agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-23 17:19:37 +02:00
Code Issues Packages Projects Releases Wiki Activity
28,024 Commits 3 Branches 19 Tags
373dd33b9816686ef4c306f7c46ded0dce93f299
Commit Graph

987 Commits

Author SHA1 Message Date
yu-i-i
b39f31677c Authentication: update passport-ldapauth to 3.0.1; fix minor issues 2026-05-19 15:51:36 +02:00
yu-i-i
0737ea5b31 Linked URL: prevent SSRF via DNS rebinding; minor fixes 2026-05-19 15:51:35 +02:00
yu-i-i
90f8a85459 Linked URL: add sanitize and normalize 2026-05-19 15:51:32 +02:00
yu-i-i
6f21a64af4 Symbol Palette: get rid of @reach/tabs 2026-05-19 15:49:16 +02:00
yu-i-i
fb3570054e Refactor authentication code; add OIDC support 2026-05-19 15:49:14 +02:00
yu-i-i
2f5c04e820 Enable Symbol Palette 2026-05-19 15:49:13 +02:00
Andrew Rumble
e9aedce4ab Merge pull request #33625 from overleaf/ar-update-vitest 
[monorepo] bump vitest to 4.1.5

GitOrigin-RevId: 22ba2249ae384fd59347c9aa45c70f51ccdf8890
 2026-05-18 08:06:49 +00:00
Alf Eaton
00ddd8185c Upgrade webpack and related dependencies (#31638) 
GitOrigin-RevId: e188a6ab9f7a024c1769a85e1d4e40ccb5d02213
 2026-05-14 08:05:51 +00:00
Jakob Ackermann
b62d4814c3 [monorepo] turn throw statements in callback code into callback calls (#33524) 
* [eslint-plugin] add rule for throw inside callback code

* [monorepo] enable our custom eslint plugins globally

* [monorepo] fix running make lint from root

* [monorepo] turn throw statements in callback code into callback calls

* [monorepo] add eslint-plugin libraries to all the Dockerfiles

* [monorepo] install eslint-plugin library at the root level

* [linked-url-proxy] add eslint-plugin library into Dockerfile

* [latexqc] add our eslint-plugin to eslint config

GitOrigin-RevId: b05e3ebbefb62370f2422e83880dd3913815270d
 2026-05-14 08:05:47 +00:00
Alf Eaton
5e94f8abce Remove -- from test scripts (#33622) 
GitOrigin-RevId: a33f09fb9924e4d02de6db0550c22585b2d331b6
 2026-05-13 08:05:50 +00:00
Andrew Rumble
45005d2783 Merge pull request #33483 from overleaf/ar-remove-unused-sandboxed-module-deps 
[monorepo] remove sandboxed-module from services that don't use it

GitOrigin-RevId: dbb9c3b11f4b5436a447942713ce02ff3efb0b50
 2026-05-11 08:06:20 +00:00
Brian Gough
3940f8c2a7 Merge pull request #33504 from overleaf/bg-upgrade-yauzl 
Upgrade yauzl library in web to version 3.3.0

GitOrigin-RevId: 82b4158db7a432f4257bd48402840f07801c6d07
 2026-05-11 08:05:47 +00:00
renovate[bot]
47f80317e4 [CoreI] Update dependency nodemailer to v8.0.5 [SECURITY] (#32703) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
GitOrigin-RevId: 3ae15cc3adad3d0212c46b5c478210dc9f20ef08
 2026-05-08 08:10:18 +00:00
renovate[bot]
de9b07f0b9 [Platform] Update dependency lodash to v4.18.1 from 4.17.23 [SECURITY] (#33229) 
* Upgrade lodash resolution to 4.18.1

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* update lodash in rest of packages

