Merge pull request #6454 from Countly/master-v25.04.11-into-next

Update Next with Master v25.04.11

Author: gabrieloliveirapinto

.github/dependabot.yml

@@ -174,15 +174,6 @@ updates:
       - dependencies
     versioning-strategy: increase-if-necessary
 
-  - package-ecosystem: npm
-    directory: "/plugins/enterpriseinfo"
-    schedule:
-      interval: daily
-    open-pull-requests-limit: 10
-    labels:
-      - dependencies
-    versioning-strategy: increase-if-necessary
-
   - package-ecosystem: npm
     directory: "/plugins/errorlogs"
     schedule:

.github/workflows/release_notice.yml

@@ -14,7 +14,7 @@ jobs:
         run: echo "$GITHUB_CONTEXT"
       - name: Send custom JSON data to Slack workflow
         id: slack
-        uses: slackapi/[email protected].0
+        uses: slackapi/[email protected].1
         with:
           # This data can be any valid JSON from a previous step in the GitHub Action
           payload: |

CHANGELOG.md

@@ -2,6 +2,49 @@
 Dependencies:
 - Remove SQLite
 
+## Version 25.03.11
+Fixes:
+- [core] Fix mongo connection url parsing
+- [core] Fix user analytics widget chart
+- [crashes] Fix free session and free user calculation
+- [dashboards] Delete associated widgets and reports when a dashboard is removed
+- [star-rating] Fix widget close post message
+
+Enterprise Fixes:
+- [crash_symbolication] Remove auto symbolication setting
+- [drill] Fix drill meta get filter
+- [flows] Null checks on $size when calculating flows.
+- [surveys] Fix widget close post message
+
+Dependencies:
+- Bump eslint-plugin-vue from 10.2.0 to 10.3.0
+- Bump form-data from 4.0.0 to 4.0.4 in /plugins/hooks
+- Bump nodemailer from 7.0.3 to 7.0.5
+- Bump on-headers and express-session
+- Bump puppeteer from 24.10.1 to 24.14.0
+- Bump sharp from 0.34.2 to 0.34.3
+- Bump supertest from 7.1.1 to 7.1.3
+
+## Version 25.03.10
+Enterprise Fixes:
+- [okta] Fix body parser middleware version mismatch causing OKTA authentication break
+
+## Version 25.03.9
+Features:
+- [core] Added support for prerelease and build fields in app version parsing
+
+Fixes:
+- [core] Set up default headers for common return methods
+- [star-rating] Fix widget close button
+
+Enterprise Fixes:
+- [active_directory] Fix for reading azure application tenant id from config
+- [active_directory] Fix for handling azure ad callback properly when request body empty
+- [drill] Disabling the view user profiles button on drill for queries going to the report manager
+- [drill] Fixed typo issue while getting segment values in drill widgets
+- [journeys] Fixed the issue where events added in Journey couldn't have their visibility updated in Data Manager plugin
+- [surveys] Fix widget close button
+
 ## Version 25.03.8
 Fixes:
 - [core] Fix adding llm observability to cly-event-select component

Dockerfile-api

@@ -6,7 +6,12 @@ ARG COUNTLY_PLUGINS=mobile,web,desktop,plugins,density,locale,browser,sources,vi
 
 ARG GEOIP=empty
 EXPOSE 3001
-HEALTHCHECK --start-period=400s CMD curl --fail http://localhost:3001/o/ping || exit 1
+HEALTHCHECK --start-period=400s CMD bash -c '\
+  if [ "$COUNTLY_CONFIG_API_API_SSL_ENABLED" = "true" ] || [ "$COUNTLY_CONFIG_API_API_SSL_ENABLED" = "\"true\"" ]; then \
+    curl -k --fail https://localhost:3001/o/ping || exit 1; \
+  else \
+    curl --fail http://localhost:3001/o/ping || exit 1; \
+  fi'
 
 USER root
 

Dockerfile-centos-api

@@ -6,7 +6,12 @@ ARG COUNTLY_PLUGINS=mobile,web,desktop,plugins,density,locale,browser,sources,vi
 
 ARG GEOIP=empty
 EXPOSE 3001
-HEALTHCHECK --start-period=400s CMD curl --fail http://localhost:3001/o/ping || exit 1
+HEALTHCHECK --start-period=400s CMD bash -c '\
+  if [ "$COUNTLY_CONFIG_API_API_SSL_ENABLED" = "true" ] || [ "$COUNTLY_CONFIG_API_API_SSL_ENABLED" = "\"true\"" ]; then \
+    curl -k --fail https://localhost:3001/o/ping || exit 1; \
+  else \
+    curl --fail http://localhost:3001/o/ping || exit 1; \
+  fi'
 
