- 27 Sep, 2023 3 commits
-
-
Robert Knight authored
Try to reduce conflicts when merging dependency updates by grouping updates for related packages. See https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#groups
-
Robert Knight authored
This allows Prettier to be used to format files in `.github/` for example.
-
dependabot[bot] authored
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 6.7.0 to 6.7.2. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.2/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
- 25 Sep, 2023 11 commits
-
-
Alejandro Celaya authored
-
dependabot[bot] authored
Bumps [rollup](https://github.com/rollup/rollup) from 3.29.2 to 3.29.3. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v3.29.2...v3.29.3) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [eslint](https://github.com/eslint/eslint) from 8.49.0 to 8.50.0. - [Release notes](https://github.com/eslint/eslint/releases) - [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md) - [Commits](https://github.com/eslint/eslint/compare/v8.49.0...v8.50.0) --- updated-dependencies: - dependency-name: eslint dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [axe-core](https://github.com/dequelabs/axe-core) from 4.8.1 to 4.8.2. - [Release notes](https://github.com/dequelabs/axe-core/releases) - [Changelog](https://github.com/dequelabs/axe-core/blob/develop/CHANGELOG.md) - [Commits](https://github.com/dequelabs/axe-core/compare/v4.8.1...v4.8.2) --- updated-dependencies: - dependency-name: axe-core dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1459.0 to 2.1463.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Commits](https://github.com/aws/aws-sdk-js/compare/v2.1459.0...v2.1463.0) --- updated-dependencies: - dependency-name: aws-sdk dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.15 to 10.4.16. - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](https://github.com/postcss/autoprefixer/compare/10.4.15...10.4.16) --- updated-dependencies: - dependency-name: autoprefixer dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.6.0 to 6.7.2. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.2/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@types/dompurify](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/dompurify) from 3.0.2 to 3.0.3. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/dompurify) --- updated-dependencies: - dependency-name: "@types/dompurify" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@sentry/cli](https://github.com/getsentry/sentry-cli) from 2.20.7 to 2.21.1. - [Release notes](https://github.com/getsentry/sentry-cli/releases) - [Changelog](https://github.com/getsentry/sentry-cli/blob/2.21.1/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-cli/compare/2.20.7...2.21.1) --- updated-dependencies: - dependency-name: "@sentry/cli" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.69.0 to 7.70.0. - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-javascript/compare/7.69.0...7.70.0) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
Robert Knight authored
Ignore port requests in `PortProvider` where the `MessageEvent.source` property is null. This can happen if the source was removed before our message event handler was called. This attempts to resolve https://hypothesis.sentry.io/issues/3987392274.
-
- 19 Sep, 2023 3 commits
-
-
Robert Knight authored
Allow the host frame to explicitly reject a request for a message channel by setting the `Message.error` property. Previously other frames could only wait for requests to time out. This allows the sidebar to display an error much sooner if it gets reloaded and cannot reconnect to the host frame. Part of https://github.com/hypothesis/client/issues/4095
-
Robert Knight authored
These checks had not been updated for the addition of the "profile" application. Also at a conceptual level the responsibility for deciding which types of frames are allowed to connect to each other belongs to the `PortProvider` in the host frame, not the `PortFinder` in other frames.
