* add another check if previous gear is owned
* respect gear purchase order
* catch error with miscalculation of equipment number floor
* add integration test for proper equipment purchasing order
* fix syntax
* add 'previousGearNotOwned' string
* rewrite logic for different starting levels for wep vs others
* separate and add tests for armor and weapon
* rename variable for clarification
* skip check if itemIndex is NaN
* change obscure NaN check for readability
* change conditional from checking NaN to Int
* Validate that everyX values are integers bounded by 0 and 9999
* Added client side check
* Updated tests
* Added migration for bad dailies
Near idential to the other task migration.
* fix(typo): camelCase function call
* Fixed bug that allows users to complete todo and daily multiple times
* Added tests
* Fix syntax
* Fix existing tests that rely on multiple complete or uncomplete
* Undoes removal of website/client/README.md
* Change sessionOutdated string to reflect separate client needs
* Fix should update history test by changing lastCron
* Updated userItemsNotEnough string
* Added a variable to be passed to the deleteSocialAccountText string. This variable name is `magic_word` and is set as DELETE where used
* modified incorrectDeletePhrase to use a variable rather than translatable string for the word DELETE. Updated the DELETE-user test and the user api
* Changed noSudoAccess from translatable string to static
* Changed enterprisePlansEmailSubject from a translatable string to a static string within groupPlans.vue
* Fixed test problems with translation fixes
* Added no sudo access string to api messages
* changed plain string to apiMessage for no sudo access messages
* Remove flag from system messages, throw an error if system messages are flagged
* Modify unflag system message test to check if flagging a system message throws an error
* Move email from nconf to top
* allow banned word / swearword blocker to apply to all public guilds, with specified exceptions
* add another guild
* add more guilds to those that do not have the bannedWords blocker applied
* fix lint errors
* start to fix modals
* fixed cards paddings
* fix notifications not being marked as read
* add tests for reading a notification
* fixed indentation and added tests for reading multiple notifications
* register from home page using enter key
* test get party challenges by party ID
* tavern challenge tests; failing tests with ID 'party' or 'habitrpg'
* allow finding challenges by groupid 'party' or 'habitrpg'
* use single quotes in strings
* move emails images to website/static/emails and remove old files
* remove old client tests
* remove more files
* add sprites back
* cleanup gulp
* cleanup gulp
* remove old files
* more fixes
* pin bootstrap-vue
* disable old test
* remove old tasks
* fix apidoc
* Added removing invites
* Addeed messages for empty gems to icon
* Added member for challenge members
* Fixed task cloning ending
* Fixed group task assignment
* Added small hack to prevent scrolling issues
* Fixed lint
* start work on porting the reset password page
* add new api route for setting a new password after a reset
* wip client page
* port tests
* wip
* fix linting
* skip tests
* remove excess brace on settings > subscription screen
* prevent User icon > Settings > Subscription page from crashing when subscription has termination date
* stop subscription modal from pitching subscription to a subscriber
* change placeholder text from Username to Login Name for consistency with other login/register forms
* fix test for POST-tasks_user -- streak and dateCompleted weren't being tested correctly
* prevent tag selector from appearing in edit screen for a challenge's own tasks
* restore Restore Streak when editing a user's Dailies (including their own copies of Challenge and Group Plan Dailies)
* remove failing streak test
* Added flagging to show to admins
* Fixed filters in my guilds
* Fixed login incentives style
* Added inital rage bar
* Added categoires to get group
* Updated profile stats page
* Added stat allocation
* Updated tests to include categoires
* Fixed lint issue
* Added another lint fix
* Links stay white on hover
* Fixed task icon color
* Disabled plus button when needed
* Fixed difficulty color
* Fixed task reward color
* Updated create styles
* Fixed group plan link
* Fixed second group test modal
* Added login incentives
* Fixed group notification clear
* Show baily correctly
* Styled armoire notification
* Fixed contributor achievement styles
* Fixed death
* Fixed drop styles
* Fixed invited friend modal
* Fixed joined challenge achievement style
* Fixed joined guild style
* Fixed level up styles
* Updated low health styles
* Fixed bailey styles
* Updated quest completed
* Added soem conditionals to hide modals
* Added rebirth styles
* Fixed rebirth enable styles
* Fixed streak styles
* Fixed testing modals
* Fixed ultimate gear achievement
* Fixed won challenge
* Set user to welcomed if created on mobile
* Removed old default tasks
* Began adding more options to avatar
* Added change class
* Inbox to messages
* Moved profile to menu
* Added user modal for viewing a user and send message
* Fixed conversations
* Fixed lint
* Fixed challenges sending to server
* Added challenge progress view
* Fixed group sync after pay
* Fixed some group accepting features
* Fixed initial chat loading
* Fixed some exitence errors
