Merge remote-tracking branch 'origin/devel' into feature/profiles

Author: evilaliv3

.github/ISSUE_TEMPLATE/bug_report.yml

@@ -22,6 +22,7 @@ body:
         - Safari
         - All
         - Other
+        - N/A
   - type: dropdown
     id: os
     attributes:
@@ -33,6 +34,9 @@ body:
         - Android
         - iOS
         - Linux
+        - All
+        - Other
+        - N/A
     validations:
       required: true
   - type: textarea

.github/ISSUE_TEMPLATE/feature_request.yml

@@ -7,13 +7,6 @@ body:
     id: proposal
     attributes:
       label: Proposal
-      description: Provide detailed information about your feature idead including references to related work.
-    validations:
-      required: true
-  - type: textarea
-    id: motivation
-    attributes:
-      label: Motivation and context
-      description: Tell us why you consider this feature or change is needed or would be helpful, and what problems it may help solve.
+      description: Provide detailed information about your feature ideas including references to related work.
     validations:
       required: true

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,9 +1,8 @@
-Before you submit a pull request, please make sure:
+Before submitting a pull request, please ensure the following:
 
-- [ ] The pull request should include a description of the problem you're trying to solve
-- [ ] The pull request should include overview of the suggested solution
-- [ ] If the pull requests changes current behavior, reasons why your solution is better.
-- [ ] The proposed code should be fully functional
-- [ ] The proposed code should contain tests relevant to prove is functionality
-- [ ] The proposed tests should ensure significative code coverage
-- [ ] All new and existing tests should pass
+- [ ] The pull request includes a description of the problem you're trying to solve.
+- [ ] The pull request provides an overview of the suggested solution.
+- [ ] The proposed code is fully functional.
+- [ ] The proposed code includes relevant tests to verify its functionality.
+- [ ] All new and existing tests pass successfully.
+- [ ] Overall code quality and test coverage metrics are not reduced by more than 0.5%

.github/workflows/build.yml

@@ -22,4 +22,4 @@ jobs:
       - name: Run tests
         run: |
           cd $GITHUB_WORKSPACE
-          ./.github/workflows/scripts/run-build.sh
+          ./.github/workflows/scripts/run_build.sh

.github/workflows/scripts/run-tests.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+backend_test_failed=0
+
+setupBackend() {
+  cd $GITHUB_WORKSPACE/backend  # to install backend dependencies
+  pip3 install -r requirements/requirements-$(lsb_release -cs).txt
+}
+
+setupClient() {
+  cd $GITHUB_WORKSPACE/client  # to install frontend dependencies
+  npm install -d
+  ./node_modules/grunt/bin/grunt build_and_instrument
+}
+
+echo "Running setup"
+sudo apt-get update
+sudo apt-get install -y tor
+npm install -g grunt grunt-cli
+pip install coverage
+
+setupBackend
+setupClient
+
+# Running backend tests
+echo "Running backend tests"
+cd $GITHUB_WORKSPACE/backend && coverage run setup.py test
+if [ $? -ne 0 ]; then
+  backend_test_failed=1
+fi
+
+cd $GITHUB_WORKSPACE/backend && coverage xml
+bash <(curl -Ls https://coverage.codacy.com/get.sh) report -l Python -r $GITHUB_WORKSPACE/backend/coverage.xml
+
+if [ $backend_test_failed -eq 1 ]; then
+  echo "Backend unit tests: FAILED"
+  exit 1
+else
+  echo "Backend unit tests: PASSED"
+  exit 0
+fi

.github/workflows/scripts/run-build.sh renamed to .github/workflows/scripts/run_build.sh

