further adjustments to record video

.circleci/config.yml

@@ -1,243 +1,6 @@
-version: 2.1
-
+version: 2
 jobs:
-  lint:
-    docker:
-      - image: penpotapp/devenv:latest
-
-    working_directory: ~/repo
-    resource_class: medium+
-
-    steps:
-      - checkout
-
-      - run:
-          name: "fmt check"
-          working_directory: "."
-          command: |
-            yarn install
-            yarn run fmt:clj:check
-
-      - run:
-          name: "lint clj common"
-          working_directory: "."
-          command: |
-            yarn run lint:clj:common
-
-      - run:
-          name: "lint clj frontend"
-          working_directory: "."
-          command: |
-            yarn run lint:clj:frontend
-
-      - run:
-          name: "lint clj backend"
-          working_directory: "."
-          command: |
-            yarn run lint:clj:backend
-
-      - run:
-          name: "lint clj exporter"
-          working_directory: "."
-          command: |
-            yarn run lint:clj:exporter
-
-      - run:
-          name: "lint clj library"
-          working_directory: "."
-          command: |
-            yarn run lint:clj:library
-
-  test-common:
-    docker:
-      - image: penpotapp/devenv:latest
-
-    working_directory: ~/repo
-    resource_class: medium+
-
-    environment:
-      JAVA_OPTS: -Xmx4g -Xms100m -XX:+UseSerialGC
-      NODE_OPTIONS: --max-old-space-size=4096
-
-    steps:
-      - checkout
-
-      # Download and cache dependencies
-      - restore_cache:
-          keys:
-            - v1-dependencies-{{ checksum "common/deps.edn"}}-{{ checksum "common/yarn.lock" }}
-
-      - run:
-          name: "JVM tests"
-          working_directory: "./common"
-          command: |
-            clojure -M:dev:test
-
-      - run:
-          name: "NODE tests"
-          working_directory: "./common"
-          command: |
-            yarn install
-            yarn run test
-
-      - save_cache:
-          paths:
-            - ~/.m2
-            - ~/.yarn
-            - ~/.gitlibs
-            - ~/.cache/ms-playwright
-          key: v1-dependencies-{{ checksum "common/deps.edn"}}-{{ checksum "common/yarn.lock" }}
-
-  test-frontend:
-    docker:
-      - image: penpotapp/devenv:latest
-
-    working_directory: ~/repo
-    resource_class: medium+
-
-    environment:
-      JAVA_OPTS: -Xmx4g -Xms100m -XX:+UseSerialGC
-      NODE_OPTIONS: --max-old-space-size=4096
-
-    steps:
-      - checkout
-
-      # Download and cache dependencies
-      - restore_cache:
-          keys:
-            - v1-dependencies-{{ checksum "frontend/deps.edn"}}-{{ checksum "frontend/yarn.lock" }}
-
-      - run:
-          name: "install dependencies"
-          working_directory: "./frontend"
-          # We install playwright here because the dependent tasks
-          # uses the same cache as this task so we prepopulate it
-          command: |
-            yarn install
-            yarn run playwright install chromium
-
-      - run:
-          name: "lint scss on frontend"
-          working_directory: "./frontend"
-          command: |
-            yarn run lint:scss
-
-      - run:
-          name: "unit tests"
-          working_directory: "./frontend"
-          command: |
-            yarn run test
-
-      - save_cache:
-          paths:
-            - ~/.m2
-            - ~/.yarn
-            - ~/.gitlibs
-            - ~/.cache/ms-playwright
-          key: v1-dependencies-{{ checksum "frontend/deps.edn"}}-{{ checksum "frontend/yarn.lock" }}
-
-  test-library:
-    docker:
-      - image: penpotapp/devenv:latest
-
-    working_directory: ~/repo
-    resource_class: medium+
-
-    environment:
-      JAVA_OPTS: -Xmx6g
-      NODE_OPTIONS: --max-old-space-size=4096
-
-    steps:
-      - checkout
-
-      # Download and cache dependencies
-      - restore_cache:
-          keys:
-            - v1-dependencies-{{ checksum "frontend/deps.edn"}}-{{ checksum "frontend/yarn.lock" }}
-
-      - run:
-          name: Install dependencies and build
-          working_directory: "./library"
-          command: |
-            yarn install
-
-      - run:
-          name: Build and Test
-          working_directory: "./library"
-          command: |
-            ./scripts/build
-            yarn run test
-
-  test-components:
-    docker:
-      - image: penpotapp/devenv:latest
-
-    working_directory: ~/repo
-    resource_class: medium+
-
-    environment:
-      JAVA_OPTS: -Xmx6g -Xms2g
-      NODE_OPTIONS: --max-old-space-size=4096
-
-    steps:
-      - checkout
-
-      # Download and cache dependencies
-      - restore_cache:
-          keys:
-            - v1-dependencies-{{ checksum "frontend/deps.edn"}}-{{ checksum "frontend/yarn.lock" }}
-
-      - run:
-          name: Install dependencies
-          working_directory: "./frontend"
-          command: |
-            yarn install
-            yarn run playwright install chromium
-
-      - run:
-          name: Build Storybook
-          working_directory: "./frontend"
-          command: yarn run build:storybook
-
-      - run:
-          name: Serve Storybook and run tests
-          working_directory: "./frontend"
-          command: |
-            npx concurrently -k -s first -n "SB,TEST" -c "magenta,blue" \
-              "npx http-server storybook-static --port 6006 --silent" \
-              "npx wait-on tcp:6006 && yarn test:storybook"
-
-  test-integration:
-    docker:
-      - image: penpotapp/devenv:latest
-
-    working_directory: ~/repo
-    resource_class: large
-
-    environment:
-      JAVA_OPTS: -Xmx6g -Xms2g
-      NODE_OPTIONS: --max-old-space-size=4096
-
-    steps:
-      - checkout
-
-      # Download and cache dependencies
-      - restore_cache:
-          keys:
-            - v1-dependencies-{{ checksum "frontend/deps.edn"}}-{{ checksum "frontend/yarn.lock" }}
-
-      - run:
-          name: "integration tests"
-          working_directory: "./frontend"
-          command: |
-            yarn install
-            yarn run build:app:assets
-            yarn run build:app
-            yarn run build:app:libs
-            yarn run playwright install chromium
-            yarn run test:e2e -x --workers=4
-
-  test-backend:
+  build:
     docker:
       - image: penpotapp/devenv:latest
       - image: cimg/postgres:14.5
@@ -257,15 +20,104 @@ jobs:
     steps:
       - checkout
 
+      # Download and cache dependencies
       - restore_cache:
           keys:
-            - v1-dependencies-{{ checksum "backend/deps.edn" }}
+            - v1-dependencies-{{ checksum "backend/deps.edn" }}-{{ checksum "frontend/deps.edn"}}-{{ checksum "common/deps.edn"}}
+            # fallback to using the latest cache if no exact match is found
+            - v1-dependencies-
+
+      - run: cd .clj-kondo && cat config.edn
+      - run: cat .cljfmt.edn
+      - run: clj-kondo --version
 
       - run:
-          name: "tests"
+          name: "backend fmt check"
           working_directory: "./backend"
           command: |
-            clojure -M:dev:test --reporter kaocha.report/documentation
+            yarn install
+            yarn run fmt:clj:check
+
+      - run:
+          name: "exporter fmt check"
+          working_directory: "./exporter"
+          command: |
+            yarn install
+            yarn run fmt:clj:check
+
+      - run:
+          name: "common fmt check"
+          working_directory: "./common"
+          command: |
+            yarn install
+            yarn run fmt:clj:check
+
+      - run:
+          name: "frontend fmt check"
+          working_directory: "./frontend"
+          command: |
+            yarn install
+            yarn run fmt:clj:check
+            yarn run fmt:js:check
+
+      - run:
+          name: "common linter check"
+          working_directory: "./common"
+          command: |
+            yarn install
+            yarn run lint:clj
+
+      - run:
+          name: "frontend linter check"
+          working_directory: "./frontend"
+          command: |
+            yarn install
+            yarn run lint:scss
+            yarn run lint:clj
+
+      - run:
+          name: "backend linter check"
+          working_directory: "./backend"
+          command: |
+            yarn install
+            yarn run lint:clj
+
+      - run:
+          name: "exporter linter check"
+          working_directory: "./exporter"
+          command: |
+            yarn install
+            yarn run lint:clj
+
+      - run:
+          name: "common tests"
+          working_directory: "./common"
+          command: |
+            yarn test
+            clojure -M:dev:test
+
+      - run:
+          name: "frontend tests"
+          working_directory: "./frontend"
+          command: |
+            yarn install
+            yarn test
+
+      - run:
+          name: "frontend integration tests"
+          working_directory: "./frontend"
+          command: |
+            yarn install
+            yarn run build:app:assets
+            clojure -M:dev:shadow-cljs release main
+            yarn playwright install --with-deps chromium
+            yarn e2e:test
+
+      - run:
+          name: "backend tests"
+          working_directory: "./backend"
+          command: |
+            clojure -M:dev:test
 
           environment:
             PENPOT_TEST_DATABASE_URI: "postgresql://localhost/penpot_test"
@@ -276,67 +128,4 @@ jobs:
       - save_cache:
           paths:
             - ~/.m2
-            - ~/.gitlibs
-          key: v1-dependencies-{{ checksum "backend/deps.edn" }}
-
-  test-render-wasm:
-    docker:
-      - image: penpotapp/devenv:latest
-
-    working_directory: ~/repo
-    resource_class: medium+
-    environment:
-
-    steps:
-      - checkout
-
-      - run:
-          name: "fmt check"
-          working_directory: "./render-wasm"
-          command: |
-            cargo fmt --check
-
-      - run:
-          name: "lint"
-          working_directory: "./render-wasm"
-          command: |
-            ./lint
-
-      - run:
-          name: "cargo tests"
-          working_directory: "./render-wasm"
-          command: |
-            ./test
-
-workflows:
-  penpot:
-    jobs:
-      - lint
-      - test-frontend:
-          requires:
-            - lint: success
-
-      - test-library:
-          requires:
-            - test-frontend: success
-            - lint: success
-
-      - test-components:
-          requires:
-            - test-frontend: success
-            - lint: success
-
-      - test-integration:
-          requires:
-            - test-frontend: success
-            - lint: success
-
-      - test-backend:
-          requires:
-            - lint: success
-
-      - test-common:
-          requires:
-            - lint: success
-
-      - test-render-wasm
+          key: v1-dependencies-{{ checksum "backend/deps.edn" }}-{{ checksum "frontend/deps.edn"}}-{{ checksum "common/deps.edn"}}

.clj-kondo/config.edn

@@ -58,12 +58,6 @@
   :redundant-do
   {:level :off}
 
-  :redundant-ignore
-  {:level :off}
-
-  :redundant-nested-call
-  {:level :off}
-
   :earmuffed-var-not-dynamic
   {:level :off}
 

.cljfmt.edn

@@ -4,6 +4,7 @@
  :remove-consecutive-blank-lines? false
  :extra-indents {rumext.v2/fnc [[:inner 0]]
                  cljs.test/async [[:inner 0]]
+                 app.common.schema/register! [[:inner 0] [:inner 1]]
                  promesa.exec/thread [[:inner 0]]
                  specify! [[:inner 0] [:inner 1]]}
  }

.editorconfig

@@ -11,9 +11,3 @@ end_of_line = lf
 insert_final_newline = true
 
 trim_trailing_whitespace = true
-
-[*.{rs}]
-indent_size = 4
-indent_style = space
-
-end_of_line = lf

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,19 +1,29 @@
-### Related Ticket
+<!--
 
-<!-- Reference the related GitHub/Taiga ticket. -->
+Some key notes before you open a PR:
 
-### Summary
+ 1. Select which branch should this PR be merged in? By default, you should always merge to the develop branch.
+ 2. PR name follows [convention](http://karma-runner.github.io/4.0/dev/git-commit-msg.html)
+ 3. All tests pass locally, UI and Unit tests
+ 4. All business logic and validations must be on the server-side
+ 5. Update necessary Documentation
+ 6. Put `closes #XXXX` in your comment to auto-close the issue that your PR fixes
 
-### Steps to reproduce 
 
-### Checklist
+Also, if you're new here
 
-- [ ] Choose the correct target branch; use `develop` by default.
-- [ ] Provide a brief summary of the changes introduced.
-- [ ] Add a detailed explanation of how to reproduce the issue and/or verify the fix, if applicable.
-- [ ] Include screenshots or videos, if applicable.
-- [ ] Add or modify existing integration tests in case of bugs or new features, if applicable.
-- [ ] Check CI passes successfully.
-- [ ] Update the `CHANGES.md` file, referencing the related GitHub issue, if applicable.
+- Contribution Guide => https://github.com/uxbox/uxbox/blob/develop/CONTRIBUTING.md
 
-<!-- For more details, check the contribution guidelines: https://github.com/penpot/penpot/blob/develop/CONTRIBUTING.md -->
+-->
+
+> Please provide enough information so that others can review your pull request:
+
+<!-- You can skip this if you're fixing a typo or updating existing documentation -->
+
+> Explain the **details** for making this change. What existing problem does the pull request solve?
+
+<!-- Example: When "Adding a function to do X", explain why it is necessary to have a way to do X. -->
+
+> Screenshots/GIFs
+
+<!-- Add images/recordings to better visualize the change: expected/current behviour -->

.github/workflows/build-bundles.yml

@@ -1,129 +0,0 @@
-name: Build and Upload Penpot Bundles non-prod
-
-on:
-  # Create bundler for every tag
-  push:
-    tags:
-      - '**' # Pattern matched against refs/tags
-  # Create bundler every hour between 5:00 and 20:00 on working days
-  schedule:
-    - cron: '0 5-20 * * 1-5'
-  # Create bundler from manual action
-  workflow_dispatch:
-    inputs:
-      zip_mode:
-        # zip_mode defines how the build artifacts are packaged:
-        # - 'individual': creates one ZIP file per component (frontend, backend, exporter)
-        # - 'all': creates a single ZIP containing all components
-        # - null: for the rest of cases (non-manual events)
-        description: 'Bundle packaging mode'
-        required: false
-        default: 'individual'
-        type: choice
-        options:
-          - individual
-          - all
-
-jobs:
-  build-bundles:
-    name: Build and Upload Penpot Bundles
-    runs-on: ubuntu-24.04
-    env:
-      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-      AWS_DEFAULT_REGION: ${{ secrets.AWS_REGION }}
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-
-      - name: Extract somer useful variables
-        id: vars
-        run: |
-          echo "commit_hash=$(git rev-parse --short HEAD)" >> $GITHUB_OUTPUT
-          echo "gh_branch=${{ github.base_ref || github.ref_name }}" >> $GITHUB_OUTPUT
-
-      # Set up Docker Buildx for multi-arch build
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Run manage.sh build-bundle from host
-        run: ./manage.sh build-bundle
-
-      - name: Prepare directories for zipping
-        run: |
-          mkdir zips
-          mv bundles penpot
-
-      - name: Create zip bundles for zip_mode == 'all'
-        if: ${{ github.event.inputs.zip_mode == 'all' }}
-        run: |
-          echo "📦 Packaging Penpot 'all' bundles..."
-          zip -r zips/penpot-all-bundles.zip penpot
-
-      - name: Create zip bundles for zip_mode != 'all'
-        if: ${{ github.event.inputs.zip_mode != 'all' }}
-        run: |
-          echo "📦 Packaging Penpot 'individual' bundles..."
-          zip -r zips/penpot-frontend.zip penpot/frontend
-          zip -r zips/penpot-backend.zip penpot/backend
-          zip -r zips/penpot-exporter.zip penpot/exporter
-
-      - name: Upload unified 'all' bundle
-        if: ${{ github.event.inputs.zip_mode == 'all' }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: penpot-all-bundles
-          path: zips/penpot-all-bundles.zip
-
-      - name: Upload individual bundles
-        if: ${{ github.event.inputs.zip_mode != 'all' }}
-        uses: actions/upload-artifact@v4
-        with:
-          name: penpot-individual-bundles
-          path: |
-            zips/penpot-frontend.zip
-            zips/penpot-backend.zip
-            zips/penpot-exporter.zip
-
-      - name: Upload unified 'all' bundle to S3
-        if: ${{ github.event.inputs.zip_mode == 'all' }}
-        run: |
-          aws s3 cp zips/penpot-all-bundles.zip s3://${{ secrets.S3_BUCKET }}/penpot-all-bundles-${{ steps.vars.outputs.gh_branch}}.zip
-          aws s3 cp zips/penpot-all-bundles.zip s3://${{ secrets.S3_BUCKET }}/penpot-all-bundles-${{ steps.vars.outputs.commit_hash }}.zip
-
-      - name: Upload 'individual' bundles to S3
-        if: ${{ github.event.inputs.zip_mode != 'all' }}
-        run: |
-            for name in penpot-frontend penpot-backend penpot-exporter; do
-              aws s3 cp zips/${name}.zip s3://${{ secrets.S3_BUCKET }}/${name}-${{ steps.vars.outputs.gh_branch }}-latest.zip
-              aws s3 cp zips/${name}.zip s3://${{ secrets.S3_BUCKET }}/${name}-${{ steps.vars.outputs.commit_hash }}.zip
-            done
-
-      - name: Notify Mattermost about automatic bundles
-        if: github.event_name == 'pull_request'
-        uses: mattermost/action-mattermost-notify@master
-        with:
-          MATTERMOST_WEBHOOK_URL: ${{ secrets.MATTERMOST_WEBHOOK }}
-          TEXT: |
-            📦 *Penpot bundle automatically generated*
-            📄 PR: ${{ github.event.pull_request.title }}
-            🔁 From: \`${{ github.head_ref }}\` to \`{{ github.base_ref }}\`
-            🔗 Run: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
-
-      - name: Notify Mattermost about manual bundles
-        if: github.event_name == 'workflow_dispatch'
-        uses: mattermost/action-mattermost-notify@master
-        with:
-          MATTERMOST_WEBHOOK_URL: ${{ secrets.MATTERMOST_WEBHOOK }}
-          TEXT: |
-            📦 *Penpot bundle manually generated*
-            📄 Triggered from branch: `${{ github.ref_name}}`
-            🔗 Run: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}
-
-      - name: Print artifact summary URL
-        run: |
-          echo "📦 Artifacts available at:"
-          echo "🔗 https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}"

.github/workflows/commit-checker.yml

@@ -1,50 +0,0 @@
-name: 'Commit Message Check'
-on:
-  pull_request:
-    types:
-      - opened
-      - edited
-      - reopened
-      - synchronize
-  pull_request_target:
-    types:
-      - opened
-      - edited
-      - reopened
-      - synchronize
-  push:
-    branches:
-      - main
-      - develop
-      - staging
-
-jobs:
-  check-commit-message:
-    name: Check Commit Message
-    runs-on: ubuntu-latest
-    steps:
-      - name: Check Commit Type
-        uses: gsactions/commit-message-checker@v2
-        with:
-          pattern: '^(Merge|:(lipstick|globe_with_meridians|wrench|books|arrow_up|arrow_down|zap|ambulance|construction|boom|fire|whale|bug|sparkles|paperclip|tada|recycle):)\s[A-Z].*[^.]$'
-          flags: 'gm'
-          error: 'Commit should match CONTRIBUTING.md guideline'
-          checkAllCommitMessages: 'true' # optional: this checks all commits associated with a pull request
-          accessToken: ${{ secrets.GITHUB_TOKEN }} # github access token is only required if checkAllCommitMessages is true
-
-      # - name: Check Line Length
-      #   uses: gsactions/commit-message-checker@v2
-      #   with:
-      #     pattern: '^[^#].{74}'
-      #     error: 'The maximum line length of 74 characters is exceeded.'
-      #     excludeDescription: 'true' # optional: this excludes the description body of a pull request
-      #     excludeTitle: 'true' # optional: this excludes the title of a pull request
-      #     checkAllCommitMessages: 'true' # optional: this checks all commits associated with a pull request
-      #     accessToken: ${{ secrets.GITHUB_TOKEN }} # github access token is only required if checkAllCommitMessages is ue
-      # - name: Check for Resolves / Fixes
-      #   uses: gsactions/commit-message-checker@v2
-      #   with:
-      #     pattern: '^.+(Resolves|Fixes): \#[0-9]+$'
-      #     error: 'You need at least one "Resolves|Fixes: #<issue number>" line.'
-
-