---------

Co-authored-by: Eric Mc Sween <5454374+emcsween@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: Anna Fields <acfields11@gmail.com>
GitOrigin-RevId: 66ce1610993a592899c25155757ca3267ebcd5c1
 2026-05-07 08:07:41 +00:00
Alf Eaton
37a68a9c5e Reapply "Add Vertex as an AI provider (#32450)" (#33339) 
GitOrigin-RevId: d506c99cf32fae97b6721923256bd980120fbeed
 2026-05-06 08:07:19 +00:00
Andrew Rumble
f434b1fc28 Merge pull request #33149 from overleaf/ar-ja-remove-i18next-additional-packages 
[web] remove i18next additional libraries

GitOrigin-RevId: 98fc17b409090db32b02bb66953f1c2e6efee608
 2026-05-06 08:05:41 +00:00
Alf Eaton
e3f88791da Revert "Add Vertex as an AI provider (#32450)" (#33309) 
This reverts commit 20d895350ee13a7683f178bc83b87f0e765c7af6.

GitOrigin-RevId: 6be06b0fee0b038c42db45fce2377efd5d5a47dc
 2026-05-01 08:06:32 +00:00
Alf Eaton
f00dab5cc0 Add Vertex as an AI provider (#32450) 
GitOrigin-RevId: 20d895350ee13a7683f178bc83b87f0e765c7af6
 2026-05-01 08:06:25 +00:00
Domagoj Kriskovic
9e677a2c1e Use overleaf CDN for loading pyodide packages 
GitOrigin-RevId: e17ff3387166421a546a9519786d77ba12cdffc4
 2026-04-30 08:05:23 +00:00
Anna Claire Fields
0d64a88a46 Yarn 4 Migration (#32253) 
Migrates the Overleaf monorepo package manager from npm (v11) to Yarn 4 (v4.9.1) using node-modules linker mode.

GitOrigin-RevId: 50d32ab01955c15e29679eff9e9e9cfb897fab2d
 2026-04-28 08:52:37 +00:00
Anna Claire Fields
36a8447bb3 update handlebars: package json and package lock (#32963) 
GitOrigin-RevId: b39d2189f08b76ed61b14e77f2af20f36c9a2968
 2026-04-22 08:06:44 +00:00
Alf Eaton
ce4ca192ee Upgrade Storybook to v10 (#30442) 
GitOrigin-RevId: 9f51624bc2b34b6746d1854969173b44c9c9cf9a
 2026-04-22 08:06:26 +00:00
Alf Eaton
f45eec25f4 Upgrade Cypress (#28858) 
GitOrigin-RevId: a5bb02d4f13e5d1aa4426debd4861205d51597f3
 2026-04-22 08:06:21 +00:00
Brian Gough
f07aaf1979 Merge pull request #32954 from overleaf/fix/security-oauth2-server-web 
[web] upgrade @node-oauth/oauth2-server to 5.3.0

GitOrigin-RevId: e6b25a6fb3dfaef1e8690fc1dd434daab35b798d
 2026-04-22 08:06:12 +00:00
Jakob Ackermann
78adc2ae18 [monorepo] Try to get make install working in copilot (#32800) 
* [monorepo] move building of nginx proxy into Makefile

* [v1] add fake-secrets.env

* [github] add copilot-setup-steps.yml workflow

* [make] debug permissions

* [monorepo] use the host uid/gid for monorepo service

* [web] populate DOCKER_USER for test_frontend_ct

* [github] run npm install outside docker in Copilot sandbox

* [monorepo] add comment for building nginx-proxy image locally

* [monorepo] change uid/gid of node user in cypress image

* [monorepo] low-level rewrite of passwd and groups to match host user

GitOrigin-RevId: d74a5801f0318bab7e7f460374255426706002a3
 2026-04-20 08:04:35 +00:00
Malik Glossop
e84d195ece Merge pull request #32783 from overleaf/dependabot-npm_and_yarn-axios-1.15.0 
Bump axios from 1.13.5 to 1.15.0

GitOrigin-RevId: 83e0cc61850f078784056ae9a7425e5bf27d0341
 2026-04-17 08:05:34 +00:00
Jakob Ackermann
b893ba36e2 [monorepo] add integration for GitHub Code Spaces (#32722) 
* [web] serve site manifest as application/json

* [monorepo] bail out early from dev-env-setup when inside devcontainer

* [monorepo] move utils for waiting for services into shared bash script

* [monorepo] move domain related env-vars into dedicated .env file

The .env file will be overridden in GitHub Code Spaces.

