agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-05-23 17:19:37 +02:00
Code Issues Packages Projects Releases Wiki Activity
28,023 Commits 3 Branches 19 Tags
a42056e4f57cf0f8b8f79bb9ce22adebb454d7be
Commit Graph

4874 Commits

Author SHA1 Message Date
Jakob Ackermann
293d89a4cb [web] inline contacts service into web (#33546) 
GitOrigin-RevId: d5e84d4f80f5ad4e951934d6dcdc332b0d26f3d0
 2026-05-19 08:04:34 +00:00
Brian Gough
60860aa202 Merge pull request #33576 from overleaf/bg-jpa-convert-document-to-file 
Modify convertDocToFile to bypass docstore

GitOrigin-RevId: 3ec789034a369d39d223450462394c8f303caa07
 2026-05-19 08:04:13 +00:00
Kristina
2f5d838e0f Merge pull request #33704 from overleaf/kh-add-reject-change-preference-check 
[web] add reject tracked change preference check

GitOrigin-RevId: b55dba21b3d4f42e68528d2b5906862c57794cd1
 2026-05-18 08:06:57 +00:00
Eric Mc Sween
a3682af6e4 Merge pull request #33710 from overleaf/em-tpds-config 
Clean up tpdsworker config from web and third-party-datastore

GitOrigin-RevId: 3856126d9dc856fea4bc4133b11402c35b10630b
 2026-05-18 08:06:25 +00:00
Olzhas Askar
d388e48a99 Merge pull request #33679 from overleaf/oa-plan-names 
[web] Get plan names from the settings

GitOrigin-RevId: 1e61975c3306c025f33e05686f9d2b57964b4f65
 2026-05-18 08:05:52 +00:00
Mathias Jakobsen
ac961f1d40 Merge pull request #33687 from overleaf/mj-temporary-tabs-fix 
[web] Only consider real key presses to make tab permanent

GitOrigin-RevId: 50ab453445e111de2b317f50470f9f4eec39a66f
 2026-05-15 08:08:28 +00:00
Mathias Jakobsen
6538c00742 Merge pull request #33690 from overleaf/mj-prune-deleted-tabs 
[web] Prune non-existent tabs when file tree changes

GitOrigin-RevId: 97e68a88a201acc2d1e582911ca64e1f72f9bfe1
 2026-05-15 08:08:19 +00:00
Copilot
3980b9e580 Fix IDOR in exports by adding token verification (Issue #31637) (#32883) 
* Fix IDOR in exports by adding token verification

Implement jdleesmiller's suggested fix for Issue #31637:
- V1: Return export token in create response
- V1: Verify token in get_export using secure_compare
- Web: Pass token through fetchExport and fetchDownload
- Web: Return token from exportProject to frontend
- Frontend: Pass token as query param on status/download requests
- Add tests for both services

Agent-Logs-Url: https://github.com/overleaf/internal/sessions/7ba5f535-fba2-49a8-91d4-c87bd332d3a0

Co-authored-by: briangough <7457354+briangough@users.noreply.github.com>

Fix window.location.pathname to .href to preserve query params

Code review correctly identified that window.location.pathname strips
query parameters. Switch to window.location.href so the token query
parameter is preserved in download URLs.

Agent-Logs-Url: https://github.com/overleaf/internal/sessions/7ba5f535-fba2-49a8-91d4-c87bd332d3a0

Co-authored-by: briangough <7457354+briangough@users.noreply.github.com>

Fix test mocks to include token in POST responses

Agent-Logs-Url: https://github.com/overleaf/internal/sessions/0350c6ef-0fff-4e98-8464-812cd92c523f

Co-authored-by: briangough <7457354+briangough@users.noreply.github.com>

fix formatting

Fix token assignment in initiateExport to use pollResponse token if available

Add requireExportToken config setting and tests for invalid/missing token cases

Agent-Logs-Url: https://github.com/overleaf/internal/sessions/059bdba2-4f7a-4407-a5a5-cfcffd888739

