alois/Verso
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
27,970 Commits 6 Branches 11 Tags
eb9d586bdb351203c040589727c2f9c6ba1fc190
Commit Graph

27970 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Malik Glossop eb9d586bdb Merge pull request #32968 from overleaf/worktree-labs-feature-preview 
Add labs preview modal to editor

GitOrigin-RevId: 0df33135febc8e94129bcdfdfb5c4981326dfab0
 2026-05-25 08:05:28 +00:00
Alf Eaton 24ba0b86b1 Set npmMinimalAgeGate in yarnrc (#33639) 
GitOrigin-RevId: 69745c2c5606ff90d7a2a8b904f850007082b84a
 2026-05-25 08:05:24 +00:00
Lucie Germain ae00bcbeca [Security Upgrade]: pin @xmldom/xmldom to 0.8.13 (#33373) 
Adds a resolution in root package.json to force all consumers to
@xmldom/xmldom@0.8.13, fixing GHSA-wh4c-j3r5-mjhp, GHSA-j759-j44w-7fr8,
GHSA-x6wf-f3px-wcqx, GHSA-f6ww-3ggp-fr8h, and GHSA-2v35-w6hq-6mfw.

The vulnerable 0.7.13 entry in yarn.lock is replaced by 0.8.13
(minimum safe version across all five advisories).

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
GitOrigin-RevId: e1a301e3a1d637894284f35238ca0e8c23534276
 2026-05-25 08:05:19 +00:00
Lucie Germain 6fa708982b Pin argparse/underscore to 1.13.8 via yarn resolution (#33364) 
Fixes GHSA-cf4h-3jhx-xvhq (critical, arbitrary code execution) and
GHSA-qpx9-hpmf-5gmw (high, DoS via _.flatten/_.isEqual).

Vulnerable underscore@1.7.0 came from js-yaml@2.1.3 → argparse@0.1.16.
All other instances were already ≥1.13.8.

GitOrigin-RevId: b2ab4bc2682e19709694b7dd686134a439ade90c
 2026-05-22 08:06:48 +00:00
Kate Crichton afaef6a1ef Merge pull request #33499 from overleaf/kc-update-add-domain-modal-ux 
[web] update domain verification modal ux

GitOrigin-RevId: e7abcb569e8c956e8f22f09c90dd8e9998fc6255
 2026-05-22 08:06:30 +00:00
Domagoj Kriskovic bf1dd6986f Record project notification timestamp in Redis on applyUpdate (reverted) (#30814) 
* Revert "Revert "Record project notification timestamp in Redis on applyUpdate (#29509)""

This reverts commit 31c88ee836fb5e1ab3950da590c28e24b1397edb.

GitOrigin-RevId: fc012324f6035156585fab468aca72b900a9710b
 2026-05-22 08:06:26 +00:00
Miguel Serrano 496f110465 [CE] Update phusion image version to 1.0.3 (#33885) 
GitOrigin-RevId: cc707258e145849f3bc1ddb6b44f7eca8c904d74
 2026-05-22 08:06:15 +00:00
Mathias Jakobsen fc3dbc1aad Merge pull request #33883 from overleaf/mj-command-palette-border 
[web] Tweak border color of command palette

GitOrigin-RevId: 7b37b9c8503402da62e2fd2b334f28dc14760b75
 2026-05-22 08:06:11 +00:00
Kristina 88eb599d4e [document-updater] increase scanStream COUNT for project notifications (#33833) 
* increase scanStream COUNT for project notifications
* fix Bull queue.add delay option being ignored
* parse timestamp to number before adding to notification queue
* fix outdated comments in project_notifications script

GitOrigin-RevId: 98bb638228550b2f6f2de90280a06c47e022cf96
 2026-05-22 08:06:03 +00:00
ilkin-overleaf 192fd7c28c Merge pull request #33542 from overleaf/ii-dropdown-flicker 
Fix dropdown menu flicker on open

GitOrigin-RevId: ddf826b30fcac3322d86067e5950731e7dc1a2d4
 2026-05-22 08:05:59 +00:00
Domagoj Kriskovic 803ba735ca Show toast when Python script saves output files to project 
GitOrigin-RevId: 9ca5201645953f86c3ac8e83f545dfbcdac2b35c
 2026-05-22 08:05:55 +00:00
Olzhas Askar 014ac37704 Merge pull request #33814 from overleaf/oa-adjust-tooltip 
[web] Adjust tooltip

