mirrors/element-web
1
0
Fork 0
mirror of https://github.com/vector-im/element-web.git synced 2026-03-02 20:12:04 +01:00
Code Issues Projects Releases Wiki Activity

Merge branch 'develop' into toger5/pip-widget-view-shared-component-redesign

Browse Source
This commit is contained in:
Timo K 2026-02-27 11:17:40 +01:00
commit 381641eb34
3738 changed files with 17683 additions and 14796 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
.github/CODEOWNERS vendored
View File

@ -1,36 +1,36 @@
* @element-hq/element-web-reviewers
/.github/workflows/** @element-hq/element-web-team
/package.json @element-hq/element-web-team
package.json @element-hq/element-web-team
/pnpm-lock.yaml @element-hq/element-web-team
/src/SecurityManager.ts @element-hq/element-crypto-web-reviewers
/test/SecurityManager-test.ts @element-hq/element-crypto-web-reviewers
/src/async-components/views/dialogs/security/ @element-hq/element-crypto-web-reviewers
/src/components/views/dialogs/security/ @element-hq/element-crypto-web-reviewers
/test/components/views/dialogs/security/ @element-hq/element-crypto-web-reviewers
/src/stores/SetupEncryptionStore.ts @element-hq/element-crypto-web-reviewers
/test/stores/SetupEncryptionStore-test.ts @element-hq/element-crypto-web-reviewers
/src/components/views/settings/tabs/user/EncryptionUserSettingsTab.tsx @element-hq/element-crypto-web-reviewers
/src/components/views/settings/encryption/ @element-hq/element-crypto-web-reviewers
/test/unit-tests/components/views/settings/encryption/ @element-hq/element-crypto-web-reviewers
/src/components/views/dialogs/devtools/Crypto.tsx @element-hq/element-crypto-web-reviewers
/playwright/e2e/crypto/ @element-hq/element-crypto-web-reviewers
/playwright/e2e/settings/encryption-user-tab/ @element-hq/element-crypto-web-reviewers
/packages/shared-components/src/crypto/ @element-hq/element-crypto-web-reviewers
/apps/web/src/SecurityManager.ts @element-hq/element-crypto-web-reviewers
/apps/web/test/SecurityManager-test.ts @element-hq/element-crypto-web-reviewers
/apps/web/src/async-components/views/dialogs/security/ @element-hq/element-crypto-web-reviewers
/apps/web/src/components/views/dialogs/security/ @element-hq/element-crypto-web-reviewers
/apps/web/test/components/views/dialogs/security/ @element-hq/element-crypto-web-reviewers
/apps/web/src/stores/SetupEncryptionStore.ts @element-hq/element-crypto-web-reviewers
/apps/web/test/stores/SetupEncryptionStore-test.ts @element-hq/element-crypto-web-reviewers
/apps/web/src/components/views/settings/tabs/user/EncryptionUserSettingsTab.tsx @element-hq/element-crypto-web-reviewers
/apps/web/src/components/views/settings/encryption/ @element-hq/element-crypto-web-reviewers
/apps/web/test/unit-tests/components/views/settings/encryption/ @element-hq/element-crypto-web-reviewers
/apps/web/src/components/views/dialogs/devtools/Crypto.tsx @element-hq/element-crypto-web-reviewers
/apps/web/playwright/e2e/crypto/ @element-hq/element-crypto-web-reviewers
/apps/web/playwright/e2e/settings/encryption-user-tab/ @element-hq/element-crypto-web-reviewers
/packages/shared-components/src/crypto/ @element-hq/element-crypto-web-reviewers
/src/models/Call.ts @element-hq/element-call-reviewers
/src/call-types.ts @element-hq/element-call-reviewers
/src/components/views/voip @element-hq/element-call-reviewers
/playwright/e2e/voip/element-call.spec.ts @element-hq/element-call-reviewers
/apps/web/src/models/Call.ts @element-hq/element-call-reviewers
/apps/web/src/call-types.ts @element-hq/element-call-reviewers
/apps/web/src/components/views/voip @element-hq/element-call-reviewers
/apps/web/playwright/e2e/voip/element-call.spec.ts @element-hq/element-call-reviewers
# Ignore translations as those will be updated by GHA for Localazy download
/src/i18n/strings
/apps/web/src/i18n/strings
/packages/shared-components/src/i18n/strings
/src/i18n/strings/en_EN.json @element-hq/element-web-reviewers
/apps/web/src/i18n/strings/en_EN.json @element-hq/element-web-reviewers
/packages/shared-components/src/i18n/strings/en_EN.json @element-hq/element-web-reviewers
# Ignore the synapse & mas plugins as this is updated by GHA for docker image updating
/playwright/testcontainers/synapse.ts
/playwright/testcontainers/mas.ts
/apps/web/playwright/testcontainers/synapse.ts
/apps/web/playwright/testcontainers/mas.ts

12
.github/renovate.json vendored
View File

@ -1,5 +1,15 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": ["github>matrix-org/renovate-config-element-web"],
"postUpdateOptions": ["pnpmDedupe"]
"postUpdateOptions": ["pnpmDedupe"],
"customManagers": [
{
"customType": "regex",
"datasourceTemplate": "docker",
"versioningTemplate": "loose",
"description": "Update testcontainers docker digests",
"managerFilePatterns": ["**/testcontainers/*.ts"],
"matchStrings": ["\\s+\"(?<depName>[^@]+):(?<currentValue>[^@]+)@(?<currentDigest>sha256:[a-f0-9]+)\""]
}
]
}

8
.github/workflows/build.yml vendored
View File

@ -12,7 +12,7 @@ concurrency:
env:
# This must be set for fetchdep.sh to get the right branch
PR_NUMBER: ${{ github.event.pull_request.number }}
NX_DEFAULT_OUTPUT_STYLE: static
NX_DEFAULT_OUTPUT_STYLE: stream-without-prefixes
permissions: {} # No permissions required
jobs:
build:
@ -43,7 +43,7 @@ jobs:
run:
shell: bash
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
@ -57,9 +57,11 @@ jobs:
run: ./scripts/layered.sh
- name: Copy config
working-directory: apps/web
run: cp element.io/develop/config.json config.json
- name: Build
working-directory: apps/web
env:
CI_PACKAGE: true
run: VERSION=$(scripts/get-version-from-git.sh) pnpm build
@ -68,5 +70,5 @@ jobs:
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
with:
name: webapp-${{ matrix.image }}
path: webapp
path: apps/web/webapp
retention-days: 1

11
.github/workflows/build_debian.yaml vendored
View File

@ -14,14 +14,16 @@ jobs:
R2_URL: ${{ vars.CF_R2_S3_API }}
VERSION: ${{ github.ref_name }}
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Download package
working-directory: apps/web
run: |
wget "https://github.com/element-hq/element-web/releases/download/$VERSION/element-$VERSION.tar.gz"
wget "https://github.com/element-hq/element-web/releases/download/$VERSION/element-$VERSION.tar.gz.asc"
- name: Check GPG signature
working-directory: apps/web
run: |
wget "https://packages.element.io/element-release-key.gpg"
gpg --import element-release-key.gpg
@ -31,6 +33,7 @@ jobs:
FINGERPRINT: ${{ vars.GPG_FINGERPRINT }}
- name: Prepare
working-directory: apps/web
run: |
mkdir -p debian/tmp/DEBIAN
find debian -maxdepth 1 -type f -exec cp "{}" debian/tmp/DEBIAN/ \;
@ -41,6 +44,7 @@ jobs:
ln -s /etc/element-web/config.json debian/tmp/usr/share/element-web/config.json
- name: Write changelog
working-directory: apps/web
run: |
VERSION=$(cat package.json | jq -r .version)
TIME=$(date -d "$PUBLISHED_AT" -R)
@ -57,6 +61,7 @@ jobs:
PUBLISHED_AT: ${{ github.event.release.published_at }}
- name: Build deb package
working-directory: apps/web
run: |
VERSION=$(cat package.json | jq -r .version)
dpkg-gencontrol -v"$VERSION" -ldebian/tmp/DEBIAN/changelog
@ -65,14 +70,14 @@ jobs:
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
with:
name: element-web.deb
path: element-web.deb
path: apps/web/element-web.deb
retention-days: 14
- name: Publish to packages.element.io
if: github.event.release.prerelease == false
uses: element-hq/packages.element.io@master
with:
file: element-web.deb
file: apps/web/element-web.deb
github-token: ${{ secrets.ELEMENT_BOT_TOKEN }}
bucket-api: ${{ vars.CF_R2_S3_API }}
bucket-key-id: ${{ secrets.CF_R2_ACCESS_KEY_ID }}

14
.github/workflows/build_develop.yml vendored
View File

@ -10,7 +10,7 @@ concurrency:
group: ${{ github.repository_owner }}-${{ github.workflow }}-${{ github.ref_name }}
cancel-in-progress: true
env:
NX_DEFAULT_OUTPUT_STYLE: static
NX_DEFAULT_OUTPUT_STYLE: stream-without-prefixes
permissions: {}
jobs:
build:
@ -28,7 +28,7 @@ jobs:
R2_URL: ${{ vars.CF_R2_S3_API }}
R2_PUBLIC_URL: "https://element-web-develop.element.io"
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
@ -40,6 +40,7 @@ jobs:
run: "./scripts/layered.sh"
- name: Build, Package & Upload sourcemaps
working-directory: apps/web
run: "./scripts/ci_package.sh"
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
@ -55,20 +56,21 @@ jobs:
CSP_EXTRA_SOURCE: ${{ env.R2_PUBLIC_URL }}
- run: mv dist/element-*.tar.gz dist/develop.tar.gz
working-directory: apps/web
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
with:
name: webapp
path: dist/develop.tar.gz
path: apps/web/dist/develop.tar.gz
retention-days: 1
- name: Extract webapp
run: |
mkdir _deploy
tar xf dist/develop.tar.gz -C _deploy --strip-components=1
tar xf apps/web/dist/develop.tar.gz -C _deploy --strip-components=1
- name: Copy config
run: cp element.io/develop/config.json _deploy/config.json
run: cp apps/web/element.io/develop/config.json _deploy/config.json
- name: Populate 404.html
run: echo "404 Not Found" > _deploy/404.html
@ -115,7 +117,7 @@ jobs:
# Checksum algorithm specified as per https://developers.cloudflare.com/r2/examples/aws/aws-cli/
- name: Deploy to R2
run: |
aws s3 cp dist/develop.tar.gz s3://$R2_BUCKET/develop.tar.gz --endpoint-url $R2_URL --region=auto --checksum-algorithm CRC32
aws s3 cp apps/web/dist/develop.tar.gz s3://$R2_BUCKET/develop.tar.gz --endpoint-url $R2_URL --region=auto --checksum-algorithm CRC32
aws s3 cp _deploy/ s3://$R2_BUCKET/ --recursive --endpoint-url $R2_URL --region=auto --checksum-algorithm CRC32
env:
AWS_ACCESS_KEY_ID: ${{ secrets.CF_R2_ACCESS_KEY_ID }}