Co-authored-by: briangough <7457354+briangough@users.noreply.github.com>

fix formatting

Add tests for export status and token validation in ExportsController and MockV1Api

Co-authored-by: Copilot <copilot@github.com>

* Update services/v1/main/app/controllers/api/v1/overleaf/exports_controller.rb

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* fix linting

* fix fetchString response handling in ExportsHandler tests

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <copilot@github.com>
Co-authored-by: Brian Gough <briangough@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Brian Gough <brian.gough@overleaf.com>
GitOrigin-RevId: 399aef8eaa15ab3655f0905482f3a31fe94e2251
 2026-05-15 08:08:04 +00:00
Miguel Serrano
5a886aa9fb [web] Add extra details to flexible license sales email (#32929) 
* [web] Add extra details to flexible license sales email

GitOrigin-RevId: fbd41adae21c55c5e97f9531565100e1ae911808
 2026-05-15 08:07:56 +00:00
Davinder Singh
a3a508d193 [WEB] Add analytics events for importing and exporting to different file types (#33614) 
* adding events for success and failure for import and export from latex

* adding the operation property to capture the import/export keyword

GitOrigin-RevId: 2e5482b3c7517b402fc151966975ca8718729683
 2026-05-14 08:06:30 +00:00
Alf Eaton
6776f82952 Wait for parsing and syntax highlighting in autocomplete Cypress tests (#33667) 
* Wait for parsing and syntax highlighting in autocomplete Cypress tests

* Wait for syntax highlighting in write-and-cite Cypress tests

GitOrigin-RevId: d48f10c864b0a170b4a02e95e3a989fdc4137dbb
 2026-05-14 08:05:55 +00:00
Jakob Ackermann
7c50dc9990 [history-v1] add endpoint for downloading latest zip (#33181) 
* [history-v1] add endpoint for downloading latest zip

* [web] address review feedback

* [web] tests: do not overwrite db.projects.overleaf, extend it

* [web] set includeReferer flag from downloading zip

GitOrigin-RevId: e63e549f004230086f82eccf03b43fd62bde6071
 2026-05-13 08:06:53 +00:00
Jakob Ackermann
b1931d0b3b [web] cleanup archived split-test assignments from user record on login (#33365) 
* [web] cleanup archived split-test assignments from user record on login

Co-authored-by: Anna Claire Fields <anna.fields@overleaf.com>

* [migrations] purge archived split tests from all users

Co-authored-by: Anna Claire Fields <anna.fields@overleaf.com>

* [web] add missing mock and update snapshot test

* [web] gracefully access db.users.splitTests

---------

Co-authored-by: Anna Claire Fields <anna.fields@overleaf.com>
GitOrigin-RevId: bd185074a402556d7b7c812208cf834dd52b27a5
 2026-05-13 08:06:49 +00:00
Eric Mc Sween
aca60c02c0 Merge pull request #33391 from overleaf/em-bibtex-projection-32449 
Use a projected state field for BibTeX entries in the editor

GitOrigin-RevId: 5034be8bdc0cb4b9d854135ac117046c1b3750e7
 2026-05-12 08:06:47 +00:00
Jessica Lawshe
0f3ae5ac5b Merge pull request #33335 from overleaf/jel-add-email-captured-by-group 
[web] Group with domain capture takes priority over Commons when adding new email

GitOrigin-RevId: 40eb561018f4be0badf9f3885d24553c5f8bbde7
 2026-05-12 08:06:37 +00:00
Jessica Lawshe
ba13ccdb11 Merge pull request #33202 from overleaf/jel-domain-captured-by-group-settings-page 
[Domain capture] Check `domainCapturedByGroup` for existing emails on user settings

GitOrigin-RevId: 5ac86b89969b186cce0cac410c2957e5aa1b9703
 2026-05-12 08:06:33 +00:00
Jakob Ackermann
1df98c028d [web] add includeReferer flag to SplitTestHandler.getAssignment (#33235) 
* [web] add includeReferer flag to SplitTestHandler.getAssignment

* [web] tests: migrate User.getSplitTestAssignment to async/await

I don't want to fight with callbacks and optional arguments. Just move
it to async/await. New tests should use async/await, so there is no
point in making this work in callback-hell.