@@ -0,0 +1,41 @@
+#!/bin/bash
+
+client_test_failed=0
+
+setupBackend() {
+  cd $GITHUB_WORKSPACE/backend  # to install backend dependencies
+  pip3 install -r requirements/requirements-$(lsb_release -cs).txt
+}
+
+setupClient() {
+  cd $GITHUB_WORKSPACE/client  # to install frontend dependencies
+  npm install -d
+  ./node_modules/grunt/bin/grunt build_and_instrument
+}
+
+echo "Running setup"
+sudo apt-get update
+sudo apt-get install -y tor
+npm install -g grunt grunt-cli
+setupBackend
+setupClient
+
+$GITHUB_WORKSPACE/backend/bin/globaleaks -z
+sleep 5
+
+# Running client tests locally
+echo "Running client tests locally collecting code coverage"
+cd $GITHUB_WORKSPACE/client && npm test
+if [ $? -ne 0 ]; then
+  client_test_failed=1
+fi
+
+bash <(curl -Ls https://coverage.codacy.com/get.sh) report -l TypeScript -r $GITHUB_WORKSPACE/client/cypress/coverage/lcov.info
+
+if [ $client_test_failed -eq 1 ]; then
+  echo "Client tests: FAILED"
+  exit 1
+else
+  echo "Client tests: PASSED"
+  exit 0
+fi

.github/workflows/scripts/run_tests_backend.sh

@@ -0,0 +1,28 @@
+name: Tests (B)
+
+on: [ push, pull_request ]
+
+# Declare default permissions as read only.
+permissions: read-all
+
+env:
+  CODACY_PROJECT_TOKEN: ${{ secrets.CODACY_PROJECT_TOKEN }}
+
+jobs:
+  run_tests:
+    runs-on: "ubuntu-latest"
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        with:
+          fetch-depth: 1
+
+      - name: Install git
+        run: |
+          sudo apt-get update -q
+          sudo apt-get install -y git
+
+      - name: Run tests
+        run: |
+          cd $GITHUB_WORKSPACE
+          ./.github/workflows/scripts/run_tests_backend.sh

.github/workflows/scripts/run_tests_client.sh

@@ -1,4 +1,4 @@
-name: Test
+name: Tests (C)
 
 on: [ push, pull_request ]
 
@@ -25,4 +25,4 @@ jobs:
       - name: Run tests
         run: |
           cd $GITHUB_WORKSPACE
-          ./.github/workflows/scripts/run-tests.sh
+          ./.github/workflows/scripts/run_tests_client.sh

