Commit Graph

5600 Commits

Author SHA1 Message Date
forehalo
54c06777a6
fix(server): always set new session cookie (#6323) 2024-03-26 09:56:39 +00:00
forehalo
5637676222
fix(server): wrong import path (#6317) 2024-03-26 09:26:56 +00:00
EYHN
16063340d0
fix(core): fix meta.xxx is undefined (#6321) 2024-03-26 08:53:14 +00:00
EYHN
b6bba523ff
fix(infra): large page list performance (#6319) 2024-03-26 07:53:53 +00:00
fundon
8ee9f6ec05
chore: improve password error message (#6255)
chore: improve error message

chore: add password minlength & maxlength i18n

chore: check max length

fix: i18n variables

feat: add CredentialsRequirementType
2024-03-26 07:15:06 +00:00
liuyi
b8e6d7d6cb
chore(server): cache blob list result (#6297) 2024-03-26 14:23:47 +08:00
CatsJuice
0731872347
feat(core): refactor sidebar header (#6251)
- Add user avatar
- Move sign-out/user settings link from workspace-modal to user avatar modal
- Modify the style of workspace list items
- Modify gap of navigation buttons
- Animate Syncing/Offline/...

![CleanShot 2024-03-22 at 10.22.38.gif](https://graphite-user-uploaded-assets-prod.s3.amazonaws.com/LakojjjzZNf6ogjOVwKE/7305f561-a85b-4ec6-89c2-27e2f1b63c85.gif)
2024-03-26 06:10:38 +00:00
Brooooooklyn
d8a3cd5ce2
chore: bump oxlint and rules (#6314) 2024-03-26 05:58:22 +00:00
JimmFly
669ca325a1
fix(core): tag color should use palette-line-color (#6315) 2024-03-26 04:57:41 +00:00
pengx17
095f8c2359
fix: button should have its font-family inherited (#6311) 2024-03-26 03:57:59 +00:00
Brooooooklyn
ffbfdb65a2
fix(core): add env info to tracks (#6313) 2024-03-26 03:41:41 +00:00
pengx17
e9bc24bf37
fix(electron): possible issue on openning two main windows (#6307)
fix https://github.com/toeverything/AFFiNE/issues/6303

fetching `getWindowAdditionalArguments` requires forking a new process & handshake, which could be time consuming
2024-03-26 03:29:37 +00:00
renovate
2662ba763c
chore: bump up express version to v4.19.2 [SECURITY] (#6308)
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [express](http://expressjs.com/) ([source](https://togithub.com/expressjs/express)) | [`4.18.2` -> `4.19.2`](https://renovatebot.com/diffs/npm/express/4.18.2/4.19.2) | [![age](https://developer.mend.io/api/mc/badges/age/npm/express/4.19.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/express/4.19.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/express/4.18.2/4.19.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/express/4.18.2/4.19.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) |

### GitHub Vulnerability Alerts

#### [CVE-2024-29041](https://togithub.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc)

### Impact

Versions of Express.js prior to 4.19.2 and pre-release alpha and beta versions before 5.0.0-beta.3 are affected by an open redirect vulnerability using malformed URLs.

When a user of Express performs a redirect using a user-provided URL Express performs an encode [using `encodeurl`](https://togithub.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list.

The main method impacted is `res.location()` but this is also called from within `res.redirect()`.

### Patches

0867302ddb
0b746953c4

An initial fix went out with `express@4.19.0`, we then patched a feature regression in `4.19.1` and added improved handling for the bypass in `4.19.2`.

### Workarounds

The fix for this involves pre-parsing the url string with either `require('node:url').parse` or `new URL`. These are steps you can take on your own before passing the user input string to `res.location` or `res.redirect`.