 USER root
 

Dockerfile-centos-frontend

@@ -5,7 +5,12 @@ ARG COUNTLY_PLUGINS=mobile,web,desktop,plugins,density,locale,browser,sources,vi
 #ARG COUNTLY_PLUGINS=mobile,web,desktop,plugins,density,locale,browser,sources,views,license,drill,funnels,retention_segments,flows,cohorts,surveys,remote-config,ab-testing,formulas,activity-map,concurrent_users,revenue,logger,systemlogs,populator,reports,crashes,push,geo,block,users,star-rating,slipping-away-users,compare,server-stats,dbviewer,crash_symbolication,crashes-jira,groups,white-labeling,alerts,times-of-day,compliance-hub,onboarding,active_users,performance-monitoring,config-transfer,consolidate,data-manager,hooks,dashboards,heatmaps,sdk,guides,journey_engine,content
 
 EXPOSE 6001
-HEALTHCHECK --start-period=400s CMD curl --fail http://localhost:6001/ping || exit 1
+HEALTHCHECK --start-period=400s CMD bash -c '\
+  if [ "$COUNTLY_CONFIG_FRONTEND_WEB_SSL_ENABLED" = "true" ] || [ "$COUNTLY_CONFIG_FRONTEND_WEB_SSL_ENABLED" = "\"true\"" ]; then \
+    curl -k --fail https://localhost:6001/ping || exit 1; \
+  else \
+    curl --fail http://localhost:6001/ping || exit 1; \
+  fi'
 
 USER root
 

Dockerfile-frontend

@@ -5,7 +5,12 @@ ARG COUNTLY_PLUGINS=mobile,web,desktop,plugins,density,locale,browser,sources,vi
 #ARG COUNTLY_PLUGINS=mobile,web,desktop,plugins,density,locale,browser,sources,views,license,drill,funnels,retention_segments,flows,cohorts,surveys,remote-config,ab-testing,formulas,activity-map,concurrent_users,revenue,logger,systemlogs,populator,reports,crashes,push,geo,block,users,star-rating,slipping-away-users,compare,server-stats,dbviewer,crash_symbolication,crashes-jira,groups,white-labeling,alerts,times-of-day,compliance-hub,onboarding,active_users,performance-monitoring,config-transfer,consolidate,data-manager,hooks,dashboards,heatmaps,sdk,guides,journey_engine,content
 
 EXPOSE 6001
-HEALTHCHECK --start-period=400s CMD curl --fail http://localhost:6001/ping || exit 1
+HEALTHCHECK --start-period=400s CMD bash -c '\
+  if [ "$COUNTLY_CONFIG_FRONTEND_WEB_SSL_ENABLED" = "true" ] || [ "$COUNTLY_CONFIG_FRONTEND_WEB_SSL_ENABLED" = "\"true\"" ]; then \
+    curl -k --fail https://localhost:6001/ping || exit 1; \
+  else \
+    curl --fail http://localhost:6001/ping || exit 1; \
+  fi'
 
 USER root
 
@@ -19,6 +24,7 @@ ENV COUNTLY_CONTAINER="frontend" \
 
 WORKDIR /opt/countly
 COPY . .
+
 # install required dependencies which slim image doesn't have
 RUN apt-get update && \
 	apt-get install -y iputils-ping net-tools telnet apt-transport-https procps curl wget git make gcc g++ unzip xz-utils

api/config.sample.js

@@ -73,7 +73,7 @@ var countlyConfig = {
             enabled: false,
             key: "/path/to/ssl/private.key",
             cert: "/path/to/ssl/certificate.crt",
-            ca: "/path/to/ssl/ca_bundle.crt" // Optional: for client certificate verification
+            // ca: "/path/to/ssl/ca_bundle.crt" // Optional: for client certificate verification, uncomment to activate
         }
     },
     /**

api/parts/data/usage.js

@@ -1117,6 +1117,16 @@ plugins.register("/sdk/user_properties", async function(ob) {
                 userProps.av_major = versionComponents.major;
                 userProps.av_minor = versionComponents.minor;
                 userProps.av_patch = versionComponents.patch;
+                userProps.av_prerel = versionComponents.prerelease;
+                userProps.av_build = versionComponents.build;
+            }
+            else {
+                log.w("Invalid app version format: %s", params.qstring.metrics._app_version);
+                userProps.av_major = null;
+                userProps.av_minor = null;
+                userProps.av_patch = null;
+                userProps.av_rel = null;
+                userProps.av_build = null;
             }
         }
     }

