* Add ReactionsCreate notification event type
- Add ReactionsCreate to NotificationEventType enum and defaults
- Add notification settings UI with SmileyIcon and proper labels
- Create ReactionsCreateNotificationsTask to handle comment reactions
- Update NotificationsProcessor to handle comments.add_reaction events
- Add eventText and path handling in client Notification model
- Notifications are enabled by default but never send emails
* Applied automatic fixes
* Show the actual emoji in the notification
* Cleanup notifications if reaction is removed
* PR feedback
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>
* Improve webhook disabling heuristic with time-based analysis
- Add WEBHOOK_FAILURE_TIME_WINDOW environment variable (default: 24 hours)
- Add WEBHOOK_FAILURE_RATE_THRESHOLD environment variable (default: 80%)
- Replace simple count-based logic with time-window failure rate analysis
- Require minimum 5 deliveries in time window before disabling
- Add comprehensive logging for webhook failure analysis
- Update email template to reflect new time-based approach
Addresses GitHub issue #9788 by making webhook disabling smarter and
considering time factors instead of just consecutive failure counts.
* Fix Logger.warn type error
Remove extra 'task' parameter from Logger.warn call to match the correct
signature: Logger.warn(message: string, extra?: Extra)
* Update WEBHOOK_FAILURE_TIME_WINDOW to use seconds instead of hours
- Change default value from 24 (hours) to 86400 (seconds)
- Update time conversion logic from hours*60*60*1000 to seconds*1000
- Rename timeWindowHours variable to timeWindowSeconds for clarity
- Update documentation comments to reflect seconds-based configuration
This provides more granular control while maintaining the same default
behavior (24 hours = 86400 seconds).
* Improve webhook failure logging and analysis threshold
- Only log webhook failure analysis when failedDeliveries.length > 0
- Extract hardcoded minimum deliveries threshold to constant
- Update minimum deliveries threshold from 5 to 10 for more reliable analysis
This reduces log noise when there are no failures and requires more data
points before considering webhook disabling.
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
* shares.info, collections.info, documents.info
* shares.list, shares.create, shares.update
* shares.sitemap
* parity with existing document shared screen
* collection share popover
* parent share and table
* collection scene
* collection link in sidebar
* sidebar and breadcrumb collection link click
* collection link click in editor
* meta
* more meta + 404 page
* map internal link, remove showLastUpdated option
* fix shares.list pagination
* show last updated
* shareLoader tests
* lint
* sidebar context for collection link
* badge in shares table
* fix existing tests
* tsc
* update failing test snapshot
* env
* signed url for collection attachments
* include collection content in SSR for screen readers
* search
* drafts can be shared
* review
* tsc, remove old shared-doc scene
* tweaks
* DRY
* refactor loader
* Remove share/collection urls
* fix: Collection overview should not be editable when viewing shared link and logged in
* Tweak public breadcrumb
* fix: Deleted documents should never be exposed through share
* empty sharedTree array where includeChildDocuments is false
* revert includeChildDocs guard for logical correctness + SSR bug fix
* fix: check document is part of share
---------
Co-authored-by: Tom Moor <tom@getoutline.com>
* fix: extract domain from user email in Slack authentication
Fixes#9641 - Slack auth fails when OIDC is enabled
* Added tests for domain extraction functionality
Added parseEmail import
* Fix Slack OIDC authentication to retain original subdomain logic (profile.team.domain) while adding domain extraction from user email
* Update slack.ts
---------
Co-authored-by: Tom Moor <tom@getoutline.com>
* Separate Prettier and ESLint according to best practices
- Create standalone .prettierrc configuration file
- Remove eslint-plugin-prettier integration from ESLint config
- Replace with eslint-config-prettier to disable conflicting rules
- Remove eslint-plugin-prettier dependency
- Add dedicated format and format:check scripts
- Update lint-staged to run Prettier and ESLint separately
- Format entire codebase with new Prettier configuration
This follows the recommended approach from Prettier documentation:
https://prettier.io/docs/integrating-with-linters#notes
* Remove test comment
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
* Fix OIDC well-known discovery for subdirectories
- Fix URL construction in fetchOIDCConfiguration to properly handle issuer URLs with subdirectories
- Replace incorrect use of new URL() constructor that was treating well-known path as absolute
- Add proper path concatenation that preserves subdirectories in issuer URLs
- Add comprehensive test cases for subdirectory scenarios
- Fixes issue where https://auth.example.com/application/o/outline/ would incorrectly resolve to https://auth.example.com/.well-known/openid-configuration instead of https://auth.example.com/application/o/outline/.well-known/openid-configurationFixes#9535
* Refactor to use wellKnownPath variable instead of hardcoded path
- Use wellKnownPath.substring(1) to remove leading slash when appending to pathname
- Eliminates duplication of the .well-known/openid-configuration path
- Improves maintainability by using the existing variable consistently
* Simplify logic by checking pathname does not end with slash
- If pathname doesn't end with slash, append full wellKnownPath (with leading slash)