### References

[https://github.com/expressjs/express/pull/5539](https://togithub.com/expressjs/express/pull/5539)
[https://github.com/koajs/koa/issues/1800](https://togithub.com/koajs/koa/issues/1800)
https://expressjs.com/en/4x/api.html#res.location

---

### Release Notes

<details>
<summary>expressjs/express (express)</summary>

### [`v4.19.2`](https://togithub.com/expressjs/express/blob/HEAD/History.md#4192--2024-03-25)

[Compare Source](https://togithub.com/expressjs/express/compare/4.19.1...4.19.2)

\==========

-   Improved fix for open redirect allow list bypass

### [`v4.19.1`](https://togithub.com/expressjs/express/blob/HEAD/History.md#4191--2024-03-20)

[Compare Source](https://togithub.com/expressjs/express/compare/4.19.0...4.19.1)

\==========

-   Allow passing non-strings to res.location with new encoding handling checks

### [`v4.19.0`](https://togithub.com/expressjs/express/compare/4.18.3...83e77aff6a3859d58206f3ff9501277023c03f87)

[Compare Source](https://togithub.com/expressjs/express/compare/4.18.3...4.19.0)

### [`v4.18.3`](https://togithub.com/expressjs/express/blob/HEAD/History.md#4183--2024-02-26)

[Compare Source](https://togithub.com/expressjs/express/compare/4.18.2...4.18.3)

\==========

-   Fix routing requests without method
-   deps: body-parser@1.20.2
    -   Fix strict json error message on Node.js 19+
    -   deps: content-type@~1.0.5
    -   deps: raw-body@2.5.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/toeverything/AFFiNE).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInVwZGF0ZWRJblZlciI6IjM3LjI2OS4yIiwidGFyZ2V0QnJhbmNoIjoiY2FuYXJ5In0=-->
2024-03-26 03:17:49 +00:00
forehalo
1a1af83375
test(server): auth tests (#6135) 2024-03-26 02:24:17 +00:00
pengx17
1c9d899831
fix: runtime issue for electron app (#6306)
Looks like we need to be careful to share common libraries between electron (nodejs) & web

![image.png](https://graphite-user-uploaded-assets-prod.s3.amazonaws.com/T2klNLEk0wxLh4NRDzhk/7e568e47-2d61-45c8-8a1e-b933b63fd1a9.png)
2024-03-26 02:04:13 +00:00
pengx17
00092c9955
fix(electron): fix electron build (#6305) 2024-03-25 15:57:22 +00:00
EYHN
3e547ce4cc
fix(core): hidden modals when workspace fallback (#6301) 2024-03-25 13:52:08 +00:00
EYHN
da12a0e48e
fix(core): fix error when switch to local workspace (#6144) 2024-03-25 21:35:10 +08:00
CatsJuice
b2f34d17a2
feat(core): adjust app sidebar's style (#6162) 2024-03-25 10:25:48 +00:00
pengx17
2a019d4fae
fix(core): storybook stability for date (#6300) 2024-03-25 09:50:48 +00:00
donteatfriedrice
48abc52e85
feat: bump blocksuite (#6294)
## Features
- https://github.com/toeverything/BlockSuite/pull/6544 @golok727
- https://github.com/toeverything/BlockSuite/pull/6543 @golok727
- https://github.com/toeverything/BlockSuite/pull/6536 @donteatfriedrice
- https://github.com/toeverything/BlockSuite/pull/6497 @doouding
- https://github.com/toeverything/BlockSuite/pull/6514 @regischen
- https://github.com/toeverything/BlockSuite/pull/6523 @donteatfriedrice
- https://github.com/toeverything/BlockSuite/pull/6530 @zzj3720
- https://github.com/toeverything/BlockSuite/pull/6526 @fourdim
- https://github.com/toeverything/BlockSuite/pull/6532 @donteatfriedrice
- https://github.com/toeverything/BlockSuite/pull/6493 @golok727
- https://github.com/toeverything/BlockSuite/pull/6529 @zzj3720
- https://github.com/toeverything/BlockSuite/pull/6528 @zzj3720
- https://github.com/toeverything/BlockSuite/pull/6509 @zzj3720
- https://github.com/toeverything/BlockSuite/pull/6525 @doodlewind
- https://github.com/toeverything/BlockSuite/pull/6502 @donteatfriedrice
- https://github.com/toeverything/BlockSuite/pull/6489 @Flrande

