Commit graph

182 commits

Author SHA1 Message Date
Tim Alby
d6834ff417 add security headers using Helmet
- use all Helmet's default headers except `X-DNS-Prefetch-Control`
- use `Referrer-Policy`
- use cache headers when:
  - a user is logged in, OR
  - a project is displayed
2017-09-12 11:17:59 +02:00
James Allen
b4254f06ef Update Project schema for overleaf imports 2017-08-21 17:49:08 +02:00
James Allen
eac0ce8353 Initial spike of Overleaf based logins 2017-08-08 14:00:21 +02:00
Paulo Reis
2fcbafa72d Add HTML encoder lib. 2017-07-28 17:30:57 +01:00
Joe Green
10683cbd8c upgraded mongoose package 2017-07-27 10:58:20 +01:00
James Allen
e19f5a1a5e Update redis-sharelatex and shrinkwrap 2017-05-09 17:18:04 +01:00
James Allen
3f51911513 Update to latest redis-sharelatex 2017-05-04 15:25:58 +01:00
Shane Kilkelly
bb65da88fe Merge branch 'master' into node-6.9 2017-04-05 10:15:51 +01:00
Shane Kilkelly
60b298d9ee upgrade to latest metrics 2017-03-31 14:43:19 +01:00
Shane Kilkelly
ca3497b6f6 Update metrics version to 1.7.0 2017-03-21 13:46:42 +00:00
Shane Kilkelly
98d7dc6f88 Make work on both 0.10 and 6.9 2017-02-27 13:54:57 +00:00
Shane Kilkelly
8d7c39ff42 Merge branch 'master' into node-6.9 2017-02-27 11:25:39 +00:00
Shane Kilkelly
bd997fc574 pin sinon js to 1.17, version 2 betas cause breakage 2017-02-27 11:01:25 +00:00
James Allen
2df8479db3 Move translations back to devDependencies so it's not missed by shrinkwrap 2017-02-21 15:25:28 +01:00
James Allen
f180b25850 Convert track changes text to translation strings 2017-02-17 16:28:53 +01:00
Shane Kilkelly
621a07aff2 Merge branch 'master' into node-6.9 2017-02-14 11:01:14 +00:00
Shane Kilkelly
4e9426e6bf Merge branch 'master' into sk-pug 2017-01-30 14:36:10 +00:00
Shane Kilkelly
3ed85dad42 Merge branch 'master' into sk-upgrade-uuid 2017-01-30 11:09:50 +00:00
James Allen
32b0c6a4fb Merge pull request #398 from sharelatex/ja-track-changes
Fix style issues in IE 10
2017-01-25 15:55:15 +01:00
Shane Kilkelly
abbffb8e4b Remove deprecated node-uuid package, replace with uuid. 2017-01-23 10:03:16 +00:00
Shane Kilkelly
57cd54bf55 WIP: migrate from jade to pug 2017-01-20 12:03:02 +00:00
Paulo Reis
e0f3593bff Add autoprefixer to Grunt tasks. 2017-01-18 15:38:18 +00:00
Shane Kilkelly
1ef1912cf8 Point to fork of rolling-rate-limiter that supports ioredis 2017-01-13 15:21:05 +00:00
Shane Kilkelly
5c25d15a18 WIP: try switch to rolling rate limiter 2017-01-12 09:25:18 +00:00
Shane Kilkelly
64f69069b2 Experimental: upgrade to node 6.9.2 (latest LTS release) 2016-12-21 10:23:42 +00:00
Henry Oswald
bcf9a17fb3 Merge branch 'master' into node-4.2 2016-12-20 15:23:02 +00:00
Shane Kilkelly
ef0a5801d5 Create a RedisWrapper, and use it for rate limiting. 2016-12-19 12:17:02 +00:00
Henry Oswald
d87067bc2f Merge branch 'announcments' 2016-11-15 10:38:01 +00:00
Henry Oswald
47ed17aab3 remove unneeded package and comma in jade 2016-11-14 10:50:49 +00:00
Henry Oswald
5a13ee1077 use anlaytis api
- don’t talk to postgres
- show recent blog post announcments
- proxy all events to analytics api
2016-11-11 17:03:09 +00:00
Shane Kilkelly
8726a8fb4d Add passport-saml dependency 2016-11-11 09:09:00 +00:00
Shane Kilkelly
bfa0e7cf89 WIP: start moving web sessions to cluster 2016-11-08 15:32:36 +00:00
Shane Kilkelly
9cb3d8c4b8 Enable hook from module into passport init. 2016-11-01 14:06:54 +00:00
James Allen
49fecc9ef4 Use v1.6.0 of metrics 2016-10-24 10:51:20 +01:00
Henry Oswald
7b83a941ee Merge branch 'master' into node-4.2 2016-10-19 13:04:26 +01:00
Shane Kilkelly
e4f4325150 Basic passport integration 2016-09-02 16:17:37 +01:00
James Allen
93cd511211 Send events to custom DB backend 2016-08-10 16:42:56 +01:00
Henry Oswald
23cb6a9419 Merge branch 'master' into node-4.2 2016-07-28 13:54:06 +01:00
Paulo Reis
8eae4e4044 Revert "Use custom shrinkwrap to ignore the translations package."
This reverts commit 25a8a7cd9a59f738277ce893318c69db539384d6.
2016-07-12 13:42:46 +01:00
Paulo Reis
112a64ce84 Use custom shrinkwrap to ignore the translations package. 2016-07-12 13:37:26 +01:00
Henry Oswald
a9f3a29b72 moved translations to dev dependency so its not included in shrinkwrap. 2016-07-12 10:17:58 +01:00
Henry Oswald
85936a1391 moved css min to exec, import was not working via grunt 2016-07-10 11:04:51 +01:00
Henry Oswald
7cb266d904 removed imagemin 2016-06-30 14:59:05 +01:00
Brian Gough
afc89d8d27 added missing package grunt-execute 2016-06-28 10:42:36 +01:00
Henry Oswald
d35a48e683 minfiy css as well 2016-06-18 21:49:32 +01:00
Henry Oswald
1d26be30a9 added grunt imagemin used to compress images 2016-06-18 16:50:56 +01:00
Henry Oswald
560b7f7177 grunt will auto recompile client and less now, run concurrently 2016-06-15 12:08:11 +01:00
Henry Oswald
79929eae73 Merge branch 'clsichecks' 2016-06-06 14:34:22 +01:00
Henry Oswald
2339cda318 added contentful uni pages as fallback 2016-06-06 09:28:53 +01:00
Henry Oswald
bc59b15bd8 mark grunt at 0.4.1. in package.json 2016-06-02 15:24:10 +01:00
Henry Oswald
1dd4ea176a Merge branch 'master' into node-4.2 2016-06-02 15:20:57 +01:00
Henry Oswald
734b5613a5 fix package.json 2016-06-02 15:20:18 +01:00
Henry Oswald
8529cb50b6 rolled back underscore and added lodash in 2016-06-02 13:18:07 +01:00
Henry Oswald
66ad587c9c bump underscore to 1.8.3 2016-06-01 16:46:11 +01:00
Henry Oswald
2abebd850c Merge branch 'project_url_query' into clsi-dynamic-load 2016-05-19 13:08:20 +01:00
Shane Kilkelly
30a778c8e8 add temp module 2016-05-13 13:30:00 +01:00
Henry Oswald
b37595acf9 persist cookie in redis for compiles. 2016-04-19 16:48:51 +01:00
Henrique Dias
38c8eb868a Update package.json 2016-04-06 11:30:26 -03:00
Henry Oswald
bd54218cc9 added grunt as depenency 2016-04-05 14:17:36 +01:00
Henry Oswald
1a651b38f4 added sendgrid as email option 2016-03-29 14:15:33 +01:00
Henry Oswald
f4cbcc22ba Merge branch 'master' into node-4.2 2016-03-14 16:20:39 +00:00
James Allen
e1fa77dd72 Add beginnings of acceptance tests 2016-03-08 15:59:04 +00:00
Henry Oswald
05bf048885 upgrade to nodemailer 2.0 and dynamically use either SES or SMTP depending
on what is in settings file
2016-02-12 17:13:45 +00:00
Brian Gough
5316451f90 update logger-sharelatex to v1.3.1 to improve sentry logging 2016-01-26 16:53:54 +00:00
Brian Gough
d3971e4d4f upgrade logger-sharelatex to v1.3.0 to fix sentry reporting bugs 2016-01-08 14:19:40 +00:00
Brian Gough
91a047ea7a added sentry error reporting 2015-12-08 12:16:00 +00:00
James Allen
50112a59d4 Monitor memory usage and do periodic GC 2015-12-03 10:52:06 +00:00
Henry Oswald
1d0228ce0c updated packages to work with node 4.2
still needs a deep test
2015-12-01 21:28:35 +00:00
Henry Oswald
9383977ca5 remove socket.io as a dependency 2015-12-01 21:18:00 +00:00
Henry Oswald
69734c20c0 added heapdump endpoint 2015-11-30 16:16:16 +00:00
Henry Oswald
49e6f4db87 set NODE_TLS_REJECT_UNAUTHORIZED to 0 for testing
allows us to talk to staging sixpack
2015-11-12 12:38:35 +00:00
Henry Oswald
377cc11c3b added sixpack to server side 2015-11-12 09:29:44 +00:00
Henry Oswald
f5162d424f if a user is inactive for 12 hours disconect them. 2015-10-14 14:28:24 +01:00
Henry Oswald
e593b3f717 append string to ide.js min which we can use for testing via status cake 2015-10-09 10:11:38 +01:00
Henry Oswald
011f628de8 lock down translations version 2015-09-17 10:26:29 +01:00
Brian Gough
a25373d53e update metric-sharelatex to v1.2.0 for mongodb-core support 2015-08-06 09:44:47 +01:00
Brian Gough
2bc003894b use latest version of metrics with commit id until ready to tag 2015-08-02 15:55:26 +01:00
Brian Gough
c5cc639bff upgrade mongoose from 3.8.28 to 4.1.0 2015-08-02 15:24:17 +01:00
Henry Oswald
56346ad88c remove analytics router and fixed bad package.json 2015-07-01 15:48:23 +01:00
Henry Oswald
665bdcf538 v1 of express4 conversion 2015-07-01 15:17:43 +01:00
Brian Gough
893de9d8ac updated metrics package version 2015-06-23 13:54:05 +01:00
Henry Oswald
2ec925b45e fairy removed from web, makes http request to tpds worker now 2015-06-22 22:33:04 +01:00
Henry Oswald
706c1824f0 changed package.json to use our fairy fork 2015-06-18 15:43:42 +01:00
Henry Oswald
fc72ca601e update package.json 2015-06-09 10:19:24 +01:00
Henry Oswald
eeead86fba updated mongoose 2015-06-02 16:24:40 +01:00
Diego Giovane Pasqualin
7c6ed0ff77 Update bcrypt to 0.8.3
This new version compiles successfully on nodejs newer than 0.10.
2015-05-11 16:43:29 -03:00
James Allen
f82f5e5479 Release version 0.1.4 2015-03-20 19:08:48 +00:00
Brian Gough
5d788ca7c5 add grunt version target to report version to sentry
it writes the git commit id and Jenkins build number into the sentry
configuration
2015-03-17 16:59:17 +00:00
James Allen
0f69ee0f22 Add in proxy for /socket.io so that we don't need to faff with real-time service location 2015-03-09 14:09:09 +00:00
James Allen
c495e5c492 Release version 0.1.3 2015-02-26 11:48:42 +00:00
Henry Oswald
d112ad22a8 added ldapjs to package.json 2015-02-20 15:23:24 +00:00
James Allen
000f01fbeb Remove unneeded uid module 2015-02-17 11:21:50 +00:00
James Allen
8e13ded360 Regenerate the session id after logging in or registering 2015-02-13 11:18:17 +00:00
James Allen
18723c2e26 Bump version to 0.1.2 2015-02-10 14:05:51 +00:00
James Allen
2aa229d145 Add in profiling end point 2015-02-03 11:05:23 +00:00
Henry Oswald
ee83ed6e81 started using underscore.string to check domain emails 2015-02-02 11:15:04 +00:00
Henry Oswald
3360b3c35a added basic domain allocation feature 2015-01-27 18:09:56 +00:00
Henry Oswald
24b3226fcf bump redis version 2014-11-20 12:50:55 +00:00
Henry Oswald
851764f269 bump package.json 2014-11-20 11:10:22 +00:00
Henry Oswald
6c746d9aec added redis health check in 2014-11-19 23:18:20 +00:00