual file name.  Not compulsory but might help in the future.
-  let readMeFileName;
-  let repository;
+  const readMeFileName = files.filter((f) => f === 'README' || f === 'README.md')[0];
 
-  for (let i = 0; i < rootFiles.length; i++) {
-    if (rootFiles[i].toLowerCase().indexOf('readme') !== -1) readMeFileName = rootFiles[i];
-    files.push(rootFiles[i].toLowerCase());
-  }
-
-  if (files.indexOf('.git') === -1) throw new Error('No .git folder, aborting');
+  if (!files.includes('.git')) throw new Error('No .git folder, aborting');
   prepareRepo();
 
-  try {
-    const path = `${pluginPath}/.github/workflows/npmpublish.yml`;
-    if (!fs.existsSync(path)) {
-      console.log('no .github/workflows/npmpublish.yml');
-      console.log('create one and set npm secret to auto publish to npm on commit');
-      if (autoFix) {
-        const npmpublish =
-            fs.readFileSync('src/bin/plugins/lib/npmpublish.yml', {encoding: 'utf8', flag: 'r'});
-        fs.mkdirSync(`${pluginPath}/.github/workflows`, {recursive: true});
-        fs.writeFileSync(path, npmpublish);
-        console.log("If you haven't already, setup autopublish for this plugin https://github.com/ether/etherpad-lite/wiki/Plugins:-Automatically-publishing-to-npm-on-commit-to-Github-Repo");
-      } else {
-        console.log('Setup autopublish for this plugin https://github.com/ether/etherpad-lite/wiki/Plugins:-Automatically-publishing-to-npm-on-commit-to-Github-Repo');
-      }
-    } else {
-      // autopublish exists, we should check the version..
-      // checkVersion takes two file paths and checks for a version string in them.
-      const currVersionFile = fs.readFileSync(path, {encoding: 'utf8', flag: 'r'});
-      const existingConfigLocation = currVersionFile.indexOf('##ETHERPAD_NPM_V=');
-      const existingValue = parseInt(
-          currVersionFile.substr(existingConfigLocation + 17, existingConfigLocation.length));
+  const workflows = ['backend-tests.yml', 'frontend-tests.yml', 'npmpublish.yml'];
+  await Promise.all(workflows.map(async (fn) => {
+    await checkFile(`src/bin/plugins/lib/${fn}`, `.github/workflows/${fn}`);
+  }));
+  await checkFile('src/bin/plugins/lib/dependabot.yml', '.github/dependabot.yml');
 
-      const reqVersionFile =
-          fs.readFileSync('src/bin/plugins/lib/npmpublish.yml', {encoding: 'utf8', flag: 'r'});
-      const reqConfigLocation = reqVersionFile.indexOf('##ETHERPAD_NPM_V=');
-      const reqValue =
-          parseInt(reqVersionFile.substr(reqConfigLocation + 17, reqConfigLocation.length));
-
-      if (!existingValue || (reqValue > existingValue)) {
-        const npmpublish =
-            fs.readFileSync('src/bin/plugins/lib/npmpublish.yml', {encoding: 'utf8', flag: 'r'});
-        fs.mkdirSync(`${pluginPath}/.github/workflows`, {recursive: true});
-        fs.writeFileSync(path, npmpublish);
-      }
-    }
-  } catch (err) {
-    console.error(err);
-  }
-
-
-  try {
-    const path = `${pluginPath}/.github/workflows/backend-tests.yml`;
-    if (!fs.existsSync(path)) {
-      console.log('no .github/workflows/backend-tests.yml');
-      console.log('create one and set npm secret to auto publish to npm on commit');
-      if (autoFix) {
-        const backendTests =
-            fs.readFileSync('src/bin/plugins/lib/backend-tests.yml', {encoding: 'utf8', flag: 'r'});
-        fs.mkdirSync(`${pluginPath}/.github/workflows`, {recursive: true});
-        fs.writeFileSync(path, backendTests);
-      }
-    } else {
-      // autopublish exists, we should check the version..
-      // checkVersion takes two file paths and checks for a version string in them.
-      const currVersionFile = fs.readFileSync(path, {encoding: 'utf8', flag: 'r'});
-      const existingConfigLocation = currVersionFile.indexOf('##ETHERPAD_NPM_V=');
-      const existingValue = parseInt(
-          currVersionFile.substr(existingConfigLocation + 17, existingConfigLocation.length));
-
-      const reqVersionFile =
-          fs.readFileSync('src/bin/plugins/lib/backend-tests.yml', {encoding: 'utf8', flag: 'r'});
-      const reqConfigLocation = reqVersionFile.indexOf('##ETHERPAD_NPM_V=');
-      const reqValue =
-          parseInt(reqVersionFile.substr(reqConfigLocation + 17, reqConfigLocation.length));
-
-      if (!existingValue || (reqValue > existingValue)) {
-        const backendTests =
-            fs.readFileSync('src/bin/plugins/lib/backend-tests.yml', {encoding: 'utf8', flag: 'r'});
-        fs.mkdirSync(`${pluginPath}/.github/workflows`, {recursive: true});
-        fs.writeFileSync(path, backendTests);
-      }
-    }
-  } catch (err) {
-    console.error(err);
-  }
-
-  if (files.indexOf('package.json') === -1) {
-    console.warn('no package.json, please create');
-  }
-
-  if (files.indexOf('package.json') !== -1) {
+  if (!files.includes('package.json')) {
+    logger.warn('no package.json, please create');
+  } else {
     const packageJSON =
-        fs.readFileSync(`${pluginPath}/package.json`, {encoding: 'utf8', flag: 'r'});
+        await fsp.readFile(`${pluginPath}/package.json`, {encoding: 'utf8', flag: 'r'});
     const parsedPackageJSON = JSON.parse(packageJSON);
-    if (autoFix) {
-      let updatedPackageJSON = false;
-      if (!parsedPackageJSON.funding) {
-        updatedPackageJSON = true;
-        parsedPackageJSON.funding = {
-          type: 'individual',
-          url: 'https://etherpad.org/',
-        };
-      }
-      if (updatedPackageJSON) {
-        writePackageJson(parsedPackageJSON);
-      }
-    }
 
-    if (packageJSON.toLowerCase().indexOf('repository') === -1) {
-      console.warn('No repository in package.json');
-      if (autoFix) {
-        console.warn('Repository not detected in package.json.  Add repository section.');
-      }
-    } else {
-      // useful for creating README later.
-      repository = parsedPackageJSON.repository.url;
-    }
-
-    updateDeps(parsedPackageJSON, 'devDependencies', {
-      'eslint': '^7.28.0',
-      'eslint-config-etherpad': '^2.0.0',
-      'eslint-plugin-cypress': '^2.11.3',
-      'eslint-plugin-eslint-comments': '^3.2.0',
-      'eslint-plugin-mocha': '^9.0.0',
-      'eslint-plugin-node': '^11.1.0',
-      'eslint-plugin-prefer-arrow': '^1.2.3',
-      'eslint-plugin-promise': '^5.1.0',
-      'eslint-plugin-you-dont-need-lodash-underscore': '^6.12.0',
+    await updateDeps(parsedPackageJSON, 'devDependencies', {
+      'eslint': '^8.14.0',
+      'eslint-config-etherpad': '^3.0.13',
+      // Changing the TypeScript version can break plugin code, so leave it alone if present.
+      'typescript': {ver: '^4.6.4', overwrite: false},
+      // These were moved to eslint-config-etherpad's dependencies so they can be removed:
+      '@typescript-eslint/eslint-plugin': null,
+      '@typescript-eslint/parser': null,
+      'eslint-import-resolver-typescript': null,
+      'eslint-plugin-cypress': null,
+      'eslint-plugin-eslint-comments': null,
+      'eslint-plugin-import': null,
+      'eslint-plugin-mocha': null,
+      'eslint-plugin-node': null,
+      'eslint-plugin-prefer-arrow': null,
+      'eslint-plugin-promise': null,
+      'eslint-plugin-you-dont-need-lodash-underscore': null,
     });
 
-    updateDeps(parsedPackageJSON, 'peerDependencies', {
+    await updateDeps(parsedPackageJSON, 'peerDependencies', {
       // Some plugins require a newer version of Etherpad so don't overwrite if already set.
       'ep_etherpad-lite': {ver: '>=1.8.6', overwrite: false},
     });
 
-    if (packageJSON.toLowerCase().indexOf('eslintconfig') === -1) {
-      console.warn('No esLintConfig in package.json');
-      if (autoFix) {
-        const eslintConfig = {
-          root: true,
-          extends: 'etherpad/plugin',
-        };
-        parsedPackageJSON.eslintConfig = eslintConfig;
-        writePackageJson(parsedPackageJSON);
-      }
-    }
+    await updateDeps(parsedPackageJSON, 'engines', {
+      node: '>=12.17.0',
+    });
 
-    if (packageJSON.toLowerCase().indexOf('scripts') === -1) {
-      console.warn('No scripts in package.json');
-      if (autoFix) {
-        const scripts = {
-          'lint': 'eslint .',
-          'lint:fix': 'eslint --fix .',
-        };
-        parsedPackageJSON.scripts = scripts;
-        writePackageJson(parsedPackageJSON);
-      }
+    if (parsedPackageJSON.eslintConfig != null && autoFix) {
+      delete parsedPackageJSON.eslintConfig;
+      await writePackageJson(parsedPackageJSON);
     }
-
-    if ((packageJSON.toLowerCase().indexOf('engines') === -1) || !parsedPackageJSON.engines.node) {
-      console.warn('No engines or node engine in package.json');
-      if (autoFix) {
-        const engines = {
-          node: '>=12.13.0',
-        };
-        parsedPackageJSON.engines = engines;
-        writePackageJson(parsedPackageJSON);
-      }
-    }
-  }
-
-  if (files.indexOf('package-lock.json') === -1) {
-    console.warn('package-lock.json not found');
-    if (!autoFix) {
-      console.warn('Run npm install in the plugin folder and commit the package-lock.json file.');
-    }
-  }
-  if (files.indexOf('readme') === -1 && files.indexOf('readme.md') === -1) {
-    console.warn('README.md file not found, please create');
-    if (autoFix) {
-      console.log('Autofixing missing README.md file');
-      console.log('please edit the README.md file further to include plugin specific details.');
-      let readme = fs.readFileSync('src/bin/plugins/lib/README.md', {encoding: 'utf8', flag: 'r'});
-      readme = readme.replace(/\[plugin_name\]/g, pluginName);
-      if (repository) {
-        const org = repository.split('/')[3];
-        const name = repository.split('/')[4];
-        readme = readme.replace(/\[org_name\]/g, org);
-        readme = readme.replace(/\[repo_url\]/g, name);
-        fs.writeFileSync(`${pluginPath}/README.md`, readme);
+    if (files.includes('.eslintrc.js')) {
+      const [from, to] = [`${pluginPath}/.eslintrc.js`, `${pluginPath}/.eslintrc.cjs`];
+      if (!files.includes('.eslintrc.cjs')) {
+        if (autoFix) {
+          await fsp.rename(from, to);
+        } else {
+          logger.warn(`please rename ${from} to ${to}`);
+        }
       } else {
-        console.warn('Unable to find repository in package.json, aborting.');
+        logger.error(`both ${from} and ${to} exist; delete ${from}`);
       }
+    } else {
+      checkFile('src/bin/plugins/lib/eslintrc.cjs', '.eslintrc.cjs', false);
+    }
+
+    if (checkEntries(parsedPackageJSON, {
+      funding: {
+        type: 'individual',
+        url: 'https://etherpad.org/',
+      },
+    })) await writePackageJson(parsedPackageJSON);
+
+    if (parsedPackageJSON.scripts == null) parsedPackageJSON.scripts = {};
+    if (checkEntries(parsedPackageJSON.scripts, {
+      'lint': 'eslint .',
+      'lint:fix': 'eslint --fix .',
+    })) await writePackageJson(parsedPackageJSON);
+  }
+
+  if (!files.includes('package-lock.json')) {
+    logger.warn('package-lock.json not found');
+    if (!autoFix) {
+      logger.warn('Run npm install in the plugin folder and commit the package-lock.json file.');
     }
   }
 