## Bugfix
- https://github.com/toeverything/BlockSuite/pull/6558 @fourdim
- https://github.com/toeverything/BlockSuite/pull/6556 @fourdim
- https://github.com/toeverything/BlockSuite/pull/6547 @fundon
- https://github.com/toeverything/BlockSuite/pull/6537 @golok727
- https://github.com/toeverything/BlockSuite/pull/6531 @donteatfriedrice
- https://github.com/toeverything/BlockSuite/pull/6524 @doodlewind
- https://github.com/toeverything/BlockSuite/pull/6519 @regischen
- https://github.com/toeverything/BlockSuite/pull/6517 @doodlewind
- https://github.com/toeverything/BlockSuite/pull/6516 @doodlewind
- https://github.com/toeverything/BlockSuite/pull/6510 @donteatfriedrice
- https://github.com/toeverything/BlockSuite/pull/6511 @congzhou09
- https://github.com/toeverything/BlockSuite/pull/6507 @doouding
- https://github.com/toeverything/BlockSuite/pull/6500 @fourdim
- https://github.com/toeverything/BlockSuite/pull/6486 @congzhou09
- https://github.com/toeverything/BlockSuite/pull/6495 @donteatfriedrice
- https://github.com/toeverything/BlockSuite/pull/6488 @Saul-Mirone
- https://github.com/toeverything/BlockSuite/pull/6482 @Flrande
- https://github.com/toeverything/BlockSuite/pull/6558 @fourdim

## Refactor
- https://github.com/toeverything/BlockSuite/pull/6548 @doodlewind
- https://github.com/toeverything/BlockSuite/pull/6522 @doodlewind
- https://github.com/toeverything/BlockSuite/pull/6518 @regischen
- https://github.com/toeverything/BlockSuite/pull/6521 @Saul-Mirone

## Misc
- https://github.com/toeverything/BlockSuite/pull/6557 @fourdim
- https://github.com/toeverything/BlockSuite/pull/6546 @Flrande
- docs: update package desc
- https://github.com/toeverything/BlockSuite/pull/6527 @fourdim
- https://github.com/toeverything/BlockSuite/pull/6505 @Brooooooklyn
- https://github.com/toeverything/BlockSuite/pull/6503 @fourdim
- v0.13.0
- https://github.com/toeverything/BlockSuite/pull/6496 @doodlewind
- https://github.com/toeverything/BlockSuite/pull/6562 @donteatfriedrice
2024-03-25 09:20:45 +00:00
JimmFly
09a27b6c25
feat(core): add remove from collection to collection page list (#6265)
close AFF-246
2024-03-25 08:31:38 +00:00
JimmFly
03c01a9693
fix(core): edit tag input autofocus (#6296)
close TOV-724
2024-03-25 08:05:25 +00:00
JimmFly
1ff6af85f5
feat(core): add page group and display properties (#6228)
close TOV-23

https://github.com/toeverything/AFFiNE/assets/102217452/c05474de-b73c-40ab-9f18-cc43bb9fd828
2024-03-25 07:53:33 +00:00
Brooooooklyn
6467e10690
ci: fix lint oom (#6295) 2024-03-25 07:11:49 +00:00
EYHN
a8cd1579f5
feat(infra): livedata effect (#6281) 2024-03-25 06:09:45 +00:00
EYHN
f2adbdaba4
style: enable import-x/no-duplicates (#6279) 2024-03-25 03:55:33 +00:00
EYHN
7ce2bfbf0b
style: no import infra submodule (#6278) 2024-03-25 03:55:29 +00:00
EYHN
b93871f045
feat(electron): define runtimeConfig in esbuild (#6287) 2024-03-25 03:55:26 +00:00
EYHN
d59e1389ec
chore(electron): config vitest swc (#6282) 2024-03-25 03:55:23 +00:00
EYHN
82cacd09d6
fix(core): fix flaky e2e (#6293) 2024-03-25 02:58:52 +00:00
pengx17
578d4c9775
fix(core): image preview flaky (#6292) 2024-03-25 02:46:31 +00:00
pengx17
64c011c72f
fix(electron): set referer and origin headers for electron (#6289) 2024-03-25 01:23:18 +00:00
EYHN
2b42a75e5a
style: enable rxjs/finnish (#6276)
chore(infra): use finnish notation for observables