.github/workflows/test-backend.yml

@@ -1,3 +1,117 @@
+Changes in version 5.0.43
+    Correct regression on logs missing newlines introduced in 5.0.38
+
+Changes in version 5.0.42
+    Fix possibility to vary expiration date if default data retention policy is disabled
+
+Changes in version 5.0.41
+    Re-add markdown support to recipients and context descriptions (#4364)
+    Bump client dependencies to latest version
+
+Changes in version 5.0.40
+    Fix visualization of enforced recipients broken in 5.0.0
+
+Changes in version 5.0.39
+    Ensure voice questions could work when defined in question templates
+    Bump pdfjs again to v4 with proper packaging
+    Bump client dependencies to latest version
+
+Changes in version 5.0.38
+    Correct PDF viewer re-including pdfjs v3
+
+Changes in version 5.0.37
+    Fix visualization of uploaded configuration files
+    Revise detection and messaging about unsupported browsers
+    Bump client dependencies to latest versions
+
+Changes in version 5.0.36
+    Fix loading of customizations in compatibility with new CSP
+
+Changes in version 5.0.35
+    Revise implementation of CSP in relation to 'report-sample' directive
+
+Changes in version 5.0.34
+    Revise Trusted-Types implementation enforcing usage of a 'default' policy
+    Implement handler to collect reporting of attemps of violation to the Content Security Policy
+    [doc] Extend documentation adding detail about the revisions on the Content Security Policy
+
+Changes in version 5.0.33
+    Complete implementation of CSP policy based on Trusted-Types
+    Enforce validation of every admin config or user input by means of DOMPurify
+    Restrict usage of CSS inline scripts (#4345) as previously done on v4
+    Fix bug in gl-admin utility preventing possibility to reset 2fa
+    Correct feature of re-ordering of questions options (#4348)
+    Fix issues #4341, #4344
+    Improve packaging of css libraries and overrides
+    Bump client dependencies to latest versions
+    Update translations
+
+Changes in version 5.0.32
+    Revise language changes utilities in relation to issue #4315
+    Fixed validation of multistep questionnaires and extend validation to files (#4336)
+    Remove redundant rel=noreferrer made unnecessary by ReferrerPolicy header
+    Revise markdown implementation ensuring links are opened always in a new tab
+    Ensure to strip every HTML tag (including safe tags) with DOMPurify before parsing markdown.
+    [doc] Revise application security document in reference to external links protections
+    [doc] Extend documentation adding detail on usage of DOMPurify to filter markdown input
+    Fix issues #4340 and #4338
+
+Changes in version 5.0.31
+    Revise mock implementation fixing continous reloading on some setups
+
+Changes in version 5.0.30
+    Temporarily rollback changes related to enforcing mandatory file uploads or oral messages
+    introduced in 5.0.26 that seems to be causing improper form validation.
+
+Changes in version 5.0.29
+    Fix regression on questionnaire validation introduced in release 5.0.26 (#4321)
+
+Changes in version 5.0.28
+    Fix bug in relation to loader not getting removed
+    Revise margins on UI components of the homepage
+    Fix bug and performance on mock implementation using MutationObserver
+    Bump client dependencies to latest version
+    Update translations
+
+Changes in version 5.0.27
+    Fix issue #4308
+    Fix color of SupportLink
+    Bump client dependencies to latest versions
+
+Changes in version 5.0.26
+    Deprecate (at least temporarely) states motivations for reasons discussed on #4201 with the core globaleaks community.
+    Revise regular expression for email validation to allow domains with tld longer than 5 characters (#4309)
+    Fix inclusion of pdfjs library fix issue on opening PDF files with integrated file viewer
+    Fix issue on loading of images causing white page on settings page (#4311)
+    Fix mandatory checks on file uploads and voice recordings
+    Fix exception on email generation when users has disabled notifications
+    Bump client dependencies to latest versions
+
+Changes in version 5.0.25
+    Revise receiver and context images style (#4303)
+    Revise path checks in relation to adminonly configurations
+    Properly communicate to users when a password reset token is expired
+    Bump client dependencies to latest version
+
+Changes in version 5.0.24
+    Fix proper visualization of checkboxes and datepickers
+
+Changes in version 5.0.23
+    Fix visualization of steps with no questions (#4298)
+
+Changes in version 5.0.22
+    Correct position of tooltips on questions' hint
+    Enable recipients whistleblowers to leave comments even if report status is closed (#4293)
+    Revise configuration of chunk file uploader
+    Bump client dependencies to latest version
+    Fix pagination style merging changes of 4205edef
+    Fix exception when file upload happens during expired user session
+
+Changes in version 5.0.21
+    Fix translation of report statuses in case labels are left empty by mistake
+    Bump client dependencies to latest versions
+    Uptate translations
+
 Changes in version 5.0.20
     Fix retrival of account recovery key when 2FA is enabled
 

.github/workflows/test.yml renamed to .github/workflows/test-client.yml

@@ -77,9 +77,11 @@ Before you submit your Pull Request consider the following guidelines:
 
 7. Run the full GlobaLeaks test suite and ensure that all tests pass.
 
-8. Commit your changes using a descriptive commit message.
+8. Ensure overall code quality and test coverage metrics are not reduced by more than 0.5%
 
-9. In GitHub, send a pull request to `GlobaLeaks:main`.
+9. Commit your changes using a descriptive commit message.
+
+10. In GitHub, send a pull request to `devel` branch.
 
 ## <a name="donate"></a> Donations <img src="https://raw.githubusercontent.com/globaleaks/globaleaks-whistleblowing-software/stable/brand/assets/heart.svg" alt="heart icon" width="24" />
 As a pure community-driven project without major corporate backing, we also welcome [donations](https://github.com/sponsors/globaleaks).