Merge branch 'master' into ar2rsawseen/master2

Author: ar2rsawseen

.github/workflows/main.yml

@@ -244,7 +244,7 @@ jobs:
           npx grunt mochaTest       
 
   ui-tests:
-    runs-on: ubuntu-22.04-4core
+    runs-on: ubuntu-latest
 
     strategy:
       matrix:

CHANGELOG.md

@@ -1,10 +1,28 @@
-## Version 25.03.X
+## Version 25.03.7
+Enterprise Features:
+- [funnels] Added explanatory tooltip for filters section on Funnel Detail page
+
 Fixes:
-- [star-rating] Fix consent text limit counter
+- [core] Applied some fixes to user-merge, togetExportScripts, sharding, delete_old_drill_events, add_indexes script
+- [core] Fix/docker python vulnerabilities
+- [core] Allow chrome to launch multiple instances to fix blank dashboard emails
+- [formulas] Fix loading state when selecting event count
 
 Enterprise Fixes:
-- [active-users] Fixed bug related to selecting calculation ranges. As a result, some dates were previously calculated on incomplete data set.
+- [active-users] Fixed bug related to selecting calculation ranges. As a result, some dates were previously calculated on incomplete data set
+- [journey-engine] Undefined value check for cooldown in Engagement Queue
+- [star-rating] Fix consent text limit counter
 
+Dependencies:
+- Bump sass from 1.89.1 to 1.89.2
+- Bump puppeteer from 24.10.0 to 24.10.1
+- Bump countly-sdk-nodejs from 24.10.1 to 24.10.2
+- Bump sass-embedded in /plugins/content from 1.89.1 to 1.89.2
+- Bump @vue-flow/node-resizer  in /plugins/content from 1.4.0 to 1.5.0
+- Bump @vue-flow/core in /plugins/content from 1.44.0 to 1.45.0
+- Bump vue-i18n in /plugins/content from 11.1.5 to 11.1.6 
+- Bump terser in /plugins/content from 5.42.0 to 5.43.0 
+- Bump mockttp in /plugins/crash_symbolication from 3.17.1 to 4.0.0
 
 ## Version 25.03.6
 Enterprise Features:

api/api.js

@@ -1,4 +1,6 @@
 const http = require('http');
+const https = require('https');
+const fs = require('fs');
 const cluster = require('cluster');
 const formidable = require('formidable');
 const os = require('os');
@@ -357,88 +359,113 @@ plugins.connectToAllDatabases().then(function() {
 
         plugins.dispatch("/worker", {common: common});
 
-        http.Server((req, res) => {
-            const params = {
-                qstring: {},
-                res: res,
-                req: req
+        const serverOptions = {
+            port: common.config.api.port,
+            host: common.config.api.host || ''
+        };
+
+        let server;
+        if (common.config.api.ssl && common.config.api.ssl.enabled) {
+            const sslOptions = {
+                key: fs.readFileSync(common.config.api.ssl.key),
+                cert: fs.readFileSync(common.config.api.ssl.cert)
             };
+            if (common.config.api.ssl.ca) {
+                sslOptions.ca = fs.readFileSync(common.config.api.ssl.ca);
+            }
+            server = https.createServer(sslOptions, handleRequest);
+        }
+        else {
+            server = http.createServer(handleRequest);
+        }
 
-            if (req.method.toLowerCase() === 'post') {
-                const formidableOptions = {};
-                if (countlyConfig.api.maxUploadFileSize) {
-                    formidableOptions.maxFileSize = countlyConfig.api.maxUploadFileSize;
-                }
+        server.listen(serverOptions.port, serverOptions.host).timeout = common.config.api.timeout || 120000;
+    }
+});
 