-  if (files.indexOf('contributing') === -1 && files.indexOf('contributing.md') === -1) {
-    console.warn('CONTRIBUTING.md file not found, please create');
+  const fillTemplate = async (templateFilename, outputFilename) => {
+    const contents = (await fsp.readFile(templateFilename, 'utf8'))
+        .replace(/\[name of copyright owner\]/g, execSync('git config user.name'))
+        .replace(/\[plugin_name\]/g, pluginName)
+        .replace(/\[yyyy\]/g, new Date().getFullYear());
+    await fsp.writeFile(outputFilename, contents);
+  };
+
+  if (!readMeFileName) {
+    logger.warn('README.md file not found, please create');
     if (autoFix) {
-      console.log('Autofixing missing CONTRIBUTING.md file, please edit the CONTRIBUTING.md ' +
+      logger.info('Autofixing missing README.md file');
+      logger.info('please edit the README.md file further to include plugin specific details.');
+      await fillTemplate('src/bin/plugins/lib/README.md', `${pluginPath}/README.md`);
+    }
+  }
+
+  if (!files.includes('CONTRIBUTING') && !files.includes('CONTRIBUTING.md')) {
+    logger.warn('CONTRIBUTING.md file not found, please create');
+    if (autoFix) {
+      logger.info('Autofixing missing CONTRIBUTING.md file, please edit the CONTRIBUTING.md ' +
                   'file further to include plugin specific details.');
-      let contributing =
-          fs.readFileSync('src/bin/plugins/lib/CONTRIBUTING.md', {encoding: 'utf8', flag: 'r'});
-      contributing = contributing.replace(/\[plugin_name\]/g, pluginName);
-      fs.writeFileSync(`${pluginPath}/CONTRIBUTING.md`, contributing);
+      await fillTemplate('src/bin/plugins/lib/CONTRIBUTING.md', `${pluginPath}/CONTRIBUTING.md`);
     }
   }
 
 
   if (readMeFileName) {
     let readme =
-        fs.readFileSync(`${pluginPath}/${readMeFileName}`, {encoding: 'utf8', flag: 'r'});
-    if (readme.toLowerCase().indexOf('license') === -1) {
-      console.warn('No license section in README');
+        await fsp.readFile(`${pluginPath}/${readMeFileName}`, {encoding: 'utf8', flag: 'r'});
+    if (!readme.toLowerCase().includes('license')) {
+      logger.warn('No license section in README');
       if (autoFix) {
-        console.warn('Please add License section to README manually.');
+        logger.warn('Please add License section to README manually.');
       }
     }
     // eslint-disable-next-line max-len
     const publishBadge = `![Publish Status](https://github.com/ether/${pluginName}/workflows/Node.js%20Package/badge.svg)`;
     // eslint-disable-next-line max-len
     const testBadge = `![Backend Tests Status](https://github.com/ether/${pluginName}/workflows/Backend%20tests/badge.svg)`;
-    if (readme.toLowerCase().indexOf('travis') !== -1) {
-      console.warn('Remove Travis badges');
+    if (readme.toLowerCase().includes('travis')) {
+      logger.warn('Remove Travis badges');
     }
-    if (readme.indexOf('workflows/Node.js%20Package/badge.svg') === -1) {
-      console.warn('No Github workflow badge detected');
+    if (!readme.includes('workflows/Node.js%20Package/badge.svg')) {
+      logger.warn('No Github workflow badge detected');
       if (autoFix) {
         readme = `${publishBadge} ${testBadge}\n\n${readme}`;
         // write readme to file system
-        fs.writeFileSync(`${pluginPath}/${readMeFileName}`, readme);
-        console.log('Wrote Github workflow badges to README');
+        await fsp.writeFile(`${pluginPath}/${readMeFileName}`, readme);
+        logger.info('Wrote Github workflow badges to README');
       }
     }
   }
 
-  if (files.indexOf('license') === -1 && files.indexOf('license.md') === -1) {
-    console.warn('LICENSE.md file not found, please create');
+  if (!files.includes('LICENSE') && !files.includes('LICENSE.md')) {
+    logger.warn('LICENSE file not found, please create');
     if (autoFix) {
-      console.log('Autofixing missing LICENSE.md file, including Apache 2 license.');
-      let license =
-          fs.readFileSync('src/bin/plugins/lib/LICENSE.md', {encoding: 'utf8', flag: 'r'});
-      license = license.replace('[yyyy]', new Date().getFullYear());
-      license = license.replace('[name of copyright owner]', execSync('git config user.name'));
-      fs.writeFileSync(`${pluginPath}/LICENSE.md`, license);
+      logger.info('Autofixing missing LICENSE file (Apache 2.0).');
+      await fsp.copyFile('src/bin/plugins/lib/LICENSE', `${pluginPath}/LICENSE`);
     }
   }
 
-  if (files.indexOf('.gitignore') === -1) {
-    console.warn('.gitignore file not found, please create.  .gitignore files are useful to ' +
+  if (!files.includes('.gitignore')) {
+    logger.warn('.gitignore file not found, please create.  .gitignore files are useful to ' +
                  "ensure files aren't incorrectly commited to a repository.");
     if (autoFix) {
-      console.log('Autofixing missing .gitignore file');
+      logger.info('Autofixing missing .gitignore file');
       const gitignore =
-          fs.readFileSync('src/bin/plugins/lib/gitignore', {encoding: 'utf8', flag: 'r'});
-      fs.writeFileSync(`${pluginPath}/.gitignore`, gitignore);
+          await fsp.readFile('src/bin/plugins/lib/gitignore', {encoding: 'utf8', flag: 'r'});
+      await fsp.writeFile(`${pluginPath}/.gitignore`, gitignore);
     }
   } else {
     let gitignore =
-        fs.readFileSync(`${pluginPath}/.gitignore`, {encoding: 'utf8', flag: 'r'});
-    if (gitignore.indexOf('node_modules/') === -1) {
-      console.warn('node_modules/ missing from .gitignore');
+        await fsp.readFile(`${pluginPath}/.gitignore`, {encoding: 'utf8', flag: 'r'});
+    if (!gitignore.includes('node_modules/')) {
+      logger.warn('node_modules/ missing from .gitignore');
       if (autoFix) {
         gitignore += 'node_modules/';
-        fs.writeFileSync(`${pluginPath}/.gitignore`, gitignore);
+        await fsp.writeFile(`${pluginPath}/.gitignore`, gitignore);
       }
     }
   }
 
   // if we include templates but don't have translations...
-  if (files.indexOf('templates') !== -1 && files.indexOf('locales') === -1) {
-    console.warn('Translations not found, please create.  ' +
+  if (files.includes('templates') && !files.includes('locales')) {
+    logger.warn('Translations not found, please create.  ' +
                  'Translation files help with Etherpad accessibility.');
   }
 
 
-  if (files.indexOf('.ep_initialized') !== -1) {
-    console.warn(
+  if (files.includes('.ep_initialized')) {
+    logger.warn(
         '.ep_initialized found, please remove.  .ep_initialized should never be commited to git ' +
         'and should only exist once the plugin has been executed one time.');
     if (autoFix) {
-      console.log('Autofixing incorrectly existing .ep_initialized file');
-      fs.unlinkSync(`${pluginPath}/.ep_initialized`);
+      logger.info('Autofixing incorrectly existing .ep_initialized file');
+      await fsp.unlink(`${pluginPath}/.ep_initialized`);
     }
   }
 
-  if (files.indexOf('npm-debug.log') !== -1) {
-    console.warn('npm-debug.log found, please remove.  npm-debug.log should never be commited to ' +
+  if (files.includes('npm-debug.log')) {
+    logger.warn('npm-debug.log found, please remove.  npm-debug.log should never be commited to ' +
                  'your repository.');
     if (autoFix) {
-      console.log('Autofixing incorrectly existing npm-debug.log file');
-      fs.unlinkSync(`${pluginPath}/npm-debug.log`);
+      logger.info('Autofixing incorrectly existing npm-debug.log file');
+      await fsp.unlink(`${pluginPath}/npm-debug.log`);
     }
   }
 
-  if (files.indexOf('static') !== -1) {
-    fs.readdir(`${pluginPath}/static`, (errRead, staticFiles) => {
-      if (staticFiles.indexOf('tests') === -1) {
-        console.warn('Test files not found, please create tests.  https://github.com/ether/etherpad-lite/wiki/Creating-a-plugin#writing-and-running-front-end-tests-for-your-plugin');
-      }
-    });
+  if (files.includes('static')) {
+    const staticFiles = await fsp.readdir(`${pluginPath}/static`);
+    if (!staticFiles.includes('tests')) {
+      logger.warn('Test files not found, please create tests.  https://github.com/ether/etherpad-lite/wiki/Creating-a-plugin#writing-and-running-front-end-tests-for-your-plugin');
+    }
   } else {
-    console.warn('Test files not found, please create tests.  https://github.com/ether/etherpad-lite/wiki/Creating-a-plugin#writing-and-running-front-end-tests-for-your-plugin');
+    logger.warn('Test files not found, please create tests.  https://github.com/ether/etherpad-lite/wiki/Creating-a-plugin#writing-and-running-front-end-tests-for-your-plugin');
   }
 
   // Install dependencies so we can run ESLint. This should also create or update package-lock.json
   // if autoFix is enabled.
   const npmInstall = `npm install${autoFix ? '' : ' --no-package-lock'}`;
   execSync(npmInstall, {stdio: 'inherit'});
-  // The ep_etherpad-lite peer dep must be installed last otherwise `npm install` will nuke it. An
-  // absolute path to etherpad-lite/src is used here so that pluginPath can be a symlink.
-  execSync(
-      `${npmInstall} --no-save ep_etherpad-lite@file:${__dirname}/../../`, {stdio: 'inherit'});
+  // Create the ep_etherpad-lite symlink if necessary. This must be done after running `npm install`
+  // because that command nukes the symlink.
+  try {
+    const d = await fsp.realpath(path.join(pluginPath, 'node_modules/ep_etherpad-lite'));
+    assert.equal(d, epSrcDir);
+  } catch (err) {
+    execSync(`${npmInstall} --no-save ep_etherpad-lite@file:${epSrcDir}`, {stdio: 'inherit'});
+  }
   // linting begins
   try {
-    console.log('Linting...');
+    logger.info('Linting...');
     const lintCmd = autoFix ? 'npx eslint --fix .' : 'npx eslint';
     execSync(lintCmd, {stdio: 'inherit'});
   } catch (e) {
     // it is gonna throw an error anyway
-    console.log('Manual linting probably required, check with: npm run lint');
+    logger.info('Manual linting probably required, check with: npm run lint');
   }
   // linting ends.
 
