mirror of
https://github.com/ether/etherpad-lite.git
synced 2026-05-05 20:26:49 +02:00
606 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
John McLear
|
56596e21bb
|
fix(test): disables helper auto-detect must follow symlinks (#7654)
ep_disable_chat#75 ran with `disables: ["@feature:chat"]` declared in
ep.json but the helper printed "No 'disables' declared — running
standard test suite" and exec'd a vanilla `playwright test`, with
@feature:chat-tagged tests running anyway and timing out one by one.
Root cause: the auto-detect used `find -maxdepth 3 plugin_packages/
-name ep.json -not -path '*/.versions/*'`. Live-plugin-manager
installs plugins under `plugin_packages/.versions/<name>@<ver>/`
and exposes them as symlinks at `plugin_packages/ep_<name>`. find(1)
doesn't follow symlinks by default, so:
- the .versions/ ep.json was excluded by -not -path
- the symlink at plugin_packages/ep_<name> was visited but find
didn't recurse into it because it's a symlink, not a real dir
=> 0 candidates found, helper falls through to standard mode.
Switch to a shell glob with `-f` membership tests, which resolve
symlinks correctly. Verified against a synthetic install: the helper
now finds the disables list and prints "Plugin disables: @feature:chat"
before running pass 1.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|
John McLear
|
056ae7cd59
|
fix(test): make disables helper's pass 2 fail-fast (#7650)
Pass 2 was running every test tagged with a disabled feature to completion. For a busy tag like @feature:chat (12 tests) with the default 90s per-test timeout, that's 10+ minutes of expected failures piling up — ep_disable_chat's first PR #75 ran 14+ min before being cancelled. Pass 2 only needs *evidence* the feature is gone — one failing tagged test is enough. Add: --max-failures=1 stop on the first failure (~30s vs ~10min) --timeout=30000 cap any single test at 30s --retries=0 already there, but flagged: CI retry default (up to 5 with WITH_PLUGINS=1) would retry an "expected failure" multiple times. Worst case (first tagged test happens to pass): we wait for the second one to fail, ~60s. Still bounded. Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
b769ab6e54
|
feat(test): feature tags + declared-disables contract for opt-out plugins (#7648)
Plugins that intentionally remove a baseline Etherpad feature
(ep_disable_chat, ep_disable_change_author_name, ep_disable_error_messages,
ep_disable_reset_authorship_colours) currently break core tests for the
removed feature. Their main branches are red, their auto-publish gates
never fire, and Dependabot PRs pile up.
The temptation is to give these plugins an "opt-out of these tests"
flag — but that's a self-serving attestation: a plugin can claim "I
just disable chat, ignore those tests" and quietly break unrelated
functionality on the user's install. etherpad.org/plugins would still
show it green.
This commit introduces a small declared-disables contract that closes
that gap:
1. Core specs grow @feature:* Playwright tags. Initial set:
@feature:chat, @feature:username, @feature:clear-authorship,
@feature:error-gritter. Tags are added test-by-test where the
test exercises a single feature, so the contract stays precise.
2. Plugins declare which feature tags they disable in their ep.json:
{ "name": "ep_disable_chat", "disables": ["@feature:chat"], ... }
3. bin/run-frontend-tests-with-disables.sh enforces the contract via
two passes:
- Pass 1 (regression): every test NOT in the disabled list must
pass. Catches plugins that break things they don't claim to.
- Pass 2 (honesty): every test that IS in the disabled list
must FAIL. Catches plugins that lie about disabling features
they don't actually disable, and stops them from grep-inverting
arbitrary unrelated tests.
4. doc/PLUGIN_FEATURE_DISABLES.md walks the design and migration.
The disables list is in ep.json (publicly visible), so etherpad.org/plugins
can surface "this plugin disables: chat" alongside the green CI badge —
users see what they're losing before they install.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
|
||
|
John McLear
|
90fd9b15b1
|
fix(plugins): updatePlugins.sh actually updates installed plugins (closes #6670) (#7644)
* fix(plugins): updatePlugins.sh actually updates installed plugins (#6670) bin/updatePlugins.sh detected outdated plugins by running `pnpm --filter ep_etherpad-lite outdated --depth=0`, but installed plugins are not registered in src/package.json — bin/plugins.ts adds them via linkInstaller.installPlugin which writes to src/plugin_packages/.versions/<name>@<version>/ and tracks the result in var/installed_plugins.json. pnpm has no view of them, so `outdated` returns empty and the script always reported "All plugins are up-to-date" even when newer versions existed on the registry. PR #7468 fixed npm→pnpm and install→update but kept the same broken detection mechanism, which is why the issue stayed open after that PR landed. Read the plugin list from var/installed_plugins.json instead, then re-invoke linkInstaller.installPlugin(name) for each entry. Calling the installer without a version pin resolves the registry-latest and overwrites the existing pinned copy, so an outdated plugin is brought to head while plugins already at latest are no-ops apart from the pnpm cache hit. Add an `update`/`up` action to bin/plugins.ts so users can also run `pnpm run plugins update` directly, mirroring the existing install/remove/list actions. updatePlugins.sh becomes a one-line wrapper for backwards compatibility. Reproduction (verified): pnpm run install-plugins ep_markdown@11.0.5 # latest is 11.0.18 ./bin/updatePlugins.sh # → 11.0.18 Edge cases tested: no plugins installed, missing installed_plugins.json, already-at-latest re-run. Closes #6670. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(plugins): validate ep_ prefix and dedupe + add regression test Qodo flagged two issues on the original update() addition: 1. Security — update() trusted every name in var/installed_plugins.json, so a corrupted or hand-edited manifest could coerce the script into installing arbitrary npm packages. pluginfw/plugins.getPackages already gates on the ep_ prefix; mirror that gate here. 2. Reliability — no automated regression test, so a future refactor could silently bring back the broken behaviour. Extract the safe-name filter to filterUpdatablePluginNames in bin/commonPlugins.ts (pure, side-effect-free, prefix configurable, also de-duplicates repeats so a duplicated entry installs once). Use it from plugins.ts update(). Add src/tests/backend/specs/filterUpdatablePluginNames.ts covering: keep prefixed names, drop ep_etherpad-lite, reject non-prefixed entries, de-dupe repeats, tolerate missing/null/non-string name fields, empty input, custom prefix. Manually verified end-to-end on a live install: an installed_plugins.json containing ep_markdown@11.0.5, a duplicate ep_markdown, and a "malicious-package" entry runs `Updating plugins to latest from registry: ep_markdown` (only) and ep_markdown ends up at 11.0.18 — the bad entries are silently filtered out. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
4bda757304
|
feat(api): public compactPad API + bin/compactPad CLI over existing Cleanup (#7567)
