chore: add undici for oidc proxy support

apps/client/package.json

@@ -1,7 +1,7 @@
 {
   "name": "client",
   "private": true,
-  "version": "0.80.1",
+  "version": "0.80.0",
   "scripts": {
     "dev": "vite",
     "build": "tsc && vite build",
@@ -31,8 +31,8 @@
     "emoji-mart": "^5.6.0",
     "file-saver": "^2.0.5",
     "highlightjs-sap-abap": "^0.3.0",
-    "i18next": "25.10.1",
-    "i18next-http-backend": "3.0.6",
+    "i18next": "^25.10.1",
+    "i18next-http-backend": "^3.0.2",
     "jotai": "^2.18.1",
     "jotai-optics": "^0.4.0",
     "js-cookie": "^3.0.5",
@@ -42,7 +42,7 @@
     "mantine-form-zod-resolver": "^1.3.0",
     "mermaid": "^11.13.0",
     "mitt": "^3.0.1",
-    "posthog-js": "1.372.2",
+    "posthog-js": "1.370.0",
     "react": "^18.3.1",
     "react-arborist": "3.4.0",
     "react-clear-modal": "^2.0.18",
@@ -50,7 +50,7 @@
     "react-drawio": "^1.0.7",
     "react-error-boundary": "^6.1.1",
     "react-helmet-async": "^3.0.0",
-    "react-i18next": "16.5.8",
+    "react-i18next": "^16.5.8",
     "react-router-dom": "^7.13.1",
     "semver": "^7.7.4",
     "socket.io-client": "^4.8.3",
@@ -74,7 +74,7 @@
     "eslint-plugin-react-refresh": "^0.5.2",
     "globals": "^15.13.0",
     "optics-ts": "^2.4.1",
-    "postcss": "^8.5.12",
+    "postcss": "^8.5.8",
     "postcss-preset-mantine": "^1.18.0",
     "postcss-simple-vars": "^7.0.1",
     "prettier": "^3.8.1",

apps/client/src/ee/features.ts

@@ -8,7 +8,6 @@ export const Feature = {
   AI: 'ai',
   CONFLUENCE_IMPORT: 'import:confluence',
   DOCX_IMPORT: 'import:docx',
-  PDF_IMPORT: 'import:pdf',
   ATTACHMENT_INDEXING: 'attachment:indexing',
   SECURITY_SETTINGS: 'security:settings',
   MCP: 'mcp',

apps/client/src/ee/page-permission/components/page-permission-list.tsx

@@ -140,7 +140,7 @@ export function PagePermissionList({
         )}
       </Group>
 
-      <ScrollArea.Autosize mah={400} viewportRef={viewportRef}>
+      <ScrollArea mah={250} viewportRef={viewportRef}>
         {sortedMembers.map((member) => (
           <PagePermissionItem
             key={`${member.type}-${member.id}`}
@@ -158,7 +158,7 @@ export function PagePermissionList({
             <Loader size="xs" />
           </Center>
         )}
-      </ScrollArea.Autosize>
+      </ScrollArea>
     </>
   );
 }

apps/client/src/features/editor/components/attachment/upload-attachment-action.tsx

@@ -19,9 +19,7 @@ export const uploadAttachmentAction = handleAttachmentUpload({
   },
   validateFn: (file, allowMedia: boolean) => {
     if (
-      (file.type.includes("image/") ||
-        file.type.includes("video/") ||
-        file.type === "application/pdf") &&
+      (file.type.includes("image/") || file.type.includes("video/")) &&
       !allowMedia
     ) {
       return false;