* [web] remove unused URL import

GitOrigin-RevId: 6251001e6ba7354f704fa663be8ef365ca0b9d23
 2026-05-12 08:06:21 +00:00
Mathias Jakobsen
62d92b70dd Merge pull request #33341 from overleaf/mj-two-step-export-web 
[web] Add two-step pandoc conversion download

GitOrigin-RevId: 093f435a497a7583d2b4d23558415cc442f84553
 2026-05-12 08:06:13 +00:00
Alf Eaton
b906de86db Add info to NotFoundError (#33440) 
* Add info to errors in ProjectLocator

* Update ProjectLocator.test.mjs

* Add info to errors in SSOConfigManager

* Update SSOConfigManager.test.mjs

GitOrigin-RevId: 5a13350af1808f3a16a4bc8a9946cbe8f15e6b3a
 2026-05-12 08:05:49 +00:00
Alf Eaton
8be321fd73 Add @modules alias to frontend test module resolver (#33491) 
GitOrigin-RevId: 929180b0887695b0d04456cfa66ccf87b4cd51c0
 2026-05-12 08:05:45 +00:00
Eric Mc Sween
e0488a8d3b Merge pull request #33534 from overleaf/em-fix-autocomplete-32913 
Fix autocomplete dropdown closing on blur and input re-click

GitOrigin-RevId: 82f45f0f1ae9e2b3846906d962a3f16e5b2963e4
 2026-05-11 08:06:11 +00:00
Malik Glossop
893005cb88 Merge pull request #33281 from overleaf/jd-back-to-pdf-button 
Change the "close logs" icon button to a "Back to PDF" button with a label

GitOrigin-RevId: 30b8d3e314fb9b8c901b90055832b88687827e62
 2026-05-11 08:05:55 +00:00
Brian Gough
3940f8c2a7 Merge pull request #33504 from overleaf/bg-upgrade-yauzl 
Upgrade yauzl library in web to version 3.3.0

GitOrigin-RevId: 82b4158db7a432f4257bd48402840f07801c6d07
 2026-05-11 08:05:47 +00:00
Domagoj Kriskovic
11d35bd065 Test that pyodide package.json version matches fetch script 
GitOrigin-RevId: e04ae191d2b1e5a08ba2e27518e61899d0e2d490
 2026-05-11 08:05:39 +00:00
Domagoj Kriskovic
5d171066c2 Add analytics events for Python script runner 
GitOrigin-RevId: 53f0fec09fc2a4ccdf1a6f77345741bed29d8a8b
 2026-05-11 08:05:34 +00:00
Jimmy Domagala-Tang
c37e46e1ad Add audit log entries when users max out their AI usage (#32886) 
* feat: adding audit log entries when users max out their AI usage

* feat: also log when user hits quota exactly, since support wants to know that

* feat: moving audit logging to the rate limiters themselves

* feat: moving to single quota breach event with tool in info

* feat: adding audit log for ai quota tests

GitOrigin-RevId: 64056632f142a9ea22a703b7621234f93e9f6ec7
 2026-05-08 08:10:23 +00:00
Eric Mc Sween
2bb35fafb8 Merge pull request #33490 from overleaf/em-parse-req-errors-2 
Reintroduce custom error types in request validation

GitOrigin-RevId: 1985ca04c8fe693fb836b042517d94700343bc46
 2026-05-08 08:10:13 +00:00
Mathias Jakobsen
5dc67db403 Merge pull request #33089 from overleaf/ds-export-md-files-pandoc 
[WEB + CLSI] Download as markdown

GitOrigin-RevId: 181eddf2513e9c5edacbab37e93f9cac2191ee1a
 2026-05-08 08:09:07 +00:00
Mathias Jakobsen
eddcc5a42e Merge pull request #32857 from overleaf/ds-pandoc-import-md 
[WEB + CLSI] Import markdown files using pandoc