GitOrigin-RevId: a180fb9872c9fc85b5ea7e3821e8e8c8393bab9d
 2026-05-22 08:05:50 +00:00
Olzhas Askar 793d5c79fb Merge pull request #33775 from overleaf/oa-remove-addon-section 
[web] Remove Add-ons section

GitOrigin-RevId: 82009dd6aeb3588f46cabacdb7313c01f3afc27e
 2026-05-22 08:05:46 +00:00
Mathias Jakobsen 9d79cc89ec Merge pull request #33855 from overleaf/mj-command-palette-tweaks 
[web] command palette tweaks

GitOrigin-RevId: 454d6916043d3317e60302379bcf9707fb8d4dcb
 2026-05-21 08:07:12 +00:00
Mathias Jakobsen eddec90cb1 Merge pull request #33649 from overleaf/mj-command-palette 
[web] Add command palette

GitOrigin-RevId: 5bf1903836810ca5f0e2bc7f6c00a4b1da797ea2
 2026-05-21 08:07:04 +00:00
Simon Gardner 5cfd7b6c6a [migration] re-use paypal methods if billing agreement ids match (#33720) 
GitOrigin-RevId: 4a324c1cdde84dabf620a2616a0aa27242cf041e
 2026-05-21 08:06:38 +00:00
Olzhas Askar bb0dc07d22 Merge pull request #33741 from overleaf/lg-sanitize-html-upgrade 
[Security upgrade] Upgrade sanitize-html to 2.17.4 (GHSA-rpr9-rxv7-x643)

GitOrigin-RevId: 40a11361eac35d44a6fd7069e0d0d7c02a6628ec
 2026-05-21 08:06:33 +00:00
Miguel Serrano ad651a22fa Revert "[web] Add SVG support to file-view panel (#32155)" (#33832) 
This reverts commit e80c491a10db6f5757c568430e17d9cbb613c5b4.

GitOrigin-RevId: dbe0de698bc7349e5b8f9712d1d13998e41ab528
 2026-05-21 08:06:28 +00:00
Miguel Serrano 35681dd3b2 [web] Add SVG support to file-view panel (#32155) 
* [web] Add SVG support to file-view panel

Adds support by reading the content of the downloaded SVG, then creating a blob and rendering it as native HTML.

GitOrigin-RevId: e80c491a10db6f5757c568430e17d9cbb613c5b4
 2026-05-21 08:06:16 +00:00
Miguel Serrano f9c53fe147 [web] Added DEFAULT_LATEX_COMPILER env (#32455) 
This is mainly intended to be used in CE/Server Pro

GitOrigin-RevId: 277f9afca389a1e7b00db2d987129432fb1707b5
 2026-05-21 08:06:12 +00:00
Miguel Serrano 107189cd5f [web] Clear hardcoded password in external SP auth (#33597) 
registerExternalAuthAdmin() now generates a random password on admin registration.

A migration clears the password for existing installs only in CE/SP

GitOrigin-RevId: 94a82d35dc8cd46915c31fb24f477c19367025eb
 2026-05-21 08:06:07 +00:00
Simon Gardner 2233ac9b1d Harden shell quoting in CI pipeline definitions (#33789) 
GitOrigin-RevId: a21c02f632b1e357ba18a86378d796a0d93fa484
 2026-05-20 08:07:46 +00:00
Mathias Jakobsen 5d4f38e57a Merge pull request #33629 from overleaf/lg-fast-uri-resolution 
[Security upgrade] Pin fast-uri to 3.1.2 via resolutions (GHSA-q3j6-qgpj-74h6, GHSA-v39h-62p7-jpjc)