apps/client/src/features/page/components/page-import-modal.tsx

@@ -12,7 +12,6 @@ import {
   IconCheck,
   IconFileCode,
   IconFileTypeDocx,
-  IconFileTypePdf,
   IconFileTypeZip,
   IconMarkdown,
   IconX,
@@ -91,14 +90,12 @@ function ImportFormatSelection({ spaceId, onClose }: ImportFormatSelection) {
   const markdownFileRef = useRef<() => void>(null);
   const htmlFileRef = useRef<() => void>(null);
   const docxFileRef = useRef<() => void>(null);
-  const pdfFileRef = useRef<() => void>(null);
   const notionFileRef = useRef<() => void>(null);
   const confluenceFileRef = useRef<() => void>(null);
   const zipFileRef = useRef<() => void>(null);
 
   const canUseConfluence = useHasFeature(Feature.CONFLUENCE_IMPORT);
   const canUseDocx = useHasFeature(Feature.DOCX_IMPORT);
-  const canUsePdf = useHasFeature(Feature.PDF_IMPORT);
   const upgradeLabel = useUpgradeLabel();
 
   const handleZipUpload = async (selectedFile: File, source: string) => {
@@ -247,7 +244,7 @@ function ImportFormatSelection({ spaceId, onClose }: ImportFormatSelection) {
     }, 3000);
   }, [fileTaskId]);
 
-  const maxSingleFileSize = bytes("30mb");
+  const maxSingleFileSize = bytes("20mb");
 
   const handleFileUpload = async (selectedFiles: File[]) => {
     if (!selectedFiles) {
@@ -301,7 +298,6 @@ function ImportFormatSelection({ spaceId, onClose }: ImportFormatSelection) {
       if (markdownFileRef.current) markdownFileRef.current();
       if (htmlFileRef.current) htmlFileRef.current();
       if (docxFileRef.current) docxFileRef.current();
-      if (pdfFileRef.current) pdfFileRef.current();
 
       const pageCountText =
         pageCount === 1 ? `1 ${t("page")}` : `${pageCount} ${t("pages")}`;
@@ -382,30 +378,6 @@ function ImportFormatSelection({ spaceId, onClose }: ImportFormatSelection) {
           )}
         </FileButton>
 
-        <FileButton
-          onChange={handleFileUpload}
-          accept=".pdf"
-          multiple
-          resetRef={pdfFileRef}
-        >
-          {(props) => (
-            <Tooltip
-              label={upgradeLabel}
-              disabled={canUsePdf}
-            >
-              <Button
-                disabled={!canUsePdf}
-                justify="start"
-                variant="default"
-                leftSection={<IconFileTypePdf size={18} />}
-                {...props}
-              >
-                PDF
-              </Button>
-            </Tooltip>
-          )}
-        </FileButton>
-
         <FileButton
           onChange={(file) => handleZipUpload(file, "notion")}
           accept="application/zip"

apps/server/package.json

@@ -1,6 +1,6 @@
 {
   "name": "server",
-  "version": "0.80.1",
+  "version": "0.80.0",
   "description": "",
   "author": "",
   "private": true,
@@ -33,11 +33,10 @@
     "@ai-sdk/google": "^3.0.52",
     "@ai-sdk/openai": "^3.0.47",
     "@ai-sdk/openai-compatible": "^2.0.37",
-    "@aws-sdk/client-s3": "3.1037.0",
-    "@aws-sdk/lib-storage": "3.1037.0",
-    "@aws-sdk/s3-request-presigner": "3.1037.0",
+    "@aws-sdk/client-s3": "3.1014.0",
+    "@aws-sdk/lib-storage": "3.1014.0",
+    "@aws-sdk/s3-request-presigner": "3.1014.0",
     "@clickhouse/client": "^1.18.2",
-    "@docmost/pdf-inspector": "1.9.4",
     "@fastify/cookie": "^11.0.2",
     "@fastify/multipart": "^10.0.0",
     "@fastify/static": "^9.1.3",
@@ -101,6 +100,7 @@
     "p-limit": "^7.3.0",
     "passport-google-oauth20": "^2.0.0",
     "passport-jwt": "^4.0.1",
+    "pdfjs-dist": "^5.5.207",
     "pg-tsquery": "^8.4.2",
     "pgvector": "^0.2.1",
     "pino-http": "^11.0.0",
@@ -110,7 +110,7 @@
     "react": "^18.3.1",
     "reflect-metadata": "^0.2.2",
     "rxjs": "^7.8.2",
-    "sanitize-filename": "1.6.3",
+    "sanitize-filename-ts": "1.0.2",
     "socket.io": "^4.8.3",
     "stripe": "^17.7.0",
     "tlds": "^1.261.0",
@@ -166,9 +166,6 @@
     "transform": {
       "^.+\\.(t|j)s$": "ts-jest"
     },
-    "transformIgnorePatterns": [
-      "/node_modules/(?!(\\.pnpm/)?(nanoid|uuid|image-dimensions|marked)(@|/))"
-    ],
     "collectCoverageFrom": [
       "**/*.(t|j)s"
     ],