* [monorepo] remove unused initial_mongo_setup Make target

It was previously used for the mongo replica set setup.
That setup is a docker init script now.

* [monorepo] add flag for silencing docker build output

* [monorepo] add integration for GitHub Code Spaces

* [web] make prettier happy

* [web] restore no use-credentials for manifest outside code spaces

* [monorepo] run make install as part of post-start again

GitOrigin-RevId: 8c2cc3b969b7e3e8f9c5dac778192c9412cbf4df
 2026-04-13 08:04:22 +00:00
Andrew Rumble
5513f9d378 Merge pull request #32562 from overleaf/dependabot-npm_and_yarn-dompurify-3.3.2 
Bump dompurify from 3.3.0 to 3.3.2

GitOrigin-RevId: db5755d018d971c0558ab3c3f9bba9533047bf8b
 2026-04-01 08:06:20 +00:00
Mathias Jakobsen
9c97876268 [web]+clsi] Allow docx import via pandoc (#32004) 
Co-authored-by: Jakob Ackermann <jakob.ackermann@overleaf.com>
GitOrigin-RevId: 246b3290ec04867f71545b1a7c5d95d0f68379ff
 2026-03-27 09:06:23 +00:00
Anna Claire Fields
6113c6c291 Enable TS noImplicitAny in web (#31636) 
GitOrigin-RevId: 18881694770f2476c475f8fef4c6a2678a2a12fe
 2026-03-27 09:05:30 +00:00
Mathias Jakobsen
f40b32d711 Merge pull request #32374 from overleaf/mj-file-type-upgrade 
[web] Upgrade file-type to 21.3.4

GitOrigin-RevId: 8af86d7240984404bfce1d1394f8eb0536b74931
 2026-03-24 09:06:05 +00:00
Eric Mc Sween
1c6d4b7be3 Merge pull request #32266 from overleaf/em-bibtex-virtual-scrolling 
Replace pagination with virtual scrolling in BibTeX entry list

GitOrigin-RevId: d2265cb340efdf525064332a65a2d815d659c5f9
 2026-03-23 09:06:13 +00:00
Andrew Rumble
4527b1934d Merge pull request #32054 from overleaf/ar-serialize-javascript-7.0.4 
[web] bump serialize-javascript to 7.0.4

GitOrigin-RevId: 2f49ef0f8ece8636d54f29fdf5bc8443030b4349
 2026-03-19 09:06:04 +00:00
Andrew Rumble
7b3b66034d Merge pull request #32036 from overleaf/ar-update-storybook-plugins-to-8.6.17 
[web] update storybook plugins to 8.6.17

GitOrigin-RevId: 78fb0c2d441838022b02ec321dcd2b06016b159e
 2026-03-13 09:05:11 +00:00
Brian Gough
437a5ae812 Merge pull request #31911 from overleaf/renovate-npm-multer-vulnerability 
[Core] Update dependency multer to v2.1.1 from 2.0.2 [SECURITY]

GitOrigin-RevId: 17cb0c852fe3d17dc201c62eef90455a01a40aa5
 2026-03-09 09:06:06 +00:00
Alf Eaton
ae0f6b66ea Upgrade AI SDK (#32062) 
GitOrigin-RevId: dcd8a667e666debdb9670f269818939ce91ebba1
 2026-03-09 09:06:01 +00:00
Domagoj Kriskovic
138f7f8023 feat: add Python support with Pyodide integration 
GitOrigin-RevId: 382ce102c43050aace691dd89d825a94abf347a8
 2026-03-09 09:05:34 +00:00
Andrew Rumble
68b97f2c02 Merge pull request #31869 from overleaf/dependabot-npm_and_yarn-storybook-8.6.17 
Bump storybook from 8.6.15 to 8.6.17

