The default published-presentations folder resolved to the app dir
(/overleaf/services/web/data/published), which isn't writable by the runtime
user → EACCES on publish. Point it at the Overleaf data volume in the
production config (Path.join(DATA_DIR, 'published') = /var/lib/overleaf/data/
published), alongside compiles/output, where the app user can write (and which
persists when a volume is mounted). Overridable via PUBLISHED_PRESENTATIONS_PATH.
Reverts the heavy multi-collection texlive install back toward the
original upstream-Overleaf approach: install-tl with scheme-basic
(~300 MB) plus latexmk and texcount via tlmgr, no docfiles/srcfiles.
This restores the fast, small base image we had before LaTeX support
was added in full.
Tradeoff: documents needing tikz/beamer/siunitx/extra fonts won't
compile out of the box for now — those should stay in Quarto/Typst
until the project is mature enough to justify a full TeX Live.
Made deliberately easy to reverse: a header comment documents that
switching scheme-basic -> scheme-full (one line) restores the complete
toolchain, or individual packages can be appended to the tlmgr list.
Uses TEXDIR=/usr/local/texlive (unversioned) so PATH stays stable
across TeX Live releases.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The previous install expanded texlive-full (minus -doc/-lang-), pulling in
essentially every CTAN package plus inkscape's large GTK GUI tree — ~20 min
and several GB. Replace it with a curated set of meta-packages that covers
the vast majority of documents: latex base/recommended/extra, recommended
fonts, plain-generic, science (math/physics), xetex, luatex, bibtex-extra,
extra-utils (texcount), plus latexmk/biber/chktex/pygments.
Smaller and faster to build. Documents needing an omitted package can have
the relevant texlive-* collection added back. Drops inkscape (only used for
auto SVG->PDF conversion) to avoid its heavy GUI dependency chain.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
The base image build failed with "E: Unable to locate package texcount".
texcount ships inside texlive-extra-utils, not as its own apt package.
Replace the bogus texcount entry with texlive-extra-utils (which provides
both texcount and latexmk). latexmk is kept explicit for clarity.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Both limits that gate uploads are bumped in tandem so they don't conflict:
- settings.defaults.js maxUploadSize: 50 MB → 500 MB (app-level check)
- nginx.conf.template client_max_body_size: 50m → 500m (proxy body limit)
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Verso now compiles both .tex (latexmk) and .qmd (Quarto) projects,
dispatching by the root file's extension rather than replacing one with
the other. LaTeX and Quarto projects can coexist on the same server.
CompileManager: re-import LatexRunner and add a _getRunner() dispatcher
that returns a uniform {run, isRunning, kill} interface. .qmd/.md/.Rmd
→ QuartoRunner; everything else (.tex/.ltx/.Rtex/.Rnw) → LatexRunner.
stopCompile now checks/kills both runners since it has no root path.
compiler-setting.tsx: restore the LaTeX engine choices (pdfLaTeX, LaTeX,
XeLaTeX, LuaLaTeX) alongside Quarto. The dropdown still controls which
TeX engine latexmk uses; actual engine dispatch is by file extension.
Dockerfile-base: reinstall TeX Live alongside Quarto (texlive-full minus
-doc/-lang- packages, plus xetex/luatex/biber/latexmk/texcount/chktex/
synctex). Restore TEXMFVAR for a writable LuaTeX cache. This brings back
a large image, which is the accepted cost of full LaTeX+Quarto support.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
RevealJS presentations are served as (currently embed-resources) HTML that
went over the wire uncompressed, because gzip_types only listed text/plain.
This made the HTML preview slow to load for heavy decks.