GitOrigin-RevId: 154e742e12cb68e8b1c8d5b88e1a188160746784
 2026-05-20 08:07:34 +00:00
Liam O'Brien b4a76fee6d [web] Implementing library search (#33604) 
* Initial working version of library search

draft fetch allowing optional search param

draft debounce search

draft search bar

draft using  for search

draft search params

draft data index creation

draft prefix-regex search

draft add fields only on search

draft index setup

draft search tests

draft search tests for extra params

draft using correct display value from bib entry for tokenization

* Library search handles diacritics

* Library styling and refreshing table data without
reloading table

* Updating mongo search query and creating migration
scripts for existing data

* Using Mongo query for sorting results

* Moving copied files into shared directory

* Addressing review comments

* Pulling changes from bibtex-search-token for consistency with migration

* Fixing lint

* Using mongo collation for handling case and diacritics in search queries

* Boosting citation keys with  check for tokens

* Removing double foldLatinDigraphs call

* Matching figma designs for Library search component

* Adding cursor for paginated Library search results

* Re-fixing flash after searching library

* Unit test for cursor search

* Using same cursor object for search and get all results

* Data migration moved to manual script

GitOrigin-RevId: b7e6a1f07f775c8450dd97e7269cab3b68ca0eb3
 2026-05-20 08:07:29 +00:00
Jessica Lawshe 9acf3b8e7f Merge pull request #33610 from overleaf/jel-hostname-capturedByGroup 
[web] Check `capturedByGroup` when adding new email

GitOrigin-RevId: f9ef3d4cc7387dc0139a70aecd6cfcb20170abc6
 2026-05-20 08:07:18 +00:00
Eric Mc Sween 2f32b9d61e Merge pull request #32706 from overleaf/em-dropbox-queue 
[third-party-datastore] Apply Dropbox→Overleaf updates inline, removing queue hop

GitOrigin-RevId: 1ea17eefe57aaf32634ce3395682f7eac2e53dc5
 2026-05-20 08:07:10 +00:00
Lucie Germain 2f08f6f6eb Bump mongoose to 8.22.1 (GHSA-wpg9-53fq-2r8h) (#33648) 
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
GitOrigin-RevId: f092e8d914ea5825e285fe4741bb42dd2c5d5fa3
 2026-05-20 08:07:05 +00:00
Alf Eaton 34d272afa9 Reapply "Wrap PDF setDocument in startViewTransition (#33346)" (#33633) 
GitOrigin-RevId: 11dc65d8a8195c8cd6e6e2b58905a0f8b7b218f4
 2026-05-20 08:06:53 +00:00
Alf Eaton 1d959af16e Process zip import entries in parallel (#33176) 
GitOrigin-RevId: f77c2b08d4c085b51a8608d2621dd5bbe1134258
 2026-05-20 08:06:48 +00:00
Alf Eaton 7eed283b11 Ignore entries in __MACOSX folder when importing zip archive (#33147) 
GitOrigin-RevId: e990d593d96085e13a209d4155823097b0814276
 2026-05-20 08:06:40 +00:00
Alf Eaton efab968153 Treat qmd and rmd extensions as Markdown (#33786) 
GitOrigin-RevId: 89d79e958ea08f3388bde8dc561b04f87a1b6549
 2026-05-20 08:06:36 +00:00
Alf Eaton 7c8e89923d Add .qmd to editable file extensions (#33785) 
GitOrigin-RevId: 868a96e66e8d408ceb2f5b29e59f0d1ee12992dd
 2026-05-20 08:06:31 +00:00
Alf Eaton d8c33cc34c Allow multiple concurrent reference searches (#33739) 
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
GitOrigin-RevId: 403d4f5900a8c4ccdc64032d365adb285a191b71
 2026-05-20 08:06:23 +00:00
Alf Eaton c0acddbfaf Use sharejs doc type in Storybook stories (#33565) 
GitOrigin-RevId: a2bf64d3ce376dd05e740796e8f1ea74913ed8f0
 2026-05-20 08:06:19 +00:00
Alf Eaton 3dbbf95fbb Disable Yarn telemetry (#33561) 
GitOrigin-RevId: f835277a689e142b7d336ee38af3f142e37c6f5c
 2026-05-20 08:06:14 +00:00
Alf Eaton 30edd837e1 Use resolve.tsconfig (#31639) 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
GitOrigin-RevId: 1c7da49e14af5935f85f1927186a825b116bb4e9
 2026-05-20 08:06:05 +00:00
Evelyn b5654c5a01 fix: chown /var/lib/overleaf mount point to www-data (#33764) 
The init script chowns all subdirectories but not the mount point
itself. When the host volume is owned by a non-www-data user with
restrictive permissions (e.g. 770), the web process cannot traverse
the directory and crashes with EACCES, causing a 502.