* feat(pad): compactHistory() + compactPad CLI for DB-size reclaim Fixes #6194. Long-lived pads with heavy edit history dominate the DB — the issue describes a ~400 MB Postgres after two months with ~100 users. Etherpad keeps every revision forever, and removing arbitrary middle revisions is unsafe because state is reconstructed by composing forward from key revisions. What's safe: collapse the full history into a single base revision that reproduces the current atext. The existing `copyPadWithoutHistory` already does this for a new pad ID — this PR lifts that same changeset pattern into an in-place operation and wires up an admin CLI. - `Pad.compactHistory(authorId?)` (src/node/db/Pad.ts): composes the current atext into one base changeset, deletes all existing rev records, clears saved-revision bookmarks, and appends the new rev 0. Text, attributes, and chat history are preserved; saved-revision pointers are cleared. Returns the number of revisions removed. - `API.compactPad(padID, authorId?)` (src/node/db/API.ts): public-API wrapper around compactHistory. Reports `{removed}` so callers can log savings. - `APIHandler.ts`: register `compactPad` under a new `1.3.1` version, bump `latestApiVersion`. - `bin/compactPad.ts`: admin CLI. Reports the current revision count, calls compactPad via the HTTP API, and prints how many revisions were dropped. - `src/tests/backend/specs/compactPad.ts`: four backend tests cover the empty-pad no-op, the text-preservation + head=0 contract, saved-revision cleanup, and that subsequent edits continue to append cleanly on top of the collapsed base. The operation is destructive so admins must opt in explicitly; the CLI prints the before-count, and the recommended pre-flight is an `.etherpad` export (backup). Closes #6194 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(compact): delegate to copyPadWithoutHistory via temp-pad swap The initial compactHistory() implementation built a custom base changeset and re-ran appendRevision against a reset atext — but the changeset was packed with oldLength=2 (matching copyPadWithoutHistory's dest-pad init state) while the reset atext was only length 1, so applyToText tripped its "mismatched apply: 1 / 2" assertion and every test failed with a Changeset corruption error. Switch to the tested path instead: copy the pad via copyPadWithoutHistory to a uniquely-named temp pad (inherits all its attribute/pool/changeset correctness), read the temp pad's rev records back, delete the old ones under our pad's ID, write the new records in their place, update in-memory state to match, and remove the temp pad. Errors at any step fall through with a best-effort temp-pad cleanup. Contract shifts slightly: the collapsed pad is head<=1 rather than head=0, matching the shape of a freshly-imported pad (seed rev 0 + content rev 1). Tests updated to assert that invariant plus text-preservation, saved-revision cleanup, and append-after-compact. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * test(6194): match the head<=1 post-compact contract Tests previously asserted head=0 exactly after compaction; the temp-pad-swap path lands at head=1 (one seed rev plus one content rev) matching the shape of a freshly-imported pad. Relax the assertions to and derive the removed-count from before-head minus after-head, so the tests still catch regressions in text-preservation, saved-revision cleanup, and append-after-compact without being tied to the exact implementation shape. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * refactor(6194): wrap existing Cleanup instead of duplicating it Develop already ships a working revision-cleanup path under `src/node/utils/Cleanup.ts` with two public helpers — `deleteAllRevisions(padId)` (collapse full history via copyPadWithoutHistory) and `deleteRevisions(padId, keepRevisions)` (keep the last N). The admin-settings UI wires these up but neither is exposed on the public API, and there's no CLI for operators who want to run compaction outside the web UI. That's the gap this PR now fills. Changes from the prior revision of this PR: - Drop `pad.compactHistory()` — it re-implemented what `Cleanup.deleteAllRevisions` already does. Remove the duplicate. - `API.compactPad(padID, keepRevisions?)` now delegates to Cleanup: • keepRevisions null/undefined → deleteAllRevisions (full collapse) • keepRevisions >= 0 → deleteRevisions(N) (keep last N) Returns {ok, mode: 'all' | 'keepLast', keepRevisions?}. - APIHandler `1.3.1`: signature updated to take `keepRevisions` instead of `authorId`. - `bin/compactPad.ts`: accepts `--keep N` for the keep-last mode, shows before/after revision counts so operators see concrete savings. - Backend tests rewritten around the public API surface (mode reporting, text preservation, input validation) rather than internal method plumbing that no longer exists. Net: strictly a thin public-API and CLI veneer over already-tested Cleanup helpers. No new low-level logic. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * test(6194): assert content markers, not byte-exact atext Cleanup.deleteAllRevisions internally calls copyPadWithoutHistory twice (src → tempId, tempId → src with force=true), and each round trip normalizes trailing whitespace. That meant my byte-exact atext.text assertion failed in CI: expected: '...line 3\n\n\n' actual: '...line 3\n' Swap the comparisons to use content markers (marker-alpha / beta / gamma, keep-line-N). The test still catches the real regressions — if compactPad lost content those markers would disappear — without coupling to whitespace quirks of the existing Cleanup implementation. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(6194): correct API param + document compactPad in http_api docs The 1.3.1 entry in APIHandler registered `['padID', 'authorId']`, but `API.compactPad` takes `(padID, keepRevisions)` and the CLI sends a `keepRevisions` query param. APIHandler.handle dispatches by URL field name, so the previous wiring silently dropped `keepRevisions` and never ran the keep-last branch over HTTP. - Register `['padID', 'keepRevisions']` so the handler forwards the CLI/HTTP arg into the API function. - Add HTTP-level dispatch tests that hit `/api/1.3.1/compactPad` with and without `keepRevisions`. The direct `api.compactPad()` tests bypass the handler and would have missed this regression. - Document compactPad in `doc/api/http_api.md` and `http_api.adoc`, and bump the documented latest version from 1.3.0 to 1.3.1 to match `latestApiVersion`. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * feat(6194): add bin/compactAllPads for per-instance bulk compaction `bin/compactPad <padID>` covers the case where you know which pad is fat. For "reclaim space across the whole instance," composing `listAllPads` + `compactPad` yourself is annoying; this script does it. - Walks every pad on the instance and compacts it (full collapse, or `--keep N` keep-last). - Per-pad failures don't abort the run — they're logged, counted, and the script exits 1 if any failed. - `--dry-run` lists pads + revision counts without writing anything, so operators can scope impact before committing. - Reports `before → after` per pad and a total reclaimed count. Deliberately not adding a `compactAllPads` HTTP API: bulk compaction over a single HTTP request means one giant response and a long-held connection. Operators who want this should run it locally, where they can see progress and kill it cleanly. Staleness gating ("only pads older than X days") is tracked separately as a follow-up. Also registers `compactPad` and `compactAllPads` script aliases in `bin/package.json` so they show up next to the other admin CLIs. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * test(6194): cover the bin/compactAllPads loop logic Previous commit added the script but only exercised it by hand. The loop itself — error tolerance, dry-run gating, keep-last passthrough, the empty-instance and listAllPads-failure paths — had no automated coverage. - Refactor compactAllPads.ts to export `runCompactAll(api, opts, logger)` and `parseArgs(argv)`. The CLI shell wires them up to axios+APIKEY for production; tests use an in-memory `CompactAllApi` so we don't need to stand up the apikey-auth path in mocha. - Add 9 specs covering: arg parsing, full-collapse iteration, --keep N passthrough, --dry-run skipping writes, single-pad failure not aborting the run, pre-flight count failure tolerated, a listAllPads failure short-circuiting cleanly, the empty-instance no-op, and a final end-to-end test that runs `runCompactAll` against the real `/api/1.3.1/compactPad` handler over supertest+JWT to catch contract drift between the CompactAllApi shape and the HTTP endpoints. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(6194): address Qodo review — gate, integer check, SSL Three valid concerns from the Qodo review on 75a08a13: 1. **cleanup.enabled gate.** The admin/Cleanup-socket path checks `settings.cleanup.enabled` before doing anything destructive; the public API was bypassing that gate. Now `compactPad` mirrors the admin path's check and returns a clear apierror when disabled, so exposing the API doesn't accidentally widen the cleanup-opt-in surface. 2. **Number.isFinite → Number.isInteger.** `2.5` was finite and non-negative, so the old check let it through into `Cleanup.deleteRevisions`, which does revision-index arithmetic that assumes integer math. Reject at the API boundary instead of silently misbehaving. 3. **SSL-aware baseURL in the bin scripts.** Other bin scripts hardcode `http://`, but the rest of the codebase uses `settings.ssl ? 'https' : 'http'`. The compact CLIs now do the same, so they work against HTTPS deployments. (Other bin scripts carry the same bug but fixing them is out of scope for this PR.) Tests: - New spec: `rejects fractional keepRevisions` (2.5 with the old check passed; the new one rejects). - New spec: `refuses to run when cleanup.enabled is false`. The existing API tests opt in via a before-hook + restore, so they still cover the success path under the new gate. - API docs (`http_api.md` + `http_api.adoc`) document the gate and the new error message. Skipped Qodo concerns: - "Wrong compactPad parameters" — already fixed in 26e12ff7 (the param map now correctly says `keepRevisions`, not `authorId`). - "Unbounded revision deletions" / "No session eviction" / changeset base-length / padCreate hook — these all targeted the earlier on-Pad implementation that was refactored away. The current code wraps `Cleanup.deleteAllRevisions` / `deleteRevisions`, which already handle concurrency, locking, and hook semantics. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