-                const form = new formidable.IncomingForm(formidableOptions);
-                if (/crash_symbols\/(add_symbol|upload_symbol)/.test(req.url)) {
-                    req.body = [];
-                    req.on('data', (data) => {
-                        req.body.push(data);
-                    });
+/**
+ * Handle incoming HTTP/HTTPS requests
+ * @param {http.IncomingMessage} req - The request object
+ * @param {http.ServerResponse} res - The response object
+ */
+function handleRequest(req, res) {
+    const params = {
+        qstring: {},
+        res: res,
+        req: req
+    };
+
+    if (req.method.toLowerCase() === 'post') {
+        const formidableOptions = {};
+        if (countlyConfig.api.maxUploadFileSize) {
+            formidableOptions.maxFileSize = countlyConfig.api.maxUploadFileSize;
+        }
+
+        const form = new formidable.IncomingForm(formidableOptions);
+        if (/crash_symbols\/(add_symbol|upload_symbol)/.test(req.url)) {
+            req.body = [];
+            req.on('data', (data) => {
+                req.body.push(data);
+            });
+        }
+        else {
+            req.body = '';
+            req.on('data', (data) => {
+                req.body += data;
+            });
+        }
+
+        let multiFormData = false;
+        // Check if we have 'multipart/form-data'
+        if (req.headers['content-type']?.startsWith('multipart/form-data')) {
+            multiFormData = true;
+        }
+
+        form.parse(req, (err, fields, files) => {
+            //handle bakcwards compatability with formiddble v1
+            for (let i in files) {
+                if (files[i].filepath) {
+                    files[i].path = files[i].filepath;
                 }
-                else {
-                    req.body = '';
-                    req.on('data', (data) => {
-                        req.body += data;
-                    });
+                if (files[i].mimetype) {
+                    files[i].type = files[i].mimetype;
                 }
-
-                let multiFormData = false;
-                // Check if we have 'multipart/form-data'
-                if (req.headers['content-type']?.startsWith('multipart/form-data')) {
-                    multiFormData = true;
+                if (files[i].originalFilename) {
+                    files[i].name = files[i].originalFilename;
                 }
-
-                form.parse(req, (err, fields, files) => {
-                    //handle bakcwards compatability with formiddble v1
-                    for (let i in files) {
-                        if (files[i].filepath) {
-                            files[i].path = files[i].filepath;
-                        }
-                        if (files[i].mimetype) {
-                            files[i].type = files[i].mimetype;
-                        }
-                        if (files[i].originalFilename) {
-                            files[i].name = files[i].originalFilename;
-                        }
-                    }
-                    params.files = files;
-                    if (multiFormData) {
-                        let formDataUrl = [];
-                        for (const i in fields) {
-                            params.qstring[i] = fields[i];
-                            formDataUrl.push(`${i}=${fields[i]}`);
-                        }
-                        params.formDataUrl = formDataUrl.join('&');
-                    }
-                    else {
-                        for (const i in fields) {
-                            params.qstring[i] = fields[i];
-                        }
-                    }
-                    if (!params.apiPath) {
-                        processRequest(params);
-                    }
-                });
-            }
-            else if (req.method.toLowerCase() === 'options') {
-                const headers = {};
-                headers["Access-Control-Allow-Origin"] = "*";
-                headers["Access-Control-Allow-Methods"] = "POST, GET, OPTIONS";
-                headers["Access-Control-Allow-Headers"] = "countly-token, Content-Type";
-                res.writeHead(200, headers);
-                res.end();
             }
-            //attempt process GET request
-            else if (req.method.toLowerCase() === 'get') {
-                processRequest(params);
+            params.files = files;
+            if (multiFormData) {
+                let formDataUrl = [];
+                for (const i in fields) {
+                    params.qstring[i] = fields[i];
+                    formDataUrl.push(`${i}=${fields[i]}`);
+                }
+                params.formDataUrl = formDataUrl.join('&');
             }
             else {
-                common.returnMessage(params, 405, "Method not allowed");
+                for (const i in fields) {
+                    params.qstring[i] = fields[i];
+                }
             }
-        }).listen(common.config.api.port, common.config.api.host || '').timeout = common.config.api.timeout || 120000;
-
-        plugins.loadConfigs(common.db);
+            if (!params.apiPath) {
+                processRequest(params);
+            }
+        });
     }
-});
+    else if (req.method.toLowerCase() === 'options') {
+        const headers = {};
+        headers["Access-Control-Allow-Origin"] = "*";
+        headers["Access-Control-Allow-Methods"] = "POST, GET, OPTIONS";
+        headers["Access-Control-Allow-Headers"] = "countly-token, Content-Type";
+        res.writeHead(200, headers);
+        res.end();
+    }
+    //attempt process GET request
+    else if (req.method.toLowerCase() === 'get') {
+        processRequest(params);
+    }
+    else {
+        common.returnMessage(params, 405, "Method not allowed");
+    }
+}

api/config.sample.js

@@ -69,6 +69,12 @@ var countlyConfig = {
         max_sockets: 1024,
         timeout: 120000,
         maxUploadFileSize: 200 * 1024 * 1024, // 200MB
+        ssl: {
+            enabled: false,
+            key: "/path/to/ssl/private.key",
+            cert: "/path/to/ssl/certificate.crt",
+            ca: "/path/to/ssl/ca_bundle.crt" // Optional: for client certificate verification
+        }
     },
     /**
     * Path to use for countly directory, empty path if installed at root of website

api/configextender.js

@@ -32,14 +32,26 @@ const OVERRIDES = {
 
     API: {
         MAX_SOCKETS: 'max_sockets',
-        MAX_UPLOAD_FILE_SIZE: 'maxUploadFileSize'
+        MAX_UPLOAD_FILE_SIZE: 'maxUploadFileSize',
+        SSL: {
+            ENABLED: 'enabled',
+            KEY: 'key',
+            CERT: 'cert',
+            CA: 'ca',
+        },
     },
 
     WEB: {
         USE_INTERCOM: 'use_intercom',
         SECURE_COOKIES: 'secure_cookies',
         SESSION_SECRET: 'session_secret',
-        SESSION_NAME: 'session_name'
+        SESSION_NAME: 'session_name',
+        SSL: {
+            ENABLED: 'enabled',
+            KEY: 'key',
+            CERT: 'cert',
+            CA: 'ca',
+        },
     },
 
     MAIL: {

api/utils/render.js

@@ -25,6 +25,7 @@ var chromePath = "";
 var countlyFs = require('./countlyFs');
 var log = require('./log.js')('core:render');
 var countlyConfig = require('./../config', 'dont-enclose');
+var fs = require('fs');
 
 
 /**
@@ -69,7 +70,7 @@ exports.renderView = function(options, cb) {
                 },
                 args: ['--no-sandbox', '--disable-setuid-sandbox', '--ignore-certificate-errors'],
                 ignoreHTTPSErrors: true,
-                userDataDir: pathModule.resolve(__dirname, "../../dump/chrome")
+                userDataDir: pathModule.resolve(__dirname, "../../dump/chrome/" + Date.now())
             };
 
             if (chromePath) {
@@ -251,6 +252,9 @@ exports.renderView = function(options, cb) {
                 await bodyHandle.dispose();
                 await browser.close();
 
+                // Remove user data directory after use
+                fs.rmSync(settings.userDataDir, { recursive: true, force: true });
+
                 var imageData = {
                     image: image,
                     path: path
@@ -261,6 +265,8 @@ exports.renderView = function(options, cb) {
             catch (e) {
                 log.e("Headless chrome browser error", e);
                 await browser.close();
+                // Remove user data directory after use
+                fs.rmSync(settings.userDataDir, { recursive: true, force: true });
                 return cb(e);
             }
         }