Add text/html, text/css, application/javascript, application/json and
image/svg+xml to gzip_types so the text-based portion of the output is
compressed. Already-compressed formats (pdf, png/jpeg/webp, woff/woff2)
are intentionally excluded to avoid wasting CPU. Also set gzip_min_length
1024 so tiny responses aren't compressed needlessly.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Dockerfile-base: after Quarto is installed, run 'quarto add --no-prompt'
for a curated set of extensions into /opt/quarto-extensions/. Quarto
writes _extensions/<author>/<name>/ in the working dir, giving us a
clean shared store. Extensions included:
- igorlima/charged-ieee — IEEE paper format (Typst)
- quarto-ext/fontawesome — Font Awesome icons
- quarto-ext/attribution — attribution footer on RevealJS slides
- quarto-ext/pointer — laser pointer for presentations
- quarto-ext/drop — drop-down overlay for RevealJS
Adding more: one extra '&& quarto add --no-prompt <author>/<repo>' line.
QuartoRunner: before quarto render, merge /opt/quarto-extensions/_extensions/
into the compile dir's _extensions/ with 'cp -rn' (no-clobber). This
makes all pre-installed extensions available to every project without
any user action. Project-uploaded _extensions/ files take precedence
since cp -n never overwrites existing files.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
clsi-nginx.conf: the types{} block was overriding all nginx defaults,
leaving HTML/CSS/JS/fonts as application/octet-stream. Add the full
set of web MIME types so RevealJS assets are served correctly. Also
needed for X-Content-Type-Options: nosniff to pass.
CompileController.js: success was hardcoded to require output.pdf.
Also accept output.html so a RevealJS compile is reported as
'success' rather than 'failure'.
QuartoRunner.js: remove hardcoded --to typst --output output.pdf.
Instead run `quarto render` without --to/--output so the YAML
frontmatter decides the format (typst → PDF, revealjs → HTML, etc.).
Pass --embed-resources so HTML output is self-contained (flag is
silently ignored by the typst backend). After render, rename
main.pdf → output.pdf or main.html → output.html so the pipeline
finds the standard canonical filename.
output-files.ts: handleOutputFiles now falls back to output.html when
output.pdf is absent. Download URL uses outputFile.path instead of
the hardcoded 'output.pdf' string.
pdf-viewer.tsx: when pdfUrl contains output.html, bypass PDF.js
entirely and render a sandboxed iframe (allow-scripts for RevealJS
interactivity, allow-presentation for fullscreen).
Usage: set `format: revealjs` in the .qmd YAML frontmatter to get
an HTML presentation preview; set `format: typst` for PDF.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Quarto resolves its cache dir as $HOME/.cache/quarto. The process runs
as www-data (home=/var/www) but that directory is root-owned, so Quarto
crashed immediately with PermissionDenied on mkdir. Pre-create the cache
dir and chown it to www-data at image build time.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Dockerfile-base: remove TeX Live (no longer needed), install Quarto
1.6.39 which bundles Typst for PDF output. This was the root cause
of all compile failures — the server-ce monolith never had Quarto.
QuartoRunner: run quarto via /bin/sh so stderr is merged into stdout
with 2>&1; write combined output to output.log (not output.stdout)
so the PDF-preview log panel picks it up and shows raw output.
Also write the log on error so failures are always visible.
CompileManager: guard DraftModeManager behind an isLatexFile check —
injecting LaTeX preamble commands into a .qmd file corrupts it and
causes a guaranteed compile failure when draft mode is requested.
ProjectCreationHandler + mainbasic.qmd: new projects now create
main.qmd with a minimal Quarto/Typst frontmatter instead of the
LaTeX main.tex; _createRootDoc names the file main.qmd accordingly.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Some non-production dependencies were bundled in the CE and SP images:
- `lint` was pulled as production dependency by `eslint-plugin`. Moving to peer-dependency, which is the usual strategy, addresses the issue.
- Yarn cache wasn't purged. By adding `/usr/local/share/.cache/yarn` to the mounts we ensure it's also cleaned.
GitOrigin-RevId: f328592c8f8de7193295839578e239a975fe30aa
The init script chowns all subdirectories but not the mount point
itself. When the host volume is owned by a non-www-data user with
restrictive permissions (e.g. 770), the web process cannot traverse
the directory and crashes with EACCES, causing a 502.
