* feat: socket.io 3 changes
* feat: replace socketio-wildcard with socket.onAny
up socket.io-redis to 6.x
* feat: remove mongodb/psql socket.io adapters
* feat: show data on fail
* fix: tests
* fix: typo
* fix: logger test fix
* fix: logger.io_close
* chore: up deps
* chore: update readme to reflect redis requirement
* fix: increase timeout show data if test fails
fix category link redirect on cold load
fix helpers.redirect if passed in url is external
fix ajaxify so it doesn't slice first character of external url
display latest posts instead of oldest in topic rss feed
fix missing await that was causing rss_tokens to not function
fix feed test
more tests for getTopicWithPosts
* feat: #8444 Allow nested objects in translations
* feat: #8444 Allow nested objects in translations
* style: don't change formatting
* fix: don't use the first string match if key isn't finished
* feat: #8444 Allow nested objects in translations
* feat: #8444 Allow nested objects in translations
* style: don't change formatting
* fix: don't use the first string match if key isn't finished
* feat: add nested translations test
* feat: allow invites in normal registration mode + invite privilege
* feat: select groups to join from an invite
* test: check if groups from invitations have been joined
* fix: remove unused variable
* feat: write API versions of socket calls
* docs: openapi specs for the new routes
* test: iron out mongo redis difference
* refactor: move inviteGroups endpoint into write API
* refactor: use GET /api/v3/users/:uid/invites/groups
Instead of GET /api/v3/users/:uid/inviteGroups
* fix: no need for /api/v3 prefix when using api module
* fix: tests
* refactor: change POST /api/v3/users/invite
To POST /api/v3/users/:uid/invites
* refactor: make helpers.invite awaitable
* fix: restrict invite API to self-use only
* fix: move invite groups controller to write api, +tests
* fix: tests
Co-authored-by: Julian Lam <julian@nodebb.org>
* feat: allow passwords longer than 73 characters
Context: A bcrypt/blowfish limitation means that password length is capped at 72 characters. We can get around this without compromising on security
by hashing all incoming passwords with SHA512, and then sending that to bcrypt.
https://dropbox.tech/security/how-dropbox-securely-stores-your-passwords
* feat: add additional test for passwords > 73 chars
* fix: remove 'password-too-long' error message and all invocations
* test: added test to show that a super long password won't bring down NodeBB
* fix: remove debug log
* Revert "fix: remove 'password-too-long' error message and all invocations"
This reverts commit 1e312bf7ef7e119fa0f1bd3517d756ca013d5e79.
* fix: added back password length checks, but at 512 chars
As processing a large string still uses a lot of memory
Barış Soner Uşaklı
Julian Lam
Barış Soner Uşaklı
Opliko
gasoved