@@ -436,24 +390,31 @@ fs.readdir(pluginPath, (err, rootFiles) => {
         env: {...process.env, GIT_INDEX_FILE: '.git/checkPlugin.index'},
         stdio: 'inherit',
       });
-      fs.unlinkSync(`${pluginPath}/.git/checkPlugin.index`);
+      await fsp.unlink(`${pluginPath}/.git/checkPlugin.index`);
 
-      const cmd = [
+      const commitCmd = [
         'git add -A',
         'git commit -m "autofixes from Etherpad checkPlugin.js"',
-        'git push',
       ].join(' && ');
       if (autoCommit) {
-        console.log('Attempting autocommit and auto publish to npm');
-        execSync(cmd, {stdio: 'inherit'});
+        logger.info('Committing changes...');
+        execSync(commitCmd, {stdio: 'inherit'});
       } else {
-        console.log('Fixes applied. Check the above git diff then run the following command:');
-        console.log(`(cd node_modules/${pluginName} && ${cmd})`);
+        logger.info('Fixes applied. Check the above git diff then run the following command:');
+        logger.info(`(cd node_modules/${pluginName} && ${commitCmd})`);
+      }
+      const pushCmd = 'git push';
+      if (autoPush) {
+        logger.info('Pushing new commit...');
+        execSync(pushCmd, {stdio: 'inherit'});
+      } else {
+        logger.info('Changes committed. To push, run the following command:');
+        logger.info(`(cd node_modules/${pluginName} && ${pushCmd})`);
       }
     } else {
-      console.log('No changes.');
+      logger.info('No changes.');
     }
   }
 
-  console.log('Finished');
-});
+  logger.info('Finished');
+})();

src/bin/plugins/getCorePlugins.sh

@@ -1,4 +1,39 @@
-cd node_modules/
-GHUSER=ether; curl "https://api.github.com/users/$GHUSER/repos?per_page=100" | grep -o 'git@[^"]*' | grep /ep_ | xargs -L1 git clone
-GHUSER=ether; curl "https://api.github.com/users/$GHUSER/repos?per_page=100&page=2&" | grep -o 'git@[^"]*' | grep /ep_ | xargs -L1 git clone
-GHUSER=ether; curl "https://api.github.com/users/$GHUSER/repos?per_page=100&page=3&" | grep -o 'git@[^"]*' | grep /ep_ | xargs -L1 git clone
+#!/bin/sh
+
+set -e
+
+newline='
+'
+
+pecho () { printf %s\\n "$*"; }
+log () { pecho "$@"; }
+error () { log "ERROR: $@" >&2; }
+fatal () { error "$@"; exit 1; }
+
+mydir=$(cd "${0%/*}" && pwd -P) || exit 1
+cd "${mydir}/../../.."
+pdir=$(cd .. && pwd -P) || exit 1
+
+plugins=$("${mydir}/listOfficialPlugins") || exit 1
+for d in ${plugins}; do
+  log "============================================================"
+  log "${d}"
+  log "============================================================"
+  fd=${pdir}/${d}
+  repo=git@github.com:ether/${plugin}.git
+  [ -d "${fd}" ] || {
+    log "Cloning ${repo} to ${fd}..."
+    (cd "${pdir}" && git clone "${repo}" "${d}") || exit 1
+  } || exit 1
+  log "Fetching latest commits..."
+  (cd "${fd}" && git pull --ff-only) || exit 1
+  log "Getting plugin name..."
+  pn=$(cd "${fd}" && npx -c 'printf %s\\n "${npm_package_name}"') || exit 1
+  [ -n "${pn}" ] || fatal "Unable to determine plugin name for ${d}"
+  md=node_modules/${pn}
+  [ -d "${md}" ] || {
+    log "Installing plugin to ${md}..."
+    ln -s ../../"${d}" "${md}"
+  } || exit 1
+  [ "${md}" -ef "${fd}" ] || fatal "${md} is not a symlink to ${fd}"
+done

src/bin/plugins/lib/LICENSE

@@ -0,0 +1,201 @@
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.

src/bin/plugins/lib/LICENSE.md

@@ -1,13 +0,0 @@
-Copyright [yyyy] [name of copyright owner]
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-    http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.

src/bin/plugins/lib/README.md

@@ -1,32 +1,47 @@
-[![Travis (.com)](https://api.travis-ci.com/[org_name]/[repo_url].svg?branch=develop)](https://travis-ci.com/github/[org_name]/[repo_url])
+# [plugin_name]
 
-# My awesome plugin README example
-Explain what your plugin does and who it's useful for.
+TODO: Describe the plugin.
 
 ## Example animated gif of usage if appropriate
+
 ![screenshot](https://user-images.githubusercontent.com/220864/99979953-97841d80-2d9f-11eb-9782-5f65817c58f4.PNG)
 