78
.github/workflows/cd.yaml vendored Normal file
View File

@ -0,0 +1,78 @@
name: CD # Continuous Delivery
on:
push:
branches: [develop]
concurrency: ${{ github.workflow }}-${{ github.ref_name }}
permissions: {}
env:
NX_DEFAULT_OUTPUT_STYLE: static
jobs:
docker:
name: Docker Bake
runs-on: ubuntu-24.04
permissions:
id-token: write # needed for signing the images with GitHub OIDC Token
packages: write # needed for publishing packages to GHCR
# Needed for nx-set-shas
contents: read
actions: read
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
with:
# We need to fetch all branches and commits so that Nx affected has a base to compare against.
fetch-depth: 0
# reduce the size of the checkout with tree filtering,
# see https://github.blog/open-source/git/get-up-to-speed-with-partial-clone-and-shallow-clone/
filter: tree:0
- name: Prepare nx
uses: nrwl/nx-set-shas@3e9ad7370203c1e93d109be57f3b72eb0eb511b1 # v4
with:
main-branch-name: develop
- name: Install Cosign
uses: sigstore/cosign-installer@398d4b0eeef1380460a10c8013a76f728fb906ac # v3
- name: Set up QEMU
uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3
- name: Set up Docker Buildx
id: builder
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
with:
node-version-file: package.json
cache: "pnpm"
- name: Install Deps
run: "pnpm install --frozen-lockfile"
- name: Login to GitHub Container Registry
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- run: pnpm nx affected -t docker:build
env:
INPUT_PUSH: true
INPUT_LOAD: false
INPUT_GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
INPUT_BUILDER: ${{ steps.builder.outputs.name }}
- name: Sign the images with GitHub OIDC token
env:
PATTERN: "^ghcr.io/element-hq/element-web*"
run: |
docker image ls --digests --format '{{.Repository}}@{{.Digest}}' | grep "$PATTERN" | while read -r TARGET; do
# Check if digest is valid (not <none>)
if [[ "$TARGET" != *"@<none>"* ]]; then
echo "Signing $TARGET..."
cosign sign --yes "$TARGET"
fi
done

4
.github/workflows/deploy.yml vendored
View File

@ -34,7 +34,7 @@ jobs:
env:
SITE: ${{ inputs.site || 'staging.element.io' }}
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: Load GPG key
run: |
@ -70,7 +70,7 @@ jobs:
run: cp -vnpr _current_version/bundles/* _deploy/bundles/
- name: Copy config
run: cp element.io/app/config.json _deploy/config.json
run: cp apps/web/element.io/app/config.json _deploy/config.json
- name: Populate 404.html
run: echo "404 Not Found" > _deploy/404.html

8
.github/workflows/docker.yaml vendored
View File

@ -20,7 +20,7 @@ jobs:
env:
TEST_TAG: vectorim/element-web:test
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
fetch-depth: 0 # needed for docker-package to be able to calculate the version
@ -38,9 +38,10 @@ jobs:
- name: Build and load
id: test-build
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
with:
context: .
file: apps/web/Dockerfile
load: true
- name: Test the image
@ -147,10 +148,11 @@ jobs:
- name: Build and push
id: build-and-push
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
if: github.event_name != 'pull_request'
with:
context: .
file: apps/web/Dockerfile
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}

6
.github/workflows/docs.yml vendored
View File

@ -17,18 +17,18 @@ jobs:
runs-on: ubuntu-24.04
steps:
- name: Fetch element-desktop
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
repository: element-hq/element-desktop
path: element-desktop
- name: Fetch element-web
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
path: element-web
- name: Fetch matrix-js-sdk
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
repository: matrix-org/matrix-js-sdk
path: matrix-js-sdk

19
.github/workflows/end-to-end-tests.yaml vendored
View File

@ -37,7 +37,7 @@ env:
PR_NUMBER: ${{ github.event.pull_request.number }}
# Use 6 runners in the default case, but 4 when running on a schedule where we run all 5 projects (20 runners total)
NUM_RUNNERS: ${{ github.event_name == 'schedule' && 4 || 6 }}
NX_DEFAULT_OUTPUT_STYLE: static
NX_DEFAULT_OUTPUT_STYLE: stream-without-prefixes
permissions: {} # No permissions required
@ -51,7 +51,7 @@ jobs:
runners-matrix: ${{ steps.runner-vars.outputs.matrix }}
steps:
- name: Checkout code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
repository: element-hq/element-web
@ -68,18 +68,20 @@ jobs:
run: scripts/layered.sh
- name: Copy config
working-directory: apps/web
run: cp element.io/develop/config.json config.json
- name: Build
env:
CI_PACKAGE: true
working-directory: apps/web
run: VERSION=$(scripts/get-version-from-git.sh) pnpm build
- name: Upload Artifact
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
with:
name: webapp
path: webapp
path: apps/web/webapp
retention-days: 1
- name: Calculate runner variables
@ -124,7 +126,7 @@ jobs:
- runAllTests: false
project: Pinecone
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
persist-credentials: false
repository: element-hq/element-web
@ -133,7 +135,7 @@ jobs:
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7
with:
name: webapp
path: webapp
path: apps/web/webapp
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
@ -167,6 +169,7 @@ jobs:
# We skip tests tagged with @mergequeue when running on PRs, but run them in MQ and everywhere else
- name: Run Playwright tests
working-directory: apps/web
run: |
pnpm playwright test \
--shard "${{ matrix.runner }}/${{ needs.build.outputs.num-runners }}" \
@ -178,7 +181,7 @@ jobs:
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
with:
name: all-blob-reports-${{ matrix.project }}-${{ matrix.runner }}
path: blob-report
path: apps/web/blob-report
retention-days: 1
downstream-modules:
@ -197,7 +200,7 @@ jobs:
if: always()
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
if: inputs.skip != true
with:
persist-credentials: false
@ -225,7 +228,7 @@ jobs:
- name: Merge into HTML Report
if: inputs.skip != true
run: pnpm playwright merge-reports --reporter=html,./playwright/flaky-reporter.ts,@element-hq/element-web-playwright-common/lib/stale-screenshot-reporter.js ./all-blob-reports
run: pnpm playwright merge-reports --reporter=html,./apps/web/playwright/flaky-reporter.ts,@element-hq/element-web-playwright-common/lib/stale-screenshot-reporter.js ./all-blob-reports
env:
# Only pass creds to the flaky-reporter on main branch runs
GITHUB_TOKEN: ${{ github.ref_name == 'develop' && secrets.ELEMENT_BOT_TOKEN || '' }}

3
.github/workflows/localazy_upload.yaml vendored
View File

@ -1,9 +1,10 @@
name: Localazy Upload
on:
workflow_dispatch: {}
push:
branches: [develop]
paths:
- "src/i18n/strings/en_EN.json"
- "apps/web/src/i18n/strings/en_EN.json"
- "packages/shared-components/src/i18n/strings/en_EN.json"
permissions: {} # No permissions needed
jobs:

92
.github/workflows/pending-reviews.yaml vendored
View File

@ -1,92 +0,0 @@
name: Pending reviews automation
on:
# The bot exceeded its API rate limit. Disabling for now (adding workflow dispatch so the workflow file stays valid & we can test to see if it starts working again)
workflow_dispatch: {}
# We run it on a schedule instead of on pull_request_* events to not create confusing messaging in the PR
#schedule:
# - cron: "*/10 * * * *"
concurrency: ${{ github.workflow }}
permissions: {} # We use ELEMENT_BOT_TOKEN instead
jobs:
bot:
name: Pending reviews bot
runs-on: ubuntu-24.04
environment: Matrix
env:
URL: "https://github.com/pulls?q=is%3Apr+is%3Aopen+repo%3Amatrix-org%2Fmatrix-js-sdk+repo%3Amatrix-org%2Fmatrix-react-sdk+repo%3Aelement-hq%2Felement-web+repo%3Aelement-hq%2Felement-desktop+review-requested%3A%40me+sort%3Aupdated-desc+"
RELEASE_BLOCKERS_URL: "https://github.com/pulls?q=is%3Aopen+repo%3Amatrix-org%2Fmatrix-js-sdk+repo%3Amatrix-org%2Fmatrix-react-sdk+repo%3Aelement-hq%2Felement-web+repo%3Aelement-hq%2Felement-desktop+sort%3Aupdated-desc+label%3AX-Release-Blocker+"
steps:
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
env:
HS_URL: ${{ secrets.BETABOT_HS_URL }}
ROOM_ID: ${{ secrets.ROOM_ID }}
TOKEN: ${{ secrets.BETABOT_ACCESS_TOKEN }}
with:
# PAT needed as the GITHUB_TOKEN won't be able to see cross-references from other orgs (matrix-org)
github-token: ${{ secrets.ELEMENT_BOT_TOKEN }}
script: |
const { HS_URL, ROOM_ID, TOKEN, URL, RELEASE_BLOCKERS_URL } = process.env;
async function updateCounter(counter, link, severity, title, value, clearOnZero) {
const apiUrl = `${HS_URL}/_matrix/client/v3/rooms/${ROOM_ID}/state/re.jki.counter/${counter}`;
const headers = {
"Content-Type": "application/json",
"Authorization": `Bearer ${TOKEN}`,
};
const res = await fetch(apiUrl, {
method: "GET",
headers,
});
const data = await res.json();
if (data.value === issueCount) {
console.log("Pending review count already correct");
return;
}
let body = {};
if (issueCount || !clearOnZero) {
body = JSON.stringify({
link,
severity,
title,
value,
});
}
await fetch(apiUrl, {
method: "PUT",
body,
headers,
});
}
const repos = [
"element-hq/element-desktop",
"element-hq/element-web",
"matrix-org/matrix-js-sdk",
];
const teams = [
"matrix-org/element-web-team",
"matrix-org/element-web-reviewers",
"element-hq/element-web-team",
"element-hq/element-web-reviewers",
];
let issueCount = 0;
for (const team of teams) {
const org = team.split("/", 2)[0];
const reposInOrg = repos.filter(repo => repo.startsWith(org + "/"));
const { data } = await github.rest.search.issuesAndPullRequests({
q: `is:pr is:open review:required ${reposInOrg.map(r => `repo:${r}`).join(" ")} team-review-requested:${team}`,
});
issueCount += data.total_count;
}
await updateCounter("gh_reviews", URL, "warning", "Pending reviews", issueCount);
const { data } = await github.rest.search.issuesAndPullRequests({
q: `is:open ${repos.map(repo => `repo:${repo}`).join(" ")} label:X-Release-Blocker`,
});
const blockerCount = data.total_count;
await updateCounter("release_blockers", RELEASE_BLOCKERS_URL, "alert", "Release Blockers", blockerCount, true);

57
.github/workflows/playwright-image-updates.yaml vendored
View File

@ -1,57 +0,0 @@
name: Update Playwright docker images
on:
workflow_dispatch: {}
schedule:
- cron: "0 6 * * *" # Every day at 6am UTC
permissions: {}
jobs:
update:
runs-on: ubuntu-24.04
permissions:
pull-requests: write
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- name: Update synapse image
run: |
docker pull "$IMAGE"
INSPECT=$(docker inspect --format='{{index .RepoDigests 0}}' "$IMAGE")
DIGEST=${INSPECT#*@}
sed -i "s/const TAG.*/const TAG = \"develop@$DIGEST\";/" playwright/testcontainers/synapse.ts
env:
IMAGE: ghcr.io/element-hq/synapse:develop
- name: Update MAS image
run: |
docker pull "$IMAGE"
INSPECT=$(docker inspect --format='{{index .RepoDigests 0}}' "$IMAGE")
DIGEST=${INSPECT#*@}
sed -i "s/const TAG.*/const TAG = \"main@$DIGEST\";/" playwright/testcontainers/mas.ts
env:
IMAGE: ghcr.io/element-hq/matrix-authentication-service:main
- name: Create Pull Request
id: cpr
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8
with:
token: ${{ secrets.ELEMENT_BOT_TOKEN }}
branch: actions/playwright-image-updates
delete-branch: true
title: Playwright Docker image updates
labels: |
T-Task
- name: Enable automerge
run: gh pr merge --merge --auto "$PR_NUMBER"
if: steps.cpr.outputs.pull-request-operation == 'created'
env:
GH_TOKEN: ${{ secrets.ELEMENT_BOT_TOKEN }}
PR_NUMBER: ${{ steps.cpr.outputs.pull-request-number }}
- name: Enable autoapprove
run: |
gh pr review --approve "$PR_NUMBER"
if: steps.cpr.outputs.pull-request-operation == 'created'
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
PR_NUMBER: ${{ steps.cpr.outputs.pull-request-number }}

1
.github/workflows/release-gitflow.yml vendored
View File

@ -11,5 +11,6 @@ jobs:
secrets:
ELEMENT_BOT_TOKEN: ${{ secrets.ELEMENT_BOT_TOKEN }}
with:
dir: apps/web
dependencies: |
matrix-js-sdk

1
.github/workflows/release.yml vendored
View File

@ -29,6 +29,7 @@ jobs:
gpg-fingerprint: ${{ vars.GPG_FINGERPRINT }}
asset-path: dist/*.tar.gz
expected-asset-count: 3
dir: apps/web
notify-downstream:
name: Trigger release drafter downstream

6
.github/workflows/release_prepare.yml vendored
View File

@ -41,7 +41,7 @@ jobs:
REPOS: matrix-js-sdk element-web element-desktop
steps:
- name: Checkout Element Desktop
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
if: inputs.element-desktop
with:
repository: element-hq/element-desktop
@ -51,7 +51,7 @@ jobs:
fetch-tags: true
token: ${{ secrets.ELEMENT_BOT_TOKEN }}
- name: Checkout Element Web
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
if: inputs.element-web
with:
repository: element-hq/element-web
@ -61,7 +61,7 @@ jobs:
fetch-tags: true
token: ${{ secrets.ELEMENT_BOT_TOKEN }}
- name: Checkout Matrix JS SDK
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
if: inputs.matrix-js-sdk
with:
repository: matrix-org/matrix-js-sdk

2
.github/workflows/shared-component-publish.yaml vendored
View File

@ -13,7 +13,7 @@ jobs:
steps:
- name: 🧮 Checkout code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- name: 🔧 Set up node environment

36
.github/workflows/shared-component-storybook-build.yml vendored Normal file
View File

@ -0,0 +1,36 @@
name: Build shared component storybook
on:
merge_group: {}
pull_request: {}
workflow_call: {}
permissions: {}
jobs:
doc:
name: Build storybook
runs-on: ubuntu-latest
steps:
- name: 🧮 Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- name: 🔧 Pnpm cache
uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
with:
cache: "pnpm"
node-version-file: package.json
- name: 🔨 Install dependencies
working-directory: packages/shared-components
run: "pnpm install --frozen-lockfile"
- name: 📖 Build Storybook
working-directory: packages/shared-components
run: pnpm build:storybook
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6
with:
name: shared-components-storybook
path: packages/shared-components/storybook-static
retention-days: 1

30
.github/workflows/shared-component-storybook-publish.yaml vendored
View File

@ -10,34 +10,24 @@ on:
permissions: {}
jobs:
doc:
build:
name: Build storybook
uses: ./.github/workflows/shared-component-storybook-build.yml
publish:
name: Publish storybook
runs-on: ubuntu-latest
needs: build
environment: SharedComponents
steps:
- name: 🧮 Checkout code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- name: 🔧 Pnpm cache
uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6
- uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7
with:
cache: "pnpm"
node-version-file: package.json
- name: 🔨 Install dependencies
working-directory: packages/shared-components
run: "pnpm install --frozen-lockfile"
- name: 📖 Build Storybook
working-directory: packages/shared-components
run: pnpm build:storybook
name: shared-components-storybook
path: storybook-static
- name: 🚀 Deploy to Cloudflare Pages
uses: cloudflare/wrangler-action@9681c2997648301493e78cacbfb790a9f19c833f # v3
uses: cloudflare/wrangler-action@da0e0dfe58b7a431659754fdf3f186c529afbe65 # v3
with:
apiToken: ${{ secrets.CF_PAGES_TOKEN }}
accountId: ${{ secrets.CF_PAGES_ACCOUNT_ID }}
workingDirectory: "packages/shared-components"
packageManager: "pnpm"
command: pages deploy storybook-static --project-name=shared-components-storybook

2
.github/workflows/shared-component-visual-tests.yaml vendored
View File

@ -21,7 +21,7 @@ jobs:
issues: read
pull-requests: read
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
persist-credentials: false
repository: element-hq/element-web