SamTV12345
|
c55007361c
|
chore: updated node to supported 22,24,25 (#7628)
* chore: updated node to supported 22,24,25 * chore: updated node to supported 22,24,25 * chore: updated node to supported 22,24,25 * chore: updated node to supported 22,24,25 * chore: upgrade deb * chore: upgrade dockerfile * chore: use explicit node * chore: use node 22 * chore: use node 22 |
||
Etherpad Release Bot
|
dad6cc8eef | bump version | ||
|
Etherpad Release Bot
|
249241d9a4 | bump version | ||
dependabot[bot]
|
97b9c3b128
|
build(deps): bump axios from 1.15.1 to 1.15.2 (#7581)
Bumps [axios](https://github.com/axios/axios) from 1.15.1 to 1.15.2. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.15.1...v1.15.2) --- updated-dependencies: - dependency-name: axios dependency-version: 1.15.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Etherpad Release Bot
|
3005f2aeaf | bump version | ||
|
dependabot[bot]
|
9db0def1bd
|
build(deps): bump axios from 1.15.0 to 1.15.1 (#7575)
Bumps [axios](https://github.com/axios/axios) from 1.15.0 to 1.15.1. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.15.0...v1.15.1) --- updated-dependencies: - dependency-name: axios dependency-version: 1.15.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
a6acfe6fec
|
build(deps): bump ueberdb2 from 5.0.45 to 5.0.48 (#7576)
Bumps [ueberdb2](https://github.com/ether/ueberDB) from 5.0.45 to 5.0.48. - [Changelog](https://github.com/ether/ueberDB/blob/main/CHANGELOG.md) - [Commits](https://github.com/ether/ueberDB/compare/v5.0.45...v5.0.48) --- updated-dependencies: - dependency-name: ueberdb2 dependency-version: 5.0.48 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
Stefan Müller
|
e8c9efb5c5
|
chore: Rename some occurences of etherpad-lite to etherpad (#7552)
* chore: Rename some occurences of etherpad-lite to etherpad * chore: Adjust etherpad git urls * chore: Rename more occurences from etherpad-lite to etherpad * chore: Adjust default text |
||
|
John McLear
|
0206e0447c
|
checkPlugin: flag absolute /static/plugins/ asset paths in templates (#5203) (#7535)
* checkPlugin: flag absolute /static/plugins/ paths in templates (#5203) Plugin templates that reference assets as \`/static/plugins/...\` (absolute) silently break any Etherpad instance hosted behind a reverse proxy at a sub-path — the browser resolves the path against the domain root instead of the proxy prefix and the asset 404s. The right form is \`../static/plugins/...\` (relative), which ep_embedmedia PR #4 fixed manually and which #5203 asked for as a mechanical check. Walk \`templates/\` and \`static/\` of the plugin, scan every \`*.ejs\` / \`*.html\` for \`/static/plugins/\` not preceded by a URL scheme, dot, or word char (so \`https://host/static/plugins/...\` and already-correct \`../static/plugins/...\` stay untouched). Warn normally; in \`autofix\` mode rewrite to the relative form in place. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * checkPlugin: skip autofix for static/*.html Addresses Qodo review: HTML served from a plugin's static/ directory resolves against /static/plugins/<plugin>/static/..., so rewriting /static/plugins/... to ../static/plugins/... yields a broken URL. Keep scanning static/ for warnings but no longer rewrite, and clarify the remediation guidance to point at the file's own location. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com> |
||
|
dependabot[bot]
|
e8adc4d102
|
build(deps-dev): bump the dev-dependencies group with 5 updates (#7536)
Bumps the dev-dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [@types/express-session](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/express-session) | `1.18.2` | `1.19.0` | | [eslint-config-etherpad](https://github.com/ether/eslint-config-etherpad) | `4.0.4` | `4.0.5` | | [typescript](https://github.com/microsoft/TypeScript) | `6.0.2` | `6.0.3` | | [eslint-plugin-react-hooks](https://github.com/facebook/react/tree/HEAD/packages/eslint-plugin-react-hooks) | `7.0.1` | `7.1.0` | | [react-i18next](https://github.com/i18next/react-i18next) | `17.0.3` | `17.0.4` | Updates `@types/express-session` from 1.18.2 to 1.19.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/express-session) Updates `eslint-config-etherpad` from 4.0.4 to 4.0.5 - [Commits](https://github.com/ether/eslint-config-etherpad/compare/v4.0.4...v4.0.5) Updates `typescript` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](https://github.com/microsoft/TypeScript/compare/v6.0.2...v6.0.3) Updates `eslint-plugin-react-hooks` from 7.0.1 to 7.1.0 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/packages/eslint-plugin-react-hooks/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/HEAD/packages/eslint-plugin-react-hooks) Updates `react-i18next` from 17.0.3 to 17.0.4 - [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/react-i18next/compare/v17.0.3...v17.0.4) --- updated-dependencies: - dependency-name: "@types/express-session" dependency-version: 1.19.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: eslint-config-etherpad dependency-version: 4.0.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: typescript dependency-version: 6.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: eslint-plugin-react-hooks dependency-version: 7.1.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: react-i18next dependency-version: 17.0.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
John McLear
|
32d5d90c9d
|
chore: remove dead root files (.travis.yml, .lgtm.yml, *.bat) (#7531)
These files are stale: there's no CI/tooling left that reads them. - .travis.yml — Etherpad moved to GitHub Actions years ago. The workflows in .github/workflows/ are the source of truth. - .lgtm.yml — LGTM was sunset by GitHub in late 2022. - start.bat — README only documents the PowerShell installer for Windows now (irm .../installer.ps1 | iex), no docs or scripts reference start.bat. - bin/installOnWindows.bat — same; not referenced by README, docs or workflows. Also drop the .travis.yml line from the plugin layout in doc/plugins.md and replace it with a pointer at .github/workflows/. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
dependabot[bot]
|
36af9efaed
|
build(deps): bump ueberdb2 from 5.0.34 to 5.0.45 (#7520)
Bumps [ueberdb2](https://github.com/ether/ueberDB) from 5.0.34 to 5.0.45. - [Changelog](https://github.com/ether/ueberDB/blob/main/CHANGELOG.md) - [Commits](https://github.com/ether/ueberDB/compare/v5.0.34...v5.0.45) --- updated-dependencies: - dependency-name: ueberdb2 dependency-version: 5.0.45 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
28db7a3121
|
build(deps): bump axios from 1.14.0 to 1.15.0 (#7498)
Bumps [axios](https://github.com/axios/axios) from 1.14.0 to 1.15.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.14.0...v1.15.0) --- updated-dependencies: - dependency-name: axios dependency-version: 1.15.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
5df63551a7
|
build(deps): bump ueberdb2 from 5.0.33 to 5.0.34 (#7507)
Bumps [ueberdb2](https://github.com/ether/ueberDB) from 5.0.33 to 5.0.34. - [Changelog](https://github.com/ether/ueberDB/blob/main/CHANGELOG.md) - [Commits](https://github.com/ether/ueberDB/compare/v5.0.33...v5.0.34) --- updated-dependencies: - dependency-name: ueberdb2 dependency-version: 5.0.34 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
b6df192fec
|
build(deps-dev): bump the dev-dependencies group across 1 directory with 10 updates (#7500)