.gitignore

@@ -30,7 +30,6 @@
 /*.zip
 /.clj-kondo/.cache
 /_dump
-/notes
 /backend/*.md
 /backend/*.sql
 /backend/*.txt
@@ -69,13 +68,9 @@
 /vendor/**/target
 /vendor/svgclean/bundle*.js
 /web
-/library/target/
-
 clj-profiler/
 node_modules
 /test-results/
 /playwright-report/
 /blob-report/
 /playwright/.cache/
-/render-wasm/target/
-/**/.yarn/*

.nvmrc

@@ -1 +0,0 @@
-v22.13.1

CHANGES.md

@@ -1,479 +1,17 @@
 # CHANGELOG
 
-## 2.8.0 (Next / Unreleased)
-
-### :rocket: Epics and highlights
-
-### :boom: Breaking changes & Deprecations
-
-**Penpot Library**
-
-The initial prototype is completly reworked for provide a more consistent API
-and to have proper validation and params decoding. All the details can be found
-on [its own changelog](library/CHANGES.md)
-
-**Penpot migrate from Redis to Valkey**
-
-As [Valkey](https://valkey.io/) is an opne-souce fork of [Redis](https://redis.io/)
-version 7.2.4, this version of Penpot will be compatible with Redis but may diverge 
-in future versions. Therefore, **migration from Redis to ValKey is recommended for all 
-on-premises instances** that want to keep up to date.
-
-### :heart: Community contributions (Thank you!)
-- Add Serbian language [GitHub #5002](https://github.com/penpot/penpot/issues/5002) by [crnobog69](https://github.com/crnobog69)
-
-### :sparkles: New features & Enhancements
-
-- Optimize profile setup flow for better user experience [Taiga #10028](https://tree.taiga.io/project/penpot/us/10028)
-- Rewrite path shape data PathData encoding [Taiga #8542](https://tree.taiga.io/project/penpot/us/8542?milestone=441308)
-- Update base image for Docker Backend and Exporter to Ubuntu 24.04
-- Update base image for Docker Frontend to Nginx 1.28.0
-- Allow multi file token import [Github #27](https://github.com/tokens-studio/penpot/issues/27)
-- Create `input*` wrapper component, and `label*`, `input-field*` and `hint-message*` components [Taiga #10713](https://tree.taiga.io/project/penpot/us/10713)
-- Deselect layers (and path nodes) with Ctrl+Shift+Drag [Github #2509](https://github.com/penpot/penpot/issues/2509)
-- Copy to SVG from contextual menu [Github #838](https://github.com/penpot/penpot/issues/838)
-- Add styles for Inkeep Chat at workspace [Taiga #10708](https://tree.taiga.io/project/penpot/us/10708)
-- Add configuration for air gapped installations with Docker
-- Support system color scheme [Github #5030](https://github.com/penpot/penpot/issues/5030)
-- Persist ruler visibility across files and reloads [GitHub #4586](https://github.com/penpot/penpot/issues/4586)
-- Update google fonts (at 2025/05/19) [Taiga 10792](https://tree.taiga.io/project/penpot/us/10792)
-- Add tooltip component to DS [Taiga 9220](https://tree.taiga.io/project/penpot/us/9220)
-- Allow multi file token export [Taiga #10144](https://tree.taiga.io/project/penpot/us/10144)
-- Fix problem when double click on hidden shapes [Taiga #11314](https://tree.taiga.io/project/penpot/issue/11314)
-
-### :bug: Bugs fixed
-
-- Fix getCurrentUser for plugins api [Taiga #11057](https://tree.taiga.io/project/penpot/issue/11057)
-- Fix spacing / sizes of different elements in the measurements section of the design tab [Taiga #11076](https://tree.taiga.io/project/penpot/issue/11076)
-- Fix selection of short paths [Github #4472](https://github.com/penpot/penpot/issues/4472)
-- Fix element positioning on the right side to adjust to grid [#11073](https://tree.taiga.io/project/penpot/issue/11073)
-- Fix palette is over sidebar [#11160](https://tree.taiga.io/project/penpot/issue/11160)
-- Fix font size input not displaying "mixed" when multiple texts are selected [Taiga #11177](https://tree.taiga.io/project/penpot/issue/11177)
-- Misalignments at Create account [Taiga #11315](https://tree.taiga.io/project/penpot/issue/11315)
-- Fix issue with importing files where flex/grid is used [Taiga #11334](https://tree.taiga.io/project/penpot/issue/11334)
-- Fix wrong color in the export progress bar [Taiga #11299](https://tree.taiga.io/project/penpot/issue/11299)
-- Fix right sidebar width overflow on long layer names [Taiga #11212](https://tree.taiga.io/project/penpot/issue/11212)
-- Fix comment icon fill [Taiga #11388](https://tree.taiga.io/project/penpot/issue/11388)
-- Fix gap on radio-buttons component [Taiga #11360](https://tree.taiga.io/project/penpot/issue/11360)
-- Fix button width [Taiga #11394](https://tree.taiga.io/project/penpot/issue/11394)
-- Fix mixed letter spacing and line height [Taiga #11178](https://tree.taiga.io/project/penpot/issue/11178)
-- Fix snap nodes shortcut [Taiga #11054](https://tree.taiga.io/project/penpot/issue/11054)
-- Fix changing a text property in a text layer does not unapply the previously applied token in the same property [Taiga #11337](https://tree.taiga.io/project/penpot/issue/11337)
-- Fix shortcut error pressing G+W from the View Mode [Taiga #11061](https://tree.taiga.io/project/penpot/issue/11061)
-- Fix entering long project name [Taiga #11417](https://tree.taiga.io/project/penpot/issue/11417)
-- Fix slow color picker [Taiga #11019](https://tree.taiga.io/project/penpot/issue/11019)
-- Fix tooltip position after click [Taiga #11405](https://tree.taiga.io/project/penpot/issue/11405)
-- Fix incorrect media translation on paste text with fill images [Github #6845](https://github.com/penpot/penpot/pull/6845)
-
-## 2.7.2
-
-### :bug: Bugs fixed
-
-- Update plugins runtime [Github #6604](https://github.com/penpot/penpot/pull/6604)
-- Backport from develop a minor fix that enables import of files
-  generated by penpot library [Github #6614](https://github.com/penpot/penpot/pull/6614)
-- Fix copy in error message [GitHub #6615](https://github.com/penpot/penpot/pull/6615)
-- Fix url on invitation link [Taiga #11284](https://tree.taiga.io/project/penpot/issue/11284)
-
-
-## 2.7.1
-
-### :bug: Bugs fixed
-
-- Fix incorrect handling of strokes with images on importing files
-- Fix tokens disappearing after manual additions [Taiga #11063](https://tree.taiga.io/project/penpot/issue/11063)
-
-
-## 2.7.0
-
-### :rocket: Epics and highlights
-
-### :boom: Breaking changes & Deprecations
-
-### :heart: Community contributions (Thank you!)
-
-- Design improvements to the Invitations page with an empty state [GitHub #2608](https://github.com/penpot/penpot/issues/2608) by [@iprithvitharun](https://github.com/iprithvitharun)
-
-### :sparkles: New features
-
-- Update board presets with a newer devices [Taiga #10610](https://tree.taiga.io/project/penpot/us/10610)
-- Propagate "sharing a prototype" to editors and viewers [Taiga #8853](https://tree.taiga.io/project/penpot/us/8853)
-- Design improvements to the Invitations page with an empty state [Taiga #4554](https://tree.taiga.io/project/penpot/us/4554)
-- Duplicate token sets [Taiga #10694](https://tree.taiga.io/project/penpot/issue/10694)
-- Add set selection in create Token themes flow [Taiga #10746](https://tree.taiga.io/project/penpot/issue/10746)
-- Display indicator on not active sets [Taiga #10668](https://tree.taiga.io/project/penpot/issue/10668)
-
-### :bug: Bugs fixed
-
-- Fix "at" icon to match all icons on app [Taiga #11136](https://tree.taiga.io/project/penpot/issue/11136)
-- Fix problem in viewer with the back button [Taiga #10907](https://tree.taiga.io/project/penpot/issue/10907)
-- Fix resize bar background on tokens panel [Taiga #10811](https://tree.taiga.io/project/penpot/issue/10811)
-- Fix shortcut for history version panel [Taiga #11006](https://tree.taiga.io/project/penpot/issue/11006)
-- Fix positioning of comment drafts when near the right / bottom edges of viewport [Taiga #10534](https://tree.taiga.io/project/penpot/issue/10534)
-- Fix path having a wrong selrect [Taiga #10257](https://tree.taiga.io/project/penpot/issue/10257)
-- Fix SVG `stroke-linecap` property when importing SVGs [Taiga #9489](https://tree.taiga.io/project/penpot/issue/9489)
-- Fix position problems cutting-pasting a component [Taiga #10677](https://tree.taiga.io/project/penpot/issue/10677)
-- Fix design tab has a horizontal scroll [Taiga #10660](https://tree.taiga.io/project/penpot/issue/10660)
-- Fix long file names being clipped when longer than allowed length [Taiga #10662](https://tree.taiga.io/project/penpot/issue/10662)
-- Fix problem with error detail in toast [Taiga #10519](https://tree.taiga.io/project/penpot/issue/10519)
-- Fix view mode error when an external user tries to export something from a prototype using a shared link [Taiga #10251](https://tree.taiga.io/project/penpot/issue/10251)
-- Fix merge path nodes with only one node selected [Taiga #9626](https://tree.taiga.io/project/penpot/issue/9626)
-- Fix problem with import errors [Taiga #10040](https://tree.taiga.io/project/penpot/issue/10040)
-- Fix color gradient on texts [Taiga Issue #7488](https://tree.taiga.io/project/penpot/issue/7488)
-- Add support for self mentions [Taiga #10809](https://tree.taiga.io/project/penpot/issue/10809)
-- Fix team info settings alignment [Taiga #10869](https://tree.taiga.io/project/penpot/issue/10869)
-- Fix left sidebar horizontal scroll on nested layers [Taiga #10791](https://tree.taiga.io/project/penpot/issue/10791)
-- Improve error message details importing tokens [Taiga Issue #10772](https://tree.taiga.io/project/penpot/issue/10772)
-- Fix no selected set after Drag & Drop [Github #71](https://github.com/tokens-studio/penpot/issues/71)
-- Styledictionary v5 Update [Github #6283](https://github.com/penpot/penpot/pull/6283)
-- Fix Rename a set throws an internal error [Github #78](https://github.com/tokens-studio/penpot/issues/78)
-- Fix Out of Sync Token Value & Color Picker [Github #102](https://github.com/tokens-studio/penpot/issues/102)
-- Fix Color should preserve color space [Github #69](https://github.com/tokens-studio/penpot/issues/69)
-- Fix cannot rename Design Token Sets when group of same name exists [Taiga Issue #10773](https://tree.taiga.io/project/penpot/issue/10773)
-- Fix problem when duplicating grid layout [Github #6391](https://github.com/penpot/penpot/issues/6391)
-- Fix issue that makes workspace shortcuts stop working [Taiga #11062](https://tree.taiga.io/project/penpot/issue/11062)
-- Fix problem while syncing library colors and typographies [Taiga #11068](https://tree.taiga.io/project/penpot/issue/11068)
-- Fix problem with path edition of shapes [Taiga #9496](https://tree.taiga.io/project/penpot/issue/9496)
-- Fix exception on paste invalid html [Taiga #11047](https://tree.taiga.io/project/penpot/issue/11047)
-- Fix share button being displayed with no permissions [Taiga #11086](https://tree.taiga.io/project/penpot/issue/11086)
-- Fix inline styles in code tab [Taiga Issue #7583](https://tree.taiga.io/project/penpot/issue/7583)
-- Fix exception on returning openapi.json
-- Fix json encoding of TokensLib [Taiga #10994](https://tree.taiga.io/project/penpot/issue/10994)
-
-## 2.6.2
-
-### :bug: Bugs fixed
-
-- Increase the height of the right sidebar dropdowns [Taiga #10615](https://tree.taiga.io/project/penpot/issue/10615)
-- Fix scroll on token themes modal [Taiga #10745](https://tree.taiga.io/project/penpot/issue/10745)
-- Fix collapsing grouped sets in "edit Theme" closes the dialog [Taiga #10771](https://tree.taiga.io/project/penpot/issue/10771)
-- Fix unexpected exception on path editor on merge segments when undo stack is empty
-- Fix pricing CTA to be under a config flag [Taiga #10808](https://tree.taiga.io/project/penpot/issue/10808)
-- Fix allow moving a main component into another [Taiga #10818](https://tree.taiga.io/project/penpot/issue/10818)
-- Fix several issues with internal srepl helpers
-- Fix unexpected exception on template import from libraries
-- Fix incorrect uuid parsing from different parts of code
-- Fix update layout on component restore [Taiga #10637](https://tree.taiga.io/project/penpot/issue/10637)
-- Fix horizontal scroll in viewer [Github #6290](https://github.com/penpot/penpot/issues/6290)
-- Fix detach component in a particular case [Taiga #10837](https://tree.taiga.io/project/penpot/issue/10837)
-
-## 2.6.1
-
-### :bug: Bugs fixed
-
-- Fix webhooks not shown in list [Taiga #10763](https://tree.taiga.io/project/penpot/issue/10763)
-- Fix colorpicker scroll when dropdown displayed [Taiga #10696](https://tree.taiga.io/project/penpot/issue/10696)
-- Clean internal workspace state on exit or url changed [Taiga #10619](https://tree.taiga.io/project/penpot/issue/10619)
-
-## 2.6.0
-
-### :rocket: Epics and highlights
-
-- Design Tokens
-
-### :boom: Breaking changes & Deprecations
-
-### :heart: Community contributions (Thank you!)
-
-### :sparkles: New features
-
-- [COMMENTS] "Mark All as Read" Functionality in Dashboard [Taiga #9235](https://tree.taiga.io/project/penpot/us/9235)
-- [COMMENTS] Bubble Groups [Taiga #9236](https://tree.taiga.io/project/penpot/us/9236)
-- Change templates carrousel [Taiga #9803](https://tree.taiga.io/project/penpot/us/9803)
-- [DESIGN TOKENS] Tokens CRUD. Types added: Color, Opacity, Border radius, Dimension, Sizing, Spacing, Rotation and Stroke.
-- [DESIGN TOKENS] Create references (alias) that point to other tokens.
-- [DESIGN TOKENS] Math operations in token values.
-- [DESIGN TOKENS] Sets CRUD, grouping and reordering.
-- [DESIGN TOKENS] Multidimensional Themes and Sets management.
-- [DESIGN TOKENS] Apply/Remove tokens to/from elements from the Tokens tab.
-- [DESIGN TOKENS] Integration with components.
-- [DESIGN TOKENS] Import and export tokens from a JSON file.
-- [DESIGN TOKENS] Apply Themes and Sets at document level.
-- Add more descriptive tooltip to boards for first time users [Taiga #9426](https://tree.taiga.io/project/penpot/us/9426)
-- First State of a Project Changes Consolidation [Taia #10605](https://tree.taiga.io/project/penpot/us/10605)
-
-### :bug: Bugs fixed
-
-- Fix opacity in frame containers [Github #5858](https://github.com/penpot/penpot/pull/5858)
-- Avoid resizing on click [Taiga #10213](https://tree.taiga.io/project/penpot/issue/10213)
-- Hide horizontal scroll from dashboard sidebar [Taiga #10422](https://tree.taiga.io/project/penpot/issue/10422)
-- Fix cut and paste a copy a cmponent inside its parent [Taiga #10365](https://tree.taiga.io/project/penpot/us/10365)
-- Fix duplicate page with component over frame [Taiga #8151](https://tree.taiga.io/project/penpot/issue/8151) and [Taiga #9698](https://tree.taiga.io/project/penpot/issue/9698)
-- The plugin list in the navigation menu lacks scrolling, some plugins are not visible when a large number are installed [Taiga #9360](https://tree.taiga.io/project/penpot/us/9360)
-- Fix hidden toolbar click event still available [Taiga #10437](https://tree.taiga.io/project/penpot/us/10437)
-- Fix hovering over templates [Taiga #10545](https://tree.taiga.io/project/penpot/issue/10545)
-- Fix problem with default shadows value in plugins [Plugins #191](https://github.com/penpot/penpot-plugins/issues/191)
-- Fix problem with constraints when creating group [Taiga #10455](https://tree.taiga.io/project/penpot/issue/10455)
-- Fix opening pen with shortcut multiple times breaks toolbar [Taiga #10566](https://tree.taiga.io/project/penpot/issue/10566)
-- Fix actions when workspace is visited first time [Taiga #10548](https://tree.taiga.io/project/penpot/issue/10548)
-- Chat icon overlaps "Show" button in carrousel section [Taiga #10542](https://tree.taiga.io/project/penpot/issue/10542)
-- Fix assets name on inspect tab [Taiga #10630](https://tree.taiga.io/project/penpot/issue/10630)
-- Fix chat icon overlaps "Show" button in carrousel section [Taiga #10542](https://tree.taiga.io/project/penpot/issue/10542)
-- Fix incorrect handling of background task result (now task rows are properly marked as completed)
-- Fix available size of resize handler [Taiga #10639](https://tree.taiga.io/project/penpot/issue/10639)
-- Internal error when install a plugin by penpothub - Try plugin [Taiga #10542](https://tree.taiga.io/project/penpot/issue/10542)
-- Add character limitation to asset inputs [Taiga #10669](https://tree.taiga.io/project/penpot/issue/10669)
-- Fix Storybook link 'list of all available icons' wrong path [Taiga #10705](https://tree.taiga.io/project/penpot/issue/10705)
-
-
-## 2.5.4
-
-### :heart: Community contributions (Thank you!)
-
-- Add support for WEBP format on shape export [Github #6053](https://github.com/penpot/penpot/pull/6053) and [Github #6074](https://github.com/penpot/penpot/pull/6074)
-
-### :bug: Bugs fixed
-
-- Fix feature loading on workspace when opening a file in a background
-  tab [Taiga #10377](https://tree.taiga.io/project/penpot/issue/10377)
-- Fix minor inconsistencies on RPC `get-file-libraries` and `get-file`
-  methods (add missing team-id prop)
-- Fix problem with viewer role and inspect mode [Taiga #9751](https://tree.taiga.io/project/penpot/issue/9751)
-- Fix error when clicking on a comment at the viewer's sidebar [Taiga #10465](https://tree.taiga.io/project/penpot/issue/10465)
-
-## 2.5.3
-
-### :bug: Bugs fixed
-
-- Component sync issues with multiple tabs [Taiga #10471](https://tree.taiga.io/project/penpot/issue/10471)
-
-## 2.5.2
-
-### :sparkles: New features
-
-- When the workspace is empty, set default the board creation tool [Taiga #9425](https://tree.taiga.io/project/penpot/us/9425)
-
-### :bug: Bugs fixed
-
-- Fix scroll on storybook docs [taiga #9962](https://tree.taiga.io/project/penpot/issue/9962)
-- Navigate tracking event firing multiple times [Taiga #10415](https://tree.taiga.io/project/penpot/issue/10415)
-- Fix problem with selection colors [Taiga #10376](https://tree.taiga.io/project/penpot/issue/10376)
-- Fix scroll on storybook icons list [taiga #9962](https://tree.taiga.io/project/penpot/issue/9962)
-
-## 2.5.1
-
-### :sparkles: New features
-
-- Improve Nginx entryponit to get the resolvers dinamically by default
-
-## 2.5.0
-
-### :boom: Breaking changes & Deprecations
-
-Although this is not a breaking change, we believe it’s important to highlight it in this
-section:
-
-This release includes a fix for an internal bug in Penpot that caused incorrect handling
-of media assets (e.g., fill images). The issue has been resolved since version 2.4.3, so
-no new incorrect references will be generated. However, existing files may still contain
-incorrect references.
-
-To address this, we’ve provided a script to correct these references in existing files.
-
-While having incorrect references generally doesn’t result in visible issues, there are
-rare cases where it can cause problems. For example, if a component library (containing
-images) is deleted, and that library is being used in other files, running the FileGC task
-(responsible for freeing up space and performing logical deletions) could leave those
-files with broken references to the images.
-
-To execute script:
-
-```bash
-docker exec -ti <container-name-or-id> ./run.sh app.migrations.media-refs '{:max-jobs 1}'
-```
-
-If you have a big database and many cores available, you can reduce the time of processing
-all files by increasing paralelizacion changing the `max-jobs` value from 1 to N (where N
-is a number of cores)
-
-### :sparkles: New features
-
-- [GRADIENTS] New gradients UI with multi-stop support. [Taiga #3418](https://tree.taiga.io/project/penpot/epic/3418)
-- [GRADIENTS] Radial Gradient [Taiga #8768](https://tree.taiga.io/project/penpot/us/8768)
-- Shareable link pointing to an specific board. [Taiga #3219](https://tree.taiga.io/project/penpot/us/3219)
-- Copy styles in CSS [Taiga #9401](https://tree.taiga.io/project/penpot/us/9401)
-- Copy/paste shape styles (fills, strokes, shadows, etc..) [Taiga #8937](https://tree.taiga.io/project/penpot/us/8937)
-- Copy text content to clipboard [Taiga #9970](https://tree.taiga.io/project/penpot/us/9970?milestone=424203)
-- Resize board to fit content option [Taiga #4707](https://tree.taiga.io/project/penpot/us/4707)
-- Rename selected layer via Board name [Taiga #9430](https://tree.taiga.io/project/penpot/us/9430)
-- [COMMENTS] Mention Functionality with and Sidebar Filters [Taiga #9237](https://tree.taiga.io/project/penpot/us/9237)
-- [COMMENTS] Visual Changes in Comments [Taiga #9234](https://tree.taiga.io/project/penpot/us/9234)
-- [COMMENTS] Notifications in Backend, Profile Section, and Mention Email Notification [Taiga #9233](https://tree.taiga.io/project/penpot/us/9233)
-
-### :bug: Bugs fixed
-
-- Fix menu shadow color [Taiga #10102](https://tree.taiga.io/project/penpot/issue/10102)
-- Fix missing state refresh on notifications update [Taiga #10253](https://tree.taiga.io/project/penpot/issue/10253)
-- Fix icon visualization on select component [Taiga #8889](https://tree.taiga.io/project/penpot/issue/8889)
-- Fix typo on integration tests docs [Taiga #10112](https://tree.taiga.io/project/penpot/issue/10112)
-- Fix menu shadow color [Taiga #10102](https://tree.taiga.io/project/penpot/issue/10102)
-- Fix problem with alt key measures being stuck [Taiga #9348](https://tree.taiga.io/project/penpot/issue/9348)
-- Fix error when reseting stroke cap
-- Fix problem with strokes not refreshing in Safari [Taiga #9040](https://tree.taiga.io/project/penpot/issue/9040)
-- Fix problem with multiple color changes [Taiga #9631](https://tree.taiga.io/project/penpot/issue/9631)
-- Fix create new layers in a component copy [Taiga #10037](https://tree.taiga.io/project/penpot/issue/10037)
-- Fix problem in plugins with zoomIntoView [Plugins #189](https://github.com/penpot/penpot-plugins/issues/189)
-- Fix problem in plugins with renaming components [Taiga #10060](https://tree.taiga.io/project/penpot/issue/10060)
-- Added upload svg with images method [#5489](https://github.com/penpot/penpot/issues/5489)
-- Fix problem with root frame parent reference [Taiga #9437](https://tree.taiga.io/project/penpot/issue/9437)
-- Fix change flex direction using plugins API [Taiga #9407](https://tree.taiga.io/project/penpot/issue/9407)
-- Fix problem opening url when page-id didn't exist [Taiga #10157](https://tree.taiga.io/project/penpot/issue/10157)
-- Fix problem with onboarding to a team [Taiga #10143](https://tree.taiga.io/project/penpot/issue/10143)
-- Fix problem with grid layout crashing [Taiga #10127](https://tree.taiga.io/project/penpot/issue/10127)
-- Fix rename locked boards [Taiga #10174](https://tree.taiga.io/project/penpot/issue/10174)
-- Fix update-libraries dialog disappear when clicking outside [Taiga #10238](https://tree.taiga.io/project/penpot/issue/10238)
-- Fix incorrect handling of team access requests with deleted/recreated users
-- Fix incorect handling of profile settings related to invitation notifications [Taiga #10252](https://tree.taiga.io/project/penpot/issue/10252)
-
-## 2.4.3
-
-### :bug: Bugs fixed
-
-- Fix errors from editable select on measures menu [Taiga #9888](https://tree.taiga.io/project/penpot/issue/9888)
-- Fix exception on importing some templates from templates slider
-- Consolidate adding share button to workspace
-- Fix problem when pasting text [Taiga #9929](https://tree.taiga.io/project/penpot/issue/9929)
-- Fix incorrect media reference handling on component instantiation
-
-## 2.4.2
-
-### :bug: Bugs fixed
-
-- Fix detach when top copy is dangling and nested copy is not [Taiga #9699](https://tree.taiga.io/project/penpot/issue/9699)
-- Fix problem in plugins with `replaceColor` method [#174](https://github.com/penpot/penpot-plugins/issues/174)
-- Fix issue with recursive commponents [Taiga #9903](https://tree.taiga.io/project/penpot/issue/9903)
-- Fix missing methods reference on API Docs
-- Fix memory usage issue on file-gc asynchronous task (related to snapshots feature)
-
-
-## 2.4.1
-
-### :bug: Bugs fixed
-
-- Fix error when importing files with touched components [Taiga #9625](https://tree.taiga.io/project/penpot/issue/9625)
-- Fix problem when changing color libraries [Plugins #184](https://github.com/penpot/penpot-plugins/issues/184)
-
-
-## 2.4.0
-
-### :rocket: Epics and highlights
-
-### :boom: Breaking changes & Deprecations
-
-- Use [nginx-unprivileged](https://hub.docker.com/r/nginxinc/nginx-unprivileged) as base image for
-  Penpot's frontend docker image. Now all the docker images runs with the same unprivileged user
-  (penpot). Because of that, the default NGINX listen port is now 8080 instead of 80, so
-  you will have to modify your infrastructure to apply this change.
-
-- Redis 7.2 is explicitly pinned in our example docker-compose.yml file. This is done because,
-  starting with the next versions, Redis is no longer distributed under an open-source license.
-  On-premise users are obviously free to upgrade to the version they are using or a more modern one.
-  Keep in mind that if you were using a version other than 7.2, you may have to recreate the volume
-  associated with the Redis container because the 7.2 storage format may not be compatible with what
-  you already have stored on the volume, and Redis may not start. In the near future, we will evaluate
-  whether to move to an open-source version of Redis (such as https://valkey.io/).
-
-### :heart: Community contributions (Thank you!)
-
-### :sparkles: New features
-
-- Viewer role for team members [Taiga #1056](https://tree.taiga.io/project/penpot/us/1056) & [Taiga #6590](https://tree.taiga.io/project/penpot/us/6590)
-- File history versions management [Taiga #187](https://tree.taiga.io/project/penpot/us/187?milestone=411120)
-- Rename selected layer via keyboard shortcut and context menu option [Taiga #8882](https://tree.taiga.io/project/penpot/us/8882)
-- New .penpot file format [Taiga #8657](https://tree.taiga.io/project/penpot/us/8657)
-
-### :bug: Bugs fixed
-
-- Fix problem with some texts desynchronization [Taiga #9379](https://tree.taiga.io/project/penpot/issue/9379)
-- Fix problem with reoder grid layers [#5446](https://github.com/penpot/penpot/issues/5446)
-- Fix problem with swap component style [#9542](https://tree.taiga.io/project/penpot/issue/9542)
-
-## 2.3.3
-
-### :bug: Bugs fixed
-
-- Fix problem creating manual overlay interactions [Taiga #9146](https://tree.taiga.io/project/penpot/issue/9146)
-- Fix plugins list default URL
-- Activate plugins feature by default
-
-## 2.3.2
-
-### :bug: Bugs fixed
-
-- Fix null pointer exception on number checking functions
-- Fix problem with grid layout ordering after moving [Taiga #9179](https://tree.taiga.io/project/penpot/issue/9179)
-
-### :books: Documentation
-
-- Add initial documentation for Kubernetes
-
-
-## 2.3.1
-
-### :bug: Bugs fixed
-
-- Fix unexpected issue on interaction between plugins sandbox and
-  internal impl of promise
-
-
 ## 2.3.0
 