apps/server/src/common/features.ts

@@ -8,7 +8,6 @@ export const Feature = {
   AI: 'ai',
   CONFLUENCE_IMPORT: 'import:confluence',
   DOCX_IMPORT: 'import:docx',
-  PDF_IMPORT: 'import:pdf',
   ATTACHMENT_INDEXING: 'attachment:indexing',
   SECURITY_SETTINGS: 'security:settings',
   MCP: 'mcp',

apps/server/src/common/helpers/utils.ts

@@ -1,6 +1,6 @@
 import * as path from 'path';
 import * as bcrypt from 'bcrypt';
-import sanitize = require('sanitize-filename');
+import { sanitize } from 'sanitize-filename-ts';
 import { FastifyRequest } from 'fastify';
 import { Readable, Transform } from 'stream';
 
@@ -72,33 +72,11 @@ export function extractDateFromUuid7(uuid7: string) {
   return new Date(timestamp);
 }
 
-export type SanitizeFileNameOptions = {
-  /** Keep spaces and `#` instead of replacing them with `_`. Useful for
-   * download filenames where readability matters. Defaults to false. */
-  preserveSpaces?: boolean;
-};
-
-export function sanitizeFileName(
-  fileName: string,
-  options: SanitizeFileNameOptions = {},
-): string {
-  // Decode percent-encoded sequences so that bypasses like "..%2F" reach
-  // sanitize() as literal "../" and get stripped. sanitize-filename only
-  // strips literal characters and won't catch encoded path separators
-  // on its own.
-  const decoded = fileName.replace(/%[0-9a-fA-F]{2}/g, (m) => {
-    try {
-      return decodeURIComponent(m);
-    } catch {
-      return m;
-    }
-  });
-
-  const sanitized = sanitize(decoded);
-  if (options.preserveSpaces) {
-    return sanitized;
-  }
-  return sanitized.replace(/ /g, '_').replace(/#/g, '_');
+export function sanitizeFileName(fileName: string): string {
+  const sanitizedFilename = sanitize(fileName)
+    .replace(/ /g, '_')
+    .replace(/#/g, '_');
+  return sanitizedFilename.slice(0, 255);
 }
 
 export function removeAccent(str: string): string {

apps/server/src/core/attachment/attachment.controller.ts

@@ -53,6 +53,7 @@ import { EnvironmentService } from '../../integrations/environment/environment.s
 import { TokenService } from '../auth/services/token.service';
 import { JwtAttachmentPayload, JwtType } from '../auth/dto/jwt-payload';
 import * as path from 'path';
+import { sanitize } from 'sanitize-filename-ts';
 import { AttachmentInfoDto, RemoveIconDto } from './dto/attachment.dto';
 import { PageAccessService } from '../page/page-access/page-access.service';
 import { AuditEvent, AuditResource } from '../../common/events/audit-events';
@@ -356,19 +357,13 @@ export class AttachmentController {
       throw new BadRequestException('Invalid image attachment type');
     }
 
-    if (!fileName) {
+    if (!fileName || sanitize(fileName) !== fileName) {
       throw new BadRequestException('Invalid file name');
     }
 