Bumps the dev-dependencies group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@types/formidable](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/formidable) | `3.5.0` | `3.5.1` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.5.2` | `25.6.0` | | [sinon](https://github.com/sinonjs/sinon) | `21.0.3` | `21.1.0` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.3` | `4.1.4` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.58.0` | `8.58.1` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.58.0` | `8.58.1` | | [i18next](https://github.com/i18next/i18next) | `26.0.3` | `26.0.4` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.7.0` | `1.8.0` | | [react](https://github.com/facebook/react/tree/HEAD/packages/react) | `19.2.4` | `19.2.5` | | [react-dom](https://github.com/facebook/react/tree/HEAD/packages/react-dom) | `19.2.4` | `19.2.5` | Updates `@types/formidable` from 3.5.0 to 3.5.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/formidable) Updates `@types/node` from 25.5.2 to 25.6.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `sinon` from 21.0.3 to 21.1.0 - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md) - [Commits](https://github.com/sinonjs/sinon/compare/v21.0.3...v21.1.0) Updates `vitest` from 4.1.3 to 4.1.4 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.4/packages/vitest) Updates `@typescript-eslint/eslint-plugin` from 8.58.0 to 8.58.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.1/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.58.0 to 8.58.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.1/packages/parser) Updates `i18next` from 26.0.3 to 26.0.4 - [Release notes](https://github.com/i18next/i18next/releases) - [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/i18next/compare/v26.0.3...v26.0.4) Updates `lucide-react` from 1.7.0 to 1.8.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/1.8.0/packages/lucide-react) Updates `react` from 19.2.4 to 19.2.5 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react) Updates `react-dom` from 19.2.4 to 19.2.5 - [Release notes](https://github.com/facebook/react/releases) - [Changelog](https://github.com/facebook/react/blob/main/CHANGELOG.md) - [Commits](https://github.com/facebook/react/commits/v19.2.5/packages/react-dom) --- updated-dependencies: - dependency-name: "@types/formidable" dependency-version: 3.5.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@types/node" dependency-version: 25.6.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: sinon dependency-version: 21.1.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: vitest dependency-version: 4.1.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.58.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/parser" dependency-version: 8.58.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: i18next dependency-version: 26.0.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: lucide-react dependency-version: 1.8.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: react dependency-version: 19.2.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: react-dom dependency-version: 19.2.5 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
2761c4ae79
|
build(deps): bump ueberdb2 from 5.0.23 to 5.0.33 (#7497)
Bumps [ueberdb2](https://github.com/ether/ueberDB) from 5.0.23 to 5.0.33. - [Changelog](https://github.com/ether/ueberDB/blob/main/CHANGELOG.md) - [Commits](https://github.com/ether/ueberDB/compare/v5.0.23...v5.0.33) --- updated-dependencies: - dependency-name: ueberdb2 dependency-version: 5.0.33 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
John McLear
|
aee356ab76
|
fix: use atomic git push in plugin npmpublish workflow (#7494)
The plugin publish workflow ran `git push --follow-tags` after `pnpm version patch`. `--follow-tags` is non-atomic per ref: if a concurrent publish run won the race, the branch fast-forward would be rejected but the tag push would still land — leaving a dangling `vN+1` tag with no matching version-bump commit on the branch. Every subsequent push would then fail forever with `npm error fatal: tag 'vN+1' already exists`, because `pnpm version patch` would re-derive the same tag name from the unchanged `package.json`. On 2026-04-08, a single churn day (badge fixes + Dependabot merges firing back-to-back) put ~46 plugins into this state simultaneously. Recovery required hand-bumping `package.json` past the dangling tag on every affected repo, twice (a second wave appeared after the first sweep finished, racing the next wave of publishes). Fix: use `git push --atomic origin <branch> <tag>` so the branch update and the tag update succeed or fail as a single server-side transaction. A rejected branch push now also rejects the tag push, the run aborts cleanly, and the next workflow tick can retry against the up-to-date refs without leaving any orphaned tags. Also derive the new tag name from `package.json` after the bump (rather than parsing pnpm version's stdout, which has historically varied) and pass it explicitly into the push. Adds a backend regression test that asserts the workflow file uses `--atomic`, does not contain a literal `git push --follow-tags` command (ignoring the historical comment), and includes both the branch ref and the freshly-bumped tag in the atomic push. The test gates against accidental reverts. This file is the source of truth that `bin/plugins/checkPlugin.ts` propagates into every `ether/ep_*` plugin's `.github/workflows/`, so the next `update-plugins` cron tick will roll the fix out across all plugins automatically. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
b57b25a4d7
|
fix: setup-trusted-publishers.sh works with real npm trust CLI (#7491)
* fix: setup-trusted-publishers.sh works with real npm trust CLI Two issues found when running the script for the first time after #7490: 1. `npm trust github --file` wants ONLY the workflow filename basename (e.g. `test-and-release.yml`), not the full `.github/workflows/test-and-release.yml` path. npm errors out with "GitHub Actions workflow must be just a file not a path" otherwise. Constants updated. 2. `npm trust github` requires 2FA on accounts that have it enabled, and there is no way to disable that requirement. Add a `--otp <code>` pass-through flag and forward it to every call so a maintainer can batch-process multiple packages within a single TOTP window. Documented the limitation in the script header. Also reword the call site so the npm command line is built without shell-string round-tripping (passing $CMD through `$( $CMD )` was unrelated to this bug but was bad practice). Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: setup-trusted-publishers.sh recognizes 409 as already-configured When --skip-existing is set, treat HTTP 409 Conflict from POST /-/package/<name>/trust as 'already configured' so re-runs of the bulk script don't fail on packages that were configured in a previous run. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * test: cover setup-trusted-publishers.sh, harden against set -e, document --otp Addresses qodo review on #7491: - Add backend regression test that shims `npm` on PATH and asserts `--file` is given the workflow basename (never a path), `--otp` is forwarded to every `npm trust github` call when supplied, and the loop survives a non-zero exit so `--skip-existing` can absorb 409 Conflict responses from the registry. - Wrap the `npm trust github` invocation in `set +e` / `set -e`. The `if configure_one` already shields the function from errexit in practice, but a future refactor moving the call site out of an `if` would silently reintroduce the bug — the explicit shim makes intent obvious and survives such refactors. - Document `--otp` and the 2FA / TOTP-expiry workflow in doc/npm-trusted-publishing.md so maintainers don't follow the docs and hit EOTP. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
7c3837891b
|
feat: migrate npm publish to OIDC trusted publishing (#7401) (#7490)