* Added user names to assigned
* Added upgrade link
* Began adding new payment flow
* Added default tasks
* Updated avatar styles
* Updated tutorial styles
* Rebuilt notifications and styles
* Updated upload script
* Fixed lint
* Added default tasks back to mobile and added updated tests
* More test fixes
* create new summary field for challenges
* finish implementating summary for challenges, add some support for guilds
* make small improvements to challenges code
* fix lint errors
* add more code to support summaries for guilds (still more needed)
* fix existing tests by adding summary field
* make existing tests pass
* WIP make "Public Challenges" text translatable
* change "leader" locale key to "guildOrPartyLeader" to make searches for it easier
* remove v-once from h2 headings
* remove failed attempt to localise text in <script>
* add quick-and-dirty error checking for guild not having categories
* make "Public Challenges" text translatable
* rename final ...PlaceHolder strings to ...Placeholder (lower-case "h") for consistency with existing Placeholder strings
* Forced full refresh after deletE
* Fixed styles on firefox
* Removed instagram link
* Added information to modal
* Fixed deleteing and task keeping
* Added redirect to challenge detail after created
* Updated challenge item styles
* Added new limit option to challenges
* Fixed some purchasing issues with backgrounds
* Added more background styles
* Fixed some menu styles
* Initial old client removal
* Added cross-env
* removed bower and fixed lint
* Made interceptor errors use notify
* Removed old client tests and fixed lint
* Added stripe payment for group plan
* Began adding amazon
* Added amazon payments for group
* Added get group plans route
* Added group plan nav
* Added initial task page
* Added create and edit group plans
* Added initial approval header and footer
* Added assignment and approved requirement
* Added minor text fixes
* Added inital approval flow
* Added approval modal
* Removed always true
* Added more styles for filters
* Added search
* Added env vars
* Fixed router issues
* Added env to social login
* Fixed merge conflict
* issue 8812 - added the list of bad words matched to the postChat error message.
* issue 8812 - added the list of bad words matched to the postChat error message.
* issue 8812 - some refactoring, fixed relevant tests, and lint rules refactor
* small fix for unnecessary empty array
* added test and did some small refactoring
* lint error fix
* issue 8812 - added the list of bad words matched to the postChat error message.
* issue 8812 - some refactoring, fixed relevant tests, and lint rules refactor
* small fix for unnecessary empty array
* added test and did some small refactoring
* lint error fix
* add test to check the error message contains the banned words used
* improve banned words test
* issue 8812 - added the list of bad words matched to the postChat error message.
* issue 8812 - some refactoring, fixed relevant tests, and lint rules refactor
* small fix for unnecessary empty array
* added test and did some small refactoring
* lint error fix
* issue 8812 - added the list of bad words matched to the postChat error message.
* issue 8812 - some refactoring, fixed relevant tests, and lint rules refactor
* add test to check the error message contains the banned words used
* improve banned words test
* merge with develop - aligned banned slurs check with banned words check
* Added challenges section
* Added public fields to guilds
* Added suggestion for habitica help guild
* Added categoires to group
* Added guild category filters
* Added guild filter by member count
* Removed console.log
* Updated group count in tests to account for newly created groups
* (server) Add parties array to store invites
* (server) Lint files
* Update joinGroup, rejectGroupInvite, _inviteByUUID, and remove clearPartyInvitation.js
* Update user schema: detailed 'invitations.parties' attributes
* Code improvement and do not let invite twice
* Check if the user is already invited earlier in the code
* Added message to invitation page, and show all invitations
* Added join party confirmation alert
* Small fixes
* Created test: allow inviting a user to 2 different parties
* Updated tests
* Update invitations.parties on more places
* Small adjustments
* Updates on invitations.party references
* Show all invitations when user is already in a party
* Fixed notifications counter
* Update both 'party' and 'parties' at _handleGroupInvitation
* Updated a test
* Fixed small mistake at _handleGroupInvitation
* More test update
* Update invitation.party when removing single invite and small adjust at view
* Added text to locale
* Added achievement to content and libs
* Added achievement modal
* Added achievement to notification model and controller
* Added achievement to user schema
* Grant achievement to inviter when user registers using emailed link
* Fix icon name
* Added integration test
* Fix linting
* Added sprite
* Initial psuedo-code for checking for slurs in messages
* Initial working prototype for blocking posting of slurs. Moved check from group.js to the chat api. Still needs: to permanently revoke chat privileges, to notify the moderators, a better method for checking for the blacklisted words, and a way to get the real list of words to check.
* Permanently revoke chat privileges when attempting to post a slur.