-    const ext = path.extname(fileName);
-    const filenameWithoutExt = path.basename(fileName, ext);
-
-    if (
-      !ext ||
-      !isValidUUID(filenameWithoutExt) ||
-      `${filenameWithoutExt}${ext}` !== fileName
-    ) {
-      throw new BadRequestException('Invalid file name');
+    const filenameWithoutExt = path.basename(fileName, path.extname(fileName));
+    if (!isValidUUID(filenameWithoutExt)) {
+      throw new BadRequestException('Invalid file id');
     }
 
     const filePath = `${getAttachmentFolderPath(attachmentType, workspace.id)}/${fileName}`;

apps/server/src/integrations/export/export.controller.ts

@@ -23,12 +23,9 @@ import {
   SpaceCaslSubject,
 } from '../../core/casl/interfaces/space-ability.type';
 import { FastifyReply } from 'fastify';
+import { sanitize } from 'sanitize-filename-ts';
 import { getExportExtension } from './utils';
-import {
-  getMimeType,
-  getPageTitle,
-  sanitizeFileName,
-} from '../../common/helpers';
+import { getMimeType, getPageTitle } from '../../common/helpers';
 import * as path from 'path';
 import { AuditEvent, AuditResource } from '../../common/events/audit-events';
 import {
@@ -88,9 +85,7 @@ export class ExportController {
 
     if (result.type === 'file') {
       const ext = getExportExtension(dto.format);
-      const fileName =
-        sanitizeFileName(page.title || 'untitled', { preserveSpaces: true }) +
-        ext;
+      const fileName = sanitize(page.title || 'untitled') + ext;
       const contentType = getMimeType(path.extname(fileName));
 
       res.headers({
@@ -101,9 +96,7 @@ export class ExportController {
 
       res.send(result.content);
     } else {
-      const fileName =
-        sanitizeFileName(page.title || 'untitled', { preserveSpaces: true }) +
-        '.zip';
+      const fileName = sanitize(page.title || 'untitled') + '.zip';
 
       res.headers({
         'Content-Type': 'application/zip',
@@ -151,9 +144,7 @@ export class ExportController {
       'Content-Type': 'application/zip',
       'Content-Disposition':
         'attachment; filename="' +
-        encodeURIComponent(
-          sanitizeFileName(exportFile.fileName, { preserveSpaces: true }),
-        ) +
+        encodeURIComponent(sanitize(exportFile.fileName)) +
         '"',
     });
 

apps/server/src/integrations/import/import.controller.ts

@@ -51,9 +51,9 @@ export class ImportController {
     @AuthUser() user: User,
     @AuthWorkspace() workspace: Workspace,
   ) {
-    const validFileExtensions = ['.md', '.html', '.docx', '.pdf'];
+    const validFileExtensions = ['.md', '.html', '.docx'];
 
-    const maxFileSize = bytes('30mb');
+    const maxFileSize = bytes('20mb');
 
     let file = null;
     try {
@@ -102,7 +102,6 @@ export class ImportController {
       '.md': 'markdown',
       '.html': 'html',
       '.docx': 'docx',
-      '.pdf': 'pdf',
     };
 
     if (createdPage) {

apps/server/src/integrations/import/services/import.service.ts

@@ -1,6 +1,7 @@
 import { BadRequestException, Injectable, Logger } from '@nestjs/common';
 import { PageRepo } from '@docmost/db/repos/page/page.repo';
 import { MultipartFile } from '@fastify/multipart';
+import { sanitize } from 'sanitize-filename-ts';
 import * as path from 'path';
 import {
   htmlToJson,
@@ -52,8 +53,8 @@ export class ImportService {
     const file = await filePromise;
     const fileBuffer = await file.toBuffer();
     const fileExtension = path.extname(file.filename).toLowerCase();
-    const fileName = sanitizeFileName(
-      path.basename(file.filename, fileExtension),
+    const fileName = sanitize(
+      path.basename(file.filename, fileExtension).slice(0, 255),
     );
     const fileContent = fileBuffer.toString();
 