* feat: migrate npm publish to OIDC trusted publishing (#7401) Replaces NPM_TOKEN-based publishing with npm Trusted Publishing over OIDC for both etherpad-lite core and the shared plugin publish template. Tokens no longer expire every 90 days; each publish authenticates via a short-lived OIDC token issued to the GitHub Actions runner. Changes: - bin/plugins/lib/npmpublish.yml: the reusable workflow propagated to every ether/ep_* plugin via the update-plugins cron. Now bumps Node to 22, upgrades npm to >=11.5.1, declares id-token: write, drops NODE_AUTH_TOKEN, and calls `npm publish --provenance --access public` directly (not via pnpm/gnpm wrappers, which obscure the npm CLI version requirement). - bin/plugins/lib/test-and-release.yml: the parent workflow that calls npmpublish.yml as a reusable workflow. Top-level and release-job permissions now grant id-token: write so the OIDC token can flow into the called workflow. - .github/workflows/releaseEtherpad.yml: core's own publish workflow for the ep_etherpad package. Same OIDC migration; keeps the gnpm install + rename steps but switches the final publish to npm. - doc/npm-trusted-publishing.md: explains how trusted publishing works, the one-time per-package setup that has to happen on npmjs.com, requirements (Node 22.14+, npm 11.5.1+, cloud runners), and common errors. The next update-plugins cron run will propagate the new template to every plugin. Once that lands and the trusted publisher is configured on npmjs.com per package, the NPM_TOKEN secret can be removed. Closes #7401 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * feat: add bin/setup-trusted-publishers.sh for bulk OIDC config (#7401) Adds a script that automates the per-package trusted-publisher setup that previously had to be done by clicking through npmjs.com once for each of the 80+ ep_* plugins. Uses the new `npm trust github` CLI (npm >= 11.5.1) so the whole org can be configured in one shot: npm login bin/setup-trusted-publishers.sh The script: - Discovers every non-archived ether/ep_* repo via `gh repo list` - Maps ep_etherpad to the etherpad-lite repo / releaseEtherpad.yml, and every plugin to its same-named repo / test-and-release.yml - Runs `npm trust github <pkg> --repository <org>/<repo> --file <workflow> --yes` for each package - Supports --dry-run, --packages <comma list>, and --skip-existing - Verifies npm >= 11.5.1 and that the user is logged in before doing anything destructive Doc updated to feature the script as the recommended setup path, with manual web-UI steps kept as a fallback. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: don't bump CI Node version to 22 for OIDC npm 11.5.1 (the version that ships trusted publishing) actually requires '^20.17.0 || >=22.9.0', not Node 22.14+. The npm docs recommend Node 22 but only because that's what bundles a recent enough npm — installing 'npm@latest' on top of Node 20.17+ works just as well. The repo already requires Node >= 20.0.0 in engines.node and the setup-node@v6 'version: 20' input resolves to the latest 20.x (currently 20.20+), which satisfies npm 11's range. Revert the CI publish workflows from node-version: 22 back to 20 so this PR does not raise the Node bar at all. Doc updated to explain the actual constraint. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
301ae4df2c
|
feat: add one-line installer script (#7466) (#7485)
* feat: add one-line installer script (#7466) Adds bin/installer.sh, a small POSIX shell script that: - Verifies prerequisites (git, Node.js >= 18) - Installs pnpm globally if missing (with sudo fallback) - Clones etherpad-lite (configurable branch / dir) - Runs `pnpm i` and `pnpm run build:etherpad` - Optionally starts Etherpad if ETHERPAD_RUN=1 Users can now install Etherpad with a single command: curl -fsSL https://raw.githubusercontent.com/ether/etherpad-lite/master/bin/installer.sh | sh README updated to feature the one-liner above the existing Docker-Compose / manual install instructions. Closes #7466 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * test: add installer-test workflow + Windows PowerShell installer - bin/installer.ps1: PowerShell port of installer.sh so the one-liner also works on Windows via 'irm ... | iex'. - .github/workflows/installer-test.yml: end-to-end CI that runs each installer against the PR's own commit (via ETHERPAD_REPO/BRANCH env vars), verifies clone + node_modules + admin SPA artifacts, and smoke-tests by starting Etherpad and curling /api. Runs on ubuntu-latest, macos-latest, and windows-latest. Includes a shellcheck job for installer.sh. - README: feature the Windows one-liner alongside the POSIX one. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * test: fix windows smoke test - wrap pnpm in cmd /c Start-Process can't run pnpm.cmd directly ("not a valid Win32 application"). Wrap it via cmd.exe /c instead, and bump the wait window to 90s for slower Windows runners. Also dump stderr alongside stdout when the smoke test fails for easier debugging. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: address Qodo review on installer (#7485) Two correctness issues caught by Qodo: 1. Node version mismatch: installer required Node >= 18, but the repo's engines.node is >= 20. Bump REQUIRED_NODE_MAJOR to 20 in both shell and PowerShell installers, and update the README's quick-install prerequisite and Requirements section to match. 2. Branch ignored for existing checkouts: when ETHERPAD_DIR already existed, the script ran 'git pull --ff-only' on whatever branch happened to be checked out, ignoring ETHERPAD_BRANCH and never verifying ETHERPAD_REPO. The existing-dir path now: - validates the remote URL matches ETHERPAD_REPO - refuses to clobber uncommitted changes (excluding pnpm-lock.yaml, which pnpm i rewrites during install) - fetches with --tags --prune - checks out ETHERPAD_BRANCH as a branch or detaches at it as a tag - prints the resulting commit short SHA for clarity Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
220ae82086
|
fix: use pnpm instead of npm in updatePlugins.sh (#7468)
* fix: use pnpm instead of npm in updatePlugins.sh The script used npm outdated which doesn't work with pnpm workspaces, and pnpm install which doesn't update existing packages. Changed to pnpm outdated and pnpm update respectively. Fixes #6670 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * fix: scope plugin updates to ep_etherpad-lite and exclude core package - Use --filter ep_etherpad-lite so pnpm operates on the right workspace - Exclude ep_etherpad-lite from the plugin list - Handle pnpm outdated exit codes correctly (returns 1 when outdated) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
dependabot[bot]
|
62002302a7
|
build(deps-dev): bump the dev-dependencies group with 4 updates (#7443)
Bumps the dev-dependencies group with 4 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [@types/sinon](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/sinon), [react-hook-form](https://github.com/react-hook-form/react-hook-form) and [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom). Updates `@types/node` from 25.5.0 to 25.5.2 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/sinon` from 21.0.0 to 21.0.1 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/sinon) Updates `react-hook-form` from 7.72.0 to 7.72.1 - [Release notes](https://github.com/react-hook-form/react-hook-form/releases) - [Changelog](https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md) - [Commits](https://github.com/react-hook-form/react-hook-form/compare/v7.72.0...v7.72.1) Updates `react-router-dom` from 7.13.2 to 7.14.0 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.14.0/packages/react-router-dom) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.5.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@types/sinon" dependency-version: 21.0.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: react-hook-form dependency-version: 7.72.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: react-router-dom dependency-version: 7.14.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
John McLear
|
32d9c8962e
|
Bump dev dependencies including TypeScript 5→6 with compatibility fixes (#7428)