-## Installing
+## Installation
 
-```
+From the Etherpad working directory, run:
+
+```shell
 npm install --no-save --legacy-peer-deps [plugin_name]
 ```
 
-or Use the Etherpad ``/admin`` interface.
+Or, install from Etherpad's `/admin/plugins` page.
 
-## Settings
-Document settings if any
+## Configuration
+
+TODO
 
 ## Testing
-Document how to run backend / frontend tests.
 
-### Frontend
+To run the backend tests, run the following from the Etherpad working directory:
 
-Visit http://whatever/tests/frontend/ to run the frontend tests.
+```shell
+(cd src && npm test)
+```
 
-### backend
+To run the frontend tests, visit: http://localhost:9001/tests/frontend/
 
-Type ``cd src && npm run test`` to run the backend tests.
+## Copyright and License
 
-## LICENSE
-Apache 2.0
+Copyright © [yyyy] [name of copyright owner]
+and the [plugin_name] authors and contributors
+
+Licensed under the [Apache License, Version 2.0](LICENSE) (the "License"); you
+may not use this file except in compliance with the License. You may obtain a
+copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software distributed
+under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
+CONDITIONS OF ANY KIND, either express or implied. See the License for the
+specific language governing permissions and limitations under the License.

src/bin/plugins/lib/backend-tests.yml

@@ -1,6 +1,3 @@
-# You need to change lines 38 and 46 in case the plugin's name on npmjs.com is different
-# from the repository name
-
 name: "Backend tests"
 
 # any branch is useful for testing before a PR is submitted
@@ -11,40 +8,68 @@ jobs:
     # run on pushes to any branch
     # run on PRs from external forks
     if: |
-         (github.event_name != 'pull_request')
-         || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
+      (github.event_name != 'pull_request')
+      || (github.event.pull_request.head.repo.id != github.event.pull_request.base.repo.id)
     name: with Plugins
     runs-on: ubuntu-latest
 
     steps:
-    - name: Install libreoffice
-      run: |
-        sudo add-apt-repository -y ppa:libreoffice/ppa
-        sudo apt update
-        sudo apt install -y --no-install-recommends libreoffice libreoffice-pdfimport
-
-    # clone etherpad-lite
-    - name: Install etherpad core
-      uses: actions/checkout@v2
-      with:
-        repository: ether/etherpad-lite
-
-    - name: Install all dependencies and symlink for ep_etherpad-lite
-      run: src/bin/installDeps.sh
-
-    # clone this repository into node_modules/ep_plugin-name
-    - name: Checkout plugin repository
-      uses: actions/checkout@v2
-      with:
-        path: ./node_modules/${{github.event.repository.name}}
-
-    - name: Install plugin dependencies
-      run: |
-        cd node_modules/${{github.event.repository.name}}
-        npm ci
-
-    - name: Run the backend tests
-      run: cd src && npm test
-
-##ETHERPAD_NPM_V=2
-## NPM configuration automatically created using src/bin/plugins/updateAllPluginsScript.sh
+      -
+        name: Install libreoffice
+        run: |
+          sudo add-apt-repository -y ppa:libreoffice/ppa
+          sudo apt update
+          sudo apt install -y --no-install-recommends libreoffice libreoffice-pdfimport
+      -
+        name: Install etherpad core
+        uses: actions/checkout@v3
+        with:
+          repository: ether/etherpad-lite
+      -
+        name: Checkout plugin repository
+        uses: actions/checkout@v3
+        with:
+          path: ./node_modules/__tmp
+      -
+        name: Determine plugin name
+        id: plugin_name
+        run: |
+          cd ./node_modules/__tmp
+          npx -c 'printf %s\\n "::set-output name=plugin_name::${npm_package_name}"'
+      -
+        name: Rename plugin directory
+        run: |
+          mv ./node_modules/__tmp ./node_modules/"${PLUGIN_NAME}"
+        env:
+          PLUGIN_NAME: ${{ steps.plugin_name.outputs.plugin_name }}
+      -
+        uses: actions/setup-node@v3
+        with:
+          node-version: 12
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+            node_modules/${{ steps.plugin_name.outputs.plugin_name }}/package-lock.json
+      -
+        name: Install plugin dependencies
+        run: |
+          cd ./node_modules/"${PLUGIN_NAME}"
+          npm ci
+        env:
+          PLUGIN_NAME: ${{ steps.plugin_name.outputs.plugin_name }}
+      # Etherpad core dependencies must be installed after installing the
+      # plugin's dependencies, otherwise npm will try to hoist common
+      # dependencies by removing them from src/node_modules and installing them
+      # in the top-level node_modules. As of v6.14.10, npm's hoist logic appears
+      # to be buggy, because it sometimes removes dependencies from
+      # src/node_modules but fails to add them to the top-level node_modules.
+      # Even if npm correctly hoists the dependencies, the hoisting seems to
+      # confuse tools such as `npm outdated`, `npm update`, and some ESLint
+      # rules.
+      -
+        name: Install Etherpad core dependencies
+        run: src/bin/installDeps.sh
+      -
+        name: Run the backend tests
+        run: cd src && npm test

src/bin/plugins/lib/dependabot.yml

@@ -0,0 +1,11 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    versioning-strategy: "increase"

src/bin/plugins/lib/eslintrc.cjs

@@ -0,0 +1,9 @@
+'use strict';
+
+// This is a workaround for https://github.com/eslint/eslint/issues/3458
+require('eslint-config-etherpad/patch/modern-module-resolution');
+
+module.exports = {
+  root: true,
+  extends: 'etherpad/plugin',
+};

src/bin/plugins/lib/frontend-tests.yml

@@ -0,0 +1,110 @@
+# Publicly credit Sauce Labs because they generously support open source
+# projects.
+name: "frontend tests powered by Sauce Labs"
+
+on: [push]
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    steps:
+      -
+        name: Fail if Dependabot
+        if: github.actor == 'dependabot[bot]'
+        run: |
+          cat <<EOF >&2
+          Frontend tests skipped because Dependabot can't access secrets.
+          Manually re-run the jobs to run the frontend tests.
+          For more information, see:
+          https://github.blog/changelog/2021-02-19-github-actions-workflows-triggered-by-dependabot-prs-will-run-with-read-only-permissions/
+          EOF
+          exit 1
+      -
+        name: Generate Sauce Labs strings
+        id: sauce_strings
+        run: |
+          printf %s\\n '::set-output name=name::${{github.event.repository.name}} ${{ github.workflow }} - ${{ github.job }}'
+          printf %s\\n '::set-output name=tunnel_id::${{ github.run_id }}-${{ github.run_number }}-${{ github.job }}'
+      -
+        name: Check out Etherpad core
+        uses: actions/checkout@v3
+        with:
+          repository: ether/etherpad-lite
+      -
+        uses: actions/setup-node@v3
+        with:
+          node-version: 12
+          cache: 'npm'
+          cache-dependency-path: |
+            src/package-lock.json
+            src/bin/doc/package-lock.json
+      -
+        name: Check out the plugin
+        uses: actions/checkout@v3
+        with:
+          path: ./node_modules/__tmp
+      -
+        name: export GIT_HASH to env
+        id: environment
+        run: |
+          cd ./node_modules/__tmp
+          echo "::set-output name=sha_short::$(git rev-parse --short ${{ github.sha }})"
+      -
+        name: Determine plugin name
+        id: plugin_name
+        run: |
+          cd ./node_modules/__tmp
+          npx -c 'printf %s\\n "::set-output name=plugin_name::${npm_package_name}"'
+      -
+        name: Rename plugin directory
+        env:
+          PLUGIN_NAME: ${{ steps.plugin_name.outputs.plugin_name }}
+        run: |
+          mv ./node_modules/__tmp ./node_modules/"${PLUGIN_NAME}"
+      -
+        name: Install plugin dependencies
+        env:
+          PLUGIN_NAME: ${{ steps.plugin_name.outputs.plugin_name }}
+        run: |
+          cd ./node_modules/"${PLUGIN_NAME}"
+          npm ci
+      # Etherpad core dependencies must be installed after installing the
+      # plugin's dependencies, otherwise npm will try to hoist common
+      # dependencies by removing them from src/node_modules and installing them
+      # in the top-level node_modules. As of v6.14.10, npm's hoist logic appears
+      # to be buggy, because it sometimes removes dependencies from
+      # src/node_modules but fails to add them to the top-level node_modules.
+      # Even if npm correctly hoists the dependencies, the hoisting seems to
+      # confuse tools such as `npm outdated`, `npm update`, and some ESLint
+      # rules.
+      -
+        name: Install Etherpad core dependencies
+        run: src/bin/installDeps.sh
+      -
+        name: Create settings.json
+        run: cp settings.json.template settings.json
+      -
+        name: Disable import/export rate limiting
+        run: |
+          sed -e '/^ *"importExportRateLimiting":/,/^ *\}/ s/"max":.*/"max": 0/' -i settings.json
+      -
+        name: Remove standard frontend test files
+        run: rm -rf src/tests/frontend/specs
+      -
