The way to connect to the hocuspocus server needs to be proxified in
nginx to query a dedicated route in the django application and then
follow the request to the express server with the additionnal headers.
The auth can be done in the express server by querying the backend on
the document retrieve endpoint. If the response status code is 200, the
user has access to the document, otherwise it is not the case. Then we
can check the abilities to determine what the user can do or not.
Added:
- 📝(doc) add publiccode.yml
Changed
- 🚸(frontend) ctrl+k modal not when editor is focused
Fixed:
- 🐛(back) allow only images to be used with
the cors-proxy
- 🐛(backend) stop returning inactive users
on the list endpoint
- 🔒️(backend) require at least 5 characters
to search for users
- 🔒️(back) throttle user list endpoint
- 🔒️(back) remove pagination and limit to
5 for user list endpoint
Added:
- 📝(doc) Added GNU Make link to README
- ✨(frontend) add pinning on doc detail
- 🚩(frontend) feature flag analytic on copy as html
- ✨(frontend) Custom block divider with export
- 🌐(i18n) activate dutch language
Changed:
- 🧑💻(frontend) change literal section open source
- ♻️(frontend) replace cors proxy for export
- 🚨(gitlint) Allow uppercase in commit messages
Fixed:
- 🐛(frontend) SVG export
- 🐛(frontend) remove scroll listener table content
- 🔒️(back) restrict access to favorite_list endpoint
- 🐛(backend) refactor to fix filtering on children
and descendants views
- 🐛(action) fix notify-argocd workflow
- 🚨(helm) fix helmfile lint
- 🚚(frontend) redirect to 401 page when 401 error
To ease filtering issues on sentry, we want to use tags instead of extra
scope. Tags are indexed and searchable, it's not the case with extra
scope. Moreover using setEtra to add additional data is deprecated.
Added:
- 💄(frontend) add error pages
- 🔒️ Manage unsafe attachments
- ✨(frontend) Custom block quote with export
- ✨(frontend) add open source section homepage
Changed:
- 🛂(frontend) Restore version visibility
- 📝(doc) minor README.md formatting and wording enhancements
- ♻️Stop setting a default title on doc creation
- ♻️(frontend) misc ui improvements
Fixed:
- 🐛(backend) allow any type of extensions for media download
- ♻️(frontend) improve table pdf rendering
Added:
- ✨(backend) add soft delete and restore API endpoints to documents
- ✨(backend) allow organizing documents in a tree structure
- ✨(backend) add "excerpt" field to document list serializer
- ✨(backend) add github actions to manage Crowdin workflow
- 📈Integrate Posthog
- 🏷️(backend) add content-type to uploaded file
- ✨(frontend) export pdf docx front side7
Changed:
- 💄(frontend) add abilities on doc row
- 💄(frontend) improve DocsGridItem responsive padding
- 🔧(backend) Bump maximum page size to 200
- 📝(doc) Improve Read me
Fixed:
- 🐛Fix invitations
Removed:
- 🔥(backend) remove "content" field from list serializer
Many routes were in the server.ts file, now they
are in their own files in the handlers folder.
The server.ts file is now AppServer that handles
the routes.
We split as well the tests.
Improve y-provider image by having the
node_modules as small as possible.
We move split the Dockerfile and
add it to the y-provider folder,
it will be easier to read and maintain.
Support for two API keys has been added to the YProvider microservice to
decouple responsibilities between the collaboration server and other
endpoints. This improves security by scoping keys to specific purposes and
ensures a clearer separation of concerns for easier management and debugging.
This code is quite poor. Sorry, I don't have much time working
on this feature. However, it should be functional.
I've reused the code we created for the Demo with Kasbarian.
I've not tested it yet with all corner case. Error handling
might be improved for sure, same for logging.
This endpoint is not modular. We could easily introduce options
to modify its behavior based on some options. YAGNI
I've added bearer token authentification, because it's unclear
how this micro service would be exposed. It's totally not required
if the microservice is not exposed through an Ingress.