 ### :rocket: Epics and highlights
 
-- **New plugin system.**
-
-  Penpot now supports custom plugins. Read everything about developing your plugins [HERE](https://help.penpot.app/plugins/)
-
 ### :boom: Breaking changes & Deprecations
 
 ### :heart: Community contributions (Thank you!)
 
-- All our plugins beta testers :heart:.
-- Fix problem when translating multiple path points by @eeropic [#4459](https://github.com/penpot/penpot/issues/4459)
-
 ### :sparkles: New features
 
-- **Replace Draft.js completely with a custom editor** [Taiga #7706](https://tree.taiga.io/project/penpot/us/7706)
-
-  This refactor adds better IME support, more performant text editing
-  experience and a better clipboard support while keeping full
-  retrocompatibility with previous editor.
-
-  You can enable it with the `enable-feature-text-editor-v2` configuration flag.
-
-
 ### :bug: Bugs fixed
 
-- Fix problem with constraints buttons [Taiga #8465](https://tree.taiga.io/project/penpot/issue/8465)
-- Fix problem with go back button on error page [Taiga #8887](https://tree.taiga.io/project/penpot/issue/8887)
-- Fix problem with shadows in text for Safari [Taiga #8770](https://tree.taiga.io/project/penpot/issue/8770)
-- Fix a regression with feedback form subject and content limits [Taiga #8908](https://tree.taiga.io/project/penpot/issue/8908)
-- Fix problem with stroke and filter ordering in frames [Github #5058](https://github.com/penpot/penpot/issues/5058)
-- Fix problem with hover layers when hidden/blocked [Github #5074](https://github.com/penpot/penpot/issues/5074)
-- Fix problem with precision on boolean calculation [Taiga #8482](https://tree.taiga.io/project/penpot/issue/8482)
-- Fix problem when translating multiple path points [Github #4459](https://github.com/penpot/penpot/issues/4459)
-- Fix problem on importing (and exporting) files with flows [Taiga #8914](https://tree.taiga.io/project/penpot/issue/8914)
-- Fix Internal Error page: "go to your penpot" wrong design [Taiga #8922](https://tree.taiga.io/project/penpot/issue/8922)
-- Fix problem updating layout when toggle visibility in component copy [Github #5143](https://github.com/penpot/penpot/issues/5143)
-- Fix "Done" button on toolbar on inspect mode should go to design mode [Taiga #8933](https://tree.taiga.io/project/penpot/issue/8933)
-- Fix problem with shortcuts in text editor [Github #5078](https://github.com/penpot/penpot/issues/5078)
-- Fix problems with show in viewer and interactions [Github #4868](https://github.com/penpot/penpot/issues/4868)
-- Add visual feedback when moving an element into a board [Github #3210](https://github.com/penpot/penpot/issues/3210)
-- Fix percent calculation on grid layout tracks [Github #4688](https://github.com/penpot/penpot/issues/4688)
-- Fix problem with caps and inner shadows [Github #4517](https://github.com/penpot/penpot/issues/4517)
-- Fix problem with horizontal/vertical lines and shadows [Github #4516](https://github.com/penpot/penpot/issues/4516)
-- Fix problem with layers overflowing panel [Taiga #9021](https://tree.taiga.io/project/penpot/issue/9021)
-- Fix in workspace you can manage rulers on view mode [Taiga #8966](https://tree.taiga.io/project/penpot/issue/8966)
-- Fix problem with swap components in grid layout [Taiga #9066](https://tree.taiga.io/project/penpot/issue/9066)
-
-## 2.2.1
-
-### :bug: Bugs fixed
-
-- Fix problem with Ctrl+F shortcut on the dashboard [Taiga #8876](https://tree.taiga.io/project/penpot/issue/8876)
-- Fix visual problem with the font-size dropdown in assets [Taiga #8872](https://tree.taiga.io/project/penpot/issue/8872)
-- Add limits for invitation RPC methods (hard limit 25 emails per request)
-
 ## 2.2.0
 
 ### :rocket: Epics and highlights
@@ -564,7 +102,6 @@ time being.
 - Fix problem with comments max length [Taiga #8778](https://tree.taiga.io/project/penpot/issue/8778)
 - Fix copy/paste images in Safari [Taiga #8771](https://tree.taiga.io/project/penpot/issue/8771)
 - Fix swap when the copy is the only child of a group [#5075](https://github.com/penpot/penpot/issues/5075)
-- Fix file builder hangs when exporting [#5099](https://github.com/penpot/penpot/issues/5099)
 
 ## 2.1.5
 
@@ -611,7 +148,7 @@ time being.
 
 ### :boom: Breaking changes & Deprecations
 
-### :heart: Communityq contributions (Thank you!)
+### :heart: Community contributions (Thank you!)
 
 ### :sparkles: New features
 

CODE_OF_CONDUCT.md

@@ -1,3 +0,0 @@
-# Penpot's Code of Conduct
-
-Check it at: https://help.penpot.app/contributing-guide/coc/

CONTRIBUTING.md

@@ -1,59 +1,62 @@
 # Contributing Guide #
 
 Thank you for your interest in contributing to Penpot. This is a
-generic guide that details how to contribute to the project in a way that
-is efficient for everyone. If you are looking for specific documentation on
-different parts of the platform, please refer to the `docs/` directory,
-or the rendered version at the [Help Center](https://help.penpot.app/).
+generic guide that details how to contribute to Penpot in a way that
+is efficient for everyone. If you want a specific documentation for
+different parts of the platform, please refer to `docs/` directory.
+
 
 ## Reporting Bugs ##
 
 We are using [GitHub Issues](https://github.com/penpot/penpot/issues)
-for our public bugs. We keep a close eye on them and try to make it
+for our public bugs. We keep a close eye on this and try to make it
 clear when we have an internal fix in progress. Before filing a new
 task, try to make sure your problem doesn't already exist.
 
-If you found a bug, please report it, as far as possible, with:
+If you found a bug, please report it, as far as possible with:
 
 - a detailed explanation of steps to reproduce the error
-- the browser and browser version used
-- a dev tools console exception stack trace (if available)
+- a browser and the browser version used
+- a dev tools console exception stack trace (if it is available)
 
-If you found a bug which you think is better to discuss in private (for
-example, security bugs), consider first sending an email to
+If you found a bug that you consider better discuss in private (for
+example: security bugs), consider first send an email to
 `support@penpot.app`.
 
-**We don't have a formal bug bounty program for security reports; this
-is an open source application, and your contribution will be recognized
+**We don't have formal bug bounty program for security reports; this
+is an open source application and your contribution will be recognized
 in the changelog.**
 
 
-## Pull Requests ##
+## Pull requests ##
 
-If you want to propose a change or bug fix via a pull request (PR),
-you should first carefully read the section **Developer's Certificate of
-Origin**. You must also format your code and commits according to the
-instructions below.
+If you want propose a change or bug fix with the Pull-Request system
+firstly you should carefully read the **DCO** section and format your
+commits accordingly.
 
-If you intend to fix a bug, it's fine to submit a pull request right
-away, but we still recommend filing an issue detailing what you're
+If you intend to fix a bug it's fine to submit a pull request right
+away but we still recommend to file an issue detailing what you're
 fixing. This is helpful in case we don't accept that specific fix but
 want to keep track of the issue.
 
-If you want to implement or start working on a new feature, please
-open a **question*- / **discussion*- issue for it. No PR
-will be accepted without a prior discussion about the changes,
-whether it is a new feature, an already planned one, or a quick win.
+If you want to implement or start working in a new feature, please
+open a **question** / **discussion** issue for it. No pull-request
+will be accepted without previous chat about the changes,
+independently if it is a new feature, already planned feature or small
+quick win.
 
-If it is your first PR, you can learn how to proceed from
-[this free video
-series](https://egghead.io/courses/how-to-contribute-to-an-open-source-project-on-github)
+If is going to be your first pull request, You can learn how from this
+free video series:
+
+https://egghead.io/courses/how-to-contribute-to-an-open-source-project-on-github
+
+We will use the `easy fix` mark for tag for indicate issues that are
+easy for beginners.
 
-We use the `easy fix` tag to indicate issues that are appropriate for beginners.
 
 ## Commit Guidelines ##
 
-We have very precise rules on how our git commit messages must be formatted.
+We have very precise rules over how our git commit messages can be formatted.
 
 The commit message format is:
 
@@ -68,37 +71,33 @@ The commit message format is:
 Where type is:
 
 - :bug: `:bug:` a commit that fixes a bug
-- :sparkles: `:sparkles:` a commit that adds an improvement
-- :tada: `:tada:` a commit with a new feature
+- :sparkles: `:sparkles:` a commit that an improvement
+- :tada: `:tada:` a commit with new feature
 - :recycle: `:recycle:` a commit that introduces a refactor
 - :lipstick: `:lipstick:` a commit with cosmetic changes
-- :ambulance: `:ambulance:` a commit that fixes a critical bug
+- :ambulance: `:ambulance:` a commit that fixes critical bug
 - :books: `:books:` a commit that improves or adds documentation
-- :construction: `:construction:` a WIP commit
+- :construction: `:construction:`: a wip commit
 - :boom: `:boom:` a commit with breaking changes
 - :wrench: `:wrench:` a commit for config updates
 - :zap: `:zap:` a commit with performance improvements
-- :whale: `:whale:` a commit for Docker-related stuff
-- :paperclip: `:paperclip:` a commit with other non-relevant changes
-- :arrow_up: `:arrow_up:` a commit with dependency updates
-- :arrow_down: `:arrow_down:` a commit with dependency downgrades
-- :fire: `:fire:` a commit that removes files or code
-- :globe_with_meridians: `:globe_with_meridians:` a commit that adds or updates
-  translations
+- :whale: `:whale:` a commit for docker related stuff
+- :rewind: `:rewind:` a commit that reverts changes
+- :paperclip: `:paperclip:` a commit with other not relevant changes
+- :arrow_up: `:arrow_up:` a commit with dependencies updates
 
 More info:
-
  - https://gist.github.com/parmentf/035de27d6ed1dce0b36a
  - https://gist.github.com/rxaviers/7360908
 
 Each commit should have:
 
-- A concise subject using the imperative mood.
-- The subject should capitalize the first letter, omit the period
-  at the end, and be no longer than 65 characters.
+- A concise subject using imperative mood.
+- The subject should have capitalized the first letter, without period
+  at the end and no larger than 65 characters.
 - A blank line between the subject line and the body.
-- An entry in the CHANGES.md file if applicable, referencing the
-  GitHub or Taiga issue/user story using these same rules.
+- An entry on the CHANGES.md file if applicable, referencing the
+  github or taiga issue/user-story using the these same rules.
 
 Examples of good commit messages:
 
@@ -111,30 +110,8 @@ Examples of good commit messages:
 - `:ambulance: Fix critical bug on user registration process`
 - `:tada: Add new approach for user registration`
 
-## Formatting and Linting ##
 
-You will want to make sure your code is formatted and linted before submitting
-a PR. We use [cljfmt](https://github.com/weavejester/cljfmt) and
-[clj-kondo](https://github.com/clj-kondo/clj-kondo) for this. After installing
-them on your system, you can run them with:
-
-```bash
-# Check formatting
-yarn fmt:clj:check
-
-# Check and fix formatting
-yarn fmt:clj
-
-# Run the linter
-yarn lint:clj
-```
-
-There are more choices in `package.json`.
-
-Ideally, you should run these commands as git pre-commit hooks. A convenient way
-of defining them is to use [Husky](https://typicode.github.io/husky/#/).
-
-## Code of Conduct ##
+## Code of conduct ##
 
 As contributors and maintainers of this project, we pledge to respect
 all people who contribute through reporting issues, posting feature
@@ -154,11 +131,11 @@ unprofessional conduct.
 
 Project maintainers have the right and responsibility to remove, edit,
 or reject comments, commits, code, wiki edits, issues, and other
-contributions that are not aligned with this Code of Conduct. Project
+contributions that are not aligned to this Code of Conduct. Project
 maintainers who do not follow the Code of Conduct may be removed from
 the project team.
 
-This Code of Conduct applies both within project spaces and in public
+This code of conduct applies both within project spaces and in public
 spaces when an individual is representing the project or its
 community.
 
@@ -167,11 +144,12 @@ may be reported by opening an issue or contacting one or more of the
 project maintainers.
 
 This Code of Conduct is adapted from the Contributor Covenant, version
-1.1.0, available from [http://contributor-covenant.org/version/1/1/0/](http://contributor-covenant.org/version/1/1/0/)
+1.1.0, available from http://contributor-covenant.org/version/1/1/0/
 
-## Developer's Certificate of Origin (DCO)
 
-By submitting code you agree to and can certify the following:
+## Developer's Certificate of Origin (DCO) ##
+
+By submitting code you are agree and can certify the below:
 
     Developer's Certificate of Origin 1.1
 
@@ -199,15 +177,13 @@ By submitting code you agree to and can certify the following:
         maintained indefinitely and may be redistributed consistent with
         this project or the open source license(s) involved.
 