GitOrigin-RevId: adad7831ddb13a8fcb8063871166bde13cbbf1b6
 2026-05-08 08:09:02 +00:00
Kristina
bd604063e6 [web] add preferences to control all implemented notifications (#33320) 
* feat: add granular controls for other features
* feat: add filtering to notifications that were missing them
* refactor: rm duplicate thread fetches
* fix: reduce permissions to fit spec (all === new comments/tracked changes, replies === only if also a participant)
* fix: include mentions in types

GitOrigin-RevId: b4a09ef59e5cf4de2e07d5b9a13c31fc1cf81a31
 2026-05-08 08:08:30 +00:00
Kristina
40954ae2dc Merge pull request #32949 from overleaf/kh-default-invitees-to-replies-only 
[web] default invitees to replies only

GitOrigin-RevId: e3198403917e2679e49e27aaa87ae111675dc974
 2026-05-08 08:08:17 +00:00
roo hutton
498af9b07b Merge pull request #33467 from overleaf/rh-cio-prev-plan-type-fix 
Only set previous_plan_type when normalised plan type changes

GitOrigin-RevId: 43133fc248bfb32b921da68bee91b445ca44eb1f
 2026-05-08 08:08:11 +00:00
Mathias Jakobsen
76fbb56107 [web] Delay suggest fix paywall until suggest button has been clicked (#33458) 
GitOrigin-RevId: 11d2ec0c9c33aea3fedff57d5f1a74d6ce774017
 2026-05-07 08:08:36 +00:00
Jessica Lawshe
fc4e17d30f Merge pull request #32816 from overleaf/jel-domain-captured-by-group 
[web] Check `domainCapturedByGroup` on domain instead of `group.domainCaptureEnabled` only for project/dash redirect

GitOrigin-RevId: a6389da9c943327e5941eaa24eb274106526f80b
 2026-05-07 08:08:07 +00:00
Miguel Serrano
d3f5738158 [web] Update pro -> premium wording (#33445) 
* [web] Update `pro` -> `premium` wording

Updated translations to reflect change on
plan denominations

GitOrigin-RevId: 39e9c8257f29540d33769e960b5b81fb08c47c62
 2026-05-07 08:07:59 +00:00
ilkin-overleaf
faec27d7b0 Merge pull request #33163 from overleaf/ii-share-modal-give-feedback 
[web] Share modal give feedback link

GitOrigin-RevId: 5e83dec6c6b97c172b7600d8ded285db49178a64
 2026-05-07 08:07:54 +00:00
roo hutton
5c348078c2 Merge pull request #33340 from overleaf/rh-pause-block 
Prevent calls to pause endpoint if pause-subscription not enabled

GitOrigin-RevId: 6efd00391576441b3104e34def2e5ad110dcc853
 2026-05-07 08:07:36 +00:00
Brian Gough
a6c8ce32c3 Merge pull request #33312 from overleaf/copilot/send-clear-site-data-header 
Send `Clear-Site-Data` header on account deletion

GitOrigin-RevId: c3f0b5f27cc80a1927518c56436c3a808b144fb7
 2026-05-07 08:07:20 +00:00
Chris Dryden
df01c7e9e1 Merge pull request #33162 from overleaf/cd-upload-generated-files-to-filetree 
Cd upload generated files to filetree

GitOrigin-RevId: 2d2774e57c42452fba3a2582fde7153ffcde59bf
 2026-05-07 08:07:06 +00:00
Domagoj Kriskovic
ad58ec2c79 Consolidate duplicate Pyodide output limit tests 
GitOrigin-RevId: 8ec631b740736158d6e1e75ccab90136813ffa15
 2026-05-07 08:06:52 +00:00
Domagoj Kriskovic
672e01c703 Enforce output file count and size limits in the Pyodide worker 
GitOrigin-RevId: 2cc61613381243d810a8cb9e1c2c32fa9e751da7
 2026-05-07 08:06:46 +00:00
Jakob Ackermann
d97a659f92 [web] make double compile test parameters configurable via env vars (#33406) 
* [web] make double compile test parameters configurable via env vars

