[web] Throw instance of `SAMLAuthenticationError` when missing session data and show error message
GitOrigin-RevId: e64ec571a127367a27eb032bd4a22c90124e8b0f
* feat: migrate from aiErrorAssist naming for disabling AI features to aiFeatures.enabled to avoid confusion
feat: keep aiErrorAssistant as setting on user object until migration is run
* feat: migrate writefull.enabled unset to instead use promotionSet false
* feat: remove wf.enabled in favor for aiFeatures.enabled for display, and writefull.promotionSet for determining if we should autoload or autocreate
GitOrigin-RevId: 2b7a5b8a430a804f6c9804cc926cb5c057e34df5
* Remove legacy notification cookies
* Remove CIAM notification message from login page
* Remove e2e test "it can dismiss the login notification"
* Clarify comment about removing legacy notification dismiss cookies
GitOrigin-RevId: 33fdc02a397c0f4be491f030ab58fd8954276048
* [web] validate and parse email using EmailHelper when ratelimiting
* [web] use a fake email for rate-limiting ldap logins in Server Pro
GitOrigin-RevId: 27ea7724319e06c4d64ac81e1155dcab558da99c
11 years ago, the db.projects collection was storing doc lines in the
file-tree/rootFolder. Any operations on the project that did not need
those lines were benefitting from excluding all those entries from the
file-tree. These days, the verbose exclusions are not useful anymore and
merely add load on mongo.
REF: 9805c6a9ff
GitOrigin-RevId: 89f544688934c1ed1ca98877ffbe8baefe66c126
* feat: migrate from aiErrorAssist naming for disabling AI features to aiFeatures.enabled to avoid confusion
feat: keep aiErrorAssistant as setting on user object until migration is run
* feat: migrate writefull.enabled unset to instead use promotionSet false
* Update tools/migrations/20260213102825_swap_writefull_enabled_for_initialized.mjs
Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
* feat: addind backfill of ai features as a migration as well to help with dev environment setup
---------
Co-authored-by: Mathias Jakobsen <mathias.jakobsen@overleaf.com>
GitOrigin-RevId: fd3f0fc07c91678cd7fd1e0d5237221694b3027b
* [monorepo] remove PII and variables from error messages
Exclusions:
- scripts
- tests
- fuzzing
- SplitTestManager (messages are sent to admin frontend)
- Group setup (we may want an error per unique tuple)
- sharejs (unused types; text type errors are shadowed already)
- history-v1 error messages that are used by the ErrorRecorder
- errors that flag issues with configuration/call signatures
I've used these search terms for finding unwanted error messages:
- new Error(`
- new Error\(\n\s+` (regex search)
- new OError(`
- new OError\(\n\s+` (regex search)
* [web] throw NotFoundError from ProjectLocator
* [github-sync] fix OError.tag call in script
Co-authored-by: Jessica Lawshe <jessica.lawshe@overleaf.com>
* [templates] revert changes to test client
---------
Co-authored-by: Jessica Lawshe <jessica.lawshe@overleaf.com>
GitOrigin-RevId: 736857a4fc5d9bfb0f8cb03e0f004eda87e5a220
* [web] Project collaboration events for Group Audit Logs
* Using `role` instead of `privileges` for `(send|revoke)-invite` audit log
GitOrigin-RevId: 88961afcc0580243ba9c8ab661b8fc1ca127775e
* Fix duplicate permission checks for same user
Deduplicate user list in checkUserListPermissions before running expensive checks.
Handles ObjectId vs string comparison by converting to string.
Adds tests to verify deduplication works correctly.
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: thomas- <2176518+thomas-@users.noreply.github.com>
GitOrigin-RevId: 96eede1cbeb18b807deaca7d4c370aef5c48c4bc
* [monorepo] fix downloads from non-sharded clsi-cache
* [web] check some compile from cache options server-side
* [web] integrate clsi-cache into download pdf from project dashboard
* [web] remove frontend tests for server-side validation
* [web] remove unused fetch mock
* [web] use helper that adds polyfill for AbortSignal.any()
* [web] upgrade fetch-mock to fix leaking AbortSignal
* [web] do not add an extra timeout to clsi-cache request
The web backend service has a low timeout already.
GitOrigin-RevId: a90984b92f5d4f24005db5a09f2c5d2424436886