191
.github/workflows/static_analysis.yaml vendored
View File

@ -14,147 +14,100 @@ concurrency:
env:
# This must be set for fetchdep.sh to get the right branch
PR_NUMBER: ${{ github.event.pull_request.number }}
NX_DEFAULT_OUTPUT_STYLE: static
NX_DEFAULT_OUTPUT_STYLE: stream-without-prefixes
permissions: {} # No permissions required
jobs:
ts_lint:
name: "Typescript Syntax Check"
lint:
strategy:
fail-fast: false
matrix:
include:
- name: Typescript Syntax Check
install: layered
command: "lint:types"
- name: Prettier
install: normal
command: "lint:prettier"
- name: ESLint
install: normal
command: "lint:js"
- name: Style Lint
install: normal
command: "lint:style"
- name: Workflow Lint
install: normal
command: "lint:workflows"
- name: Analyse Dead Code
install: normal
command: "lint:knip"
- name: Rethemendex Check
command: "rethemendex"
assert-diff: true
name: ${{ matrix.name }}
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
if: matrix.install != ''
with:
cache: "pnpm"
node-version: "lts/*"
- name: Install Dependencies
- name: Install Dependencies (layered)
if: matrix.install == 'layered'
run: "./scripts/layered.sh"
- name: Install Dependencies (normal)
if: matrix.install == 'normal'
run: "pnpm install --frozen-lockfile"
- name: Typecheck
run: "pnpm run lint:types"
- name: Run ${{ matrix.command }}
run: pnpm --if-present run "$CMD" && pnpm -r --if-present run "$CMD"
env:
CMD: ${{ matrix.command }}
- name: Typecheck Shared Components
run: "pnpm --dir packages/shared-components run lint:types"
- name: Assert no changes
run: git diff --exit-code
if: matrix.assert-diff
i18n_lint_ew:
name: "i18n Check (Element Web)"
uses: matrix-org/matrix-web-i18n/.github/workflows/i18n_check.yml@3673fd3abbf8dfae1de849c6cd3e69e24ed7a766
i18n:
strategy:
fail-fast: false
matrix:
include:
- name: Element Web
path: "apps/web"
allowed-hardcoded-keys: |
console_dev_note
labs|element_call_video_rooms
labs|feature_disable_call_per_sender_encryption
voip|element_call
error|invalid_json
error|misconfigured
welcome_to_element
devtools|settings|elementCallUrl
labs|sliding_sync_description
settings|voip|noise_suppression_description
settings|voip|echo_cancellation_description
- name: Shared Components
path: "packages/shared-components"
name: "i18n Check (${{ matrix.name }})"
uses: matrix-org/matrix-web-i18n/.github/workflows/i18n_check.yml@main
permissions:
pull-requests: read
with:
hardcoded-words: "Element"
packageManager: pnpm
allowed-hardcoded-keys: |
console_dev_note
labs|element_call_video_rooms
labs|feature_disable_call_per_sender_encryption
voip|element_call
error|invalid_json
error|misconfigured
welcome_to_element
devtools|settings|elementCallUrl
labs|sliding_sync_description
settings|voip|noise_suppression_description
settings|voip|echo_cancellation_description
path: ${{ matrix.path }}
allowed-hardcoded-keys: ${{ matrix.allowed-hardcoded-keys }}
i18n_lint_shared_components:
name: "i18n Check (Shared Components)"
uses: matrix-org/matrix-web-i18n/.github/workflows/i18n_check.yml@3673fd3abbf8dfae1de849c6cd3e69e24ed7a766
permissions:
pull-requests: read
with:
path: "packages/shared-components"
hardcoded-words: "Element"
packageManager: pnpm
rethemendex_lint:
name: "Rethemendex Check"
# Dummy job to simplify branch protections
ci:
name: Static Analysis
needs: [lint, i18n]
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- run: ./res/css/rethemendex.sh
- run: git diff --exit-code
js_lint:
name: "ESLint"
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
with:
cache: "pnpm"
node-version: "lts/*"
# Does not need branch matching as only analyses this layer
- name: Install Deps
run: "pnpm install --frozen-lockfile"
- name: Run Linter
run: "pnpm run lint:js"
- name: Run Linter
run: "pnpm --dir packages/shared-components run lint:js"
style_lint:
name: "Style Lint"
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
with:
cache: "pnpm"
node-version: "lts/*"
# Does not need branch matching as only analyses this layer
- name: Install Deps
run: "pnpm install"
- name: Run Linter
run: "pnpm run lint:style"
workflow_lint:
name: "Workflow Lint"
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
with:
cache: "pnpm"
node-version: "lts/*"
# Does not need branch matching as only analyses this layer
- name: Install Deps
run: "pnpm install --frozen-lockfile"
- name: Run Linter
run: "pnpm lint:workflows"
analyse_dead_code:
name: "Analyse Dead Code"
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
with:
cache: "pnpm"
node-version: "lts/*"
- name: Install Deps
run: "pnpm install --frozen-lockfile"
- name: Run linter
run: "pnpm run lint:knip"
- run: echo "Ok"

13
.github/workflows/tests.yml vendored
View File

@ -25,7 +25,7 @@ env:
ENABLE_COVERAGE: ${{ github.event_name != 'merge_group' && inputs.disable_coverage != 'true' }}
# fetchdep.sh needs to know our PR number
PR_NUMBER: ${{ github.event.pull_request.number }}
NX_DEFAULT_OUTPUT_STYLE: static
NX_DEFAULT_OUTPUT_STYLE: stream-without-prefixes
permissions: {}
@ -40,7 +40,7 @@ jobs:
runner: [1, 2]
steps:
- name: Checkout code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
repository: ${{ inputs.matrix-js-sdk-sha && 'element-hq/element-web' || github.repository }}
@ -67,10 +67,12 @@ jobs:
uses: SimenB/github-actions-cpu-cores@97ba232459a8e02ff6121db9362b09661c875ab8 # v2
- name: Run tests
working-directory: apps/web
run: |
pnpm test \
--coverage=${{ env.ENABLE_COVERAGE }} \
--ci \
--no-tui \
--max-workers ${{ steps.cpu-cores.outputs.count }} \
--shard ${{ matrix.runner }}/${{ strategy.job-total }} \
--cacheDirectory /tmp/jest_cache
@ -82,6 +84,7 @@ jobs:
- name: Move coverage files into place
if: env.ENABLE_COVERAGE == 'true'
working-directory: apps/web
run: mv coverage/lcov.info coverage/${{ steps.setupNode.outputs.node-version }}-${{ matrix.runner }}.lcov.info
- name: Upload Artifact
@ -90,8 +93,8 @@ jobs:
with:
name: coverage-${{ matrix.runner }}
path: |
coverage
!coverage/lcov-report
apps/web/coverage
!apps/web/coverage/lcov-report
complete:
name: jest-tests
@ -120,7 +123,7 @@ jobs:
runs-on: ubuntu-24.04
steps:
- name: Checkout code
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
with:
repository: ${{ inputs.matrix-js-sdk-sha && 'element-hq/element-web' || github.repository }}

2
.github/workflows/triage-stale.yml vendored
View File

@ -12,7 +12,7 @@ jobs:
issues: write
pull-requests: write
steps:
- uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10
- uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10
with:
operations-per-run: 100

3
.github/workflows/update-jitsi.yml vendored
View File

@ -9,7 +9,7 @@ jobs:
update:
runs-on: ubuntu-24.04
steps:
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- uses: pnpm/action-setup@41ff72655975bd51cab0327fa583b6e92b6d3061 # v4
- uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6
@ -21,6 +21,7 @@ jobs:
run: "pnpm install --frozen-lockfile"
- name: Fetch Jitsi
working-directory: apps/web
run: "pnpm vendor:jitsi"
- name: Create Pull Request

18
.gitignore vendored
View File

@ -3,29 +3,19 @@
/dist
/key.pem
/lib
/node_modules
/webapp
node_modules
/.npmrc
/*.log
package-lock.json
.DS_Store
electron/dist
electron/pub
**/.idea
/config.json
/config.json.*
/config.local*.json
# Legacy skinning file that some people might still have
/src/component-index.js
/.tmp
/webpack-stats.json
/.tmp
.vscode
.vscode/
.env
/coverage
# Auto-generated file
/src/modules.js
/build_config.yaml
.env.*
coverage
/book
/index.html
# version file and tarball created by `npm pack` / `yarn pack`

6
.lintstagedrc
View File

@ -1,7 +1,3 @@
{
"*": "prettier --write",
"src/**/*.(ts|tsx)": ["eslint --fix"],
"scripts/**/*.(ts|tsx)": ["eslint --fix"],
"module_system/**/*.(ts|tsx)": ["eslint --fix"],
"*.pcss": ["stylelint --fix"]
"*": "prettier --write"
}

44
.prettierignore
View File

@ -1,30 +1,30 @@
/build
/dist
/lib
/node_modules
/webapp
node_modules
/apps/web/webapp
/*.log
pnpm-lock.yaml
electron/dist
electron/pub
**/.idea
/.tmp
/webpack-stats.json
webpack-stats.json
.vscode
.vscode/
.env
/coverage
coverage
# Auto-generated file
/src/modules.ts
/src/modules.js
/src/i18n/strings
/build_config.yaml
/apps/web/src/modules.ts
/apps/web/src/modules.js
src/i18n/strings
/apps/web//build_config.yaml
# Raises an error because it contains a template var breaking the script tag
src/vector/index.html
src/vector/modernizr.cjs
/apps/web/src/vector/index.html
/apps/web/src/vector/modernizr.cjs
/docs/lib
/book
/debian/tmp
debian/tmp
/.npmrc
package-lock.json
@ -33,20 +33,22 @@ package-lock.json
/docs/changelogs
# Legacy skinning file that some people might still have
/src/component-index.js
/apps/web/src/component-index.js
# Downloaded and already minified
res/jitsi_external_api.min.js
/apps/web/res/jitsi_external_api.min.js
# This file is also machine-generated
/playwright/e2e/crypto/test_indexeddb_cryptostore_dump/dump.json
/playwright/test-results/
/playwright/html-report/
/playwright/logs/
/playwright/snapshots/
/apps/web/playwright/e2e/crypto/test_indexeddb_cryptostore_dump/dump.json
/apps/web/playwright/test-results/
/apps/web/playwright/html-report/
/apps/web/playwright/logs/
/apps/web/playwright/snapshots/
# Shared components generated files
packages/shared-components/dist/
packages/shared-components/src/i18n/i18nKeys.d.ts
packages/shared-components/typedoc/
/packages/shared-components/dist/
/packages/shared-components/src/i18n/i18nKeys.d.ts
/packages/shared-components/typedoc/
/packages/shared-components/storybook-static/
/.nx/