* build(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates Bumps the dev-dependencies group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@playwright/test](https://github.com/microsoft/playwright) | `1.58.2` | `1.59.0` | | [typescript](https://github.com/microsoft/TypeScript) | `5.9.3` | `6.0.2` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.1.1` | `4.1.2` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.57.1` | `8.58.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.57.1` | `8.58.0` | | [i18next](https://github.com/i18next/i18next) | `25.10.5` | `26.0.3` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `1.0.1` | `1.7.0` | | [react-i18next](https://github.com/i18next/react-i18next) | `16.6.2` | `17.0.2` | Updates `@playwright/test` from 1.58.2 to 1.59.0 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](https://github.com/microsoft/playwright/compare/v1.58.2...v1.59.0) Updates `typescript` from 5.9.3 to 6.0.2 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Commits](https://github.com/microsoft/TypeScript/compare/v5.9.3...v6.0.2) Updates `vitest` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.2/packages/vitest) Updates `@typescript-eslint/eslint-plugin` from 8.57.1 to 8.58.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.57.1 to 8.58.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.58.0/packages/parser) Updates `i18next` from 25.10.5 to 26.0.3 - [Release notes](https://github.com/i18next/i18next/releases) - [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/i18next/compare/v25.10.5...v26.0.3) Updates `lucide-react` from 1.0.1 to 1.7.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/1.7.0/packages/lucide-react) Updates `react-i18next` from 16.6.2 to 17.0.2 - [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/react-i18next/compare/v16.6.2...v17.0.2) --- updated-dependencies: - dependency-name: "@playwright/test" dependency-version: 1.59.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: typescript dependency-version: 6.0.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: vitest dependency-version: 4.1.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.58.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/parser" dependency-version: 8.58.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: i18next dependency-version: 26.0.3 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: lucide-react dependency-version: 1.7.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: react-i18next dependency-version: 17.0.2 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> * Fix TypeScript 6 compatibility: add jQuery types and DOM lib - Add @types/jquery dev dependency - Add "DOM" to tsconfig lib for frontend files that use DOM APIs - Add "types": ["node", "jquery"] to tsconfig for explicit type resolution - Fix implicit any types in pad_utils.ts (evt parameter, this in .each) Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
09d782f695
|
Enforce 2-space indentation across codebase (#7426)
* Enforce 2-space indentation across codebase Convert all 4-space indented source files to 2-space to match .editorconfig and project contributor guidelines. 74 files converted: admin UI components, type definitions, security modules, test files, helpers, and utilities. No functional changes — 2882 insertions, 2882 deletions (pure whitespace). Fixes #7353 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Limit admin tests to chromium and firefox Webkit is already tested in the dedicated frontend-tests workflow. Running it again in admin tests causes flaky failures due to slow socket connections and external API timeouts on webkit CI runners. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
0a76256075
|
Enable globstar in plugin backend-tests template (#7414)
* fix: re-apply retries: 0 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Enable globstar in backend-tests template for recursive test discovery Without shopt -s globstar, bash ** doesn't recurse into subdirectories, causing mocha to miss test files in paths like specs/api/exportHTML.ts. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
09df1ce65f
|
Add pnpm update step to checkPlugin for dependency updates (#7404)
Run pnpm update on plugins during autofix to bump all dependencies to their latest compatible versions, reducing dependabot noise and keeping plugins current. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
a6d283a809
|
Fix plugin frontend-tests template: use dev mode not prod (#7402)
Prod mode enables rate limiting which causes frontend tests to fail silently. Dev mode disables rate limiting for testing. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
0423477966
|
Fix/plugin workflow templates clean (#7399)
* Revert plugin workflow template changes Reverts the following commits to replace with a single clean fix: - e97e203d7 Fix backend-tests find pattern for versioned plugin paths - 45fe8a310 Fix backend-tests find path for plugin test discovery - 892c52ba2 Fix plugin backend-tests workflow pnpm 10 symlink error - 7484d9ea6 Update deprecated GitHub Actions in plugin workflow templates Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * Modernize plugin workflow templates for pnpm 10 and new plugin paths - Bump actions/checkout v3 → v4, cache-apt-pkgs-action v1.4.2 → v1.6.0 - Replace pnpm link --global with pnpm run plugins i --path (fixes pnpm 10 "symlink path same as target" error) - Fix backend test discovery: plugins install to src/plugin_packages/ via live-plugin-manager, not node_modules/ - Run mocha directly from src/ against node_modules/ep_* symlinks so tests resolve correctly Tested and verified on ep_table_of_contents. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
e97e203d76
|
Fix backend-tests find pattern for versioned plugin paths (#7398)
live-plugin-manager installs to src/plugin_packages/ep_name@version/, not src/plugin_packages/ep_name/. Update the glob to match the versioned directory format. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
45fe8a310e
|
Fix backend-tests find path for plugin test discovery (#7397)
plugins i --path installs to src/plugin_packages/, not node_modules/. Update the find command to look in the correct location so backend tests are actually discovered and run. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
892c52ba26
|
Fix plugin backend-tests workflow pnpm 10 symlink error (#7396)
Remove redundant pnpm link --global steps that conflict with pnpm run plugins i --path on pnpm 10, causing "Symlink path is the same as the target path" errors. The plugins i command handles all linking internally via LinkInstaller. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
John McLear
|
7484d9ea60
|
Update deprecated GitHub Actions in plugin workflow templates (#7395)
Bump actions/checkout v3 → v4 and awalsh128/cache-apt-pkgs-action v1.4.2 → v1.6.0 to fix CI failures caused by deprecated actions/upload-artifact v3 dependency. Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com> |
||
|
dependabot[bot]
|
737f673fba
|
build(deps): bump axios from 1.13.6 to 1.14.0 (#7394)
Bumps [axios](https://github.com/axios/axios) from 1.13.6 to 1.14.0. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.13.6...v1.14.0) --- updated-dependencies: - dependency-name: axios dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
d3c34187e8
|
build(deps-dev): bump the dev-dependencies group with 3 updates (#7368)
Bumps the dev-dependencies group with 3 updates: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node), [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) and [vite-plugin-static-copy](https://github.com/sapphi-red/vite-plugin-static-copy). Updates `@types/node` from 25.4.0 to 25.5.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@vitejs/plugin-react` from 6.0.0 to 6.0.1 - [Release notes](https://github.com/vitejs/vite-plugin-react/releases) - [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.1/packages/plugin-react) Updates `vite-plugin-static-copy` from 3.2.0 to 3.3.0 - [Release notes](https://github.com/sapphi-red/vite-plugin-static-copy/releases) - [Changelog](https://github.com/sapphi-red/vite-plugin-static-copy/blob/main/CHANGELOG.md) - [Commits](https://github.com/sapphi-red/vite-plugin-static-copy/compare/vite-plugin-static-copy@3.2.0...vite-plugin-static-copy@3.3.0) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.5.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@vitejs/plugin-react" dependency-version: 6.0.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: vite-plugin-static-copy dependency-version: 3.3.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
14c4f479a4
|
build(deps-dev): bump the dev-dependencies group with 7 updates (#7366)