- If pathname ends with slash, append wellKnownPath without leading slash
- Eliminates need for substring() by using the slash logic more elegantly
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
* Upgrade Prettier to v3.6.2 and eslint-plugin-prettier to v5.5.1
- Upgraded prettier from ^2.8.8 to ^3.6.2 (latest version)
- Upgraded eslint-plugin-prettier from ^4.2.1 to ^5.5.1 for compatibility
- Applied automatic formatting changes from new Prettier version
- All existing ESLint and Prettier configurations remain compatible
* Applied automatic fixes
* Trigger CI
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>
* Update Switch component onChange handler to use boolean callback
- Remove synthetic event handling from Switch component
- Update onChange signature to (checked: boolean) => void
- Update all call points across the codebase:
- PublicAccess.tsx: Updated handlers for indexing, showLastModified, and published switches
- Security.tsx: Created individual handlers for all security preferences
- Preferences.tsx: Created individual handlers for user preferences
- CollectionForm.tsx: Added createSwitchRegister helper for react-hook-form compatibility
- TemplatizeDialog: Updated publish handler
- DocumentMenu.tsx: Added handlers for embeds and full-width toggles
- Search.tsx: Updated SearchTitlesFilter handler
- Application.tsx: Added createSwitchRegister helper
- Details.tsx: Updated public branding handler
- Features.tsx: Created individual handlers for seamless edit and commenting
- OAuthClientForm.tsx: Added createSwitchRegister helper
- Maintained backward compatibility with react-hook-form
- Improved type safety and code clarity
* Fix ESLint floating promise errors
- Add void operator to onChange call in CollectionForm.tsx
- Add void operator to document.save call in DocumentMenu.tsx
These changes fix the @typescript-eslint/no-floating-promises errors
while maintaining the existing functionality.
* Fix Switch component onChange handlers in remaining files
- Updated DocumentCopy.tsx handlers to use boolean parameter
- Updated Notifications.tsx to use closure pattern for event types
- Updated SlackListItem.tsx to use closure pattern for event names
- All TypeScript errors resolved
* Refactor createSwitchRegister into utils/forms
- Created shared utility function in app/utils/forms.ts
- Removed duplicate implementations from CollectionForm, Application, and OAuthClientForm
- Updated all usage points to use the shared utility
- Improved TypeScript typing with Record<string, unknown>
- Fixed imports and removed unused variables
- Maintained existing functionality while reducing code duplication
* Fix TypeScript errors in createSwitchRegister utility
- Updated generic constraint from Record<string, unknown> to FieldValues
- Added Path import from react-hook-form for proper type safety
- Fixed parameter type from keyof TFormData to Path<TFormData>
- Improved type compatibility with react-hook-form's UseFormRegister
Resolves TypeScript compilation errors in CI pipeline.
* Remove unnecessary handlePublishChange callbacks
- Removed handlePublishChange wrapper in DocumentCopy.tsx
- Removed handlePublishChange wrapper in TemplatizeDialog/index.tsx
- Updated Switch components to use setPublish directly
- Simplified code by leveraging boolean callback from Switch component
Since Switch now passes boolean directly, no need for intermediate callbacks.
* Address review feedback: simplify callbacks and fix fullWidth behavior
1. DocumentCopy.tsx:
- Remove handleRecursiveChange callback wrapper
- Use setRecursive directly with Switch component
2. DocumentMenu.tsx:
- Add void user.save() to persist user preference
- Add document.fullWidth = checked for optimistic update behavior
Both changes leverage the boolean callback from Switch component properly.
* Update Security.tsx
* i18n
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>
* Update import button to show 'Uploading…' state during file upload
- Update DropToImport component to show 'Uploading…' text and disable button during import
- Update Notion ImportDialog to show 'Uploading…' text during submission
- Improves user feedback during import operations
* Move ellipsis character out of translated strings
- Separate ellipsis from 'Uploading' translation to improve i18n
- Use string concatenation: t('Uploading') + '…' instead of t('Uploading…')
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
* Upgrade @typescript-eslint dependencies from v6.21.0 to v8.33.0
- Updated @typescript-eslint/eslint-plugin from ^6.21.0 to ^8.33.0
- Updated @typescript-eslint/parser from ^6.21.0 to ^8.33.0
- Tested linting functionality to ensure compatibility
- This brings the latest TypeScript ESLint features and bug fixes
* lint
* tsc
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>
* feat: Add POST method option to redirectOnClient helper
* Applied automatic fixes
* fix: Add missing closing HTML tag in redirectOnClient GET method
* fix: Use lodash escape for form field values to prevent XSS
* Applied automatic fixes
* fix: Add missing lodash/escape import
* Applied automatic fixes
* fix: Escape all URLs in redirectOnClient function
* Update index.ts
* fix: CSP
* Refactor CSP middleware
* docs, only use for email signin
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>
* Fall back to id_token if profile does not contain username or email
* More comments
* Add error handling to id_token decode
* simplify username fallback logic using nullish coalescing
Co-authored-by: Tom Moor <tom.moor@gmail.com>
* make id_token decoding more tolerant of malformed or invalid tokens
---------
Co-authored-by: Tom Moor <tom.moor@gmail.com>