131
README.md
View File

@ -9,7 +9,7 @@
# Element
Element (formerly known as Vector and Riot) is a Matrix web client built using the [Matrix
Element (formerly known as Vector and Riot) is a Matrix web & desktop client built using the [Matrix
JS SDK](https://github.com/matrix-org/matrix-js-sdk).
# Supported Environments
@ -42,8 +42,8 @@ Element has several tiers of support for different environments:
The period of support for these tiers should last until the releases specified above, plus 1 app release cycle(2 weeks). In the case of Firefox ESR this is extended further to allow it land in Debian Stable.
For accessing Element on an Android or iOS device, we currently recommend the
native apps [element-android](https://github.com/element-hq/element-android)
and [element-ios](https://github.com/element-hq/element-ios).
native apps [element-x-android](https://github.com/element-hq/element-x-android)
and [element-x-ios](https://github.com/element-hq/element-x-ios).
# Getting Started
@ -55,91 +55,16 @@ To host your own instance of Element see [Installing Element Web](docs/install.m
To install Element as a desktop application, see [Running as a desktop app](#running-as-a-desktop-app) below.
# Important Security Notes
---
## Separate domains
# Monorepo
We do not recommend running Element from the same domain name as your Matrix
homeserver. The reason is the risk of XSS (cross-site-scripting)
vulnerabilities that could occur if someone caused Element to load and render
malicious user generated content from a Matrix API which then had trusted
access to Element (or other apps) due to sharing the same domain.
This repository is a monorepo hosting Element Web and other related projects in various subdirectories.
You can read more about the structure [here](docs/monorepo.md).
We have put some coarse mitigations into place to try to protect against this
situation, but it's still not good practice to do it in the first place. See
<https://github.com/element-hq/element-web/issues/1977> for more details.
# Element Web
## Configuration best practices
Unless you have special requirements, you will want to add the following to
your web server configuration when hosting Element Web:
- The `X-Frame-Options: SAMEORIGIN` header, to prevent Element Web from being
framed and protect from [clickjacking][owasp-clickjacking].
- The `frame-ancestors 'self'` directive to your `Content-Security-Policy`
header, as the modern replacement for `X-Frame-Options` (though both should be
included since not all browsers support it yet, see
[this][owasp-clickjacking-csp]).
- The `X-Content-Type-Options: nosniff` header, to [disable MIME
sniffing][mime-sniffing].
- The `X-XSS-Protection: 1; mode=block;` header, for basic XSS protection in
legacy browsers.
[mime-sniffing]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types#mime_sniffing
[owasp-clickjacking-csp]: https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html#content-security-policy-frame-ancestors-examples
[owasp-clickjacking]: https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html
If you are using nginx, this would look something like the following:
```
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "frame-ancestors 'self'";
```
For Apache, the configuration looks like:
```
Header set X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set X-XSS-Protection "1; mode=block"
Header set Content-Security-Policy "frame-ancestors 'self'"
```
Note: In case you are already setting a `Content-Security-Policy` header
elsewhere, you should modify it to include the `frame-ancestors` directive
instead of adding that last line.
# Building From Source
Element is a modular webapp built with modern ES6 and uses a Node.js build system.
Ensure you have the latest LTS version of Node.js installed.
Using `pnpm` instead of `npm` is recommended. Please see the pnpm [install
guide](https://pnpm.io/installation#using-corepack) if you do not have it already.
1. Install or update `node.js` so that your `node` is at least the current recommended LTS.
1. Install `pnpm` if not present already.
1. Clone the repo: `git clone https://github.com/element-hq/element-web.git`.
1. Switch to the element-web directory: `cd element-web`.
1. Install the prerequisites: `pnpm install`.
- If you're using the `develop` branch, then it is recommended to set up a
proper development environment (see [Setting up a dev
environment](./developer_guide.md#setting-up-a-dev-environment) below). Alternatively, you
can use <https://develop.element.io> - the continuous integration release of
the develop branch.
1. Configure the app by copying `config.sample.json` to `config.json` and
modifying it. See the [configuration docs](docs/config.md) for details.
1. `pnpm dist` to build a tarball to deploy. Untaring this file will give
a version-specific directory containing all the files that need to go on your
web server.
Note that `pnpm dist` is not supported on Windows, so Windows users can run `pnpm build`,
which will build all the necessary files into the `webapp` directory. The version of Element
will not appear in Settings without using the dist script. You can then mount the
`webapp` directory on your web server to actually serve up the app, which is
entirely static content.
To learn more about Element Web [click here](apps/web/README.md)
# Running as a Desktop app
@ -153,33 +78,6 @@ Many thanks to @aviraldg for the initial work on the Electron integration.
The [configuration docs](docs/config.md#desktop-app-configuration) show how to override the desktop app's default settings if desired.
# config.json
Element supports a variety of settings to configure default servers, behaviour, themes, etc.
See the [configuration docs](docs/config.md) for more details.
# Labs Features
Some features of Element may be enabled by flags in the `Labs` section of the settings.
Some of these features are described in [labs.md](https://github.com/element-hq/element-web/blob/develop/docs/labs.md).
# Caching requirements
Element requires the following URLs not to be cached, when/if you are serving Element from your own webserver:
```
/config.*.json
/i18n
/home
/sites
/index.html
```
We also recommend that you force browsers to re-validate any cached copy of Element on page load by configuring your
webserver to return `Cache-Control: no-cache` for `/`. This ensures the browser will fetch a new version of Element on
the next page load after it's been deployed. Note that this is already configured for you in the nginx config of our
Dockerfile.
# Development
Please read through the following:
@ -194,17 +92,6 @@ To add a new translation, head to the [translating doc](docs/translating.md).
For a developer guide, see the [translating dev doc](docs/translating-dev.md).
# Extending Element Web with Modules
Element Web supports a module system that allows you to extend or modify functionality at runtime. Modules are loaded dynamically and provide a safe, predictable API for customization.
## What are modules?
Modules are extensions that can add or modify Element Web's functionality. They are:
- Built using the [`@element-hq/element-web-module-api`](https://github.com/element-hq/element-modules/tree/main/packages/element-web-module-api)
- Loaded in EW via [config.json](docs/config.md#modules)
# Triaging issues
Issues are triaged by community members and the Web App Team, following the [triage process](https://github.com/element-hq/element-meta/wiki/Triage-process).

0
.dockerignore → apps/web/.dockerignore
View File

0
.eslintignore → apps/web/.eslintignore
View File

2
.eslintrc.cjs → apps/web/.eslintrc.cjs
View File

@ -199,6 +199,7 @@ module.exports = {
files: ["src/**/*.{ts,tsx}", "test/**/*.{ts,tsx}", "playwright/**/*.ts", "*.ts"],
extends: ["plugin:matrix-org/typescript", "plugin:matrix-org/react"],
rules: {
"@typescript-eslint/unbound-method": ["error", { ignoreStatic: true }],
"@typescript-eslint/explicit-function-return-type": [
"error",
{
@ -238,6 +239,7 @@ module.exports = {
"@typescript-eslint/explicit-function-return-type": "off",
"@typescript-eslint/explicit-member-accessibility": "off",
"@typescript-eslint/no-empty-object-type": "off",
"@typescript-eslint/unbound-method": "off",
// Jest/Playwright specific

9
apps/web/.gitignore vendored Normal file
View File

@ -0,0 +1,9 @@
/webapp
/config.json
/config.json.*
/config.local*.json
# Legacy skinning file that some people might still have
/src/component-index.js
# Auto-generated file
/src/modules.js
/build_config.yaml

7
apps/web/.lintstagedrc Normal file
View File

@ -0,0 +1,7 @@
{
"*": "prettier --write",
"src/**/*.(ts|tsx)": ["eslint --fix"],
"scripts/**/*.(ts|tsx)": ["eslint --fix"],
"module_system/**/*.(ts|tsx)": ["eslint --fix"],
"*.pcss": ["stylelint --fix"]
}

0
.modernizr.json → apps/web/.modernizr.json
View File

9
.stylelintrc.cjs → apps/web/.stylelintrc.cjs
View File

@ -55,17 +55,16 @@ module.exports = {
{ from: "res/css/views/rooms/_ReadReceiptGroup.pcss", type: "css" },
{ from: "res/css/views/rooms/_EditMessageComposer.pcss", type: "css" },
{ from: "res/css/views/right_panel/_BaseCard.pcss", type: "css" },
{ from: "res/css/views/messages/_MessageTimestamp.pcss", type: "css" },
{ from: "res/css/views/messages/_MessageActionBar.pcss", type: "css" },
{ from: "res/css/views/voip/LegacyCallView/_LegacyCallViewButtons.pcss", type: "css" },
{ from: "res/css/views/elements/_ToggleSwitch.pcss", type: "css" },
{ from: "res/css/views/settings/tabs/_SettingsTab.pcss", type: "css" },
{ from: "res/css/structures/_RoomView.pcss", type: "css" },
// Compound vars
"node_modules/@vector-im/compound-design-tokens/assets/web/css/cpd-common-base.css",
"node_modules/@vector-im/compound-design-tokens/assets/web/css/cpd-common-semantic.css",
"node_modules/@vector-im/compound-design-tokens/assets/web/css/cpd-theme-light-base-mq.css",
"node_modules/@vector-im/compound-design-tokens/assets/web/css/cpd-theme-light-semantic-mq.css",
"../../node_modules/@vector-im/compound-design-tokens/assets/web/css/cpd-common-base.css",
"../../node_modules/@vector-im/compound-design-tokens/assets/web/css/cpd-common-semantic.css",
"../../node_modules/@vector-im/compound-design-tokens/assets/web/css/cpd-theme-light-base-mq.css",
"../../node_modules/@vector-im/compound-design-tokens/assets/web/css/cpd-theme-light-semantic-mq.css",
],
},
],

0
@types/declaration.d.ts → apps/web/@types/declaration.d.ts vendored
View File

0
@types/postcss-easings.d.ts → apps/web/@types/postcss-easings.d.ts vendored
View File

0
@types/postcss-hexrgba.d.ts → apps/web/@types/postcss-hexrgba.d.ts vendored
View File

0
@types/postcss-mixins.d.ts → apps/web/@types/postcss-mixins.d.ts vendored
View File

0
@types/webpack-version-file-plugin.d.ts → apps/web/@types/webpack-version-file-plugin.d.ts vendored
View File