@@ -61,10 +62,7 @@ export class ImportService {
     let createdPage = null;
 
     // For DOCX, we need the page ID upfront so images can reference it
-    const pageId =
-      fileExtension === '.docx' || fileExtension === '.pdf'
-        ? uuid7()
-        : undefined;
+    const pageId = fileExtension === '.docx' ? uuid7() : undefined;
 
     try {
       if (fileExtension.endsWith('.md')) {
@@ -79,14 +77,6 @@ export class ImportService {
           pageId,
           userId,
         );
-      } else if (fileExtension.endsWith('.pdf')) {
-        prosemirrorState = await this.processPdf(
-          fileBuffer,
-          workspaceId,
-          spaceId,
-          pageId,
-          userId,
-        );
       }
     } catch (err) {
       const message = 'Error processing file content';
@@ -163,7 +153,7 @@ export class ImportService {
     let DocxImportModule: any;
     try {
       // eslint-disable-next-line @typescript-eslint/no-require-imports
-      DocxImportModule = require('./../../../ee/document-import/docx-import.service');
+      DocxImportModule = require('./../../../ee/docx-import/docx-import.service');
     } catch (err) {
       this.logger.error(
         'DOCX import requested but EE module not bundled in this build',
@@ -189,42 +179,6 @@ export class ImportService {
     return this.processHTML(html);
   }
 
-  async processPdf(
-    fileBuffer: Buffer,
-    workspaceId: string,
-    spaceId: string,
-    pageId: string,
-    userId: string,
-  ): Promise<any> {
-    let PdfImportModule: any;
-    try {
-      // eslint-disable-next-line @typescript-eslint/no-require-imports
-      PdfImportModule = require('./../../../ee/document-import/pdf-import.service');
-    } catch (err) {
-      this.logger.error(
-        'PDF import requested but EE module not bundled in this build',
-      );
-      throw new BadRequestException(
-        'This feature requires a valid enterprise license.',
-      );
-    }
-
-    const pdfImportService = this.moduleRef.get(
-      PdfImportModule.PdfImportService,
-      { strict: false },
-    );
-
-    const html = await pdfImportService.convertPdfToHtml(
-      fileBuffer,
-      workspaceId,
-      spaceId,
-      pageId,
-      userId,
-    );
-
-    return this.processHTML(html);
-  }
-
   async createYdoc(prosemirrorJson: any): Promise<Buffer | null> {
     if (prosemirrorJson) {
       // this.logger.debug(`Converting prosemirror json state to ydoc`);

package.json

@@ -1,7 +1,7 @@
 {
   "name": "docmost",
   "homepage": "https://docmost.com",
-  "version": "0.80.1",
+  "version": "0.80.0",
   "private": true,
   "scripts": {
     "build": "nx run-many -t build",
@@ -72,7 +72,7 @@
     "ms": "3.0.0-canary.1",
     "qrcode": "^1.5.4",
     "rfc6902": "5.2.0",
-    "uuid": "^14.0.0",
+    "uuid": "^13.0.0",
     "y-indexeddb": "^9.0.12",
     "y-prosemirror": "1.3.7",
     "yjs": "^13.6.30"
@@ -128,12 +128,11 @@
       "yaml@>=2.0.0 <2.8.3": "2.8.3",
       "path-to-regexp@^8": "8.4.0",
       "brace-expansion@^5": "5.0.5",
-      "@xmldom/xmldom": "0.8.13",
+      "@xmldom/xmldom": "0.8.12",
       "handlebars": "4.7.9",
       "axios": "1.15.0",
       "langsmith": "0.5.19",
-      "follow-redirects": "1.16.0",
-      "protobufjs":  "7.5.5"
+      "follow-redirects": "1.16.0"
     },
     "neverBuiltDependencies": []
   }