Users can now select their UI language directly without relying on
subdomain routing (fr.verso.alocoq.fr etc.).
Resolution order: (1) verso-lang cookie, (2) subdomain host header,
(3) OVERLEAF_SITE_LANGUAGE default — fully backward compatible.
Changes:
- Translations.mjs: read verso-lang cookie in middleware; include all
bundled locale files in availableLanguageCodes regardless of subdomain
config so every loaded locale appears in the picker
- User.mjs: add languageCode field to persist preference per user
- UserController.mjs: setLanguage handler — sets cookie (1 year) and
writes languageCode to DB when called by a logged-in user
- AuthenticationController.mjs: on login, sync DB languageCode to cookie
so preference follows the user to any new browser/device after login
- ExpressLocals.mjs: expose availableLanguages to all Pug templates
- router.mjs: GET /set-language?lng=<code> (anonymous + logged-in),
POST /user/language (logged-in, REST-style)
- language-picker.pug: replace subdomain href links with /set-language
redirect links; iterate availableLanguages instead of subdomainLang
- thin-footer.pug: show picker whenever availableLanguages.length > 1,
not only when multiple subdomains are configured
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
- Fix wrong import path '../models/Project.mjs' → '../../models/Project.mjs'
(from Features/Compile/, '..' is Features/, not src/; the server would
crash on startup with ERR_MODULE_NOT_FOUND in Node.js ESM)
- Log MongoDB errors instead of silently swallowing them
- Remove null from Mongoose String enum (not a valid enum value for strings)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Add a quartoFlavor field ('revealjs' | 'pdf') to the Project model.
After each successful Quarto compile, CompileController detects the output
type (output.html → revealjs, otherwise pdf) and persists it.
ProjectListController includes it in the projection and serialization so
it reaches the frontend without an extra round-trip.
Badge variants:
- quartoFlavor unset (new/uncompiled) → "Quarto PDF" #447099
- quartoFlavor 'pdf' → "Quarto PDF" #447099 (Quarto blue)
- quartoFlavor 'revealjs' → "Quarto Slides" #7e56c2 (purple)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
* Allow admin access to user PATs
* Tests for new screen in admin panel
* Adding error for invalid token and way to parse error for OAuth 2
* Git bridge handles expired PAT
* Script for alerting on close to expiry and expired git tokens
* Refactoring and simplifying
* Updating email templates to match agreed docs
* tweak to email subject to include Overleaf
* Allowing dry run in scripts and general tidy up
* removing redundant tests and dry running script
* Fixing CI errors
* Adding new tab to admin test expectation
* Address PR feedback on oauth2-server changes
- Replace ad-hoc overleafErrorCode prop with a TokenExpiredError subclass
- Collapse listTokens/listTokensForAdmin into a single hook
Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
* Adding cron definitions for alerting on expiring git pat
---------
Co-authored-by: Claude Opus 4.7 <noreply@anthropic.com>
GitOrigin-RevId: 69b9fd901a201592a580c69abe7bd7d603e85d3a
Adds a project-members-only link tier and independent link rotation.
- Three tokens per project instead of two: publicToken (anyone), loginToken
(any logged-in user), memberToken (only users who can read the project).
serve() resolves the token to its tier and enforces accordingly — 'member'
requires AuthorizationManager.canUserReadProject.
- New POST /project/:id/publish-presentation/regenerate { tier } rotates a
single tier's token (invalidating only that old link), leaving the snapshot
and the other links intact.
- Share dialog now shows three links (members / logged-in / anyone), each with
its own Copy and Reset buttons; Publish refreshes, Unpublish removes all.
Preview button opens the logged-in-users link.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Replace the single token + visibility toggle with two stable tokens per project
pointing at the same snapshot:
- publicToken → anyone with the link
- privateToken → any logged-in Verso user
This fixes both reported issues: changing visibility no longer mutates a link
(there's no toggle — both links always exist), and a public link can never
become private by accident. It also fixes public links redirecting to login:
access is now decided purely by which token was used (public token = open),
not a per-record flag.
- Model: storageId (snapshot dir) + publicToken + privateToken; drop token/
visibility.
- Manager.publish: mints both tokens once and reuses them on re-publish; serve
resolves a token to its record and treats the public token as open.
- Controller: returns { publicUrl, privateUrl }.
- Share dialog: shows the private and public links side by side, each with its
own copy button; Publish refreshes, Unpublish removes. Preview button opens
the private link.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Adds the engine + API for publishing a project's compiled HTML/RevealJS deck as
a stable, standalone snapshot served at /p/:token, independent of the editor.
- PublishedPresentation model: one per project { token, visibility, buildId },
re-publishing keeps the same token so shared links stay stable.
- Manager.publish: compiles the project, then copies the HTML deck + its _files
assets + referenced media (now included thanks to the OutputFileFinder fix)
into a persistent snapshot dir (Settings.path.publishedPresentationsFolder,
override with PUBLISHED_PRESENTATIONS_PATH). Logs/aux are excluded.
- Routes: GET/POST/DELETE /project/:id/publish-presentation (owner/reader) for
status/publish/unpublish; public GET /p/:token(/*) serves the deck full-page.
Visibility is enforced in the handler: 'public' = anonymous, 'private' = any
logged-in Verso user. CSP is dropped on these responses so reveal.js renders.
Frontend entry points (share-modal section + top-right Preview button) follow.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
* Migrating reference settings to mongo and exposing them through code mirror context
* removing undefined optional for reference manager type settings
* allowing partial updates to user settings objects, and remove repeated cypress intercepts
* Zod schema parsing for user reference manager settings
* Splitting ref provider mongoose schema into const
* Persisting local storage reference settings to mongo and deleting from local
* Enforcing ref provider group id to always be type string
* Fixing test and format errors
* Migrated flag for settings to only migrate once
* fixing cypress tests adding migrated flag
* persisting local storage to allow for easy rollback
GitOrigin-RevId: f59522bdee6f0e56efb7d98b9d9373a743619ec8
Updates the filters to support different subscription cohorts: group plans, professional plans, etc.
GitOrigin-RevId: cc9ef4a2460942baa449fe7e6b8c14a88ae2f92f
* feat: remove old assist split test
* feat: moving featue rate limiters to main shared directory for use in multiple modules
* feat: base workbench rate limiter on a token specific base class
* feat: rename aiErrorAssistRateLimiter to AiFeatureUsageRateLimiter to better reflect its for our shared ai usage quota
GitOrigin-RevId: 89464d115b5904f6274756a7169e2b35945e2fc9
Update the toggle behaviour to target all group subscription users,
regardless of whether they are in Recurly or Stripe.
GitOrigin-RevId: a3e72d93e440a8941472f868e387a654b8908d1f
* feat: migrate from aiErrorAssist naming for disabling AI features to aiFeatures.enabled to avoid confusion
feat: keep aiErrorAssistant as setting on user object until migration is run
* feat: migrate writefull.enabled unset to instead use promotionSet false
* feat: updating to use quota based system for AI usage
* feat: hide relevant sections of quota system behind split test
* feat: ship onAiFreeTrial instead of free quota amount to project meta
* fix: renaming splitTestEnabledForUser to featureFlagEnabledForUser
* fix: v1_personal should have free trial amount of ai quota
* fix: onAiFreeTrial in projectController should account for anonymous users with no features
* feat: fixing marketing exports for ai quotas
* feat: update features epoch
* feat: move to quota tiers, and map tier to numeric allowance within rateLimiters
GitOrigin-RevId: 17763447965aae5777053b783d2601517bfe6b12
* feat: migrate from aiErrorAssist naming for disabling AI features to aiFeatures.enabled to avoid confusion
feat: keep aiErrorAssistant as setting on user object until migration is run
* feat: migrate writefull.enabled unset to instead use promotionSet false
* feat: remove wf.enabled in favor for aiFeatures.enabled for display, and writefull.promotionSet for determining if we should autoload or autocreate
GitOrigin-RevId: 2b7a5b8a430a804f6c9804cc926cb5c057e34df5
* feat: migrate from aiErrorAssist naming for disabling AI features to aiFeatures.enabled to avoid confusion
feat: keep aiErrorAssistant as setting on user object until migration is run
* feat: migrate writefull.enabled unset to instead use promotionSet false
* Update tools/migrations/20260213102825_swap_writefull_enabled_for_initialized.mjs
Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
* feat: addind backfill of ai features as a migration as well to help with dev environment setup
---------
Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: fd3f0fc07c91678cd7fd1e0d5237221694b3027b
* [monorepo] record ERROR/FATAL log messages in junit report
* [web] put SaaS specific code behind feature flag
* [web] use split test cache for getting user assignments
The unit tests needed updating as they did not replicate any of the
mongo filtering. The acceptance tests cover this logic.
* [web] make better use of existing indexes
* [web] avoid col-scan in tests of notifications module
* [web] remove cleanup of empty feedbacks collection
* [web] add assertion for reason of rejected request in launchpad test
* [web] add missing indexes
* [web] enable mongo notablescan
* [web] make emailNotifications tests compatible with notablescan
GitOrigin-RevId: b888f2feeb3a0e915f068ae1c4ea23ec17821221