12
Dockerfile → apps/web/Dockerfile
View File

@ -1,7 +1,7 @@
# syntax=docker.io/docker/dockerfile:1.21-labs@sha256:2e681d22e86e738a057075f930b81b2ab8bc2a34cd16001484a7453cfa7a03fb
# Builder
FROM --platform=$BUILDPLATFORM node:24-bullseye@sha256:8036dbe5b1f465e3acb8b866031cd06e4f84c31b0e83dabbdc59397a40dbe288 AS builder
FROM --platform=$BUILDPLATFORM node:24-bullseye@sha256:38edad6b2e5962120f5144ff9dd3dbd223c7f140ba6fa03920d62d28b021402b AS builder
# Support custom branch of the js-sdk. This also helps us build images of element-web develop.
ARG USE_CUSTOM_SDKS=false
@ -17,10 +17,10 @@ RUN pnpm install
RUN /src/scripts/docker-package.sh
# Copy the config now so that we don't create another layer in the app image
RUN cp /src/config.sample.json /src/webapp/config.json
RUN cp /src/apps/web/config.sample.json /src/apps/web/webapp/config.json
# App
FROM nginxinc/nginx-unprivileged:alpine-slim@sha256:9ac6a908ed07ba7d23cbf6048090453a081abf663c53a7c3f3bf96abc16c0799
FROM nginxinc/nginx-unprivileged:alpine-slim@sha256:c9448f9aaf2dee3dccfe0d2e51d6927cc9fbfdbcada66b0b01c0759816d86a5b
# Need root user to install packages & manipulate the usr directory
USER root
@ -28,12 +28,12 @@ USER root
# Install jq and moreutils for sponge, both used by our entrypoints
RUN apk add jq moreutils
COPY --from=builder /src/webapp /app
COPY --from=builder /src/apps/web/webapp /app
# Override default nginx config. Templates in `/etc/nginx/templates` are passed
# through `envsubst` by the nginx docker image entry point.
COPY /docker/nginx-templates/* /etc/nginx/templates/
COPY /docker/docker-entrypoint.d/* /docker-entrypoint.d/
COPY /apps/web/docker/nginx-templates/* /etc/nginx/templates/
COPY /apps/web/docker/docker-entrypoint.d/* /docker-entrypoint.d/
RUN rm -rf /usr/share/nginx/html \
&& ln -s /app /usr/share/nginx/html

131
apps/web/README.md Normal file
View File

@ -0,0 +1,131 @@
# Important Security Notes
## Separate domains
We do not recommend running Element from the same domain name as your Matrix
homeserver. The reason is the risk of XSS (cross-site-scripting)
vulnerabilities that could occur if someone caused Element to load and render
malicious user generated content from a Matrix API which then had trusted
access to Element (or other apps) due to sharing the same domain.
We have put some coarse mitigations into place to try to protect against this
situation, but it's still not good practice to do it in the first place. See
<https://github.com/element-hq/element-web/issues/1977> for more details.
## Configuration best practices
Unless you have special requirements, you will want to add the following to
your web server configuration when hosting Element Web:
- The `X-Frame-Options: SAMEORIGIN` header, to prevent Element Web from being
framed and protect from [clickjacking][owasp-clickjacking].
- The `frame-ancestors 'self'` directive to your `Content-Security-Policy`
header, as the modern replacement for `X-Frame-Options` (though both should be
included since not all browsers support it yet, see
[this][owasp-clickjacking-csp]).
- The `X-Content-Type-Options: nosniff` header, to [disable MIME
sniffing][mime-sniffing].
- The `X-XSS-Protection: 1; mode=block;` header, for basic XSS protection in
legacy browsers.
[mime-sniffing]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Basics_of_HTTP/MIME_types#mime_sniffing
[owasp-clickjacking-csp]: https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html#content-security-policy-frame-ancestors-examples
[owasp-clickjacking]: https://cheatsheetseries.owasp.org/cheatsheets/Clickjacking_Defense_Cheat_Sheet.html
If you are using nginx, this would look something like the following:
```
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Content-Security-Policy "frame-ancestors 'self'";
```
For Apache, the configuration looks like:
```
Header set X-Frame-Options SAMEORIGIN
Header set X-Content-Type-Options nosniff
Header set X-XSS-Protection "1; mode=block"
Header set Content-Security-Policy "frame-ancestors 'self'"
```
Note: In case you are already setting a `Content-Security-Policy` header
elsewhere, you should modify it to include the `frame-ancestors` directive
instead of adding that last line.
# Building From Source
Element is a modular webapp built with modern ES6 and uses a Node.js build system.
Ensure you have the latest LTS version of Node.js installed.
Using `pnpm` instead of `npm` is recommended. Please see the pnpm [install
guide](https://pnpm.io/installation#using-corepack) if you do not have it already.
1. Install or update `node.js` so that your `node` is at least the current recommended LTS.
1. Install `pnpm` if not present already.
1. Clone the repo: `git clone https://github.com/element-hq/element-web.git`.
1. Switch to the element-web directory: `cd element-web/apps/web`.
1. Install the prerequisites: `pnpm install`.
- If you're using the `develop` branch, then it is recommended to set up a
proper development environment (see [Setting up a dev
environment](./developer_guide.md#setting-up-a-dev-environment) below). Alternatively, you
can use <https://develop.element.io> - the continuous integration release of
the develop branch.
1. Configure the app by copying `config.sample.json` to `config.json` and
modifying it. See the [configuration docs](docs/config.md) for details.
1. `pnpm dist` to build a tarball to deploy. Untaring this file will give
a version-specific directory containing all the files that need to go on your
web server.
Note that `pnpm dist` is not supported on Windows, so Windows users can run `pnpm build`,
which will build all the necessary files into the `webapp` directory. The version of Element
will not appear in Settings without using the dist script. You can then mount the
`webapp` directory on your web server to actually serve up the app, which is
entirely static content.
# config.json
Element supports a variety of settings to configure default servers, behaviour, themes, etc.
See the [configuration docs](docs/config.md) for more details.
# Labs Features
Some features of Element may be enabled by flags in the `Labs` section of the settings.
Some of these features are described in [labs.md](https://github.com/element-hq/element-web/blob/develop/docs/labs.md).
# Caching requirements
Element requires the following URLs not to be cached, when/if you are serving Element from your own webserver:
```
/config.*.json
/i18n
/home
/sites
/index.html
```
We also recommend that you force browsers to re-validate any cached copy of Element on page load by configuring your
webserver to return `Cache-Control: no-cache` for `/`. This ensures the browser will fetch a new version of Element on
the next page load after it's been deployed. Note that this is already configured for you in the nginx config of our
Dockerfile.
# Development
Please read through the following:
1. [Developer guide](./developer_guide.md)
2. [Code style](./code_style.md)
3. [Contribution guide](./CONTRIBUTING.md)
# Extending Element Web with Modules
Element Web supports a module system that allows you to extend or modify functionality at runtime. Modules are loaded dynamically and provide a safe, predictable API for customization.
## What are modules?
Modules are extensions that can add or modify Element Web's functionality. They are:
- Built using the [`@element-hq/element-web-module-api`](https://github.com/element-hq/element-modules/tree/main/packages/element-web-module-api)
- Loaded in EW via [config.json](docs/config.md#modules)

0
__mocks__/cssMock.js → apps/web/__mocks__/cssMock.js
View File

0
__mocks__/empty.js → apps/web/__mocks__/empty.js
View File

0
__mocks__/imageMock.js → apps/web/__mocks__/imageMock.js
View File

0
__mocks__/languages.json → apps/web/__mocks__/languages.json
View File

0
__mocks__/maplibre-gl.js → apps/web/__mocks__/maplibre-gl.js
View File

0
__mocks__/svg.js → apps/web/__mocks__/svg.js
View File

0
__mocks__/workerFactoryMock.js → apps/web/__mocks__/workerFactoryMock.js
View File

0
babel.config.cjs → apps/web/babel.config.cjs
View File

0
build_config.sample.yaml → apps/web/build_config.sample.yaml
View File

0
components.json → apps/web/components.json
View File

0
config.sample.json → apps/web/config.sample.json
View File

0
debian/.gitignore → apps/web/debian/.gitignore vendored
View File

0
debian/conffiles → apps/web/debian/conffiles
View File

0
debian/control → apps/web/debian/control
View File

0
docker/docker-entrypoint.d/18-load-element-modules.sh → apps/web/docker/docker-entrypoint.d/18-load-element-modules.sh
View File

0
docker/nginx-templates/default.conf.template → apps/web/docker/nginx-templates/default.conf.template
View File

0
element.io/README → apps/web/element.io/README
View File

0
element.io/app/config.json → apps/web/element.io/app/config.json
View File

0
element.io/develop/config.json → apps/web/element.io/develop/config.json
View File

10
jest.config.ts → apps/web/jest.config.ts
View File

@ -28,9 +28,9 @@ const config: Config = {
"\\.(gif|png|ttf|woff2)$": "<rootDir>/__mocks__/imageMock.js",
"\\.svg$": "<rootDir>/__mocks__/svg.js",
"\\$webapp/i18n/languages.json": "<rootDir>/__mocks__/languages.json",
"^react$": "<rootDir>/node_modules/react",
"^react-dom$": "<rootDir>/node_modules/react-dom",
"^matrix-js-sdk$": "<rootDir>/node_modules/matrix-js-sdk/src",
"^react$": "<rootDir>/../../node_modules/react",
"^react-dom$": "<rootDir>/../../node_modules/react-dom",
"^matrix-js-sdk$": "<rootDir>/../../node_modules/matrix-js-sdk/src",
"^matrix-react-sdk$": "<rootDir>/src",
"decoderWorker\\.min\\.js": "<rootDir>/__mocks__/empty.js",
"decoderWorker\\.min\\.wasm": "<rootDir>/__mocks__/empty.js",
@ -39,8 +39,8 @@ const config: Config = {
"workers/(.+)Factory": "<rootDir>/__mocks__/workerFactoryMock.js",
"^!!raw-loader!.*": "jest-raw-loader",
"recorderWorkletFactory": "<rootDir>/__mocks__/empty.js",
"counterpart": "<rootDir>/node_modules/counterpart",
"@vector-im/compound-web": "<rootDir>/node_modules/@vector-im/compound-web",
"counterpart": "<rootDir>/../../node_modules/counterpart",
"@vector-im/compound-web": "<rootDir>/../../node_modules/@vector-im/compound-web",
},
transformIgnorePatterns: [
"/node_modules/(?!(mime|matrix-js-sdk|uuid|p-retry|is-network-error|react-merge-refs|is-ip|ip-regex|super-regex|function-timeout|time-span|convert-hrtime|clone-regexp|is-regexp|matrix-web-i18n|await-lock|@element-hq/web-shared-components|react-virtuoso|lodash)).+$",