api/utils/common.js

@@ -176,6 +176,7 @@ function escape_html_entities(key, value, more) {
 common.getJSON = getJSON;
 
 common.log = logger;
+const log = logger('api:utils:common');
 
 common.dbMap = {
     'events': 'e',
@@ -1307,16 +1308,23 @@ common.returnRaw = function(params, returnCode, body, heads) {
         }
         return;
     }
+    const defaultHeaders = {};
     //set provided in configuration headers
-    var headers = {};
+    let headers = {};
     if (heads) {
         for (var i in heads) {
             headers[i] = heads[i];
         }
     }
     if (params && params.res && params.res.writeHead && !params.blockResponses) {
         if (!params.res.finished) {
-            params.res.writeHead(returnCode, headers);
+            try {
+                params.res.writeHead(returnCode, headers);
+            }
+            catch (err) {
+                log.e(`Error writing header in 'returnRaw' ${err}`);
+                params.res.writeHead(returnCode, defaultHeaders);
+            }
             if (body) {
                 params.res.write(body);
             }
@@ -1347,9 +1355,10 @@ common.returnMessage = function(params, returnCode, message, heads, noResult = f
         return;
     }
     //set provided in configuration headers
-    var headers = {
+    const defaultHeaders = {
         'Content-Type': 'application/json; charset=utf-8'
     };
+    let headers = { ...defaultHeaders };
     var add_headers = (plugins.getConfig("security").api_additional_headers || "").replace(/\r\n|\r|\n/g, "\n").split("\n");
     var parts;
     for (let i = 0; i < add_headers.length; i++) {
@@ -1373,7 +1382,13 @@ common.returnMessage = function(params, returnCode, message, heads, noResult = f
     }
     if (params && params.res && params.res.writeHead && !params.blockResponses) {
         if (!params.res.finished) {
-            params.res.writeHead(returnCode, headers);
+            try {
+                params.res.writeHead(returnCode, headers);
+            }
+            catch (err) {
+                log.e(`Error writing header in 'returnMessage' ${err}`);
+                params.res.writeHead(returnCode, defaultHeaders);
+            }
             if (params.qstring.callback) {
                 params.res.write(params.qstring.callback + '(' + JSON.stringify({result: message}, escape_html_entities) + ')');
             }
@@ -1415,9 +1430,10 @@ common.returnOutput = function(params, output, noescape, heads) {
         return;
     }
     //set provided in configuration headers
-    var headers = {
+    const defaultHeaders = {
         'Content-Type': 'application/json; charset=utf-8'
     };
+    let headers = { ...defaultHeaders };
     var add_headers = (plugins.getConfig("security").api_additional_headers || "").replace(/\r\n|\r|\n/g, "\n").split("\n");
     var parts;
     for (let i = 0; i < add_headers.length; i++) {
@@ -1442,7 +1458,13 @@ common.returnOutput = function(params, output, noescape, heads) {
     }
     if (params && params.res && params.res.writeHead && !params.blockResponses) {
         if (!params.res.finished) {
-            params.res.writeHead(200, headers);
+            try {
+                params.res.writeHead(200, headers);
+            }
+            catch (err) {
+                log.e(`Error writing header in 'returnMessage' ${err}`);
+                params.res.writeHead(200, defaultHeaders);
+            }
             if (params.qstring.callback) {
                 params.res.write(params.qstring.callback + '(' + JSON.stringify(output, escape) + ')');
             }
@@ -2069,19 +2091,16 @@ common.parseAppVersion = function(version) {
             version = String(version);
         }
 
-        // Ensure version has at least one decimal point
-        if (version.indexOf('.') === -1) {
-            version += '.0';
-        }
-
-        const parsedVersion = semver.valid(semver.coerce(version));
-        if (parsedVersion) {
-            const versionObj = semver.parse(parsedVersion);
+        const isValid = semver.valid(semver.coerce(version, {includePrerelease: true}));
+        if (isValid) {
+            const versionObj = semver.parse(semver.coerce(version, {includePrerelease: true}));
             if (versionObj) {
                 return {
                     major: versionObj.major,
                     minor: versionObj.minor,
                     patch: versionObj.patch,
+                    prerelease: versionObj.prerelease,
+                    build: versionObj.build,
                     original: version,
                     success: true
                 };