+        uses: saucelabs/sauce-connect-action@v2.1.1
+        with:
+          username: ${{ secrets.SAUCE_USERNAME }}
+          accessKey: ${{ secrets.SAUCE_ACCESS_KEY }}
+          tunnelIdentifier: ${{ steps.sauce_strings.outputs.tunnel_id }}
+      -
+        name: Run the frontend tests
+        shell: bash
+        env:
+          SAUCE_USERNAME: ${{ secrets.SAUCE_USERNAME }}
+          SAUCE_ACCESS_KEY: ${{ secrets.SAUCE_ACCESS_KEY }}
+          SAUCE_NAME: ${{ steps.sauce_strings.outputs.name }}
+          TRAVIS_JOB_NUMBER: ${{ steps.sauce_strings.outputs.tunnel_id }}
+          GIT_HASH: ${{ steps.environment.outputs.sha_short }}
+        run: |
+          src/tests/frontend/travis/runner.sh

src/bin/plugins/lib/gitignore

@@ -1,5 +1,3 @@
-.ep_initialized
 .DS_Store
 node_modules/
-node_modules
 npm-debug.log

src/bin/plugins/lib/npmpublish.yml

@@ -21,50 +21,86 @@ jobs:
       # cloned to etherpad-lite then moved to ../etherpad-lite. To avoid
       # conflicts with this plugin's clone, etherpad-lite must be cloned and
       # moved out before this plugin's repo is cloned to $GITHUB_WORKSPACE.
-      - uses: actions/checkout@v2
+      -
+        uses: actions/checkout@v3
         with:
           repository: ether/etherpad-lite
           path: etherpad-lite
-      - run: mv etherpad-lite ..
+      -
+        run: mv etherpad-lite ..
       # etherpad-lite has been moved outside of $GITHUB_WORKSPACE, so it is now
       # safe to clone this plugin's repo to $GITHUB_WORKSPACE.
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
+      -
+        uses: actions/checkout@v3
+      # This is necessary for actions/setup-node because '..' can't be used in
+      # cache-dependency-path.
+      -
+        name: Create ep_etherpad-lite symlink
+        run: |
+          mkdir -p node_modules
+          ln -s ../../etherpad-lite/src node_modules/ep_etherpad-lite
+      -
+        uses: actions/setup-node@v3
         with:
           node-version: 12
+          cache: 'npm'
+          cache-dependency-path: |
+            node_modules/ep_etherpad-lite/package-lock.json
+            node_modules/ep_etherpad-lite/bin/doc/package-lock.json
+            package-lock.json
       # All of ep_etherpad-lite's devDependencies are installed because the
       # plugin might do `require('ep_etherpad-lite/node_modules/${devDep}')`.
       # Eventually it would be nice to create an ESLint plugin that prohibits
       # Etherpad plugins from piggybacking off of ep_etherpad-lite's
       # devDependencies. If we had that, we could change this line to only
       # install production dependencies.
-      - run: cd ../etherpad-lite/src && npm ci
-      - run: npm ci
+      -
+        run: cd ../etherpad-lite/src && npm ci
+      -
+        run: npm ci
       # This runs some sanity checks and creates a symlink at
       # node_modules/ep_etherpad-lite that points to ../../etherpad-lite/src.
       # This step must be done after `npm ci` installs the plugin's dependencies
       # because npm "helpfully" cleans up such symlinks. :( Installing
       # ep_etherpad-lite in the plugin's node_modules prevents lint errors and
       # unit test failures if the plugin does `require('ep_etherpad-lite/foo')`.
-      - run: npm install --no-save ep_etherpad-lite@file:../etherpad-lite/src
-      - run: npm test
-      - run: npm run lint
+      -
+        run: npm install --no-save ep_etherpad-lite@file:../etherpad-lite/src
+      -
+        run: npm test
+      -
+        run: npm run lint
 
   publish-npm:
     if: github.event_name == 'push'
     needs: test
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
-      - uses: actions/setup-node@v1
+      -
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+      -
+        uses: actions/setup-node@v3
         with:
           node-version: 12
           registry-url: https://registry.npmjs.org/
-      - run: git config user.name 'github-actions[bot]'
-      - run: git config user.email '41898282+github-actions[bot]@users.noreply.github.com'
-      - run: npm ci
-      - run: npm version patch
-      - run: git push --follow-tags
+          cache: 'npm'
+      -
+        name: Bump version (patch)
+        run: |
+          LATEST_TAG=$(git describe --tags --abbrev=0) || exit 1
+          NEW_COMMITS=$(git rev-list --count "${LATEST_TAG}"..) || exit 1
+          [ "${NEW_COMMITS}" -gt 0 ] || exit 0
+          git config user.name 'github-actions[bot]'
+          git config user.email '41898282+github-actions[bot]@users.noreply.github.com'
+          npm ci
+          npm version patch
+          git push --follow-tags
+      # This is required if the package has a prepare script that uses something
+      # in dependencies or devDependencies.
+      -
+        run: npm ci
       # `npm publish` must come after `git push` otherwise there is a race
       # condition: If two PRs are merged back-to-back then master/main will be
       # updated with the commits from the second PR before the first PR's
@@ -75,9 +111,12 @@ jobs:
       # already-used version number. By running `npm publish` after `git push`,
       # back-to-back merges will cause the first merge's workflow to fail but
       # the second's will succeed.
-      - run: npm publish
+      -
+        run: npm publish
+        env:
+          NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
+      -
+        name: Add package to etherpad organization
+        run: npm access grant read-write etherpad:developers
         env:
           NODE_AUTH_TOKEN: ${{secrets.NPM_TOKEN}}
-
-##ETHERPAD_NPM_V=2
-## NPM configuration automatically created using src/bin/plugins/updateAllPluginsScript.sh

src/bin/plugins/listOfficialPlugins

@@ -0,0 +1,14 @@
+#!/bin/sh
+set -e
+newline='
+'
+mydir=$(cd "${0%/*}" && pwd -P) || exit 1
+cd "${mydir}/../../.."
+pdir=$(cd .. && pwd -P) || exit 1
+plugins=
+for p in "" "&page=2" "&page=3"; do
+  curlOut=$(curl "https://api.github.com/users/ether/repos?per_page=100${p}") || exit 1
+  plugins=${plugins}${newline}$(printf %s\\n "${curlOut}" \
+        | sed -n -e 's;.*git@github.com:ether/\(ep_[^"]*\)\.git.*;\1;p');
+done
+printf %s\\n "${plugins}" | sort -u | grep -v '^[[:space:]]*$'

src/bin/plugins/reTestAllPlugins.sh

@@ -4,7 +4,7 @@ do
   echo $dir
   if [[ $dir == *"ep_"* ]]; then
     if [[ $dir != "ep_etherpad-lite" ]]; then
-      # node src/bin/plugins/checkPlugin.js $dir autofix autocommit autoupdate
+      # node src/bin/plugins/checkPlugin.js $dir autopush
       cd node_modules/$dir
       git commit -m "Automatic update: bump update to re-run latest Etherpad tests" --allow-empty
       git push origin master

src/bin/plugins/updateAllPluginsScript.sh

@@ -10,7 +10,7 @@ do
   # echo $0
   if [[ $dir == *"ep_"* ]]; then
     if [[ $dir != "ep_etherpad-lite" ]]; then
-      node src/bin/plugins/checkPlugin.js $dir autofix autocommit autoupdate
+      node src/bin/plugins/checkPlugin.js $dir autopush
     fi
   fi
   # echo $dir

src/bin/plugins/updateCorePlugins.sh

@@ -5,5 +5,5 @@ set -e
 for dir in node_modules/ep_*; do
   dir=${dir#node_modules/}
   [ "$dir" != ep_etherpad-lite ] || continue
-  node src/bin/plugins/checkPlugin.js "$dir" autofix autocommit autoupdate
+  node src/bin/plugins/checkPlugin.js "$dir" autopush
 done

src/bin/release.js

@@ -9,8 +9,12 @@ const childProcess = require('child_process');
 const log4js = require('log4js');
 const path = require('path');
 const semver = require('semver');
+const {exec} = require('child_process');
 
-log4js.replaceConsole();
+log4js.configure({appenders: {console: {type: 'console'}},
+  categories: {
+    default: {appenders: ['console'], level: 'info'},
+  }});
 
 /*
 
@@ -76,6 +80,15 @@ const assertUpstreamOk = (branch, opts = {}) => {
   }
 };
 
+// Check if asciidoctor is installed
+exec('asciidoctor -v', (err, stdout) => {
+  if (err) {
+    console.log('Please install asciidoctor');
+    console.log('https://asciidoctor.org/docs/install-toolchain/');
+    process.exit(1);
+  }
+});
+
 const dirExists = (dir) => {
   try {
     return fs.statSync(dir).isDirectory();
@@ -132,9 +145,9 @@ try {
 
   // Many users will be using the latest LTS version of npm, and the latest LTS version of npm uses
   // lockfileVersion 1. Enforce v1 so that users don't see a (benign) compatibility warning.
-  if (readJson('./src/package-lock.json').lockfileVersion !== 1) {
-    throw new Error('Please regenerate package-lock.json with npm v6.x.');
-  }
+  const pkglock = readJson('./src/package-lock.json');
+  pkglock.lockfileVersion = 1;
+  writeJson('./src/package-lock.json', pkglock);
 
   run('git add src/package.json');
   run('git add src/package-lock.json');
@@ -168,12 +181,12 @@ try {
 
 try {
   console.log('Building documentation...');
-  run('make docs');
+  run('node ./make_docs.js');
   console.log('Updating ether.github.com master branch...');
   run('git pull --ff-only', {cwd: '../ether.github.com/'});
   console.log('Committing documentation...');
-  run(`cp -R out/doc/ ../ether.github.com/doc/v'${newVersion}'`);
-  run(`rm -f latest && ln -s 'v${newVersion}' latest`, {cwd: '../ether.github.com/doc/'});
+  run(`cp -R out/doc/ ../ether.github.com/public/doc/v'${newVersion}'`);