do rename
2024-03-24 17:04:51 +00:00
dependabot
c6676fd074
build(deps): bump webpack-dev-middleware from 7.0.0 to 7.1.1 (#6275)
Bumps [webpack-dev-middleware](https://github.com/webpack/webpack-dev-middleware) from 7.0.0 to 7.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/webpack/webpack-dev-middleware/releases">webpack-dev-middleware's releases</a>.</em></p>
<blockquote>
<h2>v7.1.1</h2>
<h3><a href="https://github.com/webpack/webpack-dev-middleware/compare/v7.1.0...v7.1.1">7.1.1</a> (2024-03-21)</h3>
<h3>Bug Fixes</h3>
<ul>
<li><code>ContentLength</code> incorrectly set for empty files (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1785">#1785</a>) (<a href="0f3e25e2b0">0f3e25e</a>)</li>
<li>improve perf (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1777">#1777</a>) (<a href="5b47c9294e">5b47c92</a>)</li>
<li><strong>types:</strong> make types better (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1786">#1786</a>) (<a href="e4d183ea6d">e4d183e</a>)</li>
</ul>
<h2>v7.1.0</h2>
<h2><a href="https://github.com/webpack/webpack-dev-middleware/compare/v7.0.0...v7.1.0">7.1.0</a> (2024-03-19)</h2>
<h3>Features</h3>
<ul>
<li>prefer to use <code>fs.createReadStream</code> over <code>fs.readFileSync</code> to read files (<a href="ab533de933">ab533de</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>cleaup stream and handle errors (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1769">#1769</a>) (<a href="1258fdd3d9">1258fdd</a>)</li>
<li><strong>security:</strong> do not allow to read files above (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1771">#1771</a>) (<a href="e10008c762">e10008c</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/webpack/webpack-dev-middleware/blob/master/CHANGELOG.md">webpack-dev-middleware's changelog</a>.</em></p>
<blockquote>
<h3><a href="https://github.com/webpack/webpack-dev-middleware/compare/v7.1.0...v7.1.1">7.1.1</a> (2024-03-21)</h3>
<h3>Bug Fixes</h3>
<ul>
<li><code>ContentLength</code> incorrectly set for empty files (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1785">#1785</a>) (<a href="0f3e25e2b0">0f3e25e</a>)</li>
<li>improve perf (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1777">#1777</a>) (<a href="5b47c9294e">5b47c92</a>)</li>
<li><strong>types:</strong> make types better (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1786">#1786</a>) (<a href="e4d183ea6d">e4d183e</a>)</li>
</ul>
<h2><a href="https://github.com/webpack/webpack-dev-middleware/compare/v7.0.0...v7.1.0">7.1.0</a> (2024-03-19)</h2>
<h3>Features</h3>
<ul>
<li>prefer to use <code>fs.createReadStream</code> over <code>fs.readFileSync</code> to read files (<a href="ab533de933">ab533de</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>cleaup stream and handle errors (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1769">#1769</a>) (<a href="1258fdd3d9">1258fdd</a>)</li>
<li><strong>security:</strong> do not allow to read files above (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1771">#1771</a>) (<a href="e10008c762">e10008c</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="7c6164a82f"><code>7c6164a</code></a> chore(release): 7.1.1</li>
<li><a href="e4d183ea6d"><code>e4d183e</code></a> fix(types): make types better (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1786">#1786</a>)</li>
<li><a href="f23ed7ccd8"><code>f23ed7c</code></a> chore(deps-dev): bump <code>@​babel/core</code> from 7.24.1 to 7.24.3 (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1782">#1782</a>)</li>
<li><a href="0f3e25e2b0"><code>0f3e25e</code></a> fix: <code>ContentLength</code> incorrectly set for empty files (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1785">#1785</a>)</li>
<li><a href="d45f033ea7"><code>d45f033</code></a> chore(deps-dev): bump <code>@​babel/preset-env</code> from 7.24.1 to 7.24.3 (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1783">#1783</a>)</li>
<li><a href="c0c2eea2e7"><code>c0c2eea</code></a> chore(deps-dev): bump express from 4.18.3 to 4.19.1 (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1781">#1781</a>)</li>
<li><a href="5b47c9294e"><code>5b47c92</code></a> fix: improve perf (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1777">#1777</a>)</li>
<li><a href="1a34bc4bce"><code>1a34bc4</code></a> chore(deps-dev): bump <code>@​types/node</code> from 20.11.29 to 20.11.30 (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1774">#1774</a>)</li>
<li><a href="d618f1f126"><code>d618f1f</code></a> chore(deps-dev): bump <code>@​babel/preset-env</code> from 7.24.0 to 7.24.1 (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1772">#1772</a>)</li>
<li><a href="40daa4bb71"><code>40daa4b</code></a> chore(deps-dev): bump <code>@​babel/core</code> from 7.24.0 to 7.24.1 (<a href="https://redirect.github.com/webpack/webpack-dev-middleware/issues/1776">#1776</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/webpack/webpack-dev-middleware/compare/v7.0.0...v7.1.1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=webpack-dev-middleware&package-manager=npm_and_yarn&previous-version=7.0.0&new-version=7.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/toeverything/AFFiNE/network/alerts).