-Then, all your code patches (**documentation is excluded**) should
+Then, all your code patches (**documentation are excluded**) should
 contain a sign-off at the end of the patch/commit description body. It
-can be automatically added by adding the `-s` parameter to `git commit`.
+can be automatically added on adding `-s` parameter to `git commit`.
 
-This is an example of what the line should look like:
+This is an example of the aspect of the line:
 
-```
-Signed-off-by: Andrey Antukh <niwi@niwi.nz>
-```
+	Signed-off-by: Andrey Antukh <niwi@niwi.nz>
 
 Please, use your real name (sorry, no pseudonyms or anonymous
 contributions are allowed).

README.md

@@ -8,46 +8,42 @@
   <img alt="penpot header image" src="https://penpot.app/images/readme/github-light-mode.png">
 </picture>
 
-<p align="center">
-<a href="https://www.mozilla.org/en-US/MPL/2.0" rel="nofollow"><img alt="License: MPL-2.0" src="https://img.shields.io/badge/MPL-2.0-blue.svg" style="max-width:100%;"></a>
-<a href="https://community.penpot.app" rel="nofollow"><img alt="Penpot Community" src="https://img.shields.io/discourse/posts?server=https%3A%2F%2Fcommunity.penpot.app" style="max-width:100%;"></a>
-<a href="https://tree.taiga.io/project/penpot/" title="Managed with Taiga.io" rel="nofollow"><img alt="Managed with Taiga.io" src="https://img.shields.io/badge/managed%20with-TAIGA.io-709f14.svg" style="max-width:100%;"></a>
-<a href="https://gitpod.io/#https://github.com/penpot/penpot" rel="nofollow"><img alt="Gitpod ready-to-code" src="https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod" style="max-width:100%;"></a>
-</p>
+<p align="center"><a href="https://www.mozilla.org/en-US/MPL/2.0" rel="nofollow"><img src="https://camo.githubusercontent.com/3fcf3d6b678ea15fde3cf7d6af0e242160366282d62a7c182d83a50bfee3f45e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4d504c2d322e302d626c75652e737667" alt="License: MPL-2.0" data-canonical-src="https://img.shields.io/badge/MPL-2.0-blue.svg" style="max-width:100%;"></a>
+<a href="https://gitter.im/penpot/community" rel="nofollow"><img src="https://camo.githubusercontent.com/5b0aecb33434f82a7b158eab7247544235ada0cf7eeb9ce8e52562dd67f614b7/68747470733a2f2f6261646765732e6769747465722e696d2f736572656e6f2d78797a2f636f6d6d756e6974792e737667" alt="Gitter" data-canonical-src="https://badges.gitter.im/sereno-xyz/community.svg" style="max-width:100%;"></a>
+<a href="https://tree.taiga.io/project/penpot/" title="Managed with Taiga.io" rel="nofollow"><img src="https://camo.githubusercontent.com/4a1d1112f0272e3393b1e8da312ff4435418e9e2eb4c0964881e3680f90a653c/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6d616e61676564253230776974682d54414947412e696f2d3730396631342e737667" alt="Managed with Taiga.io" data-canonical-src="https://img.shields.io/badge/managed%20with-TAIGA.io-709f14.svg" style="max-width:100%;"></a>
+<a href="https://gitpod.io/#https://github.com/penpot/penpot" rel="nofollow"><img src="https://camo.githubusercontent.com/daadb4894128d1e19b72d80236f5959f1f2b47f9fe081373f3246131f0189f6c/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f476974706f642d72656164792d2d746f2d2d636f64652d626c75653f6c6f676f3d676974706f64" alt="Gitpod ready-to-code" data-canonical-src="https://img.shields.io/badge/Gitpod-ready--to--code-blue?logo=gitpod" style="max-width:100%;"></a></p>
 
 <p align="center">
-    <a href="https://penpot.app/"><b>Website</b></a>  •
-    <a href="https://help.penpot.app/user-guide/"><b>User Guide</b></a>  •
-    <a href="https://penpot.app/learning-center"><b>Learning Center</b></a>  •
+    <a href="https://penpot.app/"><b>Website</b></a>  •  
+    <a href="https://help.penpot.app/technical-guide/getting-started/"><b>Getting Started</b></a>  •  
+    <a href="https://help.penpot.app/user-guide/"><b>User Guide</b></a>  •  
+    <a href="https://help.penpot.app/user-guide/introduction/info/"><b>Tutorials & Info</b></a>  •  
     <a href="https://community.penpot.app/"><b>Community</b></a>
 </p>
 <p align="center">
-    <a href="https://www.youtube.com/@Penpot"><b>Youtube</b></a>  •
-    <a href="https://peertube.kaleidos.net/a/penpot_app/video-channels"><b>Peertube</b></a>  •
-    <a href="https://www.linkedin.com/company/penpot/"><b>Linkedin</b></a>  •
-    <a href="https://instagram.com/penpot.app"><b>Instagram</b></a>  •
-    <a href="https://fosstodon.org/@penpot/"><b>Mastodon</b></a>  •
-    <a href="https://bsky.app/profile/penpot.app"><b>Bluesky</b></a>  •
+    <a href="https://www.youtube.com/@Penpot"><b>Youtube</b></a>  •  
+    <a href="https://peertube.kaleidos.net/a/penpot_app/video-channels"><b>Peertube</b></a>  •  
+    <a href="https://www.linkedin.com/company/penpot/"><b>Linkedin</b></a>  •  
+    <a href="https://instagram.com/penpot.app"><b>Instagram</b></a>  •  
+    <a href="https://fosstodon.org/@penpot/"><b>Mastodon</b></a>  •  
     <a href="https://twitter.com/penpotapp"><b>X</b></a>
 
 </p>
 
 <br />
 
-[Penpot video](https://github.com/user-attachments/assets/7c67fd7c-04d3-4c9b-88ec-b6f5e23f8332
-)
+[Penpot video](https://github.com/penpot/penpot/assets/5446186/b8ad0764-585e-4ddc-b098-9b4090d337cc)
 
 <br />
 
 Penpot is the first **open-source** design tool for design and code collaboration. Designers can create stunning designs, interactive prototypes, design systems at scale, while developers enjoy ready-to-use code and make their workflow easy and fast. And all of this with no handoff drama.
 
-Available on browser or self-hosted, Penpot works with open standards like SVG, CSS, HTML and JSON, and it’s free!
+Penpot is available on browser and [self host](https://penpot.app/self-host). It’s web-based and works with open standards (SVG, CSS and HTML). And last but not least, it’s free! 
 
-The latest updates take Penpot even further. It’s the first design tool to integrate native [design tokens](https://penpot.dev/collaboration/design-tokens)—a single source of truth to improve efficiency and collaboration between product design and development.
-With the [huge 2.0 release](https://penpot.app/dev-diaries), Penpot took the platform to a whole new level. This update introduces the ground-breaking [CSS Grid Layout feature](https://penpot.app/penpot-2.0), a complete UI redesign, a new Components system, and much more.
-For organizations that need extra service for its teams, [get in touch](https://cal.com/team/penpot/talk-to-us)
+Penpot’s latest [huge release 2.0](https://penpot.app/dev-diaries), takes the platform to a whole new level. This update introduces the ground-breaking [CSS Grid Layout feature](https://penpot.app/penpot-2.0), a complete UI redesign, a new Components system, and much more. Plus, it's faster and more accessible. 
 
-🎇 Design, code, and Open Source meet at [Penpot Fest](https://penpot.app/penpotfest)! Be part of the 2025 edition in Madrid, Spain, on October 9-10.
+
+🎇 **Penpot Fest** is our design, code & Open Source event. Check out the highlights from [Penpot Fest 2023 edition](https://www.youtube.com/watch?v=sOpLZaK5mDc)!
 
 ## Table of contents ##
 
@@ -62,9 +58,6 @@ For organizations that need extra service for its teams, [get in touch](https://
 
 Penpot expresses designs as code. Designers can do their best work and see it will be beautifully implemented by developers in a two-way collaboration.
 
-### Plugin system ###
-[Penpot plugins](https://penpot.app/penpothub/plugins) let you expand the platform's capabilities, give you the flexibility to integrate it with other apps, and design custom solutions.
-
 ### Designed for developers ###
 Penpot was built to serve both designers and developers and create a fluid design-code process. You have the choice to enjoy real-time collaboration or play "solo".
 
@@ -80,10 +73,6 @@ Penpot offers integration into the development toolchain, thanks to its support
 ### What’s great for design ###
 With Penpot you can design libraries to share and reuse; turn design elements into components and tokens to allow reusability and scalability; and build realistic user flows and interactions.
 
-### Design Tokens ###
-With Penpot’s standardized [design tokens](https://penpot.dev/collaboration/design-tokens) format, you can easily reuse and sync tokens across different platforms, workflows, and disciplines.
-
-
 <br />
 
 <p align="center">
@@ -94,9 +83,10 @@ With Penpot’s standardized [design tokens](https://penpot.dev/collaboration/de
 
 ## Getting started ##
 
-Penpot is the only design & prototype platform that is deployment agnostic. You can use it in our [SAAS](https://design.penpot.app) or deploy it anywhere.
+### Install with Elestio ###
+Penpot is the only design & prototype platform that is deployment agnostic. You can use it or deploy it anywhere.
 
-Learn how to install it with Docker, Kubernetes, Elestio or other options on [our website](https://penpot.app/self-host).
+Learn how to install it with Elestio and Docker, or other options on [our website](https://penpot.app/self-host).
 <br />
 
 <p align="center">
@@ -128,21 +118,15 @@ You will find the following categories:
 </p>
 <br />
 
-### Code of Conduct ###
-
-Anyone who contributes to Penpot, whether through code, in the community, or at an event, must adhere to the
-[code of conduct](https://help.penpot.app/contributing-guide/coc/) and foster a positive and safe environment.
-
-
 ## Contributing ##
 
-Any contribution will make a difference to improve Penpot. How can you get involved?
+Any contribution will make a difference to improve Penpot. How can you get involved? 
 
-Choose your way:
+Choose your way: 
 
 - Create and [share Libraries & Templates](https://penpot.app/libraries-templates.html) that will be helpful for the community
 - Invite your [team to join](https://design.penpot.app/#/auth/register)
-- Give this repo a star and follow us on Social Media: [Mastodon](https://fosstodon.org/@penpot/), [Youtube](https://www.youtube.com/c/Penpot), [Instagram](https://instagram.com/penpot.app), [Linkedin](https://www.linkedin.com/company/penpotdesign),  [Peertube](https://peertube.kaleidos.net/a/penpot_app), [X](https://twitter.com/penpotapp) and [BlueSky](https://bsky.app/profile/penpot.app)
+- Star this repo and follow us on Social Media: [Mastodon](https://fosstodon.org/@penpot/), [Youtube](https://www.youtube.com/c/Penpot), [Instagram](https://instagram.com/penpot.app), [Linkedin](https://www.linkedin.com/company/penpotdesign),  [Peertube](https://peertube.kaleidos.net/a/penpot_app) and [X](https://twitter.com/penpotapp).
 - Participate in the [Community](https://community.penpot.app/) space by asking and answering questions; reacting to others’ articles;  opening your own conversations and following along on decisions affecting the project.
 - Report bugs with our easy [guide for bugs hunting](https://help.penpot.app/contributing-guide/reporting-bugs/) or [GitHub issues](https://github.com/penpot/penpot/issues)
 - Become a [translator](https://help.penpot.app/contributing-guide/translations)

backend/deps.edn

@@ -3,10 +3,10 @@
 
  :deps
  {penpot/common {:local/root "../common"}
-  org.clojure/clojure {:mvn/version "1.12.1"}
+  org.clojure/clojure {:mvn/version "1.12.0-alpha12"}
   org.clojure/tools.namespace {:mvn/version "1.5.0"}
 
-  com.github.luben/zstd-jni {:mvn/version "1.5.7-3"}
+  com.github.luben/zstd-jni {:mvn/version "1.5.6-3"}
 
   io.prometheus/simpleclient {:mvn/version "0.16.0"}
   io.prometheus/simpleclient_hotspot {:mvn/version "0.16.0"}
@@ -17,40 +17,33 @@
 
   io.prometheus/simpleclient_httpserver {:mvn/version "0.16.0"}
 
-  io.lettuce/lettuce-core {:mvn/version "6.7.0.RELEASE"}
-  ;; Minimal dependencies required by lettuce, we need to include them
-  ;; explicitly because clojure dependency management does not support
-  ;; yet the BOM format.
-  io.micrometer/micrometer-core {:mvn/version "1.14.2"}
-  io.micrometer/micrometer-observation {:mvn/version "1.14.2"}
-
+  io.lettuce/lettuce-core {:mvn/version "6.3.2.RELEASE"}
   java-http-clj/java-http-clj {:mvn/version "0.4.3"}
-  com.google.guava/guava {:mvn/version "33.4.8-jre"}
 
   funcool/yetti
-  {:git/tag "v11.4"
-   :git/sha "ce50d42"
+  {:git/tag "v10.0"
+   :git/sha "520613f"
    :git/url "https://github.com/funcool/yetti.git"
    :exclusions [org.slf4j/slf4j-api]}
 
-  com.github.seancorfield/next.jdbc
-  {:mvn/version "1.3.1002"}
-  metosin/reitit-core {:mvn/version "0.9.1"}
-  nrepl/nrepl {:mvn/version "1.3.1"}
+  com.github.seancorfield/next.jdbc {:mvn/version "1.3.939"}
+  metosin/reitit-core {:mvn/version "0.7.0"}
+  nrepl/nrepl {:mvn/version "1.1.2"}
+  cider/cider-nrepl {:mvn/version "0.48.0"}
 
-  org.postgresql/postgresql {:mvn/version "42.7.6"}
-  org.xerial/sqlite-jdbc {:mvn/version "3.49.1.0"}
+  org.postgresql/postgresql {:mvn/version "42.7.3"}
+  org.xerial/sqlite-jdbc {:mvn/version "3.46.0.0"}
 
-  com.zaxxer/HikariCP {:mvn/version "6.3.0"}
+  com.zaxxer/HikariCP {:mvn/version "5.1.0"}
 
   io.whitfin/siphash {:mvn/version "2.0.0"}
 
   buddy/buddy-hashers {:mvn/version "2.0.167"}
-  buddy/buddy-sign {:mvn/version "3.6.1-359"}
+  buddy/buddy-sign {:mvn/version "3.5.351"}
 
-  com.github.ben-manes.caffeine/caffeine {:mvn/version "3.2.0"}
+  com.github.ben-manes.caffeine/caffeine {:mvn/version "3.1.8"}
 
-  org.jsoup/jsoup {:mvn/version "1.20.1"}
+  org.jsoup/jsoup {:mvn/version "1.17.2"}
   org.im4java/im4java
   {:git/tag "1.4.0-penpot-2"
    :git/sha "e2b3e16"
@@ -61,11 +54,12 @@
   org.clojars.pntblnk/clj-ldap {:mvn/version "0.0.17"}
 
   dawran6/emoji {:mvn/version "0.1.5"}
-  markdown-clj/markdown-clj {:mvn/version "1.12.3"}
+  markdown-clj/markdown-clj {:mvn/version "1.12.1"}
 
   ;; Pretty Print specs
   pretty-spec/pretty-spec {:mvn/version "0.1.4"}
-  software.amazon.awssdk/s3 {:mvn/version "2.31.55"}}
+  software.amazon.awssdk/s3 {:mvn/version "2.25.63"}
+  }
 
  :paths ["src" "resources" "target/classes"]
  :aliases
@@ -80,7 +74,7 @@
 
   :build
   {:extra-deps
-   {io.github.clojure/tools.build {:git/tag "v0.10.9" :git/sha "e405aac"}}
+   {io.github.clojure/tools.build {:git/tag "v0.10.3" :git/sha "15ead66"}}
    :ns-default build}
 
   :test
@@ -94,8 +88,8 @@
 
   :jmx-remote
   {:jvm-opts ["-Dcom.sun.management.jmxremote"
-              "-Dcom.sun.management.jmxremote.port=9090"
-              "-Dcom.sun.management.jmxremote.rmi.port=9090"
+              "-Dcom.sun.management.jmxremote.port=9091"
+              "-Dcom.sun.management.jmxremote.rmi.port=9091"
               "-Dcom.sun.management.jmxremote.local.only=false"
               "-Dcom.sun.management.jmxremote.authenticate=false"
               "-Dcom.sun.management.jmxremote.ssl=false"

backend/dev/user.clj

@@ -137,6 +137,7 @@
 ;;        :v6 v6
 ;;        }])))
 
+
 (defn calculate-frames
   [{:keys [data]}]
   (->> (vals (:pages-index data))

backend/package.json

@@ -4,7 +4,7 @@
   "license": "MPL-2.0",
   "author": "Kaleidos INC",
   "private": true,
-  "packageManager": "yarn@4.9.2+sha512.1fc009bc09d13cfd0e19efa44cbfc2b9cf6ca61482725eb35bbc5e257e093ebf4130db6dfe15d604ff4b79efd8e1e8e99b25fa7d0a6197c9f9826358d4d65c3c",
+  "packageManager": "yarn@4.3.1",
   "repository": {
     "type": "git",
     "url": "https://github.com/penpot/penpot"

backend/resources/app/email/comment-mention/en.html

@@ -1,244 +0,0 @@
-<!doctype html>
-<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml"
-  xmlns:o="urn:schemas-microsoft-com:office:office">
-
-<head>
-  <title>
-  </title>
-  <!--[if !mso]><!-- -->
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <!--<![endif]-->
-  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <style type="text/css">
-    #outlook a {
-      padding: 0;
-    }
-
-    body {
-      margin: 0;
-      padding: 0;
-      -webkit-text-size-adjust: 100%;
-      -ms-text-size-adjust: 100%;
-    }
-
-    table,
-    td {
-      border-collapse: collapse;
-      mso-table-lspace: 0pt;
-      mso-table-rspace: 0pt;
-    }
-
-    img {
-      border: 0;
-      height: auto;
-      line-height: 100%;
-      outline: none;
-      text-decoration: none;
-      -ms-interpolation-mode: bicubic;
-    }
-
-    p {
-      display: block;
-      margin: 13px 0;
-    }
-  </style>
-  <!--[if mso]>
-        <xml>
-        <o:OfficeDocumentSettings>
-          <o:AllowPNG/>
-          <o:PixelsPerInch>96</o:PixelsPerInch>
-        </o:OfficeDocumentSettings>
-        </xml>
-        <![endif]-->
-  <!--[if lte mso 11]>
-        <style type="text/css">
-          .mj-outlook-group-fix { width:100% !important; }
-        </style>
-        <![endif]-->
-  <!--[if !mso]><!-->
-  <link href="https://fonts.googleapis.com/css?family=Source%20Sans%20Pro" rel="stylesheet" type="text/css">
-  <style type="text/css">
-    @import url(https://fonts.googleapis.com/css?family=Source%20Sans%20Pro);
-  </style>
-  <!--<![endif]-->
-  <style type="text/css">
-    @media only screen and (min-width:480px) {
-      .mj-column-per-100 {
-        width: 100% !important;
-        max-width: 100%;
-      }
-
-      .mj-column-px-425 {
-        width: 425px !important;
-        max-width: 425px;
-      }
-    }
-  </style>
-  <style type="text/css">
-    @media only screen and (max-width:480px) {
-      table.mj-full-width-mobile {
-        width: 100% !important;
-      }
-
-      td.mj-full-width-mobile {
-        width: auto !important;
-      }
-    }
-  </style>
-</head>
-
-<body style="background-color:#E5E5E5;">
-  <div style="background-color:#E5E5E5;">
-    <!--[if mso | IE]>
-      <table
-         align="center" border="0" cellpadding="0" cellspacing="0" class="" style="width:600px;" width="600"
-      >
-        <tr>
-          <td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;">
-      <![endif]-->
-    <div style="margin:0px auto;max-width:600px;">
-      <table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;">
-        <tbody>
-          <tr>
-            <td style="direction:ltr;font-size:0px;padding:0;text-align:center;">
-              <!--[if mso | IE]>
-                  <table role="presentation" border="0" cellpadding="0" cellspacing="0">
-
-        <tr>
-
-            <td
-               class="" style="vertical-align:top;width:600px;"
-            >
-          <![endif]-->
-              <div class="mj-column-per-100 mj-outlook-group-fix"
-                style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;">
-                <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="vertical-align:top;"
-                  width="100%">
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:16px;word-break:break-word;">
-                      <table border="0" cellpadding="0" cellspacing="0" role="presentation"
-                        style="border-collapse:collapse;border-spacing:0px;">
-                        <tbody>
-                          <tr>
-                            <td style="width:97px;">
-                              <img height="32" src="{{ public-uri }}/images/email/uxbox-title.png"
-                                style="border:0;display:block;outline:none;text-decoration:none;height:32px;width:100%;font-size:13px;"
-                                width="97" />
-                            </td>
-                          </tr>
-                        </tbody>
-                      </table>
-                    </td>
-                  </tr>
-                </table>
-              </div>
-              <!--[if mso | IE]>
-            </td>
-
-        </tr>
-
-                  </table>
-                <![endif]-->
-            </td>
-          </tr>
-        </tbody>
-      </table>
-    </div>
-    <!--[if mso | IE]>
-          </td>
-        </tr>
-      </table>
-
-      <table
-         align="center" border="0" cellpadding="0" cellspacing="0" class="" style="width:600px;" width="600"
-      >
-        <tr>
-          <td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;">
-      <![endif]-->
-    <div style="background:#FFFFFF;background-color:#FFFFFF;margin:0px auto;max-width:600px;">
-      <table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation"
-        style="background:#FFFFFF;background-color:#FFFFFF;width:100%;">
-        <tbody>
-          <tr>
-            <td style="direction:ltr;font-size:0px;padding:20px 0;text-align:center;">
-              <!--[if mso | IE]>
-                  <table role="presentation" border="0" cellpadding="0" cellspacing="0">
-
-        <tr>
-
-            <td
-               class="" style="vertical-align:top;width:600px;"
-            >
-          <![endif]-->
-              <div class="mj-column-per-100 mj-outlook-group-fix"
-                style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;">
-                <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="vertical-align:top;"
-                  width="100%">
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div
-                        style="font-family:Source Sans Pro, sans-serif;font-size:24px;font-weight:600;line-height:150%;text-align:left;color:#000000;">
-                        Hello {{name|abbreviate:25}}!</div>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div
-                        style="font-family:Source Sans Pro, sans-serif;font-size:16px;line-height:150%;text-align:left;color:#000000;">
-                        <span style="font-weight:bold;">{{ source-user }}</span> has mentioned you on a comment at "{{ comment-reference }}".</div>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div style="font-family:Source Sans Pro, sans-serif;font-size:16px;font-style:italic;line-height:150%;text-align:left;color:#212426;
-                                  border-top: 1px solid #bfbfbf; border-bottom: 1px solid #bfbfbf; padding: 32px 0px;">
-                        {{ comment-content }}
-                      </div>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="center" vertical-align="middle"
-                      style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <table border="0" cellpadding="0" cellspacing="0" role="presentation"
-                        style="border-collapse:separate;line-height:100%;">
-                        <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                              style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
-                              valign="middle">
-                            <a href="{{ comment-url }}"
-                               style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                               target="_blank"> GO TO THE COMMENT </a>
-                          </td>
-                        </tr>
-                      </table>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div
-                        style="font-family:Source Sans Pro, sans-serif;font-size:16px;line-height:150%;text-align:left;color:#000000;">
-                        The Penpot team.</div>
-                    </td>
-                  </tr>
-                </table>
-              </div>
-              <!--[if mso | IE]>
-            </td>
-
-        </tr>
-
-                  </table>
-                <![endif]-->
-            </td>
-          </tr>
-        </tbody>
-      </table>
-    </div>
-
-    {% include "app/email/includes/footer.html" %}
-
-  </div>
-</body>
-
-</html>