0
module_system/BuildConfig.ts → apps/web/module_system/BuildConfig.ts
View File

0
module_system/installer.ts → apps/web/module_system/installer.ts
View File

0
module_system/scripts/install.ts → apps/web/module_system/scripts/install.ts
View File

258
apps/web/package.json Normal file
View File

@ -0,0 +1,258 @@
{
"name": "element-web",
"version": "1.12.11-rc.0",
"description": "Element: the future of secure communication",
"author": "New Vector Ltd.",
"repository": {
"type": "git",
"url": "https://github.com/element-hq/element-web"
},
"license": "SEE LICENSE IN README.md",
"type": "module",
"matrix_i18n_extra_translation_funcs": [
"UserFriendlyError"
],
"scripts": {
"i18n": "matrix-gen-i18n src res && pnpm i18n:sort && pnpm i18n:lint",
"i18n:sort": "matrix-sort-i18n src/i18n/strings/en_EN.json",
"i18n:lint": "matrix-i18n-lint && prettier --log-level=silent --write src/i18n/strings/ --ignore-path /dev/null",
"i18n:diff": "cp src/i18n/strings/en_EN.json src/i18n/strings/en_EN_orig.json && pnpm i18n && matrix-compare-i18n-files src/i18n/strings/en_EN_orig.json src/i18n/strings/en_EN.json",
"rethemendex": "sh ./res/css/rethemendex.sh",
"build": "nx build",
"build-stats": "nx build --json=webpack-stats.json",
"vendor:modernizr": "modernizr -c .modernizr.json -d src/vector/modernizr.js && mv src/vector/modernizr.js src/vector/modernizr.cjs",
"vendor:jitsi": "curl -s https://meet.element.io/libs/external_api.min.js > ./res/jitsi_external_api.min.js",
"dist": "./scripts/package.sh",
"start": "nx start",
"lint": "pnpm lint:types && pnpm lint:js && pnpm lint:style",
"lint:js": "eslint --max-warnings 0 src test playwright module_system",
"lint:js-fix": "eslint --fix src test playwright module_system",
"lint:types": "nx lint:types",
"lint:style": "stylelint \"res/css/**/*.pcss\"",
"test": "nx test:unit",
"test:playwright": "playwright test",
"test:playwright:open": "pnpm test:playwright --ui",
"test:playwright:screenshots": "playwright-screenshots-experimental pnpm playwright test --update-snapshots --project=Chrome --grep @screenshot",
"coverage": "pnpm test --coverage",
"analyse:webpack-bundles": "webpack-bundle-analyzer webpack-stats.json webapp"
},
"dependencies": {
"@babel/runtime": "^7.12.5",
"@element-hq/element-web-module-api": "catalog:",
"@element-hq/web-shared-components": "workspace:*",
"@fontsource/fira-code": "^5",
"@fontsource/inter": "catalog:",
"@formatjs/intl-segmenter": "^12.0.0",
"@matrix-org/analytics-events": "^0.32.0",
"@matrix-org/emojibase-bindings": "^1.5.0",
"@matrix-org/react-sdk-module-api": "^2.4.0",
"@sentry/browser": "^10.0.0",
"@types/png-chunks-extract": "^1.0.2",
"@vector-im/compound-design-tokens": "catalog:",
"@vector-im/compound-web": "catalog:",
"@vector-im/matrix-wysiwyg": "2.40.0",
"@zxcvbn-ts/core": "^3.0.4",
"@zxcvbn-ts/language-common": "^3.0.4",
"@zxcvbn-ts/language-en": "^3.0.2",
"await-lock": "^3.0.0",
"bloom-filters": "^3.0.3",
"blurhash": "^2.0.3",
"browserslist": "^4.23.2",
"classnames": "^2.2.6",
"commonmark": "^0.31.0",
"css-tree": "^3.0.0",
"diff-dom": "^5.0.0",
"diff-match-patch": "^1.0.5",
"domutils": "^3.2.2",
"emojibase-regex": "^17.0.0",
"escape-html": "^1.0.3",
"file-saver": "^2.0.5",
"filesize": "11.0.13",
"github-markdown-css": "^5.5.1",
"glob-to-regexp": "^0.4.1",
"highlight.js": "^11.3.1",
"html-entities": "^2.0.0",
"html-react-parser": "^5.2.2",
"is-ip": "^5.0.0",
"js-xxhash": "^5.0.0",
"jsrsasign": "^11.0.0",
"jszip": "^3.7.0",
"katex": "^0.16.0",
"linkify-html": "4.3.2",
"linkify-react": "4.3.2",
"linkify-string": "4.3.2",
"linkifyjs": "4.3.2",
"lodash": "npm:lodash-es@^4.17.21",
"maplibre-gl": "^5.0.0",
"matrix-encrypt-attachment": "^1.0.3",
"matrix-js-sdk": "github:matrix-org/matrix-js-sdk#develop",
"matrix-widget-api": "^1.16.1",
"memoize-one": "^6.0.0",
"mime": "^4.0.4",
"oidc-client-ts": "^3.0.1",
"opus-recorder": "^8.0.3",
"pako": "^2.0.3",
"png-chunks-extract": "^1.0.0",
"posthog-js": "1.347.2",
"qrcode": "1.5.4",
"re-resizable": "6.11.2",
"react": "catalog:",
"react-beautiful-dnd": "^13.1.0",
"react-blurhash": "^0.3.0",
"react-dom": "catalog:",
"react-focus-lock": "^2.5.1",
"react-string-replace": "^2.0.0",
"react-transition-group": "^4.4.1",
"rfc4648": "^1.4.0",
"sanitize-filename": "^1.6.3",
"sanitize-html": "2.17.0",
"tar-js": "^0.3.0",
"ua-parser-js": "1.0.40",
"uuid": "^13.0.0",
"what-input": "^5.2.10"
},
"devDependencies": {
"@babel/core": "^7.12.10",
"@babel/eslint-parser": "^7.12.10",
"@babel/eslint-plugin": "^7.12.10",
"@babel/plugin-proposal-decorators": "^7.25.9",
"@babel/plugin-proposal-export-default-from": "^7.12.1",
"@babel/plugin-syntax-dynamic-import": "^7.8.3",
"@babel/plugin-transform-class-properties": "^7.12.1",
"@babel/plugin-transform-class-static-block": "^7.26.0",
"@babel/plugin-transform-logical-assignment-operators": "^7.20.7",
"@babel/plugin-transform-nullish-coalescing-operator": "^7.12.1",
"@babel/plugin-transform-numeric-separator": "^7.12.7",
"@babel/plugin-transform-object-rest-spread": "^7.12.1",
"@babel/plugin-transform-optional-chaining": "^7.12.7",
"@babel/plugin-transform-runtime": "^7.12.10",
"@babel/preset-env": "^7.12.11",
"@babel/preset-react": "^7.12.10",
"@babel/preset-typescript": "^7.12.7",
"@babel/runtime": "^7.12.5",
"@casualbot/jest-sonar-reporter": "2.5.0",
"@element-hq/element-call-embedded": "0.16.3",
"@element-hq/element-web-playwright-common": "catalog:",
"@element-hq/element-web-playwright-common-local": "workspace:*",
"@fetch-mock/jest": "^0.2.20",
"@jest/globals": "^30.2.0",
"@peculiar/webcrypto": "^1.4.3",
"@playwright/test": "catalog:",
"@principalstudio/html-webpack-inject-preload": "^1.2.7",
"@sentry/webpack-plugin": "^4.0.0",
"@stylistic/eslint-plugin": "^5.0.0",
"@svgr/webpack": "^8.0.0",
"@testing-library/dom": "^10.4.0",
"@testing-library/jest-dom": "^6.4.8",
"@testing-library/react": "^16.0.0",
"@testing-library/user-event": "^14.5.2",
"@types/commonmark": "^0.27.4",
"@types/content-type": "^1.1.9",
"@types/counterpart": "^0.18.1",
"@types/css-tree": "^2.3.8",
"@types/diff-match-patch": "^1.0.32",
"@types/escape-html": "^1.0.1",
"@types/express": "^5.0.0",
"@types/file-saver": "^2.0.3",
"@types/glob-to-regexp": "^0.4.1",
"@types/jest": "30.0.0",
"@types/jitsi-meet": "^2.0.2",
"@types/jsrsasign": "^10.5.4",
"@types/lodash": "^4.14.168",
"@types/minimist": "^1.2.5",
"@types/modernizr": "^3.5.3",
"@types/node": "22",
"@types/pako": "^2.0.0",
"@types/postcss-import": "^14.0.3",
"@types/qrcode": "^1.3.5",
"@types/react": "catalog:",
"@types/react-beautiful-dnd": "^13.0.0",
"@types/react-dom": "catalog:",
"@types/react-transition-group": "^4.4.0",
"@types/sanitize-html": "2.16.0",
"@types/sdp-transform": "^2.4.10",
"@types/semver": "^7.5.8",
"@types/tar-js": "^0.3.5",
"@types/ua-parser-js": "^0.7.36",
"@typescript-eslint/eslint-plugin": "^8.19.0",
"@typescript-eslint/parser": "^8.19.0",
"babel-jest": "^30.0.0",
"babel-loader": "^10.0.0",
"babel-plugin-jsx-remove-data-test-id": "^3.0.0",
"blob-polyfill": "^9.0.0",
"chokidar": "^5.0.0",
"copy-webpack-plugin": "^13.0.0",
"css-loader": "^7.0.0",
"css-minimizer-webpack-plugin": "^7.0.0",
"dotenv": "^17.0.0",
"eslint": "8.57.1",
"eslint-config-google": "^0.14.0",
"eslint-config-prettier": "^10.0.0",
"eslint-plugin-deprecate": "0.8.7",
"eslint-plugin-import": "^2.25.4",
"eslint-plugin-jest": "^29.0.0",
"eslint-plugin-jsx-a11y": "^6.5.1",
"eslint-plugin-matrix-org": "^3.0.0",
"eslint-plugin-react": "^7.28.0",
"eslint-plugin-react-compiler": "^19.0.0-beta-df7b47d-20241124",
"eslint-plugin-react-hooks": "^7.0.0",
"eslint-plugin-unicorn": "^56.0.0",
"express": "^5.0.0",
"fake-indexeddb": "^6.0.0",
"file-loader": "^6.0.0",
"html-webpack-plugin": "^5.5.3",
"identity-obj-proxy": "^3.0.0",
"jest": "^30.0.0",
"jest-canvas-mock": "^2.5.2",
"jest-environment-jsdom": "^30.2.0",
"jest-fixed-jsdom": "^0.0.11",
"jest-mock": "^30.0.0",
"jest-raw-loader": "^1.0.1",
"jsqr": "^1.4.0",
"matrix-web-i18n": "catalog:",
"mini-css-extract-plugin": "2.10.0",
"minimist": "^1.2.6",
"modernizr": "^3.12.0",
"postcss": "8.5.6",
"postcss-easings": "4.0.0",
"postcss-hexrgba": "2.1.0",
"postcss-import": "16.1.1",
"postcss-loader": "8.2.0",
"postcss-mixins": "12.0.0",
"postcss-nested": "7.0.2",
"postcss-preset-env": "11.1.1",
"postcss-scss": "4.0.9",
"postcss-simple-vars": "7.0.1",
"prettier": "3.8.1",
"process": "^0.11.10",
"raw-loader": "^4.0.2",
"semver": "^7.5.2",
"source-map-loader": "^5.0.0",
"stylelint": "^17.0.0",
"stylelint-config-standard": "^40.0.0",
"stylelint-scss": "^7.0.0",
"stylelint-value-no-unknown-custom-properties": "^6.0.1",
"terser-webpack-plugin": "^5.3.9",
"testcontainers": "^11.0.0",
"typescript": "catalog:",
"util": "^0.12.5",
"web-streams-polyfill": "^4.0.0",
"webpack": "^5.89.0",
"webpack-bundle-analyzer": "^5.0.0",
"webpack-cli": "^6.0.0",
"webpack-dev-server": "^5.0.0",
"webpack-retry-chunk-load-plugin": "^3.1.1",
"webpack-version-file-plugin": "^0.5.0",
"yaml": "^2.3.3"
},
"@casualbot/jest-sonar-reporter": {
"outputDirectory": "coverage",
"outputName": "jest-sonar-report.xml",
"relativePaths": true
},
"engines": {
"node": ">=22.18"
},
"packageManager": "pnpm@10.29.3+sha512.498e1fb4cca5aa06c1dcf2611e6fafc50972ffe7189998c409e90de74566444298ffe43e6cd2acdc775ba1aa7cc5e092a8b7054c811ba8c5770f84693d33d2dc",
"private": true
}