+  run(`npm version ${newVersion}`, {cwd: '../ether.github.com'});
   run('git add .', {cwd: '../ether.github.com/'});
   run(`git commit -m '${newVersion} docs'`, {cwd: '../ether.github.com/'});
 } catch (err) {
@@ -193,12 +206,9 @@ console.log('  (cd ../ether.github.com && git show)');
 console.log('If everything looks good then push:');
 console.log(`  git push origin master develop '${newVersion}'`);
 console.log('  (cd ../ether.github.com && git push)');
-console.log('Create a Windows build:');
-console.log('  bin/buildForWindows.sh');
+console.log('Creating a Windows build is not necessary anymore and will be created by GitHub action');
 console.log('Visit https://github.com/ether/etherpad-lite/releases/new and create a new release ' +
-            `with 'master' as the target and the version is ${newVersion}.  Include the windows ` +
-            'zip as an asset');
-console.log('Once the new docs are uploaded then modify the download links (replace ' +
-            `${currentVersion} with ${newVersion} on etherpad.org and then pull master onto ` +
-            'develop)');
+            `with 'master' as the target and the version is ${newVersion}. `);
+console.log('The docs are updated automatically with the new version. While the windows build' +
+    ' is generated people can still download the older versions.');
 console.log('Finally go public with an announcement via our comms channels :)');

src/ep.json

@@ -23,7 +23,7 @@
     {
       "name": "static",
       "hooks": {
-        "expressCreateServer": "ep_etherpad-lite/node/hooks/express/static"
+        "expressPreSession": "ep_etherpad-lite/node/hooks/express/static"
       }
     },
     {
@@ -35,13 +35,14 @@
     {
       "name": "i18n",
       "hooks": {
-        "expressCreateServer": "ep_etherpad-lite/node/hooks/i18n"
+        "expressPreSession": "ep_etherpad-lite/node/hooks/i18n"
       }
     },
     {
       "name": "specialpages",
       "hooks": {
-        "expressCreateServer": "ep_etherpad-lite/node/hooks/express/specialpages"
+        "expressCreateServer": "ep_etherpad-lite/node/hooks/express/specialpages",
+        "expressPreSession": "ep_etherpad-lite/node/hooks/express/specialpages"
       }
     },
     {
@@ -50,22 +51,10 @@
         "expressCreateServer": "ep_etherpad-lite/node/hooks/express/padurlsanitize"
       }
     },
-    {
-      "name": "padreadonly",
-      "hooks": {
-        "expressCreateServer": "ep_etherpad-lite/node/hooks/express/padreadonly"
-      }
-    },
-    {
-      "name": "webaccess",
-      "hooks": {
-        "expressConfigure": "ep_etherpad-lite/node/hooks/express/webaccess"
-      }
-    },
     {
       "name": "apicalls",
       "hooks": {
-        "expressCreateServer": "ep_etherpad-lite/node/hooks/express/apicalls"
+        "expressPreSession": "ep_etherpad-lite/node/hooks/express/apicalls"
       }
     },
     {
@@ -91,7 +80,7 @@
     {
       "name": "tests",
       "hooks": {
-        "expressCreateServer": "ep_etherpad-lite/node/hooks/express/tests"
+        "expressPreSession": "ep_etherpad-lite/node/hooks/express/tests"
       }
     },
     {
@@ -117,7 +106,7 @@
     {
       "name": "openapi",
       "hooks": {
-        "expressCreateServer": "ep_etherpad-lite/node/hooks/express/openapi"
+        "expressPreSession": "ep_etherpad-lite/node/hooks/express/openapi"
       }
     }
   ]

src/locales/ar.json

@@ -15,21 +15,29 @@
 			"محمد أحمد عبد الفتاح"
 		]
 	},
-	"admin_plugins": "مدير المساعد",
-	"admin_plugins.available": "الإضافات المتوفرة",
-	"admin_plugins.available_not-found": "لم يتم العثور على مكونات إضافية.",
-	"admin_plugins.available_fetching": "جارٍ الجلب...",
-	"admin_plugins.available_install.value": "تنصيب",
-	"admin_plugins.available_search.placeholder": " تنصيب عن الإضافات لتثبيتها",
+	"admin.page-title": "لوحة تحكم المسؤول - Etherpad",
 	"admin_plugins.description": "الوصف",
-	"admin_plugins.installed_uninstall.value": "فك التنصيب",
-	"admin_plugins.last-update": "آخر تحديث",
+	"admin_plugins.installed": "الإضافات المثبتة",
+	"admin_plugins.installed_fetching": "جارٍ إحضار المكونات الإضافية المثبتة ...",
+	"admin_plugins.installed_nothing": "لم تقم بتثبيت أي مكونات إضافية حتى الآن.",
 	"admin_plugins.name": "الاسم",
+	"admin_plugins.page-title": "مدير البرنامج المساعد - Etherpad",
 	"admin_plugins.version": "الإصدار",
-	"admin_plugins_info.version_latest": "أحدث نسخة متاحة",
+	"admin_plugins_info": "معلومات استكشاف الأخطاء وإصلاحها",
+	"admin_plugins_info.hooks": "خطافات مثبتة",
+	"admin_plugins_info.hooks_client": "خطاطيف من جانب العميل",
+	"admin_plugins_info.hooks_server": "خطاطيف من جانب الخادم",
+	"admin_plugins_info.parts": "الأجزاء المثبتة",
+	"admin_plugins_info.plugins": "الإضافات المثبتة",
+	"admin_plugins_info.page-title": "معلومات البرنامج المساعد - Etherpad",
+	"admin_plugins_info.version": "إصدار Etherpad",
 	"admin_plugins_info.version_number": "رقم الإصدار",
 	"admin_settings": "إعدادات",
-	"admin_settings.current": "التكوين الحالي",
+	"admin_settings.current_example-devel": "مثال على قالب إعدادات التطوير",
+	"admin_settings.current_example-prod": "مثال على قالب إعدادات الإنتاج",
+	"admin_settings.current_restart.value": "أعد تشغيل Etherpad",
+	"admin_settings.current_save.value": "حفظ الإعدادات",
+	"admin_settings.page-title": "الإعدادات - Etherpad",
 	"index.newPad": "باد جديد",
 	"index.createOpenPad": "أو صنع/فتح باد بوضع اسمه:",
 	"index.openPad": "افتح باد موجودة بالاسم:",
@@ -101,8 +109,8 @@
 	"pad.modals.corruptPad.cause": "قد يكون هذا بسبب تكوين ملقم خاطئ أو بسبب سلوك آخر غير متوقع. يرجى الاتصال بمسؤول الخدمة.",
 	"pad.modals.deleted": "محذوف.",
 	"pad.modals.deleted.explanation": "تمت إزالة هذا الباد.",
-	"pad.modals.rateLimited.explanation": "لقد أرسلت عددًا كبيرًا جدًا من الرسائل إلى هذه اللوحة ، لذا فقد قطع اتصالك.",
-	"pad.modals.rejected.explanation": "رفض الخادم رسالة أرسلها متصفحك.",
+	"pad.modals.rateLimited": "معدل محدود.",
+	"pad.modals.rejected.cause": "ربما تم تحديث الخادم أثناء عرض اللوحة ، أو ربما كان هناك خطأ في Etherpad. حاول إعادة تحميل الصفحة.",
 	"pad.modals.disconnected": "لم تعد متصلا.",
 	"pad.modals.disconnected.explanation": "تم فقدان الاتصال بالخادم",
 	"pad.modals.disconnected.cause": "قد يكون الخادم غير متوفر. يرجى إعلام مسؤول الخدمة إذا كان هذا لا يزال يحدث.",
@@ -115,6 +123,7 @@
 	"pad.chat.loadmessages": "تحميل المزيد من الرسائل",
 	"pad.chat.stick.title": "ألصق الدردشة بالشاشة",
 	"pad.chat.writeMessage.placeholder": "اكتب رسالتك هنا",
+	"timeslider.followContents": "اتبع تحديثات محتوى الوسادة",
 	"timeslider.pageTitle": "{{appTitle}} متصفح التاريخ",
 	"timeslider.toolbar.returnbutton": "العودة إلى الباد",
 	"timeslider.toolbar.authors": "المؤلفون:",

src/locales/ast.json

@@ -1,7 +1,8 @@
 {
 	"@metadata": {
 		"authors": [
-			"Xuacu"
+			"Xuacu",
+			"YoaR"
 		]
 	},
 	"index.newPad": "Nuevu bloc",
@@ -25,9 +26,9 @@
 	"pad.toolbar.embed.title": "Compartir ya incrustar esti bloc",
 	"pad.toolbar.showusers.title": "Amosar los usuarios d'esti bloc",
 	"pad.colorpicker.save": "Guardar",
-	"pad.colorpicker.cancel": "Encaboxar",
+	"pad.colorpicker.cancel": "Zarrar",
 	"pad.loading": "Cargando...",
-	"pad.noCookie": "Nun pudo alcontrase la cookie. ¡Por favor, permite les cookies nel navegador! La sesión y preferencies  nun se guarden ente visites. Esto pué debese a qu'Etherpad inclúyese nun iFrame en dalgunos restoladores. Asegúrate de qu'Etherpad tea nel mesmu subdominiu/dominiu que la iFrame padre",
+	"pad.noCookie": "Nun pudo alcontrase la cookie. ¡Por favor, permite les cookies nel navegador! La sesión y preferencies  nun se guarden ente visites. Esto pue debese a qu'Etherpad inclúyese nun iFrame en dalgunos restoladores. Asegúrate de qu'Etherpad tea nel mesmu subdominiu/dominiu que l'iFrame padre",
 	"pad.permissionDenied": "Nun tienes permisu pa entrar a esti bloc",
 	"pad.settings.padSettings": "Configuración del bloc",
 	"pad.settings.myView": "la mio vista",
@@ -56,7 +57,7 @@
 	"pad.modals.reconnecting": "Reconeutando col to bloc...",
 	"pad.modals.forcereconnect": "Forzar la reconexón",
 	"pad.modals.reconnecttimer": "Tentando reconeutar en",
-	"pad.modals.cancel": "Encaboxar",
+	"pad.modals.cancel": "Zarrar",
 	"pad.modals.userdup": "Abiertu n'otra ventana",
 	"pad.modals.userdup.explanation": "Esti bloc paez que ta abiertu en más d'una ventana del navegador d'esti ordenador.",
 	"pad.modals.userdup.advice": "Reconeutar pa usar esta ventana.",

src/locales/awa.json

@@ -1,7 +1,8 @@
 {
 	"@metadata": {
 		"authors": [
-			"1AnuraagPandey"
+			"1AnuraagPandey",
+			"बडा काजी"
 		]
 	},
 	"index.newPad": "नयाँ प्याड",
@@ -35,7 +36,7 @@
 	"pad.modals.unauth": "अनाधिकृत",
 	"pad.modals.initsocketfail": "सर्भरमा पहुँच से बहरे है ।",
 	"pad.share.readonly": "पढय वाला खाली",
-	"pad.share.link": "लिङ्क",
+	"pad.share.link": "कडी",
 	"pad.share.emebdcode": "URL जोडा जाय",
 	"pad.chat": "बातचीत",
 	"timeslider.pageTitle": "{{appTitle}} समय रेखा",

src/locales/bcc.json

@@ -2,13 +2,29 @@
 	"@metadata": {
 		"authors": [
 			"Baloch Afghanistan",
+			"Moshtank",
 			"Sultanselim baloch"
 		]
 	},
+	"admin.page-title": "کارمسترءِ کُرسی - اترپَد",
+	"admin_plugins": "گݔشانکانءِ کار ءُ بار",
+	"admin_plugins.available": "دسترسݔن گݔشانک",