Fixes #1325 and #1465

COPYBARA_INTEGRATE_REVIEW=https://github.com/overleaf/overleaf/pull/1475 from ev-not-eve:patch-1 269a80500f

Co-authored-by: Evelyn <evansvevelyn@gmail.com>
GitOrigin-RevId: 959051861246c9f3958e56861821b92d84167926
 2026-05-19 08:04:55 +00:00
Mathias Jakobsen ce6f9b8e8c Merge pull request #33705 from overleaf/mj-clsi-cwd-for-conversions 
[clsi] Add cwd argument to CommandRunner and use to simplify conversions

GitOrigin-RevId: 5333e3262a99e602ab5470ae1e23facb5b28a170
 2026-05-19 08:04:51 +00:00
Jakob Ackermann c0111fec29 [monorepo] run format_fix and trigger prettier on .agents changes (#33759) 
* [monorepo] run format_fix and trigger prettier on .agents changes

* [monorepo] cleanup stale prettier ignore rule

* [monorepo] tweak format:monorepo-check:fix

GitOrigin-RevId: e6c29a0c601fbf388a048eb42706f9bd0a18344f
 2026-05-19 08:04:48 +00:00
Jakob Ackermann 1f8371e0a3 [document-updater] flush_all: log progress after every 1k projects (#33757) 
GitOrigin-RevId: b5b68f6f53bece51234799fb626d0d6a2a5b590c
 2026-05-19 08:04:41 +00:00
Jakob Ackermann 293d89a4cb [web] inline contacts service into web (#33546) 
GitOrigin-RevId: d5e84d4f80f5ad4e951934d6dcdc332b0d26f3d0
 2026-05-19 08:04:34 +00:00
Miguel Serrano b79d432deb [web] Conditionally show items in insert figure toolbar (#33721) 
Removes the options for inserting an image from another project or by downloading an external URL if the features are disabled.

GitOrigin-RevId: ffa64e5929e254d8a236c8e9aca4eb8210f444c9
 2026-05-19 08:04:21 +00:00
Jakob Ackermann 99148d5956 [web] silence customer.io integration when not configured in dev/CI (#33731) 
GitOrigin-RevId: c9498f57f0dacb3d18cd7617388df11d5cf029de
 2026-05-19 08:04:17 +00:00
Brian Gough 60860aa202 Merge pull request #33576 from overleaf/bg-jpa-convert-document-to-file 
Modify convertDocToFile to bypass docstore

GitOrigin-RevId: 3ec789034a369d39d223450462394c8f303caa07
 2026-05-19 08:04:13 +00:00
Jakob Ackermann b1a0bb16db [migrations] delete expired oauth access tokens after 24h (#33575) 
Co-authored-by: Brian Gough <brian.gough@overleaf.com>
GitOrigin-RevId: 7f67a7e6949472c66f5f75a6053161d8e359f5df
 2026-05-19 08:04:09 +00:00
Kristina 2f5d838e0f Merge pull request #33704 from overleaf/kh-add-reject-change-preference-check 
[web] add reject tracked change preference check

GitOrigin-RevId: b55dba21b3d4f42e68528d2b5906862c57794cd1
 2026-05-18 08:06:57 +00:00
Andrew Rumble e9aedce4ab Merge pull request #33625 from overleaf/ar-update-vitest 
[monorepo] bump vitest to 4.1.5

GitOrigin-RevId: 22ba2249ae384fd59347c9aa45c70f51ccdf8890
 2026-05-18 08:06:49 +00:00
Andrew Rumble 19ad00c329 Merge pull request #33743 from overleaf/lg-systeminformation-upgrade 
[Security Upgrade] Upgrade systeminformation to 5.31.6 (GHSA-hvx9-hwr7-wjj9)

GitOrigin-RevId: bd75d2bc59e183d23972e367f40f753c08ca6967
 2026-05-18 08:06:41 +00:00
Eric Mc Sween 2913e462ec Merge pull request #33665 from overleaf/copilot/fix-error-logging-in-git-bridge 
git-bridge: Log WrongBranchException and ForcedPushException at WARN instead of ERROR
GitOrigin-RevId: 7aaa934a0df614e336ce3c20b892af1af0cd070f
 2026-05-18 08:06:29 +00:00
Eric Mc Sween a3682af6e4 Merge pull request #33710 from overleaf/em-tpds-config 
Clean up tpdsworker config from web and third-party-datastore

GitOrigin-RevId: 3856126d9dc856fea4bc4133b11402c35b10630b
 2026-05-18 08:06:25 +00:00