Added:
- ✨(backend) annotate number of accesses
on documents in list view
- ✨(backend) allow users to mark/unmark
documents as favorite
Changed:
- 🔒️(collaboration) increase collaboration access security
- 🔨(frontend) encapsulated title to its own component
- ⚡️(backend) optimize number of queries on
document list view
- ♻️(frontend) stop to use provider with version
- 🚚(collaboration) change the websocket key name
Fixed:
- 🐛(frontend) fix initial content with collaboration
- 🐛(frontend) Fix hidden menu on Firefox
- 🐛(backend) fix sanitize problem IA
We want to be able to reset the connections of a document.
To do this, we need to be able to send a
request to the collaboration server.
To do so, we added the endpoint
POST "/collaboration/api/reset-connections"
to the collaboration server thanks to "express".
Added:
- 📝Contributing.md
- 🌐(frontend) add localization to editor
- ✨Public and restricted doc editable
- ✨(frontend) Add full name if available
- ✨(backend) Add view accesses ability
Changed:
- ♻️(frontend) avoid documents indexing in search engine
- ♻️(frontend) list accesses if user has abilities
- 👔(backend) doc restricted by default
Fixed:
- 🐛(backend) require right to manage document
accesses to see invitations
- 🐛(i18n) same frontend and backend language using
shared cookies
- 🐛(frontend) add default toolbar buttons
- 🐛(frontend) throttle error correctly display
Removed:
- 🔥(helm) remove infra related codes
Added:
- ✨AI to doc editor
- ✨(backend) allow uploading more types of attachments
- ✨(frontend) add buttons to copy document to clipboard as HTML/Markdown
Changed:
- ♻️(frontend) More multi theme friendly
- ♻️ Bootstrap frontend
- ♻️ Add username in email
Fixed:
- 🛂(backend) do not duplicate user when disabled
- 🐛(frontend) invalidate queries after removing user
- 🐛(backend) Fix dysfunctional permissions on document create
- 🐛(backend) fix nginx docker container
- 🐛(frontend) fix copy paste firefox
Added:
- ✨(backend) add name fields to the user synchronized with OIDC
- ✨(ci) add security scan
- ✨(frontend) Activate versions feature
- ✨(frontend) one-click document creation
- ✨(frontend) edit title inline
- 📱(frontend) mobile responsive
- 🌐(frontend) Update translation
Changed:
- 💄(frontend) error alert closeable on editor
- ♻️(backend) Change email content
- 🛂(frontend) viewers and editors can access share modal
- ♻️(frontend) remove footer on doc editor
Fixed:
- 🛂(frontend) match email if no existing user
matches the sub
- 🐛(backend) gitlab oicd userinfo endpoint
- 🛂(frontend) redirect to the OIDC when private doc
and unauthentified
- ♻️(backend) getting list of document versions
available for a user
- 🔧(backend) fix configuration to avoid different
ssl warning
- 🐛(frontend) fix editor break line not working
Added:
- ✨(backend) Add link public/authenticated/restricted
access with read/editor roles
- ✨(frontend) add copy link button
- 🛂(frontend) access public docs without being logged
Changed:
- ♻️(backend) Allow null titles on documents
for easier creation
- 🛂(backend) stop to list public doc to everyone
- 🚚(frontend) change visibility in share modal
- ⚡️(frontend) Improve summary
Fixed:
- 🐛(backend) Fix forcing ID when creating a
document via API endpoint
- 🐛 Rebuild frontend dev container from makefile
Added:
- ✨Add image attachments with access control
- ✨(frontend) Upload image to a document
- ✨(frontend) Summary
- ✨(frontend) update meta title for docs page
Changed:
- 💄(frontend) code background darkened on editor
- 🔥(frontend) hide markdown button if not text
Fixed:
- 🐛 Fix emoticon in pdf export
- 🐛 Fix collaboration on document
- 🐛 (docker) Fix compatibility with mac
Removed:
- 🔥(frontend) remove saving modal
We replace the y-webrtc-signaling app by
the server-y-provider server.
The server-y-provider server uses @hocuspocus to
do collaborative editing on docs.