+	"admin_plugins.available_not-found": "گݔشانکے نݔست اَت۔",
+	"admin_plugins.available_install.value": "پِررݔنَگ",
+	"admin_plugins.available_search.placeholder": "گݔشانکان شۏھاز پہ پِررݔنَگا",
+	"admin_plugins.description": "سرۏشتادی",
+	"admin_plugins.installed": "گݔشانک پِررݔنگ بیت",
+	"admin_plugins.installed_fetching": "پِررݔنتَگݔن گݔشانکانءِ پچ کنگ",
+	"admin_plugins.installed_nothing": "شما ھنگت ھچ گݔشانکے نہ پِررݔنتَگ۔",
+	"admin_plugins.installed_uninstall.value": "پِررݔنتَگݔنءِ بند کنگ",
+	"admin_plugins.last-update": "گُڈی پہ رۏچان",
+	"admin_plugins.name": "نام",
+	"admin_plugins.page-title": "گݔشانکءِ کارمستری - اترپد",
+	"admin_plugins.version": "ورژن",
 	"index.newPad": "دفترچه یادداشت تازه",
 	"index.createOpenPad": "یا ایجاد/بازکردن یک دفترچه یادداشت با نام:",
 	"pad.toolbar.bold.title": "پررنگ (Ctrl-B)",
-	"pad.toolbar.italic.title": "کج (Ctrl-I)",
+	"pad.toolbar.italic.title": "کَش (Ctrl-I)",
 	"pad.toolbar.underline.title": "زیرخط (Ctrl-U)",
 	"pad.toolbar.strikethrough.title": "خط خورده",
 	"pad.toolbar.ol.title": "فهرست مرتب شده",
@@ -21,12 +37,12 @@
 	"pad.toolbar.import_export.title": "درون‌ریزی/برون‌ریزی از/به قالب‌های مختلف",
 	"pad.toolbar.timeslider.title": "لغزندهٔ زمان",
 	"pad.toolbar.savedRevision.title": "ذخیره‌سازی نسخه",
-	"pad.toolbar.settings.title": "تنظیمات",
+	"pad.toolbar.settings.title": "ردانکان",
 	"pad.toolbar.embed.title": "اشتراک و جاسازی این دفترچه یادداشت",
 	"pad.toolbar.showusers.title": "نمایش کاربران در این دفترچه یادداشت",
-	"pad.colorpicker.save": "زاپاس کورتین",
-	"pad.colorpicker.cancel": "کنسیل",
-	"pad.loading": "...بار بیت",
+	"pad.colorpicker.save": "سَپت",
+	"pad.colorpicker.cancel": "بجَگ",
+	"pad.loading": "بییگئن...",
 	"pad.permissionDenied": "شرمنده، شما را اجازت په دسترسی ای صفحه نیست.",
 	"pad.settings.padSettings": "تنظیمات دفترچه یادداشت",
 	"pad.settings.myView": "منی سۏج",
@@ -39,7 +55,7 @@
 	"pad.settings.language": "زبان:",
 	"pad.importExport.import_export": "درون‌ریزی/برون‌ریزی",
 	"pad.importExport.import": "بارگذاری پرونده‌ی متنی یا سند",
-	"pad.importExport.importSuccessful": "موفقیت آمیز بود!",
+	"pad.importExport.importSuccessful": "سۏبݔن بیت!",
 	"pad.importExport.export": "برون‌ریزی این دفترچه یادداشت با قالب:",
 	"pad.importExport.exporthtml": "HTML",
 	"pad.importExport.exportplain": "سادگین متن",
@@ -66,21 +82,21 @@
 	"pad.modals.badChangeset.cause": "این می‌تواند به دلیل پیکربندی اشتباه یا سایر رفتارهای غیرمنتظره باشد. اگر فکر می‌کنید این یک خطا است لطفاً با مدیر خدمت تماس بگیرید. برای ادامهٔ ویرایش سعی کنید که دوباره متصل شوید.",
 	"pad.modals.corruptPad.explanation": "پدی که شما سعی دارید دسترسی پیدا کنید خراب است.",
 	"pad.modals.corruptPad.cause": "این احتمالاً به دلیل تنظیمات اشتباه کارساز یا سایر رفتارهای غیرمنتظره است. لطفاً با مدیر خدمت تماس حاصل کنید.",
-	"pad.modals.deleted": "پاک کورتین",
-	"pad.modals.deleted.explanation": "این دفترچه یادداشت پاک شده‌است.",
+	"pad.modals.deleted": "گار بیت۔",
+	"pad.modals.deleted.explanation": "اے یادداشت پاک کنگ بیتگ۔",
 	"pad.modals.disconnected": "شمئی سکّی کھت اِنت۔",
 	"pad.modals.disconnected.explanation": "اتصال به سرور قطع شده‌است.",
 	"pad.modals.disconnected.cause": "ممکن است سرور در دسترس نباشد. اگر این مشکل باز هم رخ داد مدیر حدمت را آگاه کنید.",
 	"pad.share": "به اشتراک‌گذاری این دفترچه یادداشت",
 	"pad.share.readonly": "فقط خواندنی",
-	"pad.share.link": "پیوند",
+	"pad.share.link": "لینک",
 	"pad.share.emebdcode": "جاسازی نشانی",
 	"pad.chat": "گفتگو",
 	"pad.chat.title": "بازکردن گفتگو برای این دفترچه یادداشت",
 	"pad.chat.loadmessages": "گݔشترݔں پیگامء چارگ",
 	"timeslider.pageTitle": "لغزندهٔ زمان {{appTitle}}",
-	"timeslider.toolbar.returnbutton": "بازگشت به دفترچه یادداشت",
-	"timeslider.toolbar.authors": "نویسوک:",
+	"timeslider.toolbar.returnbutton": "چَھر کنگ پہ یاددپترا",
+	"timeslider.toolbar.authors": "لککۏک:",
 	"timeslider.toolbar.authorsList": "بدون نویسنده",
 	"timeslider.toolbar.exportlink.title": "درگیزگ",
 	"timeslider.exportCurrent": "برون‌ریزی نگارش کنونی به عنوان:",

src/locales/be-tarask.json

@@ -13,6 +13,28 @@
 	"admin_plugins.available_not-found": "Плагіны ня знойдзеныя.",
 	"admin_plugins.available_fetching": "Атрымліваем…",
 	"admin_plugins.available_install.value": "Усталяваць",
+	"admin_plugins.available_search.placeholder": "Шукаць пашырэньні для ўсталяваньня",
+	"admin_plugins.description": "Апісаньне",
+	"admin_plugins.installed": "Усталяваныя пашырэньні",
+	"admin_plugins.installed_fetching": "Атрыманьне ўсталяваных пашырэньняў…",
+	"admin_plugins.installed_nothing": "Вы пакуль не ўсталявалі ніводнага пашырэньня.",
+	"admin_plugins.installed_uninstall.value": "Выдаліць",
+	"admin_plugins.last-update": "Апошняе абнаўленьне",
+	"admin_plugins.name": "Назва",
+	"admin_plugins.page-title": "Кіраўнік пашырэньняў — Etherpad",
+	"admin_plugins.version": "Вэрсія",
+	"admin_plugins_info": "Інфармацыя пра вырашэньне няспраўнасьцяў",
+	"admin_plugins_info.hooks": "Усталяваныя кручкі",
+	"admin_plugins_info.hooks_client": "Кліенцкія кручкі",
+	"admin_plugins_info.hooks_server": "Сэрвэрныя кручкі",
+	"admin_plugins_info.parts": "Усталяваныя часткі",
+	"admin_plugins_info.plugins": "Усталяваныя пашырэньні",
+	"admin_plugins_info.page-title": "Інфармацыя пра пашырэньне — Etherpad",
+	"admin_plugins_info.version": "Вэрсія Etherpad",
+	"admin_plugins_info.version_latest": "Апошняя даступная вэрсія",
+	"admin_plugins_info.version_number": "Нумар вэрсіі",
+	"admin_settings": "Налады",
+	"admin_settings.current": "Цяперашняя канфігурацыя",
 	"admin_settings.page-title": "Налады — Etherpad",
 	"index.newPad": "Стварыць",
 	"index.createOpenPad": "ці тварыць/адкрыць дакумэнт з назвай:",

src/locales/bn.json

@@ -5,29 +5,50 @@
 			"Aftabuzzaman",
 			"Al Riaz Uddin Ripon",
 			"Bellayet",
+			"Greatder",
 			"Nasir8891",
 			"Sankarshan",
 			"Sibabrata Banerjee",
+			"আজিজ",
 			"আফতাবুজ্জামান"
 		]
 	},
+	"admin.page-title": "প্রশাসক কেন্দ্র - ইথারপ্যাড",
+	"admin_plugins": "প্লাগিন ব্যবস্থাপক",
+	"admin_plugins.available": "বিদ্যমান প্লাগিন",
+	"admin_plugins.available_not-found": "প্লাগিন পাওয়া যায়নি।",
 	"admin_plugins.available_fetching": "আনা হচ্ছে...",
 	"admin_plugins.available_install.value": "ইনস্টল করুন",
+	"admin_plugins.available_search.placeholder": "ইনস্টল করার জন্য প্লাগইন অনুসন্ধান করুন",
 	"admin_plugins.description": "বিবরণ",
 	"admin_plugins.installed": "ইন্সটল হওয়া প্লাগিনসমূহ",
 	"admin_plugins.installed_fetching": "ইন্সটলকৃত প্লাগিন আনা হচ্ছে",
+	"admin_plugins.installed_nothing": "আপনি এখনও কোনো প্লাগইন ইনস্টল করেননি।",
 	"admin_plugins.installed_uninstall.value": "আনইনস্টল করুন",
 	"admin_plugins.last-update": "সর্বশেষ হালনাগাদ",
 	"admin_plugins.name": "নাম",
+	"admin_plugins.page-title": "প্লাগিন ব্যবস্থাপনা - ইথারপ্যাড",
 	"admin_plugins.version": "সংস্করণ",
+	"admin_plugins_info": "সমস্যা সমাধানের তথ্য",
+	"admin_plugins_info.hooks": "ইন্সটলকৃত হুক",
+	"admin_plugins_info.hooks_client": "গ্রাহক পার্শ্বের হুক",
+	"admin_plugins_info.hooks_server": "সার্ভার পার্শ্বের হুক",
+	"admin_plugins_info.parts": "ইন্সটলকৃত অংশ",
+	"admin_plugins_info.plugins": "ইন্সটলকৃত প্লাগিন",
+	"admin_plugins_info.page-title": "প্লাগিন তথ্য - ইথারপ্যাড",
 	"admin_plugins_info.version": "ইথারপ্যাড সংস্করণ",
 	"admin_plugins_info.version_latest": "সাম্প্রতিক উপলব্ধ সংস্করণ",
+	"admin_plugins_info.version_number": "সংস্করণ সংখ্যা",
 	"admin_settings": "সেটিংসমূহ",
 	"admin_settings.current": "বর্তমান কনফিগারেশন",
+	"admin_settings.current_example-devel": "উদাহরণ ডেভেলপমেন্ট সেটিংস টেমপ্লেট",
+	"admin_settings.current_example-prod": "উদাহরণ উৎপাদন সেটিংস টেমপ্লেট",
 	"admin_settings.current_restart.value": "ইথারপ্যাড পুনরায় চালু করুন",
 	"admin_settings.current_save.value": "সেটিংসমূহ সংরক্ষণ করুন",
+	"admin_settings.page-title": "সেটিংস - ইথারপ্যাড",
 	"index.newPad": "নতুন প্যাড",
 	"index.createOpenPad": "অথবা নাম লিখে প্যাড খুলুন/তৈরী করুন:",
+	"index.openPad": "নাম সহ একটি বিদ্যমান প্যাড খুলুন:",
 	"pad.toolbar.bold.title": "গাঢ় (Ctrl-B)",
 	"pad.toolbar.italic.title": "বাঁকা (Ctrl+I)",
 	"pad.toolbar.underline.title": "নিম্নরেখা (Ctrl+U)",
@@ -75,12 +96,27 @@
 	"pad.modals.connected": "সংযোগস্থাপন করা হয়েছে।",
 	"pad.modals.reconnecting": "আপনার প্যাডের সাথে সংযোগস্থাপন করা হচ্ছে…",
 	"pad.modals.forcereconnect": "পুনরায় সংযোগস্থাপনের চেষ্টা",
+	"pad.modals.reconnecttimer": "পুনঃসংযোগের চেষ্টা করা হচ্ছে",
+	"pad.modals.cancel": "বাতিল",
 	"pad.modals.userdup": "অন্য উইন্ডো-তে খোলা হয়েছে",
+	"pad.modals.userdup.explanation": "এই প্যাডটি এই কম্পিউটারে একাধিক ব্রাউজার উইন্ডোতে খোলা হয়েছে বলে মনে হচ্ছে৷",
+	"pad.modals.userdup.advice": "পরিবর্তে এই উইন্ডোটি ব্যবহার করতে পুনঃসংযোগ করুন৷",
 	"pad.modals.unauth": "আপনার অধিকার নেই",
+	"pad.modals.unauth.explanation": "এই পৃষ্ঠাটি দেখার সময় আপনার অনুমতি পরিবর্তিত হয়েছে৷ পুনঃসংযোগের চেষ্টা করুন।",
+	"pad.modals.looping.explanation": "সিঙ্ক্রোনাইজেশন সার্ভারের সাথে যোগাযোগের সমস্যা রয়েছে।",
+	"pad.modals.looping.cause": "সম্ভবত আপনি একটি বেমানান ফায়ারওয়াল বা প্রক্সির মাধ্যমে সংযুক্ত হয়েছেন৷",
 	"pad.modals.initsocketfail": "সার্ভারে পৌঁছানো যাচ্ছে না।",
+	"pad.modals.initsocketfail.explanation": "সিঙ্ক্রোনাইজেশন সার্ভারের সাথে সংযোগ করা যায়নি৷",
+	"pad.modals.initsocketfail.cause": "এটি সম্ভবত আপনার ব্রাউজার বা আপনার ইন্টারনেট সংযোগের কোনও সমস্যার কারণে হয়েছে৷",