Bumps the dev-dependencies group with 7 updates: | Package | From | To | | --- | --- | --- | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.3.5` | `25.4.0` | | [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) | `4.0.18` | `4.1.0` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.56.1` | `8.57.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.56.1` | `8.57.0` | | [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `5.1.4` | `6.0.0` | | [i18next](https://github.com/i18next/i18next) | `25.8.16` | `25.8.18` | | [react-i18next](https://github.com/i18next/react-i18next) | `16.5.6` | `16.5.8` | Updates `@types/node` from 25.3.5 to 25.4.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `vitest` from 4.0.18 to 4.1.0 - [Release notes](https://github.com/vitest-dev/vitest/releases) - [Commits](https://github.com/vitest-dev/vitest/commits/v4.1.0/packages/vitest) Updates `@typescript-eslint/eslint-plugin` from 8.56.1 to 8.57.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.56.1 to 8.57.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.57.0/packages/parser) Updates `@vitejs/plugin-react` from 5.1.4 to 6.0.0 - [Release notes](https://github.com/vitejs/vite-plugin-react/releases) - [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@6.0.0/packages/plugin-react) Updates `i18next` from 25.8.16 to 25.8.18 - [Release notes](https://github.com/i18next/i18next/releases) - [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/i18next/compare/v25.8.16...v25.8.18) Updates `react-i18next` from 16.5.6 to 16.5.8 - [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/react-i18next/compare/v16.5.6...v16.5.8) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.4.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: vitest dependency-version: 4.1.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.57.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/parser" dependency-version: 8.57.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@vitejs/plugin-react" dependency-version: 6.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: i18next dependency-version: 25.8.18 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: react-i18next dependency-version: 16.5.8 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
c5d5f5d97c
|
build(deps): bump axios from 1.13.5 to 1.13.6 (#7360)
Bumps [axios](https://github.com/axios/axios) from 1.13.5 to 1.13.6. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.13.5...v1.13.6) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.6 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
8bf610cda2
|
build(deps-dev): bump the dev-dependencies group with 16 updates (#7358)
Bumps the dev-dependencies group with 16 updates: | Package | From | To | | --- | --- | --- | | [@types/formidable](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/formidable) | `3.4.6` | `3.5.0` | | [@types/jquery](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jquery) | `3.5.33` | `4.0.0` | | [@types/jsdom](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsdom) | `27.0.0` | `28.0.0` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.2.3` | `25.3.5` | | [@types/supertest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/supertest) | `6.0.3` | `7.2.0` | | [@types/whatwg-mimetype](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/whatwg-mimetype) | `3.0.2` | `5.0.0` | | [eslint](https://github.com/eslint/eslint) | `10.0.0` | `10.0.3` | | [sinon](https://github.com/sinonjs/sinon) | `21.0.1` | `21.0.2` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.55.0` | `8.56.1` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.55.0` | `8.56.1` | | [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.5.0` | `0.5.2` | | [i18next](https://github.com/i18next/i18next) | `25.8.8` | `25.8.16` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.564.0` | `0.577.0` | | [react-hook-form](https://github.com/react-hook-form/react-hook-form) | `7.71.1` | `7.71.2` | | [react-i18next](https://github.com/i18next/react-i18next) | `16.5.4` | `16.5.6` | | [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) | `7.13.0` | `7.13.1` | Updates `@types/formidable` from 3.4.6 to 3.5.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/formidable) Updates `@types/jquery` from 3.5.33 to 4.0.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jquery) Updates `@types/jsdom` from 27.0.0 to 28.0.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsdom) Updates `@types/node` from 25.2.3 to 25.3.5 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/supertest` from 6.0.3 to 7.2.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/supertest) Updates `@types/whatwg-mimetype` from 3.0.2 to 5.0.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/whatwg-mimetype) Updates `eslint` from 10.0.0 to 10.0.3 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/compare/v10.0.0...v10.0.3) Updates `sinon` from 21.0.1 to 21.0.2 - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md) - [Commits](https://github.com/sinonjs/sinon/compare/v21.0.1...v21.0.2) Updates `@typescript-eslint/eslint-plugin` from 8.55.0 to 8.56.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.56.1/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.55.0 to 8.56.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.56.1/packages/parser) Updates `eslint-plugin-react-refresh` from 0.5.0 to 0.5.2 - [Release notes](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases) - [Changelog](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md) - [Commits](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.5.0...v0.5.2) Updates `i18next` from 25.8.8 to 25.8.16 - [Release notes](https://github.com/i18next/i18next/releases) - [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/i18next/compare/v25.8.8...v25.8.16) Updates `lucide-react` from 0.564.0 to 0.577.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/0.577.0/packages/lucide-react) Updates `react-hook-form` from 7.71.1 to 7.71.2 - [Release notes](https://github.com/react-hook-form/react-hook-form/releases) - [Changelog](https://github.com/react-hook-form/react-hook-form/blob/master/CHANGELOG.md) - [Commits](https://github.com/react-hook-form/react-hook-form/compare/v7.71.1...v7.71.2) Updates `react-i18next` from 16.5.4 to 16.5.6 - [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/react-i18next/compare/v16.5.4...v16.5.6) Updates `react-router-dom` from 7.13.0 to 7.13.1 - [Release notes](https://github.com/remix-run/react-router/releases) - [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md) - [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@7.13.1/packages/react-router-dom) --- updated-dependencies: - dependency-name: "@types/formidable" dependency-version: 3.5.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@types/jquery" dependency-version: 4.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: "@types/jsdom" dependency-version: 28.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: "@types/node" dependency-version: 25.3.5 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@types/supertest" dependency-version: 7.2.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: "@types/whatwg-mimetype" dependency-version: 5.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: eslint dependency-version: 10.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: sinon dependency-version: 21.0.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.56.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/parser" dependency-version: 8.56.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: eslint-plugin-react-refresh dependency-version: 0.5.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: i18next dependency-version: 25.8.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: lucide-react dependency-version: 0.577.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: react-hook-form dependency-version: 7.71.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: react-i18next dependency-version: 16.5.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: react-router-dom dependency-version: 7.13.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
f1317ab9b2
|
build(deps): bump axios from 1.13.4 to 1.13.5 (#7321)
Bumps [axios](https://github.com/axios/axios) from 1.13.4 to 1.13.5. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.13.4...v1.13.5) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
0be3e1f564
|
build(deps): bump semver from 7.7.3 to 7.7.4 (#7318)
Bumps [semver](https://github.com/npm/node-semver) from 7.7.3 to 7.7.4. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/node-semver/compare/v7.7.3...v7.7.4) --- updated-dependencies: - dependency-name: semver dependency-version: 7.7.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
25e26f15ba
|
build(deps-dev): bump the dev-dependencies group across 1 directory with 11 updates (#7326)