backend/resources/app/email/comment-mention/en.subj

@@ -1 +0,0 @@
-Mentioned in comment

backend/resources/app/email/comment-mention/en.txt

@@ -1,13 +0,0 @@
-Hello {{name|abbreviate:25}}!
-
-{{ source-user }} has mentioned you on a comment at "{{ comment-reference }}".
-
---
-
-{{ comment-content }}
-
---
-
-{{ comment-url }}
-
-The Penpot team.

backend/resources/app/email/comment-notification/en.html

@@ -1,244 +0,0 @@
-<!doctype html>
-<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml"
-  xmlns:o="urn:schemas-microsoft-com:office:office">
-
-<head>
-  <title>
-  </title>
-  <!--[if !mso]><!-- -->
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <!--<![endif]-->
-  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <style type="text/css">
-    #outlook a {
-      padding: 0;
-    }
-
-    body {
-      margin: 0;
-      padding: 0;
-      -webkit-text-size-adjust: 100%;
-      -ms-text-size-adjust: 100%;
-    }
-
-    table,
-    td {
-      border-collapse: collapse;
-      mso-table-lspace: 0pt;
-      mso-table-rspace: 0pt;
-    }
-
-    img {
-      border: 0;
-      height: auto;
-      line-height: 100%;
-      outline: none;
-      text-decoration: none;
-      -ms-interpolation-mode: bicubic;
-    }
-
-    p {
-      display: block;
-      margin: 13px 0;
-    }
-  </style>
-  <!--[if mso]>
-        <xml>
-        <o:OfficeDocumentSettings>
-          <o:AllowPNG/>
-          <o:PixelsPerInch>96</o:PixelsPerInch>
-        </o:OfficeDocumentSettings>
-        </xml>
-        <![endif]-->
-  <!--[if lte mso 11]>
-        <style type="text/css">
-          .mj-outlook-group-fix { width:100% !important; }
-        </style>
-        <![endif]-->
-  <!--[if !mso]><!-->
-  <link href="https://fonts.googleapis.com/css?family=Source%20Sans%20Pro" rel="stylesheet" type="text/css">
-  <style type="text/css">
-    @import url(https://fonts.googleapis.com/css?family=Source%20Sans%20Pro);
-  </style>
-  <!--<![endif]-->
-  <style type="text/css">
-    @media only screen and (min-width:480px) {
-      .mj-column-per-100 {
-        width: 100% !important;
-        max-width: 100%;
-      }
-
-      .mj-column-px-425 {
-        width: 425px !important;
-        max-width: 425px;
-      }
-    }
-  </style>
-  <style type="text/css">
-    @media only screen and (max-width:480px) {
-      table.mj-full-width-mobile {
-        width: 100% !important;
-      }
-
-      td.mj-full-width-mobile {
-        width: auto !important;
-      }
-    }
-  </style>
-</head>
-
-<body style="background-color:#E5E5E5;">
-  <div style="background-color:#E5E5E5;">
-    <!--[if mso | IE]>
-      <table
-         align="center" border="0" cellpadding="0" cellspacing="0" class="" style="width:600px;" width="600"
-      >
-        <tr>
-          <td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;">
-      <![endif]-->
-    <div style="margin:0px auto;max-width:600px;">
-      <table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;">
-        <tbody>
-          <tr>
-            <td style="direction:ltr;font-size:0px;padding:0;text-align:center;">
-              <!--[if mso | IE]>
-                  <table role="presentation" border="0" cellpadding="0" cellspacing="0">
-
-        <tr>
-
-            <td
-               class="" style="vertical-align:top;width:600px;"
-            >
-          <![endif]-->
-              <div class="mj-column-per-100 mj-outlook-group-fix"
-                style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;">
-                <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="vertical-align:top;"
-                  width="100%">
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:16px;word-break:break-word;">
-                      <table border="0" cellpadding="0" cellspacing="0" role="presentation"
-                        style="border-collapse:collapse;border-spacing:0px;">
-                        <tbody>
-                          <tr>
-                            <td style="width:97px;">
-                              <img height="32" src="{{ public-uri }}/images/email/uxbox-title.png"
-                                style="border:0;display:block;outline:none;text-decoration:none;height:32px;width:100%;font-size:13px;"
-                                width="97" />
-                            </td>
-                          </tr>
-                        </tbody>
-                      </table>
-                    </td>
-                  </tr>
-                </table>
-              </div>
-              <!--[if mso | IE]>
-            </td>
-
-        </tr>
-
-                  </table>
-                <![endif]-->
-            </td>
-          </tr>
-        </tbody>
-      </table>
-    </div>
-    <!--[if mso | IE]>
-          </td>
-        </tr>
-      </table>
-
-      <table
-         align="center" border="0" cellpadding="0" cellspacing="0" class="" style="width:600px;" width="600"
-      >
-        <tr>
-          <td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;">
-      <![endif]-->
-    <div style="background:#FFFFFF;background-color:#FFFFFF;margin:0px auto;max-width:600px;">
-      <table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation"
-        style="background:#FFFFFF;background-color:#FFFFFF;width:100%;">
-        <tbody>
-          <tr>
-            <td style="direction:ltr;font-size:0px;padding:20px 0;text-align:center;">
-              <!--[if mso | IE]>
-                  <table role="presentation" border="0" cellpadding="0" cellspacing="0">
-
-        <tr>
-
-            <td
-               class="" style="vertical-align:top;width:600px;"
-            >
-          <![endif]-->
-              <div class="mj-column-per-100 mj-outlook-group-fix"
-                style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;">
-                <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="vertical-align:top;"
-                  width="100%">
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div
-                        style="font-family:Source Sans Pro, sans-serif;font-size:24px;font-weight:600;line-height:150%;text-align:left;color:#000000;">
-                        Hello {{name|abbreviate:25}}!</div>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div
-                        style="font-family:Source Sans Pro, sans-serif;font-size:16px;line-height:150%;text-align:left;color:#000000;">
-                        <span style="font-weight:bold;">{{ source-user }}</span> has commented at "{{ comment-reference }}".</div>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div style="font-family:Source Sans Pro, sans-serif;font-size:16px;font-style:italic;line-height:150%;text-align:left;color:#212426;
-                                  border-top: 1px solid #bfbfbf; border-bottom: 1px solid #bfbfbf; padding: 32px 0px;">
-                        {{ comment-content }}
-                      </div>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="center" vertical-align="middle"
-                      style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <table border="0" cellpadding="0" cellspacing="0" role="presentation"
-                        style="border-collapse:separate;line-height:100%;">
-                        <tr>
-                          <td align="center" bgcolor="#6911d4#31EFB8" role="presentation"
-                              style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
-                              valign="middle">
-                            <a href="{{ comment-url }}"
-                               style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                               target="_blank"> GO TO THE COMMENT </a>
-                          </td>
-                        </tr>
-                      </table>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div
-                        style="font-family:Source Sans Pro, sans-serif;font-size:16px;line-height:150%;text-align:left;color:#000000;">
-                        The Penpot team.</div>
-                    </td>
-                  </tr>
-                </table>
-              </div>
-              <!--[if mso | IE]>
-            </td>
-
-        </tr>
-
-                  </table>
-                <![endif]-->
-            </td>
-          </tr>
-        </tbody>
-      </table>
-    </div>
-
-    {% include "app/email/includes/footer.html" %}
-
-  </div>
-</body>
-
-</html>

backend/resources/app/email/comment-notification/en.subj

@@ -1 +0,0 @@
-New comment

backend/resources/app/email/comment-notification/en.txt

@@ -1,13 +0,0 @@
-Hello {{name|abbreviate:25}}!
-
-{{ source-user }} has commented at "{{ comment-reference }}".
-
---
-
-{{ comment-content }}
-
---
-
-{{ comment-url }}
-
-The Penpot team.

backend/resources/app/email/comment-thread/en.html

@@ -1,244 +0,0 @@
-<!doctype html>
-<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml"
-  xmlns:o="urn:schemas-microsoft-com:office:office">
-
-<head>
-  <title>
-  </title>
-  <!--[if !mso]><!-- -->
-  <meta http-equiv="X-UA-Compatible" content="IE=edge">
-  <!--<![endif]-->
-  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
-  <meta name="viewport" content="width=device-width, initial-scale=1">
-  <style type="text/css">
-    #outlook a {
-      padding: 0;
-    }
-
-    body {
-      margin: 0;
-      padding: 0;
-      -webkit-text-size-adjust: 100%;
-      -ms-text-size-adjust: 100%;
-    }
-
-    table,
-    td {
-      border-collapse: collapse;
-      mso-table-lspace: 0pt;
-      mso-table-rspace: 0pt;
-    }
-
-    img {
-      border: 0;
-      height: auto;
-      line-height: 100%;
-      outline: none;
-      text-decoration: none;
-      -ms-interpolation-mode: bicubic;
-    }
-
-    p {
-      display: block;
-      margin: 13px 0;
-    }
-  </style>
-  <!--[if mso]>
-        <xml>
-        <o:OfficeDocumentSettings>
-          <o:AllowPNG/>
-          <o:PixelsPerInch>96</o:PixelsPerInch>
-        </o:OfficeDocumentSettings>
-        </xml>
-        <![endif]-->
-  <!--[if lte mso 11]>
-        <style type="text/css">
-          .mj-outlook-group-fix { width:100% !important; }
-        </style>
-        <![endif]-->
-  <!--[if !mso]><!-->
-  <link href="https://fonts.googleapis.com/css?family=Source%20Sans%20Pro" rel="stylesheet" type="text/css">
-  <style type="text/css">
-    @import url(https://fonts.googleapis.com/css?family=Source%20Sans%20Pro);
-  </style>
-  <!--<![endif]-->
-  <style type="text/css">
-    @media only screen and (min-width:480px) {
-      .mj-column-per-100 {
-        width: 100% !important;
-        max-width: 100%;
-      }
-
-      .mj-column-px-425 {
-        width: 425px !important;
-        max-width: 425px;
-      }
-    }
-  </style>
-  <style type="text/css">
-    @media only screen and (max-width:480px) {
-      table.mj-full-width-mobile {
-        width: 100% !important;
-      }
-
-      td.mj-full-width-mobile {
-        width: auto !important;
-      }
-    }
-  </style>
-</head>
-
-<body style="background-color:#E5E5E5;">
-  <div style="background-color:#E5E5E5;">
-    <!--[if mso | IE]>
-      <table
-         align="center" border="0" cellpadding="0" cellspacing="0" class="" style="width:600px;" width="600"
-      >
-        <tr>
-          <td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;">
-      <![endif]-->
-    <div style="margin:0px auto;max-width:600px;">
-      <table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation" style="width:100%;">
-        <tbody>
-          <tr>
-            <td style="direction:ltr;font-size:0px;padding:0;text-align:center;">
-              <!--[if mso | IE]>
-                  <table role="presentation" border="0" cellpadding="0" cellspacing="0">
-
-        <tr>
-
-            <td
-               class="" style="vertical-align:top;width:600px;"
-            >
-          <![endif]-->
-              <div class="mj-column-per-100 mj-outlook-group-fix"
-                style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;">
-                <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="vertical-align:top;"
-                  width="100%">
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:16px;word-break:break-word;">
-                      <table border="0" cellpadding="0" cellspacing="0" role="presentation"
-                        style="border-collapse:collapse;border-spacing:0px;">
-                        <tbody>
-                          <tr>
-                            <td style="width:97px;">
-                              <img height="32" src="{{ public-uri }}/images/email/uxbox-title.png"
-                                style="border:0;display:block;outline:none;text-decoration:none;height:32px;width:100%;font-size:13px;"
-                                width="97" />
-                            </td>
-                          </tr>
-                        </tbody>
-                      </table>
-                    </td>
-                  </tr>
-                </table>
-              </div>
-              <!--[if mso | IE]>
-            </td>
-
-        </tr>
-
-                  </table>
-                <![endif]-->
-            </td>
-          </tr>
-        </tbody>
-      </table>
-    </div>
-    <!--[if mso | IE]>
-          </td>
-        </tr>
-      </table>
-
-      <table
-         align="center" border="0" cellpadding="0" cellspacing="0" class="" style="width:600px;" width="600"
-      >
-        <tr>
-          <td style="line-height:0px;font-size:0px;mso-line-height-rule:exactly;">
-      <![endif]-->
-    <div style="background:#FFFFFF;background-color:#FFFFFF;margin:0px auto;max-width:600px;">
-      <table align="center" border="0" cellpadding="0" cellspacing="0" role="presentation"
-        style="background:#FFFFFF;background-color:#FFFFFF;width:100%;">
-        <tbody>
-          <tr>
-            <td style="direction:ltr;font-size:0px;padding:20px 0;text-align:center;">
-              <!--[if mso | IE]>
-                  <table role="presentation" border="0" cellpadding="0" cellspacing="0">
-
-        <tr>
-
-            <td
-               class="" style="vertical-align:top;width:600px;"
-            >
-          <![endif]-->
-              <div class="mj-column-per-100 mj-outlook-group-fix"
-                style="font-size:0px;text-align:left;direction:ltr;display:inline-block;vertical-align:top;width:100%;">
-                <table border="0" cellpadding="0" cellspacing="0" role="presentation" style="vertical-align:top;"
-                  width="100%">
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div
-                        style="font-family:Source Sans Pro, sans-serif;font-size:24px;font-weight:600;line-height:150%;text-align:left;color:#000000;">
-                        Hello {{name|abbreviate:25}}!</div>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div
-                        style="font-family:Source Sans Pro, sans-serif;font-size:16px;line-height:150%;text-align:left;color:#000000;">
-                        <span style="font-weight:bold;">{{ source-user }}</span> has created a comment in a thread you've been mentioned at "{{ comment-reference }}".</div>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div style="font-family:Source Sans Pro, sans-serif;font-size:16px;font-style:italic;line-height:150%;text-align:left;color:#212426;
-                                  border-top: 1px solid #bfbfbf; border-bottom: 1px solid #bfbfbf; padding: 32px 0px;">
-                        {{ comment-content }}
-                      </div>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="center" vertical-align="middle"
-                      style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <table border="0" cellpadding="0" cellspacing="0" role="presentation"
-                        style="border-collapse:separate;line-height:100%;">
-                        <tr>
-                          <td align="center" bgcolor="#6911d4#31EFB8" role="presentation"
-                              style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
-                              valign="middle">
-                            <a href="{{ comment-url }}"
-                               style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                               target="_blank"> GO TO THE COMMENT </a>
-                          </td>
-                        </tr>
-                      </table>
-                    </td>
-                  </tr>
-                  <tr>
-                    <td align="left" style="font-size:0px;padding:10px 25px;word-break:break-word;">
-                      <div
-                        style="font-family:Source Sans Pro, sans-serif;font-size:16px;line-height:150%;text-align:left;color:#000000;">
-                        The Penpot team.</div>
-                    </td>
-                  </tr>
-                </table>
-              </div>
-              <!--[if mso | IE]>
-            </td>
-
-        </tr>
-
-                  </table>
-                <![endif]-->
-            </td>
-          </tr>
-        </tbody>
-      </table>
-    </div>
-
-    {% include "app/email/includes/footer.html" %}
-
-  </div>
-</body>
-
-</html>

backend/resources/app/email/comment-thread/en.subj

@@ -1 +0,0 @@
-New response in comment

backend/resources/app/email/comment-thread/en.txt

@@ -1,13 +0,0 @@
-Hello {{name|abbreviate:25}}!
-
-{{ source-user }} has created a comment in a thread you've been mentioned at "{{ comment-reference }}".
-
---
-
-{{ comment-content }}
-
---
-
-{{ comment-url }}
-
-The Penpot team.