 	"pad.modals.slowcommit.explanation": "সার্ভার সাড়া দিচ্ছে না।",
+	"pad.modals.slowcommit.cause": "এটি নেটওয়ার্ক সংযোগের সমস্যার কারণে হতে পারে।",
+	"pad.modals.badChangeset.explanation": "আপনার করা একটি সম্পাদনা সিঙ্ক্রোনাইজেশন সার্ভার কর্তৃক বেআইনি হিসেবে শ্রেণীবদ্ধ করা হয়েছে৷",
+	"pad.modals.corruptPad.explanation": "আপনি যে প্যাডে প্রবেশ করার চেষ্টা করছেন সেটি দূষিত।",
+	"pad.modals.corruptPad.cause": "এটি একটি ভুল সার্ভার কনফিগারেশন বা অন্য কোনও অপ্রত্যাশিত আচরণের কারণে হতে পারে। পরিষেবা প্রশাসকের সাথে যোগাযোগ করুন।",
 	"pad.modals.deleted": "অপসারিত।",
 	"pad.modals.deleted.explanation": "এই প্যাডটি অপসারণ করা হয়েছে।",
+	"pad.modals.rateLimited.explanation": "আপনি এই প্যাডে অনেকগুলি বার্তা পাঠিয়েছেন তাই এটি আপনাকে সংযোগ বিচ্ছিন্ন করেছে৷",
+	"pad.modals.rejected.explanation": "সার্ভার আপনার ব্রাউজারের পাঠানো একটি বার্তা প্রত্যাখ্যান করেছে৷",
 	"pad.modals.disconnected": "আপনি সংযোগ বিচ্ছিন্ন হয়েছে গেছে।",
 	"pad.modals.disconnected.explanation": "সার্ভারের সাথে যোগাযোগ করা যাচ্ছে না",
 	"pad.share": "শেয়ার করুন",
@@ -112,6 +148,7 @@
 	"timeslider.month.november": "নভেম্বর",
 	"timeslider.month.december": "ডিসেম্বর",
 	"timeslider.unnamedauthors": "নামবিহীন {{num}} জন {[plural(num) one: লেখক, other: লেখক ]}",
+	"pad.savedrevs.marked": "এই সংশোধনটি এখন সংরক্ষিত সংশোধন হিসেবে চিহ্নিত করা হয়েছে",
 	"pad.userlist.entername": "আপনার নাম লিখুন",
 	"pad.userlist.unnamed": "কোন নাম নির্বাচন করা হয়নি",
 	"pad.impexp.importbutton": "এখন আমদানি করুন",
@@ -120,5 +157,6 @@
 	"pad.impexp.uploadFailed": "আপলোড করতে ব্যর্থ, দয়া করে আবার চেষ্টা করুন",
 	"pad.impexp.importfailed": "আমদানি ব্যর্থ",
 	"pad.impexp.copypaste": "দয়া করে অনুলিপি প্রতিলেপন করুন",
-	"pad.impexp.exportdisabled": "{{type}} হিসেবে রপ্তানি করা নিষ্ক্রিয় আছে। বিস্তারিত জানার জন্য আপনার সিস্টেম প্রশাসকের সাথে যোগাযোগ করুন।"
+	"pad.impexp.exportdisabled": "{{type}} হিসেবে রপ্তানি করা নিষ্ক্রিয় আছে। বিস্তারিত জানার জন্য আপনার সিস্টেম প্রশাসকের সাথে যোগাযোগ করুন।",
+	"pad.impexp.maxFileSize": "ফাইল খুব বড়। আমদানির জন্য অনুমোদিত ফাইলের আকার বাড়াতে আপনার সাইট প্রশাসকের সাথে যোগাযোগ করুন"
 }

src/locales/br.json

@@ -4,6 +4,7 @@
 			"Fohanno",
 			"Fulup",
 			"Gwenn-Ael",
+			"Huñvreüs",
 			"Y-M D"
 		]
 	},
@@ -86,7 +87,7 @@
 	"pad.chat.title": "Digeriñ ar flap kevelet gant ar pad-mañ.",
 	"pad.chat.loadmessages": "Kargañ muioc'h a gemennadennoù",
 	"pad.chat.stick.title": "Gwriziennañ an diviz war ar skramm",
-	"pad.chat.writeMessage.placeholder": "Skrivañ ho kemenadenn amañ",
+	"pad.chat.writeMessage.placeholder": "Skrivañ ho kemennadenn amañ",
 	"timeslider.pageTitle": "Istor dinamek eus {{appTitle}}",
 	"timeslider.toolbar.returnbutton": "Distreiñ d'ar pad-mañ.",
 	"timeslider.toolbar.authors": "Aozerien :",

src/locales/da.json

@@ -4,13 +4,29 @@
 			"Christian List",
 			"Joedalton",
 			"Peter Alberti",
+			"Peterleth",
 			"Saederup92",
 			"Steenth"
 		]
 	},
+	"admin.page-title": "Admin Dashboard - Etherpad",
+	"admin_plugins": "Plugin manager",
+	"admin_plugins.available": "Tilgængelige Plugins",
+	"admin_plugins.available_not-found": "Ingen plugins fundet.",
 	"admin_plugins.available_fetching": "Henter...",
+	"admin_plugins.available_install.value": "Installer",
+	"admin_plugins.available_search.placeholder": "Søg efter plugins der kan installeres",
 	"admin_plugins.description": "Beskrivelse",
+	"admin_plugins.installed": "Installerede plugins",
+	"admin_plugins.installed_fetching": "Henter installerede plugins...",
+	"admin_plugins.installed_nothing": "Du har ikke installeret nogen plugins endnu.",
+	"admin_plugins.installed_uninstall.value": "Afinstaller",
+	"admin_plugins.last-update": "Sidst opdateret",
 	"admin_plugins.name": "Navn",
+	"admin_plugins.page-title": "Plugin manager - Etherpad",
+	"admin_plugins.version": "Version",
+	"admin_plugins_info": "Fejlfindingsoplysninger",
+	"admin_plugins_info.hooks": "Installerede hooks",
 	"admin_settings": "Indstillinger",
 	"index.newPad": "Ny Pad",
 	"index.createOpenPad": "eller opret/åbn en Pad med navnet:",

src/locales/de.json

@@ -3,11 +3,13 @@
 		"authors": [
 			"Bjarncraft",
 			"Dom",
+			"Justman10000",
 			"Killarnee",
 			"Metalhead64",
 			"Mklehr",
 			"Nipsky",
 			"Predatorix",
+			"SamTV",
 			"Sebastian Wallroth",
 			"Thargon",
 			"Tim.krieger",
@@ -16,7 +18,7 @@
 		]
 	},
 	"admin.page-title": "Admin Dashboard - Etherpad",
-	"admin_plugins": "Plugins verwalten",
+	"admin_plugins": "Pluginverwaltung",
 	"admin_plugins.available": "Verfügbare Plugins",
 	"admin_plugins.available_not-found": "Keine Plugins gefunden.",
 	"admin_plugins.available_fetching": "Wird abgerufen...",
@@ -39,11 +41,12 @@
 	"admin_plugins_info.plugins": "Installierte Plugins",
 	"admin_plugins_info.page-title": "Plugin Informationen - Etherpad",
 	"admin_plugins_info.version": "Etherpad Version",
-	"admin_plugins_info.version_latest": "Neueste Version",
+	"admin_plugins_info.version_latest": "Neueste verfügbare Version",
 	"admin_plugins_info.version_number": "Versionsnummer",
 	"admin_settings": "Einstellungen",
 	"admin_settings.current": "Derzeitige Konfiguration",
 	"admin_settings.current_example-devel": "Beispielhafte Entwicklungseinstellungs-Templates",
+	"admin_settings.current_example-prod": "Beispiel eines produktiven Templates",
 	"admin_settings.current_restart.value": "Etherpad neustarten",
 	"admin_settings.current_save.value": "Einstellungen speichern",
 	"admin_settings.page-title": "Einstellungen - Etherpad",
@@ -69,9 +72,9 @@
 	"pad.toolbar.showusers.title": "Benutzer dieses Pads anzeigen",
 	"pad.colorpicker.save": "Speichern",
 	"pad.colorpicker.cancel": "Abbrechen",
-	"pad.loading": "Lade …",
+	"pad.loading": "Laden …",
 	"pad.noCookie": "Das Cookie konnte nicht gefunden werden. Bitte erlaube Cookies in deinem Browser! Deine Sitzung und Einstellungen werden zwischen den Besuchen nicht gespeichert.  Dies kann darauf zurückzuführen sein, dass Etherpad in einigen Browsern in einem iFrame enthalten ist.  Bitte stelle sicher, dass sich Etherpad auf der gleichen Subdomain/Domain wie der übergeordnete iFrame befindet.",
-	"pad.permissionDenied": "Du hast keine Berechtigung, um auf dieses Pad zuzugreifen",
+	"pad.permissionDenied": "Du hast keine Berechtigung, um auf dieses Pad zuzugreifen.",
 	"pad.settings.padSettings": "Pad-Einstellungen",
 	"pad.settings.myView": "Eigene Ansicht",
 	"pad.settings.stickychat": "Unterhaltung immer anzeigen",
@@ -83,7 +86,7 @@
 	"pad.settings.fontType.normal": "Normal",
 	"pad.settings.language": "Sprache:",
 	"pad.settings.about": "Über",
-	"pad.settings.poweredBy": "Powered by",
+	"pad.settings.poweredBy": "Betrieben von",
 	"pad.importExport.import_export": "Import/Export",
 	"pad.importExport.import": "Textdatei oder Dokument hochladen",
 	"pad.importExport.importSuccessful": "Erfolgreich!",
@@ -118,9 +121,10 @@
 	"pad.modals.corruptPad.cause": "Dies könnte an einer falschen Serverkonfiguration oder einem anderen unerwarteten Verhalten liegen. Bitte kontaktiere den Administrator dieses Dienstes.",
 	"pad.modals.deleted": "Gelöscht.",
 	"pad.modals.deleted.explanation": "Dieses Pad wurde entfernt.",
-	"pad.modals.rateLimited": "Begrenzte Rate.",
+	"pad.modals.rateLimited": "Durchsatzratenbegrenzt",
 	"pad.modals.rateLimited.explanation": "Sie haben zu viele Nachrichten an dieses Pad gesendet, so dass die Verbindung unterbrochen wurde.",
 	"pad.modals.rejected.explanation": "Der Server hat eine Nachricht abgelehnt, die von deinem Browser gesendet wurde.",
+	"pad.modals.rejected.cause": "Möglicherweise wurde der Server aktualisiert, während du das Pad angesehen hast, oder es existiert ein Fehler in Etherpad. Versuche, die Seite neu zu laden.",
 	"pad.modals.disconnected": "Ihre Verbindung wurde getrennt.",
 	"pad.modals.disconnected.explanation": "Die Verbindung zum Server wurde unterbrochen.",
 	"pad.modals.disconnected.cause": "Möglicherweise ist der Server nicht erreichbar. Bitte benachrichtige den Dienstadministrator, falls dies weiterhin passiert.",
@@ -137,7 +141,7 @@
 	"timeslider.pageTitle": "{{appTitle}} Bearbeitungsverlauf",
 	"timeslider.toolbar.returnbutton": "Zurück zum Pad",
 	"timeslider.toolbar.authors": "Autoren:",
-	"timeslider.toolbar.authorsList": "keine Autoren",
+	"timeslider.toolbar.authorsList": "Keine Autoren",
 	"timeslider.toolbar.exportlink.title": "Diese Version exportieren",
 	"timeslider.exportCurrent": "Exportiere diese Version als:",
 	"timeslider.version": "Version {{version}}",
@@ -160,7 +164,7 @@
 	"timeslider.month.december": "Dezember",
 	"timeslider.unnamedauthors": "{{num}} {[plural(num) one: unbenannter Autor, other: unbenannte Autoren ]}",
 	"pad.savedrevs.marked": "Diese Version wurde jetzt als gespeicherte Version gekennzeichnet",
-	"pad.savedrevs.timeslider": "Du kannst gespeicherte Versionen durch den Aufruf des Bearbeitungsverlaufes ansehen.",
+	"pad.savedrevs.timeslider": "Du kannst gespeicherte Versionen durch den Aufruf des Bearbeitungsverlaufs ansehen.",
 	"pad.userlist.entername": "Dein Name?",
 	"pad.userlist.unnamed": "unbenannt",
 	"pad.editbar.clearcolors": "Autorenfarben im gesamten Dokument zurücksetzen? Dies kann nicht rückgängig gemacht werden",