0
playwright.config.ts → apps/web/playwright.config.ts
View File

2
playwright/.gitignore → apps/web/playwright/.gitignore vendored
View File

@ -4,5 +4,3 @@
# Only commit snapshots from Linux
/snapshots/**/*.png
!/snapshots/**/*-linux.png
# This file is machine-generated
/e2e/crypto/test_indexeddb_cryptostore_dump/dump.json

0
playwright/e2e/accessibility/keyboard-navigation.spec.ts → apps/web/playwright/e2e/accessibility/keyboard-navigation.spec.ts
View File

0
playwright/e2e/app-loading/feature-detection.spec.ts → apps/web/playwright/e2e/app-loading/feature-detection.spec.ts
View File

0
playwright/e2e/app-loading/guest-registration.spec.ts → apps/web/playwright/e2e/app-loading/guest-registration.spec.ts
View File

1
playwright/e2e/app-loading/stored-credentials.spec.ts → apps/web/playwright/e2e/app-loading/stored-credentials.spec.ts
View File

@ -30,6 +30,7 @@ test("Shows the last known page on reload", async ({ pageWithCredentials: page }
const app = new ElementAppPage(page);
await app.client.createRoom({ name: "Test Room" });
await app.viewRoomByName("Test Room");
await expect(page).toHaveURL(/\/#\/room\//);
// Navigate away
await page.goto("about:blank");

0
playwright/e2e/audio-player/audio-player.spec.ts → apps/web/playwright/e2e/audio-player/audio-player.spec.ts
View File

0
playwright/e2e/chat-export/html-export.spec.ts → apps/web/playwright/e2e/chat-export/html-export.spec.ts
View File

0
playwright/e2e/composer/CIDER.spec.ts → apps/web/playwright/e2e/composer/CIDER.spec.ts
View File

0
playwright/e2e/composer/RTE.spec.ts → apps/web/playwright/e2e/composer/RTE.spec.ts
View File

0
playwright/e2e/crypto/backups-mas.spec.ts → apps/web/playwright/e2e/crypto/backups-mas.spec.ts
View File

13
playwright/e2e/crypto/complete-security.spec.ts → apps/web/playwright/e2e/crypto/complete-security.spec.ts
View File

@ -7,7 +7,7 @@ Please see LICENSE files in the repository root for full details.
*/
import { test, expect } from "../../element-web-test";
import { logIntoElement } from "./utils";
import { createBot, logIntoElement } from "./utils";
import { isDendrite } from "../../plugins/homeserver/dendrite";
test.describe("Complete security", () => {
@ -16,6 +16,17 @@ test.describe("Complete security", () => {
displayName: "Jeff",
});
test(
"Complete Security dialog appears correctly",
{ tag: "@screenshot" },
async ({ page, credentials, homeserver }) => {
await createBot(page, homeserver, credentials, true);
await logIntoElement(page, credentials);
await expect(page.getByRole("heading", { name: "Confirm your identity" })).toBeVisible();
await expect(page.getByRole("main")).toMatchScreenshot("complete-security.png");
},
);
test("should go straight to the welcome screen if we have no signed device", async ({
page,
homeserver,

0
playwright/e2e/crypto/crypto.spec.ts → apps/web/playwright/e2e/crypto/crypto.spec.ts
View File

0
playwright/e2e/crypto/decryption-failure-messages.spec.ts → apps/web/playwright/e2e/crypto/decryption-failure-messages.spec.ts
View File

0
playwright/e2e/crypto/dehydration.spec.ts → apps/web/playwright/e2e/crypto/dehydration.spec.ts
View File

0
playwright/e2e/crypto/device-verification.spec.ts → apps/web/playwright/e2e/crypto/device-verification.spec.ts
View File

0
playwright/e2e/crypto/event-shields.spec.ts → apps/web/playwright/e2e/crypto/event-shields.spec.ts
View File

0
playwright/e2e/crypto/history-sharing.spec.ts → apps/web/playwright/e2e/crypto/history-sharing.spec.ts
View File

0
playwright/e2e/crypto/invisible-crypto.spec.ts → apps/web/playwright/e2e/crypto/invisible-crypto.spec.ts
View File

0
playwright/e2e/crypto/logout.spec.ts → apps/web/playwright/e2e/crypto/logout.spec.ts
View File

0
playwright/e2e/crypto/migration.spec.ts → apps/web/playwright/e2e/crypto/migration.spec.ts
View File

0
playwright/e2e/crypto/test_indexeddb_cryptostore_dump/README.md → apps/web/playwright/e2e/crypto/test_indexeddb_cryptostore_dump/README.md
View File

0
playwright/e2e/crypto/test_indexeddb_cryptostore_dump/dump.json → apps/web/playwright/e2e/crypto/test_indexeddb_cryptostore_dump/dump.json
View File

0
playwright/e2e/crypto/test_indexeddb_cryptostore_dump/index.html → apps/web/playwright/e2e/crypto/test_indexeddb_cryptostore_dump/index.html
View File

0
playwright/e2e/crypto/test_indexeddb_cryptostore_dump/load.js → apps/web/playwright/e2e/crypto/test_indexeddb_cryptostore_dump/load.js
View File

0
playwright/e2e/crypto/toasts.spec.ts → apps/web/playwright/e2e/crypto/toasts.spec.ts
View File

0
playwright/e2e/crypto/user-verification.spec.ts → apps/web/playwright/e2e/crypto/user-verification.spec.ts
View File

0
playwright/e2e/crypto/utils.ts → apps/web/playwright/e2e/crypto/utils.ts
View File

0
playwright/e2e/csAPI.ts → apps/web/playwright/e2e/csAPI.ts
View File

0
playwright/e2e/devtools/devtools.spec.ts → apps/web/playwright/e2e/devtools/devtools.spec.ts
View File

0
playwright/e2e/devtools/upgraderoom.spec.ts → apps/web/playwright/e2e/devtools/upgraderoom.spec.ts
View File

0
playwright/e2e/editing/editing.spec.ts → apps/web/playwright/e2e/editing/editing.spec.ts
View File

0
playwright/e2e/feedback/rageshakes.spec.ts → apps/web/playwright/e2e/feedback/rageshakes.spec.ts
View File

0
playwright/e2e/file-upload/image-upload.spec.ts → apps/web/playwright/e2e/file-upload/image-upload.spec.ts
View File

Some files were not shown because too many files have changed in this diff Show More