backend/resources/app/email/invite-to-team/en.html

@@ -195,12 +195,12 @@
                       <table border="0" cellpadding="0" cellspacing="0" role="presentation"
                         style="border-collapse:separate;line-height:100%;">
                         <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                            style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
+                          <td align="center" bgcolor="#31EFB8" role="presentation"
+                            style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#31EFB8;"
                             valign="middle">
                             <a href="{{ public-uri }}/#/auth/verify-token?token={{token}}"
-                              style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                              target="_blank"> ACCEPT INVITE </a>
+                              style="display:inline-block;background:#31EFB8;color:#1F1F1F;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;"
+                              target="_blank"> Accept invite </a>
                           </td>
                         </tr>
                       </table>

backend/resources/app/email/join-team/en.html

@@ -196,12 +196,12 @@
                       <table border="0" cellpadding="0" cellspacing="0" role="presentation"
                         style="border-collapse:separate;line-height:100%;">
                         <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                            style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
+                          <td align="center" bgcolor="#31EFB8" role="presentation"
+                            style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#31EFB8;"
                             valign="middle">
                             <a href="{{ public-uri }}/#/dashboard/team/{{team-id}}/projects"
-                              style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                              target="_blank"> GO TO THE TEAM </a>
+                              style="display:inline-block;background:#31EFB8;color:#1F1F1F;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;"
+                              target="_blank"> Go to the Team </a>
                           </td>
                         </tr>
                       </table>

backend/resources/app/email/password-recovery/en.html

@@ -196,12 +196,12 @@
                       <table border="0" cellpadding="0" cellspacing="0" role="presentation"
                         style="border-collapse:separate;line-height:100%;">
                         <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                            style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
+                          <td align="center" bgcolor="#31EFB8" role="presentation"
+                            style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#31EFB8;"
                             valign="middle">
                             <a href="{{ public-uri }}/#/auth/recovery?token={{token}}"
-                              style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                              target="_blank"> RESET PASSWORD </a>
+                              style="display:inline-block;background:#31EFB8;color:#1F1F1F;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;"
+                              target="_blank"> Reset password </a>
                           </td>
                         </tr>
                       </table>

backend/resources/app/email/register/en.html

@@ -196,12 +196,12 @@
                       <table border="0" cellpadding="0" cellspacing="0" role="presentation"
                         style="border-collapse:separate;line-height:100%;">
                         <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                            style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
+                          <td align="center" bgcolor="#31EFB8" role="presentation"
+                            style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#31EFB8;"
                             valign="middle">
                             <a href="{{ public-uri }}/#/auth/verify-token?token={{token}}"
-                              style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                              target="_blank"> VERIFY EMAIL </a>
+                              style="display:inline-block;background:#31EFB8;color:#1F1F1F;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;"
+                              target="_blank"> Verify email </a>
                           </td>
                         </tr>
                       </table>

backend/resources/app/email/request-file-access-yourpenpot-view/en.html

@@ -204,12 +204,12 @@
                       <table border="0" cellpadding="0" cellspacing="0" role="presentation"
                         style="border-collapse:separate;line-height:100%">
                         <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                            style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
+                          <td align="center" bgcolor="#31EFB8" role="presentation"
+                            style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#31EFB8;"
                             valign="middle">
-                            <a href="{{ public-uri }}/#/view?file-id={{file-id}}&page-id={{page-id}}&section=interactions&index=0&share=true"
-                              style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                              target="_blank"> SEND A VIEW-ONLY LINK </a>
+                            <a href="{{ public-uri }}/#/view/{{file-id}}?page-id={{page-id}}&section=interactions&index=0&share=true"
+                              style="display:inline-block;background:#31EFB8;color:#1F1F1F;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;"
+                              target="_blank"> Send a View-Only link </a>
                           </td>
                         </tr>
                       </table>
@@ -251,4 +251,4 @@
   </div>
 </body>
 
-</html>
+</html>

backend/resources/app/email/request-file-access-yourpenpot-view/en.txt

@@ -6,7 +6,7 @@ Since this file is in your Penpot team, you can provide access by sending a view
 
 To proceed, please click the link below to generate and send the view-only link:
 
-{{ public-uri }}/#/view?file-id={{file-id}}&page-id={{page-id}}&section=interactions&index=0&share=true
+{{ public-uri }}/#/view/{{file-id}}?page-id={{page-id}}&section=interactions&index=0&share=true
 
 
 

backend/resources/app/email/request-file-access-yourpenpot/en.html

@@ -227,12 +227,12 @@
                       <table border="0" cellpadding="0" cellspacing="0" role="presentation"
                         style="border-collapse:separate;line-height:100%">
                         <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                            style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
+                          <td align="center" bgcolor="#31EFB8" role="presentation"
+                            style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#31EFB8;"
                             valign="middle">
-                            <a href="{{ public-uri }}/#/view?file-id={{file-id}}&page-id={{page-id}}&section=interactions&index=0&share=true"
-                               style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                               target="_blank"> SEND A VIEW-ONLY LINK </a>
+                            <a href="{{ public-uri }}/#/view/{{file-id}}?page-id={{page-id}}&section=interactions&index=0&share=true"
+                              style="display:inline-block;background:#31EFB8;color:#1F1F1F;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;"
+                              target="_blank"> Send a View-Only link </a>
                           </td>
                         </tr>
                       </table>
@@ -274,4 +274,4 @@
   </div>
 </body>
 
-</html>
+</html>

backend/resources/app/email/request-file-access-yourpenpot/en.txt

@@ -19,7 +19,7 @@ Alternatively, you can create and share a view-only link to the file. This will
 
 Click the link below to generate and send the link:
 
-{{ public-uri }}/#/view?file-id={{file-id}}&page-id={{page-id}}&section=interactions&index=0&share=true
+{{ public-uri }}/#/view/{{file-id}}?page-id={{page-id}}&section=interactions&index=0&share=true
 
 
 

backend/resources/app/email/request-file-access/en.html

@@ -211,12 +211,12 @@
                       <table border="0" cellpadding="0" cellspacing="0" role="presentation"
                         style="border-collapse:separate;line-height:100%">
                         <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                            style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
+                          <td align="center" bgcolor="#31EFB8" role="presentation"
+                            style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#31EFB8;"
                             valign="middle">
-                            <a href="{{ public-uri }}/#/dashboard/members?team-id={{team-id}}&invite-email={{requested-by-email|urlescape }}"
-                              style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                              target="_blank"> GIVE ACCESS TO “{{team-name|abbreviate:25}}” TEAM </a>
+                            <a href="{{ public-uri }}/#/dashboard/team/{{team-id}}/members?invite-email={{requested-by-email|urlescape }}"
+                              style="display:inline-block;background:#31EFB8;color:#1F1F1F;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;"
+                              target="_blank"> Give access to “{{team-name|abbreviate:25}}” Team </a>
                           </td>
                         </tr>
                       </table>
@@ -244,12 +244,12 @@
                       <table border="0" cellpadding="0" cellspacing="0" role="presentation"
                         style="border-collapse:separate;line-height:100%">
                         <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                            style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
+                          <td align="center" bgcolor="#31EFB8" role="presentation"
+                            style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#31EFB8;"
                             valign="middle">
-                            <a href="{{ public-uri }}/#/view?file-id={{file-id}}&page-id={{page-id}}&section=interactions&index=0&share=true"
-                               style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                               target="_blank"> SEND A VIEW-ONLY LINK </a>
+                            <a href="{{ public-uri }}/#/view/{{file-id}}?page-id={{page-id}}&section=interactions&index=0&share=true"
+                              style="display:inline-block;background:#31EFB8;color:#1F1F1F;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;"
+                              target="_blank"> Send a View-Only link </a>
                           </td>
                         </tr>
                       </table>
@@ -292,4 +292,4 @@
   </div>
 </body>
 
-</html>
+</html>

backend/resources/app/email/request-file-access/en.txt

@@ -13,7 +13,7 @@ This will automatically include {{requested-by|abbreviate:25}} in the team, so t
 
 Click the link below to provide team access:
 
-{{ public-uri }}/#/dashboard/members?team-id={{team-id}}&invite-email={{requested-by-email|urlescape}}
+{{ public-uri }}/#/dashboard/team/{{team-id}}/members?invite-email={{requested-by-email|urlescape}}
 
 
 
@@ -23,7 +23,8 @@ Alternatively, you can create and share a view-only link to the file. This will
 
 Click the link below to generate and send the link:
 
-{{ public-uri }}/#/view?file-id={{file-id}}&page-id={{page-id}}&section=interactions&index=0&share=true
+{{ public-uri }}/#/view/{{file-id}}?page-id={{page-id}}&section=interactions&index=0&share=true
+
 
 
 If you do not wish to grant access at this time, you can simply disregard this email.

backend/resources/app/email/request-team-access/en.html

@@ -202,12 +202,12 @@
                       <table border="0" cellpadding="0" cellspacing="0" role="presentation"
                         style="border-collapse:separate;line-height:100%;">
                         <tr>
-                          <td align="center" bgcolor="#6911d4" role="presentation"
-                            style="border:none;border-radius:8px;cursor:auto;mso-padding-alt:10px 25px;background:#6911d4;"
+                          <td align="center" bgcolor="#31EFB8" role="presentation"
+                            style="border:none;border-radius:3px;cursor:auto;mso-padding-alt:10px 25px;background:#31EFB8;"
                             valign="middle">
-                            <a href="{{ public-uri }}/#/dashboard/members?team-id={{team-id}}&invite-email={{requested-by-email|urlescape}}"
-                              style="display:inline-block;background:#6911d4;color:#FFFFFF;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:8px;"
-                              target="_blank"> GIVE ACCESS TO “{{team-name|abbreviate:25}}” TEAM </a>
+                            <a href="{{ public-uri }}/#/dashboard/team/{{team-id}}/members?invite-email={{requested-by-email|urlescape}}"
+                              style="display:inline-block;background:#31EFB8;color:#1F1F1F;font-family:Source Sans Pro, sans-serif;font-size:16px;font-weight:normal;line-height:120%;margin:0;text-decoration:none;text-transform:none;padding:10px 25px;mso-padding-alt:0px;border-radius:3px;"
+                              target="_blank"> Give access to “{{team-name|abbreviate:25}}” </a>
                           </td>
                         </tr>
                       </table>
@@ -249,4 +249,4 @@
   </div>
 </body>
 
-</html>
+</html>

backend/resources/app/email/request-team-access/en.txt

@@ -4,7 +4,7 @@ Hello!
 
 To provide access, please click the link below:
 
-{{ public-uri }}/#/dashboard/members?team-id={{team-id}}&invite-email={{requested-by-email|urlescape}}
+{{ public-uri }}/#/dashboard/team/{{team-id}}/members?invite-email={{requested-by-email|urlescape}}
 
 
 If you do not wish to grant access at this time, you can simply disregard this email.

backend/resources/app/onboarding.edn

@@ -1,18 +1,15 @@
-[{:id "tokens-starter-kit"
-  :name "Design tokens starter kit"
-  :file-uri "https://github.com/penpot/penpot-files/raw/refs/heads/main/Tokens%20starter%20kit.penpot"},
- {:id "wireframing-kit"
+[{:id "wireframing-kit"
   :name "Wireframe library"
-  :file-uri "https://github.com/penpot/penpot-files/raw/refs/heads/main/Wireframing%20kit%20v1.1.penpot"}
+  :file-uri "https://github.com/penpot/penpot-files/raw/main/wireframing-kit.penpot"}
  {:id "prototype-examples"
   :name "Prototype template"
-  :file-uri "https://github.com/penpot/penpot-files/raw/refs/heads/main/Prototype%20examples%20v1.1.penpot"}
+  :file-uri "https://github.com/penpot/penpot-files/raw/main/prototype-examples.penpot"}
  {:id "plants-app"
   :name "UI mockup example"
   :file-uri "https://github.com/penpot/penpot-files/raw/main/Plants-app.penpot"}
  {:id "penpot-design-system"
   :name "Design system example"
-  :file-uri "https://github.com/penpot/penpot-files/raw/refs/heads/main/Penpot%20-%20Design%20System%20v2.1.penpot"}
+  :file-uri "https://github.com/penpot/penpot-files/raw/main/Penpot-Design-system.penpot"}
  {:id "tutorial-for-beginners"
   :name "Tutorial for beginners"
   :file-uri "https://github.com/penpot/penpot-files/raw/main/tutorial-for-beginners.penpot"}
@@ -39,7 +36,7 @@
   :file-uri "https://github.com/penpot/penpot-files/raw/main/Open%20Color%20Scheme%20(v1.9.1).penpot"}
  {:id "flex-layout-playground"
   :name "Flex Layout Playground"
-  :file-uri "https://github.com/penpot/penpot-files/raw/refs/heads/main/Flex%20Layout%20Playground%20v2.0.penpot"}
+  :file-uri "https://github.com/penpot/penpot-files/raw/main/Flex%20Layout%20Playground.penpot"}
  {:id "welcome"
   :name "Welcome"
   :file-uri "https://github.com/penpot/penpot-files/raw/main/welcome.penpot"}]

backend/resources/app/templates/debug.tmpl

@@ -7,7 +7,7 @@ Debug Main Page
 {% block content %}
 <nav>
   <div class="title">
-    <h1>ADMIN DEBUG INTERFACE (VERSION: {{version}})</h1>
+    <h1>ADMIN DEBUG INTERFACE</h1>
   </div>
 </nav>
 <main class="dashboard">
@@ -114,13 +114,37 @@ Debug Main Page
     </fieldset>
     <fieldset>
       <legend>Import binfile:</legend>
-      <desc>Import penpot file in binary format.</desc>
+      <desc>Import penpot file in binary
+      format. If <strong>overwrite</strong> is checked, all files will
+      be overwritten using the same ids found in the file instead of
+      generating a new ones.</desc>
 
       <form method="post" enctype="multipart/form-data" action="/dbg/file/import">
         <div class="row">
           <input type="file" name="file" value="" />
         </div>
 
+        <div class="row">
+          <label>Overwrite?</label>
+          <input type="checkbox" name="overwrite" />
+          <br />
+          <small>
+            Instead of creating a new file with all relations remapped,
+            reuses all ids and updates/overwrites the objects that are
+            already exists on the database.
+            <strong>Warning, this operation should be used with caution.</strong>
+          </small>
+        </div>
+
+        <div class="row">
+          <label>Migrate?</label>
+          <input type="checkbox" name="migrate" />
+          <br />
+          <small>
+            Applies the file migrations on the importation process.
+          </small>
+        </div>
+
         <div class="row">
           <input type="submit" name="upload" value="Upload" />
         </div>
@@ -151,78 +175,6 @@ Debug Main Page
         </div>
 
 
-        <div class="row">
-          <input type="submit" value="Submit" />
-        </div>
-      </form>
-    </fieldset>
-  </section>
-
-  <section class="widget">
-    <h2>Feature Flags</h2>
-    <fieldset>
-      <legend>Enable</legend>
-      <desc>Add a feature flag to a team</desc>
-      <form method="post" action="/dbg/actions/add-team-feature">
-        <div class="row">
-          <input type="text" style="width:300px" name="team-id" placeholder="team-id" />
-        </div>
-        <div class="row">
-          <input type="text" style="width:100px" name="feature" placeholder="feature" value="" />
-        </div>
-
-        <div class="row">
-          <label for="check-feature">Skip feature check</label>
-          <input id="check-feature" type="checkbox" name="skip-check" />
-          <br />
-          <small>
-            Do not check if the feature is supported
-          </small>
-        </div>
-
-        <div class="row">
-          <label for="force-version">Are you sure?</label>
-          <input id="force-version" type="checkbox" name="force" />
-          <br />
-          <small>
-            This is a just a security double check for prevent non intentional submits.
-          </small>
-        </div>
-
-        <div class="row">
-          <input type="submit" value="Submit" />
-        </div>
-      </form>
-    </fieldset>
-    <fieldset>
-      <legend>Disable</legend>
-      <desc>Remove a feature flag from a team</desc>
-      <form method="post" action="/dbg/actions/remove-team-feature">
-        <div class="row">
-          <input type="text" style="width:300px" name="team-id" placeholder="team-id" />
-        </div>
-        <div class="row">
-          <input type="text" style="width:100px" name="feature" placeholder="feature" value="" />
-        </div>
-
-        <div class="row">
-          <label for="check-feature">Skip feature check</label>
-          <input id="check-feature" type="checkbox" name="skip-check" />
-          <br />
-          <small>
-            Do not check if the feature is supported
-          </small>
-        </div>
-
-        <div class="row">
-          <label for="force-version">Are you sure?</label>
-          <input id="force-version" type="checkbox" name="force" />
-          <br />
-          <small>
-            This is a just a security double check for prevent non intentional submits.
-          </small>
-        </div>
-
         <div class="row">
           <input type="submit" value="Submit" />
         </div>

backend/resources/log4j2-devenv-repl.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<Configuration status="fatal" monitorInterval="30">
+<Configuration status="info" monitorInterval="30">
   <Appenders>
     <Console name="console" target="SYSTEM_OUT">
       <PatternLayout pattern="[%d{YYYY-MM-dd HH:mm:ss.SSS}] %level{length=1} %logger{36} - %msg%n"

backend/resources/log4j2-devenv.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<Configuration status="fatal" monitorInterval="30">
+<Configuration status="info" monitorInterval="30">
   <Appenders>
     <Console name="console" target="SYSTEM_OUT">
       <PatternLayout pattern="[%d{YYYY-MM-dd HH:mm:ss.SSS}] %level{length=1} %logger{36} - %msg%n"

backend/resources/log4j2-experiments.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<Configuration status="fatal" monitorInterval="30">
+<Configuration status="info" monitorInterval="30">
   <Appenders>
     <Console name="console" target="SYSTEM_OUT">
       <PatternLayout pattern="[%d{YYYY-MM-dd HH:mm:ss.SSS}] %level{length=1} %logger{36} - %msg%n"

backend/resources/log4j2.xml

@@ -1,5 +1,5 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<Configuration status="fatal" monitorInterval="60">
+<Configuration status="info" monitorInterval="60">
   <Appenders>
     <Console name="console" target="SYSTEM_OUT">
       <PatternLayout pattern="[%d{YYYY-MM-dd HH:mm:ss.SSS}] %level{length=1} %logger{36} - %msg%n"

backend/scripts/build

@@ -7,8 +7,6 @@ set -ex
 rm -rf target;
 mkdir -p target/classes;
 mkdir -p target/dist;
-mkdir -p target/dist/scripts;
-
 echo "$CURRENT_VERSION" > target/classes/version.txt;
 cp ../CHANGES.md target/classes/changelog.md;
 
@@ -17,7 +15,6 @@ mv target/penpot.jar target/dist/penpot.jar
 cp resources/log4j2.xml target/dist/log4j2.xml
 cp scripts/run.template.sh target/dist/run.sh;
 cp scripts/manage.py target/dist/manage.py
-cp scripts/svgo-cli.js target/dist/scripts/;
 chmod +x target/dist/run.sh;
 chmod +x target/dist/manage.py
 

backend/scripts/manage.py

@@ -35,35 +35,40 @@ def get_prepl_conninfo():
 
     return host, port
 
-def send(data):
+def send_eval(expr):
     host, port = get_prepl_conninfo()
-    with socket.create_connection((host, port)) as s:
-        f = s.makefile(mode="rw")
 
-        json.dump(data, f)
-        f.write("\n")
-        f.flush()
+    with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
+        s.connect((host, port))
+        s.send(expr.encode("utf-8"))
+        s.send(b":repl/quit\n\n")
 
-        while True:
-            line = f.readline()
-            result = json.loads(line)
-            tag = result.get("tag", None)
+        with s.makefile() as f:
+            while True:
+                line = f.readline()
+                result = json.loads(line)
+                tag = result.get("tag", None)
+                if tag == "ret":
+                    return result.get("val", None), result.get("exception", None)
+                elif tag == "out":
+                    print(result.get("val"), end="")
+                else:
+                    raise RuntimeError("unexpected response from PREPL")
 
-            if tag == "ret":
-                return result.get("val", None), result.get("err", None)
-            elif tag == "out":
-                print(result.get("val"), end="")
-            else:
-                raise RuntimeError("unexpected response from PREPL")
+def encode(val):
+    return json.dumps(json.dumps(val))
 
-def print_error(error):
-    print("ERR:", error["hint"])
+def print_error(res):
+    for error in res["via"]:
+        print("ERR:", error["message"])
+        break
 
 def run_cmd(params):
     try:
-        res, err = send(params)
-        if err:
-            print_error(err)
+        expr = "(app.srepl.cli/exec {})".format(encode(params))
+        res, failed = send_eval(expr)
+        if failed:
+            print_error(res)
             sys.exit(-1)
 
         return res
@@ -91,7 +96,7 @@ def update_profile(email, fullname, password, is_active):
             "email": email,
             "fullname": fullname,
             "password": password,
-            "isActive": is_active
+            "is_active": is_active
         }
     }
 
@@ -133,7 +138,7 @@ def derive_password(password):
     params = {
         "cmd": "derive-password",
         "params": {
-            "password": password
+            "password": password,
         }
     }
 

backend/scripts/repl

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
-export PENPOT_SECRET_KEY=super-secret-devenv-key
 export PENPOT_HOST=devenv
+export PENPOT_TENANT=dev
 export PENPOT_FLAGS="\
        $PENPOT_FLAGS \
        enable-login-with-ldap \
@@ -23,16 +23,13 @@ export PENPOT_FLAGS="\
        enable-urepl-server \
        enable-rpc-climit \
        enable-rpc-rlimit \
-       enable-quotes \
        enable-soft-rpc-rlimit \
        enable-auto-file-snapshot \
        enable-webhooks \
        enable-access-tokens \
        enable-tiered-file-data-storage \
        enable-file-validation \
-       enable-file-schema-validation \
-       enable-subscriptions \
-       enable-subscriptions-old";
+       enable-file-schema-validation";
 
 # Default deletion delay for devenv
 export PENPOT_DELETION_DELAY="24h"
@@ -70,23 +67,21 @@ export AWS_SECRET_ACCESS_KEY=penpot-devenv
 export PENPOT_OBJECTS_STORAGE_BACKEND=s3
 export PENPOT_OBJECTS_STORAGE_S3_ENDPOINT=http://minio:9000
 export PENPOT_OBJECTS_STORAGE_S3_BUCKET=penpot
-export PENPOT_OBJECTS_STORAGE_FS_DIRECTORY="assets"
 
