* Add ALLOW_IP_ADDRESS_LIST environment variable
This adds support for allowing specific private IP addresses to be accessed
by the request-filtering-agent, which is useful for OIDC providers and
webhooks on private networks.
The environment variable accepts a comma-separated list of IP addresses
that should be allowed even if they are private IP addresses.
Example: ALLOW_IP_ADDRESS_LIST=10.0.0.1,192.168.1.100
Fixes issue with OIDC providers on private IP addresses being blocked.
* Rename environment variable to ALLOWED_PRIVATE_IP_ADDRESSES
Changed from ALLOW_IP_ADDRESS_LIST to ALLOWED_PRIVATE_IP_ADDRESSES
for better clarity and naming consistency.
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
* fix: Do not consider host in cookies state unless its a workspace subdomain
* fix: Add option as to whether state cookie is considered in team context
* Upgrade Prettier to v3.6.2 and eslint-plugin-prettier to v5.5.1
- Upgraded prettier from ^2.8.8 to ^3.6.2 (latest version)
- Upgraded eslint-plugin-prettier from ^4.2.1 to ^5.5.1 for compatibility
- Applied automatic formatting changes from new Prettier version
- All existing ESLint and Prettier configurations remain compatible
* Applied automatic fixes
* Trigger CI
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>
* Upgrade @typescript-eslint dependencies from v6.21.0 to v8.33.0
- Updated @typescript-eslint/eslint-plugin from ^6.21.0 to ^8.33.0
- Updated @typescript-eslint/parser from ^6.21.0 to ^8.33.0
- Tested linting functionality to ensure compatibility
- This brings the latest TypeScript ESLint features and bug fixes
* lint
* tsc
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>
* Add support for individual database environment variables
- Add DATABASE_HOST, DATABASE_PORT, DATABASE_NAME, DATABASE_USER, DATABASE_PASSWORD env vars
- Implement mutual exclusivity validation between DATABASE_URL and individual components
- Add effectiveDatabaseUrl getter to construct URL from individual components
- Update database connection logic to use new configuration options
- Ensure backward compatibility with existing DATABASE_URL configuration
Resolves: https://github.com/outline/outline/discussions/9158
* Refactor database configuration methods
- Move effectiveDatabaseUrl method from env.ts to database.ts as getEffectiveDatabaseUrl function
- Remove validateDatabaseConfiguration method from env.ts as validation is handled by decorators
- Maintain clean separation of concerns between environment and database modules
* Pass database options directly to Sequelize constructor
- Replace URL construction with direct Sequelize configuration object
- Support both DATABASE_URL string and individual component object configurations
- Maintain common Sequelize options for both configuration types
- Improve error messaging for different configuration scenarios
* remove spurious comments
* tsc
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>
This PR contains the necessary work to make Outline an OAuth provider including:
- OAuth app registration
- OAuth app management
- Private / public apps (Public in cloud only)
- Full OAuth 2.0 spec compatible authentication flow
- Granular scopes
- User token management screen in settings
- Associated API endpoints for programatic access
* fix: Handle index collision when creating a collection
* move to sequelize hooks
* index maxLen parity between api and model
* remove beforeUpdate hook
* use common indexLen in model
* beforeUpdate hook..
* test
* Add SMTP_SERVICE environment variable for well-known services
* Fix PR #8777: Restore code in teams.ts and users.ts
* The rest of the work
* fix validation
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom.moor@gmail.com>
* Migration
* Store previous subdomains
* Redirect previous subdomains at service layer
* refactor
* refactor
* change index
* Guard logic to hosted only
* fix: Files from local storage provider sometimes returned with incorrect content type
* fix: attachments.createFromUrl response values incorrect for successful upload
* fix: Reduce liklihood of image download requests being blocked on server
* fix: Content with HTML images should never be considered as markdown
* fix: Image caption sometimes uncentered
* test