-
Robert Knight authored
If the `<hypothesis-sidebar>` element is moved around in the DOM, this can cause the sidebar to reload. There may also be other causes of the sidebar reloading (eg. process crash for out-of-process iframe?). If the sidebar loads a second time, it will fail to connect to the host frame since `PortProvider` will try to re-use the `MessageChannel` it has already allocated, but sending that channels ports will fail since they have already been transferred. Recovering from this scenario fully involves a lot of changes since all the places that have a connection to the sidebar would need to support replacing that channel. Also various state in host/guest frames (eg. currently loaded annotations) will be out of sync and need resetting. What this commit does is just to handle the situation more gracefully, by logging a meaningful error in the console and, after a delay, showing an error message in the sidebar telling the user to reload the page. This also avoids spamming Sentry [1] with errors about a situation that is out of our control. We get a lot of error reports about this each month, mainly from certain high-traffic pages that embed the client, but so far no actual complaints from users about Hypothesis not working. Therefore it doesn't yet seem valuable enough to do all the work to recover from a sidebar frame reload automatically. [1] https://hypothesis.sentry.io/issues/2975780063/
-
- 18 Sep, 2023 10 commits
-
-
dependabot[bot] authored
Bumps [sinon](https://github.com/sinonjs/sinon) from 15.2.0 to 16.0.0. - [Release notes](https://github.com/sinonjs/sinon/releases) - [Changelog](https://github.com/sinonjs/sinon/blob/main/docs/changelog.md) - [Commits](https://github.com/sinonjs/sinon/compare/v15.2.0...v16.0.0) --- updated-dependencies: - dependency-name: sinon dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [sass](https://github.com/sass/dart-sass) from 1.66.1 to 1.67.0. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](https://github.com/sass/dart-sass/compare/1.66.1...1.67.0) --- updated-dependencies: - dependency-name: sass dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [rollup](https://github.com/rollup/rollup) from 3.28.1 to 3.29.2. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v3.28.1...v3.29.2) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [axe-core](https://github.com/dequelabs/axe-core) from 4.7.2 to 4.8.1. - [Release notes](https://github.com/dequelabs/axe-core/releases) - [Changelog](https://github.com/dequelabs/axe-core/blob/develop/CHANGELOG.md) - [Commits](https://github.com/dequelabs/axe-core/compare/v4.7.2...v4.8.1) --- updated-dependencies: - dependency-name: axe-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [aws-sdk](https://github.com/aws/aws-sdk-js) from 2.1450.0 to 2.1459.0. - [Release notes](https://github.com/aws/aws-sdk-js/releases) - [Commits](https://github.com/aws/aws-sdk-js/compare/v2.1450.0...v2.1459.0) --- updated-dependencies: - dependency-name: aws-sdk dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 6.5.0 to 6.7.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.7.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@types/katex](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/katex) from 0.16.2 to 0.16.3. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/katex) --- updated-dependencies: - dependency-name: "@types/katex" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@types/hammerjs](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/hammerjs) from 2.0.41 to 2.0.42. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/hammerjs) --- updated-dependencies: - dependency-name: "@types/hammerjs" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@sentry/browser](https://github.com/getsentry/sentry-javascript) from 7.68.0 to 7.69.0. - [Release notes](https://github.com/getsentry/sentry-javascript/releases) - [Changelog](https://github.com/getsentry/sentry-javascript/blob/develop/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-javascript/compare/7.68.0...7.69.0) --- updated-dependencies: - dependency-name: "@sentry/browser" dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.22.15 to 7.22.20. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.22.20/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
- 15 Sep, 2023 3 commits
-
-
Robert Knight authored
Fix an issue where multiple Hypothesis sidebar (and possibly notebook, profile etc.) iframes could get created when saving a local snapshot of a web page where Hypothesis was loaded. This would lead to one of the sidebars not functioning because the host frame only allows one sidebar to connect. Aside from there being multiple sidebars, there are other problems in such an environment, such as the URL not matching the original page URL. Hence this commit handles this scenario by detecting it when the annotator bundle loads, removing the existing `<hypothesis-sidebar>` element and then aborting startup. The end result for the user is that if they save a snapshot of a page with Hypothesis loaded and later reload it, the visible highlights will still appear in the page but other Hypothesis UI elements will not be visible. The scenario described here applies in Chrome when saving a snapshot with the "Web Page, Complete" file type. If the user instead selects "Web Page, HTML only" or "Web Page, single file" they will get different results, but those were already not problematic because no JS was executed. Fixes https://github.com/hypothesis/client/issues/5827
-
Robert Knight authored
This is only relevant in the edge case that `document.documentElement` is null.