Fixes#1325 and #1465
COPYBARA_INTEGRATE_REVIEW=https://github.com/overleaf/overleaf/pull/1475 from ev-not-eve:patch-1 269a80500f
Co-authored-by: Evelyn <evansvevelyn@gmail.com>
GitOrigin-RevId: 959051861246c9f3958e56861821b92d84167926
* [monorepo] avoid corepack network requests
- Download yarn via corepack as the first step in all the docker files
- Turn off networking in corepack
- Do not run things in the upstream node image
Instead, use the monorepo image, or base layer in all the services.
- Always build the base layer when running tests (uses cache)
* [monorepo] install corepack in shared place
* [clsi-lb] remove unrelated changes
* [web] add missing DC_RUN_FLAGS
* [monorepo] only rebuild test images locally
Also remove spurious build config in docker-compose.ci.yml.
* [server-ce] test: make yarn files available to host-admin and e2e
* [monorepo] put the corepack install snippet in a few more places
GitOrigin-RevId: 38005016ae5a708e12295e246269d6c18fece937
Migrates the Overleaf monorepo package manager from npm (v11) to Yarn 4 (v4.9.1) using node-modules linker mode.
GitOrigin-RevId: 50d32ab01955c15e29679eff9e9e9cfb897fab2d
* [monorepo] move building of nginx proxy into Makefile
* [v1] add fake-secrets.env
* [github] add copilot-setup-steps.yml workflow
* [make] debug permissions
* [monorepo] use the host uid/gid for monorepo service
* [web] populate DOCKER_USER for test_frontend_ct
* [github] run npm install outside docker in Copilot sandbox
* [monorepo] add comment for building nginx-proxy image locally
* [monorepo] change uid/gid of node user in cypress image
* [monorepo] low-level rewrite of passwd and groups to match host user
GitOrigin-RevId: d74a5801f0318bab7e7f460374255426706002a3
* [monorepo] switch all output file reads to clsi-nginx
* [clsi-lb] allow gallery download requests
* [terraform] clsi: use nginx.conf from clsi service
* [clsi] fix flakey tests
* [clsi] replace alias with rewrite and root in nginx config
* [k8s] clsi-lb: expose download port on internal service
* [web] add explicit endpoint for downloading all output files
Serve the output.zip endpoint from clsi.
* [clsi] fix regex for latexqc submission ids
Previously, we only handled template submission ids.
GitOrigin-RevId: 6c3b21b01ec41ae767530b14aac31fbe3d640dd5
* [monorepo] enable caching for eslint/prettier/stylelint
* [monorepo] speed up prettier by swapping --list-different for --check
--list-different will print each file that it processes. We have a lot
of files in the monorepo. Using --check only prints mismatching files.
Co-authored-by: Rebeka <rebeka.dekany@overleaf.com>
* [monorepo] explicitly configure prettier cache-location
This is the default location. Prettier will only discover that location
if the top level node_modules folder is writable, which is not the case
in CI. We create the .cache folder outside of docker, writable to node
inside docker.
The proper fix would be in prettier, to only check for write access in
the cache folder. Something to raise/upstream another day.
* [monorepo] run top-level format/format_fix in a single container
With the cache in place, it is much faster to use a single container.
As there is a single shared cache file, concurrent processes may see a
partially (re-)written cache file and bail out.