GitOrigin-RevId: 00587f0f3d107f8fcf06afd52d7de51fb352bed1
 2026-03-06 09:13:48 +00:00
Jimmy Domagala-Tang
a7b4fdde9c Allow debugging for web acceptance tests (#28883) 
* adding debug option for web acceptance tests

fix: improving acceptance debug make target and removing duplicate service from docker-compose

* Switching debug mode to use DEBUG=true in test command

---------

Co-authored-by: Liam O'Brien <l.obrien@digital-science.com>
GitOrigin-RevId: 42a2ef53db08eccbf2a52f829a2fb7af997f911e
 2026-03-06 09:13:00 +00:00
Andrew Rumble
a4ef0c7ce1 Merge pull request #31954 from overleaf/ar-remove-js-to-esm-transform 
[web] remove esm transforms

GitOrigin-RevId: cd6aadcc66fa31026e8cb56f7b5f8fc5c5f8e18c
 2026-03-06 09:12:16 +00:00
Andrew Rumble
16cc4026a0 Merge pull request #30890 from overleaf/ar/code-coverage-e2e 
[monorepo] code coverage e2e

GitOrigin-RevId: cfdef9e6b485831bd34847f7b7af13d39c18c3e6
 2026-03-06 09:10:56 +00:00
Andrew Rumble
029c73adce Merge pull request #31863 from overleaf/ar-re-apply-request-overrides 
[monorepo] reapply request overrides

GitOrigin-RevId: 97a4f86ddd237b96c8ed6d91ebab00fc70b1b445
 2026-03-06 09:10:15 +00:00
Eric Mc Sween
c99fcf3157 Merge pull request #31786 from overleaf/em-minisearch 
Replace fuse.js with minisearch

GitOrigin-RevId: c57afbe23241c98a0e1adaac22312e706e06098d
 2026-03-06 09:07:45 +00:00
Andrew Rumble
d004aec6f1 Merge pull request #31727 from overleaf/ar-fast-xml-parser-5.3.6 
[monorepo] upgrade packages that depend on unsafe fast-xml-parser

GitOrigin-RevId: 8c61d9db1a7ab164dc9233f29c2de11b461f11a4
 2026-02-24 09:05:55 +00:00
Anna Claire Fields
fe65bc2cc1 upgrade for minimatch from 7.4.2 to 10.2.2 in web and third party datastore (#31689) 
* upgrade minimatch in web and third party datastore

* upgrade to 10.2.2

GitOrigin-RevId: 5b66b8b3ac24ee46a2d9a9216bf35ef5b6f24adf
 2026-02-24 09:05:30 +00:00
Alf Eaton
aab1764236 Upgrade Streamdown to v2 (#31287) 
GitOrigin-RevId: c092a9491b086a186cd7a5d88698bd1aaf745e96
 2026-02-19 09:06:31 +00:00
Andrew Rumble
2a6da7b186 Merge pull request #31500 from overleaf/ar-qs-tools-saas-e2e 
[monorepo] bump qs as dependency of @cypress/request

GitOrigin-RevId: a36bcf35b69246cef2614adb3d24db2233f6fcfb
 2026-02-13 09:05:14 +00:00
jmescuderowritefull
4f284e15d5 Upgrade Axios dependency (#31465) 
GitOrigin-RevId: 983298d6caf68f644e8be67e59e9bffa841a05f8
 2026-02-11 09:07:09 +00:00
Eric Mc Sween
ab2f44bbe9 Merge pull request #31417 from overleaf/em-bibtex-validation 
Validate the bibtex entry form using react-hook-form

GitOrigin-RevId: c89d29da41eea124c0c410ff28dab04da4691514
 2026-02-11 09:07:04 +00:00
Anna Claire Fields
72f8dff76d Upgrade GC storage and big query with updated patches (#31297) 
GitOrigin-RevId: ff1432f4194c3529ebf6090d1f93dbed38539014
 2026-02-11 09:06:32 +00:00