Bumps the dev-dependencies group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@playwright/test](https://github.com/microsoft/playwright) | `1.58.1` | `1.58.2` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.2.0` | `25.2.3` | | [eslint](https://github.com/eslint/eslint) | `9.39.2` | `10.0.0` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.11` | `19.2.14` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.54.0` | `8.55.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.54.0` | `8.55.0` | | [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `5.1.3` | `5.1.4` | | [i18next](https://github.com/i18next/i18next) | `25.8.1` | `25.8.7` | | [i18next-browser-languagedetector](https://github.com/i18next/i18next-browser-languageDetector) | `8.2.0` | `8.2.1` | | [lucide-react](https://github.com/lucide-icons/lucide/tree/HEAD/packages/lucide-react) | `0.563.0` | `0.564.0` | | [vite-plugin-babel](https://github.com/owlsdepartment/vite-plugin-babel) | `1.4.1` | `1.5.1` | Updates `@playwright/test` from 1.58.1 to 1.58.2 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](https://github.com/microsoft/playwright/compare/v1.58.1...v1.58.2) Updates `@types/node` from 25.2.0 to 25.2.3 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `eslint` from 9.39.2 to 10.0.0 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/compare/v9.39.2...v10.0.0) Updates `@types/react` from 19.2.11 to 19.2.14 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `@typescript-eslint/eslint-plugin` from 8.54.0 to 8.55.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.55.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.54.0 to 8.55.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.55.0/packages/parser) Updates `@vitejs/plugin-react` from 5.1.3 to 5.1.4 - [Release notes](https://github.com/vitejs/vite-plugin-react/releases) - [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@5.1.4/packages/plugin-react) Updates `i18next` from 25.8.1 to 25.8.7 - [Release notes](https://github.com/i18next/i18next/releases) - [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/i18next/compare/v25.8.1...v25.8.7) Updates `i18next-browser-languagedetector` from 8.2.0 to 8.2.1 - [Changelog](https://github.com/i18next/i18next-browser-languageDetector/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/i18next-browser-languageDetector/compare/v8.2.0...v8.2.1) Updates `lucide-react` from 0.563.0 to 0.564.0 - [Release notes](https://github.com/lucide-icons/lucide/releases) - [Commits](https://github.com/lucide-icons/lucide/commits/0.564.0/packages/lucide-react) Updates `vite-plugin-babel` from 1.4.1 to 1.5.1 - [Commits](https://github.com/owlsdepartment/vite-plugin-babel/commits) --- updated-dependencies: - dependency-name: "@playwright/test" dependency-version: 1.58.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@types/node" dependency-version: 25.2.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: eslint dependency-version: 10.0.0 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dev-dependencies - dependency-name: "@types/react" dependency-version: 19.2.14 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.55.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@typescript-eslint/parser" dependency-version: 8.55.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@vitejs/plugin-react" dependency-version: 5.1.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: i18next dependency-version: 25.8.7 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: i18next-browser-languagedetector dependency-version: 8.2.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: lucide-react dependency-version: 0.564.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: vite-plugin-babel dependency-version: 1.5.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
ad07444d6f
|
build(deps-dev): bump the dev-dependencies group across 1 directory with 8 updates (#7314)
Bumps the dev-dependencies group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [@playwright/test](https://github.com/microsoft/playwright) | `1.58.0` | `1.58.1` | | [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) | `25.1.0` | `25.2.0` | | [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) | `19.2.10` | `19.2.11` | | [@vitejs/plugin-react](https://github.com/vitejs/vite-plugin-react/tree/HEAD/packages/plugin-react) | `5.1.2` | `5.1.3` | | [eslint-plugin-react-refresh](https://github.com/ArnaudBarre/eslint-plugin-react-refresh) | `0.4.26` | `0.5.0` | | [i18next](https://github.com/i18next/i18next) | `25.8.0` | `25.8.1` | | [zustand](https://github.com/pmndrs/zustand) | `5.0.10` | `5.0.11` | | [vitepress](https://github.com/vuejs/vitepress) | `2.0.0-alpha.15` | `2.0.0-alpha.16` | Updates `@playwright/test` from 1.58.0 to 1.58.1 - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](https://github.com/microsoft/playwright/compare/v1.58.0...v1.58.1) Updates `@types/node` from 25.1.0 to 25.2.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Updates `@types/react` from 19.2.10 to 19.2.11 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react) Updates `@vitejs/plugin-react` from 5.1.2 to 5.1.3 - [Release notes](https://github.com/vitejs/vite-plugin-react/releases) - [Changelog](https://github.com/vitejs/vite-plugin-react/blob/main/packages/plugin-react/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite-plugin-react/commits/plugin-react@5.1.3/packages/plugin-react) Updates `eslint-plugin-react-refresh` from 0.4.26 to 0.5.0 - [Release notes](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/releases) - [Changelog](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/blob/main/CHANGELOG.md) - [Commits](https://github.com/ArnaudBarre/eslint-plugin-react-refresh/compare/v0.4.26...v0.5.0) Updates `i18next` from 25.8.0 to 25.8.1 - [Release notes](https://github.com/i18next/i18next/releases) - [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/i18next/compare/v25.8.0...v25.8.1) Updates `zustand` from 5.0.10 to 5.0.11 - [Release notes](https://github.com/pmndrs/zustand/releases) - [Commits](https://github.com/pmndrs/zustand/compare/v5.0.10...v5.0.11) Updates `vitepress` from 2.0.0-alpha.15 to 2.0.0-alpha.16 - [Release notes](https://github.com/vuejs/vitepress/releases) - [Changelog](https://github.com/vuejs/vitepress/blob/main/CHANGELOG.md) - [Commits](https://github.com/vuejs/vitepress/compare/v2.0.0-alpha.15...v2.0.0-alpha.16) --- updated-dependencies: - dependency-name: "@playwright/test" dependency-version: 1.58.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@types/node" dependency-version: 25.2.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: "@types/react" dependency-version: 19.2.11 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: "@vitejs/plugin-react" dependency-version: 5.1.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: eslint-plugin-react-refresh dependency-version: 0.5.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies - dependency-name: i18next dependency-version: 25.8.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: zustand dependency-version: 5.0.11 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies - dependency-name: vitepress dependency-version: 2.0.0-alpha.16 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
f12bcd4006
|
build(deps-dev): bump @types/node in the dev-dependencies group (#7307)
Bumps the dev-dependencies group with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node). Updates `@types/node` from 25.0.10 to 25.1.0 - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.1.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dev-dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
43c784141c
|
build(deps): bump axios from 1.13.3 to 1.13.4 (#7304)
Bumps [axios](https://github.com/axios/axios) from 1.13.3 to 1.13.4. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.13.3...v1.13.4) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.4 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Etherpad Release Bot
|
00d10f4a40 | bump version | ||
|
dependabot[bot]
|
3c535826db
|
build(deps): bump axios from 1.13.2 to 1.13.3 (#7302)
Bumps [axios](https://github.com/axios/axios) from 1.13.2 to 1.13.3. - [Release notes](https://github.com/axios/axios/releases) - [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md) - [Commits](https://github.com/axios/axios/compare/v1.13.2...v1.13.3) --- updated-dependencies: - dependency-name: axios dependency-version: 1.13.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |