Adds a "Git Sync" section in the Integrations rail panel that lets
project owners configure an HTTPS remote URL (with embedded auth token)
and force-push all project files as a single commit.
Backend:
- GitSyncHandler: assembles project docs + binary files into a temp dir,
runs git init/commit/push --force, then cleans up
- GitSyncController: GET/POST /project/:id/git-sync (configure),
POST /project/:id/git-sync/push (trigger)
- Project model: gitRemote field
- Dockerfile: ensures git is present at runtime
- Env flag: OVERLEAF_ENABLE_GIT_SYNC=true (set in k8s manifest)
Frontend:
- GitSyncWidget: URL input + Save + Push Now buttons, success/error feedback
- Integrations panel: shows widget when gitSyncEnabled
- Rail: shows Integrations tab when gitSyncEnabled (was only gitBridgeEnabled)
- i18n: en + fr translations
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Pandoc was not installed in the base image, so the export buttons
(docx, markdown, html, typst) were hidden because ENABLE_PANDOC_CONVERSIONS
defaulted to false.
- Dockerfile-base: add pandoc via apt (Ubuntu Noble ships 3.1.3, which
supports --to typst added in pandoc 3.0)
- env.sh: set ENABLE_PANDOC_CONVERSIONS=true so both the web and CLSI
services expose and serve the export endpoints
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The LaTeX svg package converts .svg files to PDF at compile time by
shelling out to Inkscape (requires --shell-escape). Without Inkscape in
the image and the flag enabled, compilation fails with "Did you run the
export with Inkscape?".
- Dockerfile-base: add inkscape to the apt install block
- settings.js: expose OVERLEAF_LATEX_SHELL_ESCAPE env var → clsi.latexShellEscape
- LatexRunner.js: pass -shell-escape to latexmk when the setting is on
- deploy-verso-prod.yml: set OVERLEAF_LATEX_SHELL_ESCAPE=true (trusted-user instance)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
The default published-presentations folder resolved to the app dir
(/overleaf/services/web/data/published), which isn't writable by the runtime
user → EACCES on publish. Point it at the Overleaf data volume in the
production config (Path.join(DATA_DIR, 'published') = /var/lib/overleaf/data/
published), alongside compiles/output, where the app user can write (and which
persists when a volume is mounted). Overridable via PUBLISHED_PRESENTATIONS_PATH.
* Upgrade `aws-sdk` to v3
Also vendored nodemailer-ses-transport
* Moved default region to CE settings
* Ensure timeout is added to `requestHandler` and `region` is populated
* fix unsigned header in signed URL request
The x-amz-acl header is not needed when using the signed request,
as ACL are already defined when creating the signed URL in
PutObjectCommand constructor.
* Add default AWS region for latexqc service
* remove unnecessary region in compose files
* Use AWS_REGION=us-west-2 for history-v1
* prevent retries uploading streams with PutObjectCommand
* Remove AWS SDK JS message suppression
GitOrigin-RevId: 6fda6f02160023ffed76143397bbd965f86a9509
* [history-v1] use String.padStart instead of lodash.padStart
* [web] download binary files in clsi from filestore via new endpoints
* [server-ce] tests: Cypress.env() is parsing boolean values
* [server-ce] tests: run history migration as root
GitOrigin-RevId: bdf6c0e542531ccc4b3f13d2ed68ca0d31e580e9
* [web] change status page URL to HTTPS everywhere
Also open all links to the status page or admin email in a new tab.
* [server-ce] explicit protocol matching
Co-authored-by: Brian Gough <brian.gough@overleaf.com>
---------
Co-authored-by: Brian Gough <brian.gough@overleaf.com>
GitOrigin-RevId: d7d12eef4efc737c5d70fc969c862acae9faf14c
* [history-v1] add readOnly lookup for raw chunks
Co-authored-by: Eric Mc Sween <eric.mcsween@overleaf.com>
* [history-v1] reduce min poolsize for readOnly pool to 0
Co-authored-by: Brian Gough <brian.gough@overleaf.com>
---------
Co-authored-by: Eric Mc Sween <eric.mcsween@overleaf.com>
Co-authored-by: Brian Gough <brian.gough@overleaf.com>
GitOrigin-RevId: a711c4ee4f3ea3775bd090e620d1ef52689fa1f4