- all in a single container: 24s
- previous with -j4: 41s
- previous with -j8: failed due to corrupted cache file
---------
Co-authored-by: Rebeka <rebeka.dekany@overleaf.com>
GitOrigin-RevId: 7850a3a980ae6c836393d97fe56a6316ffc3fa18
* Merge all .prettierignore files into top-level config
* Merge all .prettierrc files into top-level config
* Replace service-specific glob patterns in package.json format scripts with `prettier .`
* Add template files with Jinja2, Go template, envsubst, and Handlebars syntax to .prettierignore
* Ignore GitHub templates
* Ignore PUG templates to format them separately with `format:pug`
* Encourage double quotes for YAML, YML files
* Move prettier for PUG source format script to the root
* Move prettier for styles source format script to the root
* Remove prettier for jenkins files from web
* Remove prettier source format script from all services
* Make .prettierrc more readable
* Update format scripts by file type
* Organise `.prettierignore`
* Add `--cache` flag to prettier scripts for faster runs
* Format all files with prettier
* Format all or format services
* Remove `format`/`format:fix` scripts from services since now it runs from root `package.json`
* Avoid conlficts with yamllint configuration
* Remove `--cache` flag from prettier scripts
* Update all service Makefiles to use root-level prettier configuration
* Update all Jenkinsfile to use root-level prettier configuration
* Ignore auto-generated files by build_scripts
* Update package-lock.json
* Update root Makefile format targets
* Update SP Jenkinsfile format target
* Update E2E Makefile format script
* Udpate `format_js` to work in both local and CI env
* Add docker-mailtrap to .prettierignore
docker-mailtrap is a third-party git-ignored directory used for testing
* Added Docker env detection to prevent nested Docker spawning
* Ignore handlebars templates
* Add cryptographic files and test output to `.prettierignore`
* Add terraform modules to `.gitignore`
* Remove prettier-plugin-groovy
* Use npx directly instead of Docker for local formatting for faster formatting
* Auto-generate Makefiles
* Revert "Remove prettier-plugin-groovy"
This reverts commit 194a33589a2e1e4d2225d10c67e9f025e4222025.
* Mount monorepo root in RUN_LINT_FORMAT for prettier config access
* Prettier ignores all `node_modules` by default regardless of location
* Show only changed files in format output
* Ignore LICENSE files
* Enable prettier on rendered build_scripts outputs
* Ignoring all the template folders by prettier
* Remove the public/minjs entry since it does not exist
* Remove all non-existent paths
* Sync `.prettierignore` with ignored files by `.gitignore` and `.dockerignore` files
* Revert "Auto-generate Makefiles"
This reverts commit c0233e490de1bc95fe437219d65e0b66e0331ec9.
* Revert "Use npx directly instead of Docker for local formatting for faster formatting"
This reverts commit 1d2b2cf1a6c6974c76885852a90dd55e84167e41.
* Ignore dashboard JSON files
* Ignore files generated by bin/update_build_scripts
* Remove unsupported file types from `.prettierignore`
* Ignore test fixture generated files
* Ignore README file types by prettier
* Ignore generate snapshots by prettier
* Allow to format generated bin/update_build_scripts by prettier
* Ensure build script outputs prettier-compatible tsconfig.json
* Fix build script output to match prettier formatting
- Fix Jinja2 whitespace in docker-compose templates
- Change YAML quotes from single to double
* Don't read cryptographic files by prettier
* Ignore google verification files by prettier
* Revert npx prettier formatting
* Ignore domain verification files
* Show only changed files in format output
* Make `.github` prettier
* Allow all files to be formatted in jobs by prettier
* Allow server-ce/server-pro files to be formatted by prettier
* Ignore more folders in clsi, filestory, git-bridge by prettier
* Update build script with `RUN_LINTING_CI_MONOREPO`
* Ignore docker-mailtrap and downloads in server-ce by prettier
* Restore prettier configs and prettierignore for V1 since it has its own prettier (an older version)
* Source format
GitOrigin-RevId: 637adc3cc422d1f20c86d6ebc8ec514d60758287
* [monorepo] also cycle ssl_proxy to avoid hitting circuit break in nginx
* [e2e] use plain pdf.js for extracting PDF text
* [monorepo] manually download canvas binding for MacOS
GitOrigin-RevId: dbadbbaa0e121953c06ab4be9241bf361997865e
claude
alois