-export JAVA_OPTS="\
-       -Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager \
-       -Djdk.attach.allowAttachSelf \
-       -Dlog4j2.configurationFile=log4j2-devenv-repl.xml \
-       -Djdk.tracePinnedThreads=full \
-       -Dim4java.useV7=true \
-       -XX:+EnableDynamicAgentLoading \
-       -XX:-OmitStackTraceInFastThrow  \
-       -XX:+UnlockDiagnosticVMOptions \
-       -XX:+DebugNonSafepoints \
-       --sun-misc-unsafe-memory-access=allow \
-       --enable-preview \
-       --enable-native-access=ALL-UNNAMED";
+export OPTIONS="
+       -A:jmx-remote -A:dev \
+       -J-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager \
+       -J-Djdk.attach.allowAttachSelf \
+       -J-Dpolyglot.engine.WarnInterpreterOnly=false \
+       -J-Dlog4j2.configurationFile=log4j2-devenv-repl.xml \
+       -J-XX:+EnableDynamicAgentLoading \
+       -J-XX:-OmitStackTraceInFastThrow \
+       -J-XX:+UnlockDiagnosticVMOptions \
+       -J-XX:+DebugNonSafepoints \
+       -J-Djdk.tracePinnedThreads=full"
 
-export OPTIONS="-A:jmx-remote -A:dev"
+# Enable preview
+export OPTIONS="$OPTIONS -J--enable-preview"
 
 # Setup HEAP
 # export OPTIONS="$OPTIONS -J-Xms50m -J-Xmx1024m"
@@ -107,6 +102,9 @@ export OPTIONS="-A:jmx-remote -A:dev"
 # Setup GC
 # export OPTIONS="$OPTIONS -J-XX:+UseZGC"
 
+# Enable ImageMagick v7.x support
+# export OPTIONS="-J-Dim4java.useV7=true $OPTIONS";
+
 export OPTIONS_EVAL="nil"
 # export OPTIONS_EVAL="(set! *warn-on-reflection* true)"
 

backend/scripts/run

@@ -1,44 +0,0 @@
-#!/usr/bin/env bash
-
-export PENPOT_SECRET_KEY=super-secret-devenv-key
-export PENPOT_HOST=devenv
-export PENPOT_FLAGS="\
-       $PENPOT_FLAGS \
-       enable-backend-asserts \
-       enable-feature-fdata-pointer-map \
-       enable-feature-fdata-objects-map \
-       enable-file-snapshot \
-       enable-tiered-file-data-storage";
-
-export JAVA_OPTS="
-       -Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager \
-       -Djdk.attach.allowAttachSelf \
-       -Dlog4j2.configurationFile=log4j2-devenv.xml \
-       -XX:+EnableDynamicAgentLoading \
-       -XX:-OmitStackTraceInFastThrow \
-       -XX:+UnlockDiagnosticVMOptions \
-       -XX:+DebugNonSafepoints";
-
-export CLOJURE_OPTIONS="-A:dev"
-
-
-# Default deletion delay for devenv
-export PENPOT_DELETION_DELAY="24h"
-
-# Setup default upload media file size to 100MiB
-export PENPOT_MEDIA_MAX_FILE_SIZE=104857600
-
-# Setup default multipart upload size to 300MiB
-export PENPOT_HTTP_SERVER_MAX_MULTIPART_BODY_SIZE=314572800
-
-export AWS_ACCESS_KEY_ID=penpot-devenv
-export AWS_SECRET_ACCESS_KEY=penpot-devenv
-export PENPOT_OBJECTS_STORAGE_BACKEND=s3
-export PENPOT_OBJECTS_STORAGE_S3_ENDPOINT=http://minio:9000
-export PENPOT_OBJECTS_STORAGE_S3_BUCKET=penpot
-
-entrypoint=${1:-app.main};
-shift 1;
-set -ex
-
-clojure $CLOJURE_OPTIONS -A:dev -M -m $entrypoint "$@";

backend/scripts/run.template.sh

@@ -18,9 +18,9 @@ if [ -f ./environ ]; then
     source ./environ
 fi
 
-export JAVA_OPTS="-Dim4java.useV7=true -Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager -Dlog4j2.configurationFile=log4j2.xml -XX:-OmitStackTraceInFastThrow --sun-misc-unsafe-memory-access=allow --enable-native-access=ALL-UNNAMED --enable-preview $JVM_OPTS $JAVA_OPTS"
+export JVM_OPTS="-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager -Dlog4j2.configurationFile=log4j2.xml -XX:-OmitStackTraceInFastThrow -Dpolyglot.engine.WarnInterpreterOnly=false --enable-preview $JVM_OPTS"
 
 ENTRYPOINT=${1:-app.main};
 
 set -ex
-exec $JAVA_CMD $JAVA_OPTS -jar penpot.jar -m $ENTRYPOINT
+exec $JAVA_CMD $JVM_OPTS -jar penpot.jar -m $ENTRYPOINT

backend/scripts/start-dev

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
-export PENPOT_SECRET_KEY=super-secret-devenv-key
 export PENPOT_HOST=devenv
+export PENPOT_TENANT=dev
 export PENPOT_FLAGS="\
        $PENPOT_FLAGS \
        enable-prepl-server \
@@ -10,7 +10,6 @@ export PENPOT_FLAGS="\
        enable-webhooks \
        enable-backend-asserts \
        enable-audit-log \
-       enable-login-with-ldap \
        enable-transit-readable-response \
        enable-demo-users \
        enable-feature-fdata-pointer-map \
@@ -18,14 +17,22 @@ export PENPOT_FLAGS="\
        disable-secure-session-cookies \
        enable-rpc-climit \
        enable-smtp \
-       enable-quotes \
        enable-file-snapshot \
        enable-access-tokens \
        enable-tiered-file-data-storage \
        enable-file-validation \
-       enable-file-schema-validation \
-       enable-subscriptions \
-       enable-subscriptions-old ";
+       enable-file-schema-validation";
+
+export OPTIONS="
+       -A:jmx-remote -A:dev \
+       -J-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager \
+       -J-Djdk.attach.allowAttachSelf \
+       -J-Dpolyglot.engine.WarnInterpreterOnly=false \
+       -J-Dlog4j2.configurationFile=log4j2-devenv.xml \
+       -J-XX:+EnableDynamicAgentLoading \
+       -J-XX:-OmitStackTraceInFastThrow \
+       -J-XX:+UnlockDiagnosticVMOptions \
+       -J-XX:+DebugNonSafepoints"
 
 # Default deletion delay for devenv
 export PENPOT_DELETION_DELAY="24h"
@@ -36,6 +43,9 @@ export PENPOT_MEDIA_MAX_FILE_SIZE=104857600
 # Setup default multipart upload size to 300MiB
 export PENPOT_HTTP_SERVER_MAX_MULTIPART_BODY_SIZE=314572800
 
+# Enable ImageMagick v7.x support
+# export OPTIONS="-J-Dim4java.useV7=true $OPTIONS";
+
 # Initialize MINIO config
 mc alias set penpot-s3/ http://minio:9000 minioadmin minioadmin -q
 mc admin user add penpot-s3 penpot-devenv penpot-devenv -q
@@ -53,18 +63,6 @@ export PENPOT_OBJECTS_STORAGE_S3_BUCKET=penpot
 
 entrypoint=${1:-app.main};
 
-export JAVA_OPTS="\
-       -Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager \
-       -Djdk.attach.allowAttachSelf \
-       -Dlog4j2.configurationFile=log4j2-devenv.xml \
-       -Djdk.tracePinnedThreads=full \
-       -Dim4java.useV7=true \
-       -XX:-OmitStackTraceInFastThrow  \
-       --sun-misc-unsafe-memory-access=allow \
-       --enable-preview \
-       --enable-native-access=ALL-UNNAMED";
-
-export OPTIONS="-A:jmx-remote -A:dev"
-
 set -ex
-clojure $OPTIONS -M -m $entrypoint;
+
+clojure $OPTIONS -A:dev -M -m $entrypoint;

backend/src/app/auth.clj

@@ -8,7 +8,7 @@
   (:require
    [buddy.hashers :as hashers]))
 
-(def ^:private default-options
+(def default-params
   {:alg :argon2id
    :memory 32768 ;; 32 MiB
    :iterations 3
@@ -16,12 +16,12 @@
 
 (defn derive-password
   [password]
-  (hashers/derive password default-options))
+  (hashers/derive password default-params))
 
 (defn verify-password
   [attempt password]
   (try
-    (hashers/verify attempt password default-options)
+    (hashers/verify attempt password)
     (catch Throwable _
       {:update false
        :valid false})))

backend/src/app/auth/ldap.clj

@@ -8,8 +8,9 @@
   (:require
    [app.common.exceptions :as ex]
    [app.common.logging :as l]
-   [app.common.schema :as sm]
+   [app.common.spec :as us]
    [clj-ldap.client :as ldap]
+   [clojure.spec.alpha :as s]
    [clojure.string]
    [integrant.core :as ig]))
 
@@ -57,26 +58,21 @@
        :email    email
        :backend  "ldap"})))
 
-(def ^:private schema:info-data
-  [:map
-   [:fullname ::sm/text]
-   [:email ::sm/email]
-   [:backend ::sm/text]])
+(s/def ::fullname ::us/not-empty-string)
+(s/def ::email ::us/email)
+(s/def ::backend ::us/not-empty-string)
 
-(def ^:private valid-info-data?
-  (sm/lazy-validator schema:info-data))
-
-(def ^:private explain-info-data
-  (sm/lazy-explainer schema:info-data))
+(s/def ::info-data
+  (s/keys :req-un [::fullname ::email ::backend]))
 
 (defn authenticate
   [cfg params]
   (with-open [conn (connect cfg)]
     (when-let [user (-> (assoc cfg ::conn conn)
                         (retrieve-user params))]
-      (when-not (valid-info-data? user)
-        (let [explain (explain-info-data user)]
-          (l/warn :hint "invalid response from ldap, looks like ldap is not configured correctly" :data user)
+      (when-not (s/valid? ::info-data user)
+        (let [explain (s/explain-str ::info-data user)]
+          (l/warn ::l/raw (str "invalid response from ldap, looks like ldap is not configured correctly\n" explain))
           (ex/raise :type :restriction
                     :code :wrong-ldap-response
                     :explain explain)))
@@ -106,31 +102,38 @@
                  :host (:host cfg) :port (:port cfg) :cause cause)
         nil))))
 
-(def ^:private schema:params
-  [:map
-   [:host {:optional true} :string]
-   [:port {:optional true} ::sm/int]
-   [:bind-dn {:optional true} :string]
-   [:bind-passwor {:optional true} :string]
-   [:query {:optional true} :string]
-   [:base-dn {:optional true} :string]
-   [:attrs-email {:optional true} :string]
-   [:attrs-username {:optional true} :string]
-   [:attrs-fullname {:optional true} :string]
-   [:ssl {:optional true} ::sm/boolean]
-   [:tls {:optional true} ::sm/boolean]])
+(s/def ::enabled? ::us/boolean)
+(s/def ::host ::us/string)
+(s/def ::port ::us/integer)
+(s/def ::ssl ::us/boolean)
+(s/def ::tls ::us/boolean)
+(s/def ::query ::us/string)
+(s/def ::base-dn ::us/string)
+(s/def ::bind-dn ::us/string)
+(s/def ::bind-password ::us/string)
+(s/def ::attrs-email ::us/string)
+(s/def ::attrs-fullname ::us/string)
+(s/def ::attrs-username ::us/string)
 
-(def ^:private check-params
-  (sm/check-fn schema:params :hint "Invalid LDAP provider parameters"))
+(s/def ::provider-params
+  (s/keys :opt-un [::host ::port
+                   ::ssl ::tls
+                   ::enabled?
+                   ::bind-dn
+                   ::bind-password
+                   ::query
+                   ::attrs-email
+                   ::attrs-username
+                   ::attrs-fullname]))
 
-(defmethod ig/assert-key ::provider
-  [_ params]
-  (when (:enabled params)
-    (some->> params check-params)))
+(s/def ::provider
+  (s/nilable ::provider-params))
+
+(defmethod ig/pre-init-spec ::provider
+  [_]
+  (s/spec ::provider))
 
 (defmethod ig/init-key ::provider
   [_ cfg]
-  (when (:enabled cfg)
+  (when (:enabled? cfg)
     (try-connectivity cfg)))
-
-(sm/register! ::provider schema:params)

backend/src/app/auth/oidc.clj

@@ -12,7 +12,7 @@
    [app.common.data.macros :as dm]
    [app.common.exceptions :as ex]
    [app.common.logging :as l]
-   [app.common.schema :as sm]
+   [app.common.spec :as us]
    [app.common.uri :as u]
    [app.config :as cf]
    [app.db :as db]
@@ -32,10 +32,11 @@
    [buddy.sign.jwk :as jwk]
    [buddy.sign.jwt :as jwt]
    [clojure.set :as set]
+   [clojure.spec.alpha :as s]
    [cuerdas.core :as str]
    [integrant.core :as ig]
-   [yetti.request :as yreq]
-   [yetti.response :as-alias yres]))
+   [ring.request :as rreq]
+   [ring.response :as-alias rres]))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; HELPERS
@@ -139,9 +140,8 @@
         (l/warn :hint "unable to retrieve JWKs (unexpected exception)"
                 :cause cause)))))
 
-(defmethod ig/assert-key ::providers/generic
-  [_ params]
-  (assert (http/client? (::http/client params)) "expected a valid http client"))
+(defmethod ig/pre-init-spec ::providers/generic [_]
+  (s/keys :req [::http/client]))
 
 (defmethod ig/init-key ::providers/generic
   [_ cfg]
@@ -197,10 +197,6 @@
 ;; GITHUB AUTH PROVIDER
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
-(defn- int-in-range?
-  [val start end]
-  (and (<= start val) (< val end)))
-
 (defn- retrieve-github-email
   [cfg tdata props]
   (or (some-> props :github/email)
@@ -211,7 +207,7 @@
 
             {:keys [status body]} (http/req! cfg params {:sync? true})]
 
-        (when-not (int-in-range? status 200 300)
+        (when-not (s/int-in-range? 200 300 status)
           (ex/raise :type :internal
                     :code :unable-to-retrieve-github-emails
                     :hint "unable to retrieve github emails"
@@ -221,9 +217,8 @@
 
         (->> body json/decode (filter :primary) first :email))))
 
-(defmethod ig/assert-key ::providers/github
-  [_ params]
-  (assert (http/client? (::http/client params)) "expected a valid http client"))
+(defmethod ig/pre-init-spec ::providers/github [_]
+  (s/keys :req [::http/client]))
 
 (defmethod ig/init-key ::providers/github
   [_ cfg]
@@ -399,7 +394,7 @@
            :status (:status response)
            :body   (:body response))
 
-    (when-not (int-in-range? (:status response) 200 300)
+    (when-not (s/int-in-range? 200 300 (:status response))
       (ex/raise :type :internal
                 :code :unable-to-retrieve-user-info
                 :hint "unable to retrieve user info"
@@ -423,15 +418,15 @@
       (l/warn :hint "unable to get user info from JWT token (unexpected exception)"
               :cause cause))))
 
-(def ^:private schema:info
-  [:map
-   [:backend ::sm/text]
-   [:email ::sm/email]
-   [:fullname ::sm/text]
-   [:props [:map-of :keyword :any]]])
-
-(def ^:private valid-info?
-  (sm/validator schema:info))
+(s/def ::backend ::us/not-empty-string)
+(s/def ::email ::us/not-empty-string)
+(s/def ::fullname ::us/not-empty-string)
+(s/def ::props (s/map-of ::us/keyword any?))
+(s/def ::info
+  (s/keys :req-un [::backend
+                   ::email
+                   ::fullname
+                   ::props]))
 
 (defn- get-info
   [{:keys [::provider ::setup/props] :as cfg} {:keys [params] :as request}]
@@ -449,7 +444,7 @@
 
     (l/trc :hint "user info" :info info)
 
-    (when-not (valid-info? info)
+    (when-not (s/valid? ::info info)
       (l/warn :hint "received incomplete profile info object (please set correct scopes)" :info info)
       (ex/raise :type :internal
                 :code :incomplete-user-info
@@ -497,8 +492,8 @@
 
 (defn- redirect-response
   [uri]
-  {::yres/status 302
-   ::yres/headers {"location" (str uri)}})
+  {::rres/status 302
+   ::rres/headers {"location" (str uri)}})
 
 (defn- redirect-with-error
   ([error] (redirect-with-error error nil))
@@ -603,7 +598,7 @@
 
 (defn- get-external-session-id
   [request]
-  (let [session-id (yreq/get-header request "x-external-session-id")]
+  (let [session-id (rreq/get-header request "x-external-session-id")]
     (when (string? session-id)
       (if (or (> (count session-id) 256)
               (= session-id "null")
@@ -623,8 +618,8 @@
         state  (tokens/generate (::setup/props cfg)
                                 (d/without-nils params))
         uri    (build-auth-uri cfg state)]
-    {::yres/status 200
-     ::yres/body {:redirect-uri uri}}))
+    {::rres/status 200
+     ::rres/body {:redirect-uri uri}}))
 
 (defn- callback-handler
   [{:keys [::provider] :as cfg} request]
@@ -660,37 +655,46 @@
                        :provider provider
                        :hint "provider not configured"))))))})
 
-(def ^:private schema:provider
-  [:map {:title "provider"}
-   [:client-id ::sm/text]
-   [:client-secret ::sm/text]
-   [:base-uri {:optional true} ::sm/text]
-   [:token-uri {:optional true} ::sm/text]
-   [:auth-uri {:optional true} ::sm/text]
-   [:user-uri {:optional true} ::sm/text]
-   [:scopes {:optional true}
-    [::sm/set ::sm/text]]
-   [:roles {:optional true}
-    [::sm/set ::sm/text]]
-   [:roles-attr {:optional true} ::sm/text]
-   [:email-attr {:optional true} ::sm/text]
-   [:name-attr {:optional true} ::sm/text]])
+(s/def ::client-id ::us/string)
+(s/def ::client-secret ::us/string)
+(s/def ::base-uri ::us/string)
+(s/def ::token-uri ::us/string)
+(s/def ::auth-uri ::us/string)
+(s/def ::user-uri ::us/string)
+(s/def ::scopes ::us/set-of-strings)
+(s/def ::roles ::us/set-of-strings)
+(s/def ::roles-attr ::us/string)
+(s/def ::email-attr ::us/string)
+(s/def ::name-attr ::us/string)
 
-(def ^:private schema:routes-params
-  [:map
-   ::session/manager
-   ::http/client
-   ::setup/props
-   ::db/pool
-   [::providers [:map-of :keyword [:maybe schema:provider]]]])
+(s/def ::provider
+  (s/keys :req-un [::client-id
+                   ::client-secret]
+          :opt-un [::base-uri
+                   ::token-uri
+                   ::auth-uri
+                   ::user-uri
+                   ::scopes
+                   ::roles
+                   ::roles-attr
+                   ::email-attr
+                   ::name-attr]))
 
-(defmethod ig/assert-key ::routes
-  [_ params]
-  (assert (sm/check schema:routes-params params)))
+(s/def ::providers (s/map-of ::us/keyword (s/nilable ::provider)))
+
+(s/def ::routes vector?)
+
+(defmethod ig/pre-init-spec ::routes
+  [_]
+  (s/keys :req [::session/manager
+                ::http/client
+                ::setup/props
+                ::db/pool
+                ::providers]))
 