* Removed console logs
* Fixing rebase
* Do not moderate private groups
* Moved slur check to a generic check for banned words function
* Moved list of slurs to a separate file, fixed misplacement of return in ContainsBannedWords() function
* Slurs are blocked in both public and private groups
* Added code to send a slack message for slurs
* Fixed formatting issues
* Incorporated tectContainsBannedWords() function from PR 8197, added an argument to specify the list of banned words to check
* Added initial tests for blocking slurs and revoking chat priviliges
* Uncommented line to save revoked privileges
* Check that privileges are revoked in private groups
* Moved code to email/slack mods to chat api file
* Switched to BadRequest instead of NotFound error
* Restore chat privileges after test
* Using official placeholder slur
* Fixed line to export sendSubscriptionNotification function for slack
* Replaced muteUser function in user methods with a single line in the chat controller file
* Reset chatRevoked flag to false in a single line
* Switched method of setting chatRevoked flag so that it is updated locally and in the database
* First attempt at the muteUser function: revokes user's chat privileges and notifies moderators
* Manual merge for cherry-pick
* Initial working prototype for blocking posting of slurs. Moved check from group.js to the chat api. Still needs: to permanently revoke chat privileges, to notify the moderators, a better method for checking for the blacklisted words, and a way to get the real list of words to check.
* Permanently revoke chat privileges when attempting to post a slur.
* Removed console logs
* Created report to be sent to moderators via email
* Do not moderate private groups
* Moved slur check to a generic check for banned words function
* Moved list of slurs to a separate file, fixed misplacement of return in ContainsBannedWords() function
* Slurs are blocked in both public and private groups
* Added code to send a slack message for slurs
* Fixed formatting issues
* Incorporated tectContainsBannedWords() function from PR 8197, added an argument to specify the list of banned words to check
* Added initial tests for blocking slurs and revoking chat priviliges
* Uncommented line to save revoked privileges
* Check that privileges are revoked in private groups
* Moved code to email/slack mods to chat api file
* Switched to BadRequest instead of NotFound error
* Restore chat privileges after test
* Using official placeholder slur
* Fixed line to export sendSubscriptionNotification function for slack
* Replaced muteUser function in user methods with a single line in the chat controller file
* Reset chatRevoked flag to false in a single line
* Switched method of setting chatRevoked flag so that it is updated locally and in the database
* Removed some code that got re-added after rebase
* Tests for automatic slur muting pass but are incomplete (do not check that chatRevoked flag is true)
* Moved list of banned slurs to server side
* Added warning to bannedSlurs file
* Test chat privileges revoked when posting slur in public chat
* Fix issues left over after rebase (I hope)
* Added code to test for revoked chat privileges after posting a slur in a private group
* Moved banned slur message into locales message
* Added new code to check for banned slurs (parallels banned words code)
* Fixed AUTHOR_MOTAL_URL in sendTxn for slur blocking
* Added tests that email sent on attempted slur in chat post
* Created context for slur-related-tests, fixed sandboxing of email. Successfully tests that email.sendTxn is called, but the email content test fails
* commented out slack (for now) and cleaned up tests of sending email
* Successfully tests that slur-report-to-mods email is sent
* Slack message is sent, and testing works, but some user variables seem to only work when found in chat.js and passed to slack
* Made some fixes for lint, but not sure what to do about the camel case requirement fail, since that's how they're defined in other slack calls
* Slack tests pass, skipped camelcase check around those code blocks
* Fixed InternalServerError caused by slack messaging
* Updated chat privileges revoked error
* fix(locale): typo correction
* Fixed release pets/mounts achievements when fully earned and added unit tests for these changes
* Fixed release pets/mounts achievements to award only when fully earned and added unit tests for these changes, also fixed linting issues
* Updated variable assignments to make more readable
* Revised releaseBoth/Pets/Mounts to include null or undefined checks, also updated unit tests
* fixed integration tests
* add possibility for group to block members from getting gems
* fixes
* fix tests
* adds some tests
* unit tests
* finish unit tests
* remove old code
* test: test that admin users can update guilds
* test: test admin removeMember privileges
* fix: allow admins to edit guilds
* fix: add edit guild options for admins
* test: test that admin can't remove current leader
* Add error msg for removing current leader
* Taskwoods Quest Line (#8156)
* feat(content): Gold Quest 2016-10
* chore(news): Bailey
* chore(i18n): update locales
* chore(sprites): compile
* 3.49.0
* chore: update express
* Fix for the ReDOS vulnerability
habitica is currently affected by the high-severity [ReDOS vulnerability](https://snyk.io/vuln/npm:tough-cookie:20160722).
Vulnerable module: `tough-cookie`
Introduced through: ` request`
This PR fixes the ReDOS vulnerability by upgrading ` request` to version 2.74.0
Check out the [Snyk test report](https://snyk.io/test/github/HabitRPG/habitica) to review other vulnerabilities that affect this repo.
[Watch the repo](https://snyk.io/add) to
* get alerts if newly disclosed vulnerabilities affect this repo in the future.
* generate pull requests with the fixes you want, or let us do the work: when a newly disclosed vulnerability affects you, we'll submit a fix to you right away.
Stay secure,
The Snyk team
* Documentation - coupon
closes#8109
* fix(client): Allow member hp to be clickable
fixes#8016closes#8155
* chore(npm): shrinkwrap
* test: test isAbleToEditGroup
* Add isAbleToEditGroup to groupsCtrl
* Remove unnecessary ternary
* Fix linting
* Move edit permission logic out to groupsCtrl
* fix: change ternary to boolean
* Fix linting
* Fixed merge issues