-
Robert Knight authored
`documentElement` is never null in "normal" circumstances, but it can be `null` if something explicitly removes the root element from the document, and this situation has apparently occurred in the wild on some ChromeOS devices [1]. [1] https://hypothesis.sentry.io/issues/3987992034
-
- 14 Sep, 2023 2 commits
-
-
Robert Knight authored
Annotations received from the API always have a non-empty `target` array, as do annotations and replies created locally that have not yet been saved. Unsaved Page Notes were an exception. This led to an error [1] when hovering a new unsaved page note in a VitalSource book, due to code not handling an empty `target` array. Resolve this by initializing the `target` field of new page notes in the same way as replies and annotations (minus the `selector` property that annotations have). [1] https://hypothesis.sentry.io/issues/3745569320/
-
Robert Knight authored
Fix an old crash [1] when attempting to create an annotation if groups have not yet loaded. In this case there is no focused group for the new annotation to be associated with. The handling for now is to just ignore the request and delete the highlight in the guest, similar to how we handle the case where the user is not logged in, except we don't show the login panel. [1] https://hypothesis.sentry.io/issues/4412536210/
-
- 13 Sep, 2023 2 commits
-
-
Robert Knight authored
Work around an exception when testing for shortcuts in `keydown` event handlers, if the handler is called with an argument that is not a `KeyboardEvent`, and is missing the expected `key` property. The workaround has been added to `matchShortcut` because it is easier to do there than remember for each `keydown` event handler, although there is a risk that other code in these handlers could get caught out by the same issue. I was able to reproduce this problem locally in Chrome 118 when using autofill to insert text into the search input field (see comments), though there might be other causes as well. This should fix https://hypothesis.sentry.io/issues/3987386810/?project=69811
-
Robert Knight authored
The `store.defaultContentFrame` selector had an incorrect return type, `Frame` instead of `Frame|null`, because `frames[0]` has the static type `Frame`, even though this can actually return undefined at runtime. As a result, TypeScript didn't catch a missing null check when generating the default filename for the export. Fixes https://github.com/hypothesis/client/issues/5818
-
- 12 Sep, 2023 1 commit
-
-
Robert Knight authored
- Add links at the top of the Import and Export tabs to a knowledge base article with information about using these features for various workflows. - Use a `<label>` for the "Select Hypothesis export file", since it is logically a label. This label is associated to the file input via `htmlFor`, but note the custom file input will still read the fixed button text ("Select a file") - Make labels bold in Import / Export tab to make them stand out against the help text, and also for consistency with the "Share" tab Part of https://github.com/hypothesis/client/issues/5783
-
- 11 Sep, 2023 5 commits
-
-
Robert Knight authored
-
Robert Knight authored
Allow the embedder frame to specify a list of feature flags that should be overridden in addition to those enabled in the H user profile. This will be used in the Hypothesis LMS app to enable feature flags to be turned on at the level of an LMS app installation, rather than for individual users. The ability to override flags has been limited to embedders (in practice, our LMS app) to try and avoid a situation where arbitrary web pages enable, and become dependent upon, feature flags that we later remove. The flags coming from the embedder add to, rather than replacing, the profile flags. This has been done to avoid a confusing situation where a feature flag that is enabled for "everyone" in H actually ends up not being enabled for all users due to eg. the LMS app disabling it for certain installations. Part of https://github.com/hypothesis/client/issues/5803 - Change `ConfigFromHost` type to only include settings that can come from either the host frame or embedder frame. Settings that can only come from a specific context have been moved into the `ConfigFromAnnotator` or `ConfigFromEmbedder` types respectively. - Add `features` config to `ConfigFromEmbedder` - Add `features` store method which combines feature flags from profile and global settings - Replace some references to `Config*` types in `build-settings-test.js`. The type references were wrong because RPC calls return the `ConfigFromEmbedder` type, not `ConfigFromHost`.
-
Alejandro Celaya authored
-
dependabot[bot] authored
Bumps [@babel/preset-typescript](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-typescript) from 7.22.11 to 7.22.15. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.22.15/packages/babel-preset-typescript) --- updated-dependencies: - dependency-name: "@babel/preset-typescript" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-
dependabot[bot] authored
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.22.14 to 7.22.15. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.22.15/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
-