This reverts commit 49b29bfed6 (#863).
The design of this feature is still under discussion; we expect it to
return after the security release.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Zulip servers in production are designed to only serve content over
HTTPS. And a development environment's root page will be served over
HTTP.
So there is no purpose in enabling allowInsecureContent, even
conditionally for use against Zulip development environments; we should
just remove the setting.
Set the tray icon’s context menu immediately after creating the Tray
object. This seems to prevent an Electron segfault at startup on
certain platforms, such as Ubuntu 16.04 i386. See
https://github.com/electron/electron/issues/22652 and its linked
issues.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
And enable the import/unambiguous ESLint rule as a check on our
partition between scripts and modules. After this commit, if you add
a new file and get this error:
✖ 1:1 This module could be parsed as a valid script. import/unambiguous
* For a module, add an `import` or `export` declaration to make the
file unambiguously a module (the empty `export {};` declaration
suffices).
* For a script, add the file to the xo overrides section of
package.json that marks it "sourceType": "script", and add a 'use
strict' declaration.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
Commit 088ddf9c62 (#755) does not work,
because neither the .env file nor the environment variables it
provides are available to normal users at runtime. This silently
broke Sentry data collection. When we upgraded @sentry/electron in
commit 107e522914, the silent failure
became an error that prevented the app from starting.
The Sentry DSN is not a secret, so we should just commit it to the
repository.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
The changes are mostly done via `xo --fix`; the other changes are
either trivial or disabling new linter rules that we plan to address
in future commits.
The changes here are mostly straightforward; the one exception is
removing a zulipdev.org hack.
We disable some lint rules we'll want to address later (E.g. we want
to switch to using async/await rather than .then()). But those are
out of scope for this commit.
This updates most of our direct dependencies to much newer versions
(Electron v6, with compatible versions of related packages like
Spectron).
Further, it updates all of our recursive dependencies with `npm update
--depth=999`.
Modified by tabbott to migrate to async/await for dialogs rather than
the old synchronous API.
Moves the social login to browser since there
was no way to verify the authencity of the
auth process for a custom server and to
prevent phishing attacks.
Fixes#849.
Co-authored-by: Kanishk Kakar <kanishk.kakar@gmail.com>