</details>
2024-03-24 11:02:10 +00:00
BABA
6a02d0bc96
feat: open about page in setting modal when click about menu (#6245)
Co-authored-by: EYHN <cneyhn@gmail.com>
2024-03-23 13:27:05 +00:00
Fangdun Tsai
6c9db367e2
chore(core): add oauth connecting state (#6225) 2024-03-23 21:18:48 +08:00
BABA
a1532d4df2
chore: fix renderer entry path not found in desktop development (#6270)
Co-authored-by: LongYinan <lynweklm@gmail.com>
2024-03-23 21:12:23 +08:00
fundon
7e161682f0
fix(core): creating multiple workspaces with consecutive clicks (#6259)
Closes #6213
2024-03-23 12:29:46 +00:00
pengx17
62a6075675
fix(core): do not ensure properties on read (#6263) 2024-03-23 12:15:06 +00:00
JimmFly
532d655ffb
feat(core): add confirm modal for delete tag action (#6268) 2024-03-23 12:03:14 +00:00
pengx17
3c6983ee49
fix(core): storybook build issue (#6274)
1. es2022 is required and should be set separately in storybook.
2. @blocksuite/icons versions are not consistent across packages.
2024-03-23 06:33:25 +00:00
EYHN
34703a3b7d
feat(infra): new doc sync engine (#6205)
https://github.com/toeverything/AFFiNE/blob/eyhn/feat/new-sync/packages/common/infra/src/workspace/engine/doc/README.md
2024-03-22 16:43:26 +00:00
Brooooooklyn
05c44db5a9
chore(core): remove unused dependencies (#6203) 2024-03-22 10:39:39 +00:00
Brooooooklyn
622e90f176
chore(core): add telemetry switch (#6267) 2024-03-22 10:28:55 +00:00
EYHN
a0b97f948c
fix(core): fix stuttering when change doc title (#6269) 2024-03-22 10:06:37 +00:00
Fangdun Tsai
69cb8b0f60
chore(core): disable onborading on the web (#6222) 2024-03-22 18:05:36 +08:00
Brooooooklyn
150c22936d
chore(core): add mixpanel track (#6202) 2024-03-22 09:24:41 +00:00
Brooooooklyn
10af0ab48d
feat(server): support ai plan (#6216) 2024-03-22 08:39:18 +00:00
Brooooooklyn
aecc523663
fix(server): avoid error when other prices added but logic is not released (#6191) 2024-03-22 08:39:12 +00:00