* [k8s] web: enable double compile test for free compiles on n4 instances

GitOrigin-RevId: 3a5cb8ed6d044fcf3f4c0d2b9d252326bac48511
 2026-05-06 08:07:28 +00:00
Copilot
32f5ac48c7 Use a Firefox-allowlisted Material Symbols family for unfilled editor icons (#32945) 
GitOrigin-RevId: 61b7e4044f9a57a2083c5467fa0ec6eaa0f9ae1e
 2026-05-06 08:07:14 +00:00
Eric Mc Sween
3da2d53acb Merge pull request #33413 from overleaf/revert-33040-em-parse-req-errors 
Revert "Replace isZodErrorLike with custom error types in request validation"

GitOrigin-RevId: 1f51fe9e14ffabf283f1229552d3887136420f8f
 2026-05-06 08:06:41 +00:00
Eric Mc Sween
98def949ec Merge pull request #33040 from overleaf/em-parse-req-errors 
Replace isZodErrorLike with custom error types in request validation

GitOrigin-RevId: 9cb453a2cde595a00f5049e4829ea9e3dbe17b28
 2026-05-06 08:06:37 +00:00
Antoine Clausse
cff35c743f [web] Fix wrong price shown in future payments preview when upgrading over a pending downgrade (#33305) 
* fix(web): show correct plan in future payments preview when upgrading over a pending downgrade

When a user had a scheduled plan downgrade and then immediately upgraded
to a higher plan, makeChangePreview() always used the pending (stale)
plan code/name/price for the future payments display rather than the
newly selected plan.

Check whether the current change is a plan change (premium-subscription
or group-plan-upgrade type) and if so use subscriptionChange's plan
details instead of pendingChange's, since the immediate upgrade overrides
the scheduled downgrade.

Closes #33299

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

* test(web): add unit tests for makeChangePreview pending-change plan override

Covers the four cases: premium-subscription and group-plan-upgrade types
use subscriptionChange plan (not pendingChange), add-on-purchase type
defers to pendingChange plan, and no-pending-change falls back to
subscriptionChange as before.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

---------

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
GitOrigin-RevId: cc2f9c88e5dfdfb89370798e857ea98caf8fcf85
 2026-05-06 08:05:49 +00:00
Andrew Rumble
f434b1fc28 Merge pull request #33149 from overleaf/ar-ja-remove-i18next-additional-packages 
[web] remove i18next additional libraries

GitOrigin-RevId: 98fc17b409090db32b02bb66953f1c2e6efee608
 2026-05-06 08:05:41 +00:00
Jakob Ackermann
d61e3f5521 [web] fix caching of session.analyticsId (#33300) 
* [web] fix caching of session.analyticsId

* [web] disable analyticsIdMiddleware tests for Server Pro/CE

GitOrigin-RevId: 2acf76f937adabd62b1e9f876a858211ef7a13c6
 2026-05-05 08:06:09 +00:00
Jakob Ackermann
37cc65ec7e [web] consolidate clsi downloads and add zod validation (#33069) 
* [web] consolidate clsi downloads and add zod validation

* [validation-tools] make prettier happy

* [web] make clsiServerId optional

* [web] fix type of buildId

* [web] gracefully handle ObjectId

* [web] fix type of buildId

* [monorepo] address review feedback

- cjs export
- update module path in comments
- skip adding ?clsiserverid if not set
- allow nested output file download for submissions and add tests

* [web] address review feedback

* [web] cache one more zod schema

* [web] fix unit tests

GitOrigin-RevId: 0a1e618955983e035defd6d3c0528b81e0e85c95
 2026-05-05 08:06:05 +00:00
Malik Glossop
e2de08ca86 Merge pull request #33146 from overleaf/copilot/fix-code-folding-bug 
Fix code folding when a comment or blank line precedes an indented sectioning command

GitOrigin-RevId: 2a955311c1ce073b2eb80fdfbf45d00705e22d69
 2026-05-05 08:05:57 +00:00