 (defmethod ig/init-key ::routes
   [_ cfg]
-  (let [cfg (update cfg :providers d/without-nils)]
+  (let [cfg (update cfg :provider d/without-nils)]
     ["" {:middleware [[session/authz cfg]
                       [provider-lookup cfg]]}
      ["/auth/oauth"

backend/src/app/binfile/cleaner.clj

@@ -1,131 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; Copyright (c) KALEIDOS INC
-
-(ns app.binfile.cleaner
-  "A collection of helpers for perform cleaning of artifacts; mainly
-  for recently imported shapes."
-  (:require
-   [app.common.data :as d]
-   [app.common.types.shape :as cts]
-   [app.common.uuid :as uuid]))
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; PRE DECODE
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(defn- pre-clean-bool-content
-  [shape]
-  (if-let [content (get shape :bool-content)]
-    (-> shape
-        (assoc :content content)
-        (dissoc :bool-content))
-    shape))
-
-(defn- pre-clean-shadow-color
-  [shape]
-  (d/update-when shape :shadow
-                 (fn [shadows]
-                   (mapv (fn [shadow]
-                           (update shadow :color
-                                   (fn [color]
-                                     (let [ref-id   (get color :id)
-                                           ref-file (get color :file-id)]
-                                       (-> (d/without-qualified color)
-                                           (select-keys [:opacity :color :gradient :image :ref-id :ref-file])
-                                           (cond-> ref-id
-                                             (assoc :ref-id ref-id))
-                                           (cond-> ref-file
-                                             (assoc :ref-file ref-file)))))))
-                         shadows))))
-
-(defn clean-shape-pre-decode
-  "Applies a pre-decode phase migration to the shape"
-  [shape]
-  (cond-> shape
-    (= "bool" (:type shape))
-    (pre-clean-bool-content)
-
-    (contains? shape :shadow)
-    (pre-clean-shadow-color)))
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; POST DECODE
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(defn- fix-shape-shadow-color
-  "Some shapes can come with invalid `id` property on shadow colors
-  caused by incorrect uuid parsing bug that should be already fixed;
-  this function removes the invalid id from the data structure."
-  [shape]
-  (let [fix-color
-        (fn [{:keys [id] :as color}]
-          (if (uuid? id)
-            color
-            (if (and (string? id)
-                     (re-matches uuid/regex id))
-              (assoc color :id (uuid/uuid id))
-              (dissoc color :id))))
-
-        fix-shadow
-        (fn [shadow]
-          (d/update-when shadow :color fix-color))
-
-        xform
-        (map fix-shadow)]
-
-    (d/update-when shape :shadow
-                   (fn [shadows]
-                     (into [] xform shadows)))))
-
-(defn- fix-root-shape
-  "Ensure all root objects are well formed shapes"
-  [shape]
-  (if (= (:id shape) uuid/zero)
-    (-> shape
-        (assoc :parent-id uuid/zero)
-        (assoc :frame-id uuid/zero)
-        ;; We explicitly dissoc them and let the shape-setup
-        ;; to regenerate it with valid values.
-        (dissoc :selrect)
-        (dissoc :points)
-        (cts/setup-shape))
-    shape))
-
-(defn- fix-legacy-flex-dir
-  "This operation is only relevant to old data and it is fixed just
-  for convenience."
-  [shape]
-  (d/update-when shape :layout-flex-dir
-                 (fn [dir]
-                   (case dir
-                     :reverse-row :row-reverse
-                     :reverse-column :column-reverse
-                     dir))))
-
-(defn clean-shape-post-decode
-  "A shape procesor that expected to be executed after schema decoding
-  process but before validation."
-  [shape]
-  (-> shape
-      (fix-shape-shadow-color)
-      (fix-root-shape)
-      (fix-legacy-flex-dir)))
-
-(defn- fix-container
-  [container]
-  (-> container
-      ;; Remove possible `nil` keys on objects
-      (d/update-when :objects dissoc nil)
-      (d/update-when :objects d/update-vals clean-shape-post-decode)))
-
-(defn clean-file
-  [file & {:as _opts}]
-  (update file :data
-          (fn [data]
-            (-> data
-                (d/update-when :pages-index d/update-vals fix-container)
-                (d/update-when :components d/update-vals fix-container)
-                (d/without-nils)))))

backend/src/app/binfile/common.clj

@@ -9,9 +9,9 @@
   binfile format implementations and management rpc methods."
   (:require
    [app.common.data :as d]
+   [app.common.data.macros :as dm]
    [app.common.exceptions :as ex]
    [app.common.features :as cfeat]
-   [app.common.files.helpers :as cfh]
    [app.common.files.migrations :as fmg]
    [app.common.files.validate :as fval]
    [app.common.logging :as l]
@@ -20,65 +20,23 @@
    [app.config :as cf]
    [app.db :as db]
    [app.db.sql :as sql]
+   [app.features.components-v2 :as feat.compv2]
    [app.features.fdata :as feat.fdata]
-   [app.features.file-migrations :as feat.fmigr]
    [app.loggers.audit :as-alias audit]
    [app.loggers.webhooks :as-alias webhooks]
-   [app.storage :as sto]
    [app.util.blob :as blob]
    [app.util.pointer-map :as pmap]
    [app.util.time :as dt]
    [app.worker :as-alias wrk]
    [clojure.set :as set]
-   [cuerdas.core :as str]
-   [datoteka.fs :as fs]
-   [datoteka.io :as io]))
+   [clojure.walk :as walk]
+   [cuerdas.core :as str]))
 
 (set! *warn-on-reflection* true)
 
 (def ^:dynamic *state* nil)
 (def ^:dynamic *options* nil)
 
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; DEFAULTS
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-;; Threshold in MiB when we pass from using
-;; in-memory byte-array's to use temporal files.
-(def temp-file-threshold
-  (* 1024 1024 2))
-
-;; A maximum (storage) object size allowed: 100MiB
-(def ^:const max-object-size
-  (* 1024 1024 100))
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-(declare get-resolved-file-libraries)
-
-(def file-attrs
-  #{:id
-    :name
-    :migrations
-    :features
-    :project-id
-    :is-shared
-    :version
-    :data})
-
-(defn parse-file-format
-  [template]
-  (assert (fs/path? template) "expected InputStream for `template`")
-
-  (with-open [^java.lang.AutoCloseable input (io/input-stream template)]
-    (let [buffer (byte-array 4)]
-      (io/read-to-buffer input buffer)
-      (if (and (= (aget buffer 0) 80)
-               (= (aget buffer 1) 75)
-               (= (aget buffer 2) 3)
-               (= (aget buffer 3) 4))
-        :binfile-v3
-        :binfile-v1))))
-
 (def xf-map-id
   (map :id))
 
@@ -98,13 +56,6 @@
 (def conj-vec
   (fnil conj []))
 
-(defn initial-state
-  []
-  {:storage-objects #{}
-   :files #{}
-   :teams #{}
-   :projects #{}})
-
 (defn collect-storage-objects
   [state items]
   (update state :storage-objects into xf-map-media-id items))
@@ -136,76 +87,33 @@
           attrs))
 
 (defn update-index
-  ([coll]
-   (update-index {} coll identity))
   ([index coll]
    (update-index index coll identity))
   ([index coll attr]
    (reduce #(index-object %1 %2 attr) index coll)))
 
 (defn decode-row
-  [{:keys [data changes features] :as row}]
-  (when row
-    (cond-> row
-      features (assoc :features (db/decode-pgarray features #{}))
-      changes  (assoc :changes (blob/decode changes))
-      data     (assoc :data (blob/decode data)))))
-
-
-(defn decode-file
-  "A general purpose file decoding function that resolves all external
-  pointers, run migrations and return plain vanilla file map"
-  [cfg {:keys [id] :as file}]
-  (binding [pmap/*load-fn* (partial feat.fdata/load-pointer cfg id)]
-    (let [file (->> file
-                    (feat.fmigr/resolve-applied-migrations cfg)
-                    (feat.fdata/resolve-file-data cfg))
-          libs (delay (get-resolved-file-libraries cfg file))]
-
-      (-> file
-          (update :features db/decode-pgarray #{})
-          (update :data blob/decode)
-          (update :data feat.fdata/process-pointers deref)
-          (update :data feat.fdata/process-objects (partial into {}))
-          (update :data assoc :id id)
-          (fmg/migrate-file libs)))))
+  "A generic decode row helper"
+  [{:keys [data features] :as row}]
+  (cond-> row
+    features (assoc :features (db/decode-pgarray features #{}))
+    data     (assoc :data (blob/decode data))))
 
 (defn get-file
-  "Get file, resolve all features and apply migrations.
-
-  Usefull when you have plan to apply massive or not cirurgical
-  operations on file, because it removes the ovehead of lazy fetching
-  and decoding."
-  [cfg file-id & {:as opts}]
+  [cfg file-id]
   (db/run! cfg (fn [{:keys [::db/conn] :as cfg}]
-                 (some->> (db/get* conn :file {:id file-id}
-                                   (assoc opts ::db/remove-deleted false))
-                          (decode-file cfg)))))
-
-(defn clean-file-features
-  [file]
-  (update file :features (fn [features]
-                           (if (set? features)
-                             (-> features
-                                 (cfeat/migrate-legacy-features)
-                                 (set/difference cfeat/frontend-only-features)
-                                 (set/difference cfeat/backend-only-features))
-                             #{}))))
+                 (binding [pmap/*load-fn* (partial feat.fdata/load-pointer cfg file-id)]
+                   (when-let [file (db/get* conn :file {:id file-id}
+                                            {::db/remove-deleted false})]
+                     (-> file
+                         (decode-row)
+                         (update :data feat.fdata/process-pointers deref)
+                         (update :data feat.fdata/process-objects (partial into {}))))))))
 
 (defn get-project
   [cfg project-id]
   (db/get cfg :project {:id project-id}))
 
-(def ^:private sql:get-teams
-  "SELECT t.* FROM team WHERE id = ANY(?)")
-
-(defn get-teams
-  [cfg ids]
-  (let [conn (db/get-connection cfg)
-        ids  (db/create-array conn "uuid" ids)]
-    (->> (db/exec! conn [sql:get-teams ids])
-         (map decode-row))))
-
 (defn get-team
   [cfg team-id]
   (-> (db/get cfg :team {:id team-id})
@@ -221,8 +129,10 @@
   "Given a set of file-id's, return all matching relations with the libraries"
   [cfg ids]
 
-  (assert (set? ids) "expected a set of uuids")
-  (assert (every? uuid? ids) "expected a set of uuids")
+  (dm/assert!
+   "expected a set of uuids"
+   (and (set? ids)
+        (every? uuid? ids)))
 
   (db/run! cfg (fn [{:keys [::db/conn]}]
                  (let [ids (db/create-array conn "uuid" ids)
@@ -257,10 +167,9 @@
 (defn get-file-object-thumbnails
   "Return all file object thumbnails for a given file."
   [cfg file-id]
-  (->> (db/query cfg :file-tagged-object-thumbnail
-                 {:file-id file-id
-                  :deleted-at nil})
-       (not-empty)))
+  (db/query cfg :file-tagged-object-thumbnail
+            {:file-id file-id
+             :deleted-at nil}))
 
 (defn get-file-thumbnail
   "Return the thumbnail for the specified file-id"
@@ -271,91 +180,70 @@
             :data nil}
            {::sql/columns [:media-id :file-id :revn]}))
 
-(def ^:private sql:get-missing-media-references
-  "SELECT fmo.*
-     FROM file_media_object AS fmo
-    WHERE fmo.id = ANY(?::uuid[])
-      AND file_id != ?")
 
-(defn update-media-references!
-  "Given a file and a coll of media-refs, check if all provided
-  references are correct or fix them in-place"
-  [{:keys [::db/conn] :as cfg} {file-id :id :as file} media-refs]
-  (let [missing-index
-        (reduce (fn [result {:keys [id] :as fmo}]
-                  (assoc result id
-                         (-> fmo
-                             (assoc :id (uuid/next))
-                             (assoc :file-id file-id)
-                             (dissoc :created-at)
-                             (dissoc :deleted-at))))
-                {}
-                (db/exec! conn [sql:get-missing-media-references
-                                (->> (into #{} xf-map-id media-refs)
-                                     (db/create-array conn "uuid"))
-                                file-id]))
+(def ^:private
+  xform:collect-media-id
+  (comp
+   (map :objects)
+   (mapcat vals)
+   (mapcat (fn [obj]
+             ;; NOTE: because of some bug, we ended with
+             ;; many shape types having the ability to
+             ;; have fill-image attribute (which initially
+             ;; designed for :path shapes).
+             (sequence
+              (keep :id)
+              (concat [(:fill-image obj)
+                       (:metadata obj)]
+                      (map :fill-image (:fills obj))
+                      (map :stroke-image (:strokes obj))
+                      (->> (:content obj)
+                           (tree-seq map? :children)
+                           (mapcat :fills)
+                           (map :fill-image))))))))
 
-        lookup-index
-        (fn [id]
-          (if-let [mobj (get missing-index id)]
-            (do
-              (l/trc :hint "lookup index"
-                     :file-id (str file-id)
-                     :snap-id (str (:snapshot-id file))
-                     :id (str id)
-                     :result (str (get mobj :id)))
-              (get mobj :id))
-
-            id))
-
-        update-shapes
-        (fn [data {:keys [page-id shape-id]}]
-          (d/update-in-when data [:pages-index page-id :objects shape-id] cfh/relink-refs lookup-index))
-
-        file
-        (update file :data #(reduce update-shapes % media-refs))]
-
-    (doseq [[old-id item] missing-index]
-      (l/dbg :hint "create missing references"
-             :file-id (str file-id)
-             :snap-id (str (:snapshot-id file))
-             :old-id (str old-id)
-             :id (str (:id item)))
-      (db/insert! conn :file-media-object item
-                  {::db/return-keys false}))
-
-    file))
-
-(def sql:get-file-media
-  "SELECT * FROM file_media_object WHERE id = ANY(?)")
+(defn collect-used-media
+  "Given a fdata (file data), returns all media references."
+  [data]
+  (-> #{}
+      (into xform:collect-media-id (vals (:pages-index data)))
+      (into xform:collect-media-id (vals (:components data)))
+      (into (keys (:media data)))))
 
 (defn get-file-media
-  [cfg {:keys [data] :as file}]
+  [cfg {:keys [data id] :as file}]
   (db/run! cfg (fn [{:keys [::db/conn]}]
-                 (let [used (cfh/collect-used-media data)
-                       used (db/create-array conn "uuid" used)]
-                   (db/exec! conn [sql:get-file-media used])))))
+                 (let [ids (collect-used-media data)
+                       ids (db/create-array conn "uuid" ids)
+                       sql (str "SELECT * FROM file_media_object WHERE id = ANY(?)")]
 
-(def ^:private sql:get-team-files-ids
+                   ;; We assoc the file-id again to the file-media-object row
+                   ;; because there are cases that used objects refer to other
+                   ;; files and we need to ensure in the exportation process that
+                   ;; all ids matches
+                   (->> (db/exec! conn [sql ids])
+                        (mapv #(assoc % :file-id id)))))))
+
+(def ^:private sql:get-team-files
   "SELECT f.id FROM file AS f
      JOIN project AS p ON (p.id = f.project_id)
     WHERE p.team_id = ?")
 
-(defn get-team-files-ids
+(defn get-team-files
   "Get a set of file ids for the specified team-id"
   [{:keys [::db/conn]} team-id]
-  (->> (db/exec! conn [sql:get-team-files-ids team-id])
+  (->> (db/exec! conn [sql:get-team-files team-id])
        (into #{} xf-map-id)))
 
 (def ^:private sql:get-team-projects
-  "SELECT p.* FROM project AS p
+  "SELECT p.id FROM project AS p
     WHERE p.team_id = ?
       AND p.deleted_at IS NULL")
 
 (defn get-team-projects
   "Get a set of project ids for the team"
-  [cfg team-id]
-  (->> (db/exec! cfg [sql:get-team-projects team-id])
+  [{:keys [::db/conn]} team-id]
+  (->> (db/exec! conn [sql:get-team-projects team-id])
        (into #{} xf-map-id)))
 
 (def ^:private sql:get-project-files
@@ -369,16 +257,53 @@
   (->> (db/exec! conn [sql:get-project-files project-id])
        (into #{} xf-map-id)))
 
-(defn remap-thumbnail-object-id
-  [object-id file-id]
-  (str/replace-first object-id #"^(.*?)/" (str file-id "/")))
-
 (defn- relink-shapes
   "A function responsible to analyze all file data and
   replace the old :component-file reference with the new
   ones, using the provided file-index."
   [data]
-  (cfh/relink-refs data lookup-index))
+  (letfn [(process-map-form [form]
+            (cond-> form
+              ;; Relink image shapes
+              (and (map? (:metadata form))
+                   (= :image (:type form)))
+              (update-in [:metadata :id] lookup-index)
+
+              ;; Relink paths with fill image
+              (map? (:fill-image form))
+              (update-in [:fill-image :id] lookup-index)
+
+              ;; This covers old shapes and the new :fills.
+              (uuid? (:fill-color-ref-file form))
+              (update :fill-color-ref-file lookup-index)
+
+              ;; This covers the old shapes and the new :strokes
+              (uuid? (:stroke-color-ref-file form))
+              (update :stroke-color-ref-file lookup-index)
+
+              ;; This covers all text shapes that have typography referenced
+              (uuid? (:typography-ref-file form))
+              (update :typography-ref-file lookup-index)
+
+              ;; This covers the component instance links
+              (uuid? (:component-file form))
+              (update :component-file lookup-index)
+
+              ;; This covers the shadows and grids (they have directly
+              ;; the :file-id prop)
+              (uuid? (:file-id form))
+              (update :file-id lookup-index)))
+
+          (process-form [form]
+            (if (map? form)
+              (try
+                (process-map-form form)
+                (catch Throwable cause
+                  (l/warn :hint "failed form" :form (pr-str form) ::l/sync? true)
+                  (throw cause)))
+              form))]
+
+    (walk/postwalk process-form data)))
 
 (defn- relink-media
   "A function responsible of process the :media attr of file data and
@@ -409,173 +334,118 @@
   [cfg data file-id]
   (let [library-ids (get-libraries cfg [file-id])]
     (reduce (fn [data library-id]
-              (if-let [library (get-file cfg library-id)]
-                (ctf/absorb-assets data (:data library))
-                data))
+              (let [library (get-file cfg library-id)]
+                (ctf/absorb-assets data (:data library))))
             data
             library-ids)))
 
-(defn disable-database-timeouts!
-  [cfg]
-  (let [conn (db/get-connection cfg)]
-    (db/exec-one! conn ["SET LOCAL idle_in_transaction_session_timeout = 0"])
-    (db/exec-one! conn ["SET CONSTRAINTS ALL DEFERRED"])))
+(defn- fix-version
+  [file]
+  (let [file (fmg/fix-version file)]
+    ;; FIXME: We're temporarily activating all migrations because a
+    ;; problem in the environments messed up with the version numbers
+    ;; When this problem is fixed delete the following line
+    (if (> (:version file) 22)
+      (assoc file :version 22)
+      file)))
 
 (defn process-file
-  [cfg {:keys [id] :as file}]
-  (let [libs (delay (get-resolved-file-libraries cfg file))]
-    (-> file
-        (update :data (fn [fdata]
-                        (-> fdata
-                            (assoc :id id)
-                            (dissoc :recent-colors))))
-        (update :data (fn [fdata]
-                        (-> fdata
-                            (update :pages-index relink-shapes)
-                            (update :components relink-shapes)
-                            (update :media relink-media)
-                            (update :colors relink-colors)
-                            (d/without-nils))))
-        (fmg/migrate-file libs)
+  [{:keys [id] :as file}]
+  (-> file
+      (fix-version)
+      (update :data (fn [fdata]
+                      (-> fdata
+                          (assoc :id id)
+                          (dissoc :recent-colors))))
+      (fmg/migrate-file)
+      (update :data (fn [fdata]
+                      (-> fdata
+                          (update :pages-index relink-shapes)
+                          (update :components relink-shapes)
+                          (update :media relink-media)
+                          (update :colors relink-colors)
+                          (d/without-nils))))))
 
-        ;; NOTE: this is necessary because when we just creating a new
-        ;; file from imported artifact or cloned file there are no
-        ;; migrations registered on the database, so we need to persist
-        ;; all of them, not only the applied
-        (vary-meta dissoc ::fmg/migrated))))
+(defn- upsert-file!
+  [conn file]
+  (let [sql (str "INSERT INTO file (id, project_id, name, revn, version, is_shared, data, created_at, modified_at) "
+                 "VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?) "
+                 "ON CONFLICT (id) DO UPDATE SET data=?, version=?")]
+    (db/exec-one! conn [sql
+                        (:id file)
+                        (:project-id file)
+                        (:name file)
+                        (:revn file)
+                        (:version file)
+                        (:is-shared file)
+                        (:data file)
+                        (:created-at file)
+                        (:modified-at file)
+                        (:data file)
+                        (:version file)])))
 
-(defn encode-file
-  [{:keys [::db/conn] :as cfg} {:keys [id features] :as file}]
-  (let [file (if (contains? features "fdata/objects-map")
-               (feat.fdata/enable-objects-map file)
-               file)
+(defn persist-file!
+  "Applies all the final validations and perist the file."
+  [{:keys [::db/conn ::timestamp] :as cfg} {:keys [id] :as file}]
 
-        file (if (contains? features "fdata/pointer-map")
-               (binding [pmap/*tracked* (pmap/create-tracked)]
-                 (let [file (feat.fdata/enable-pointer-map file)]
-                   (feat.fdata/persist-pointers! cfg id)
-                   file))
-               file)]
+  (dm/assert!
+   "expected valid timestamp"
+   (dt/instant? timestamp))
 
-    (-> file
-        (update :features db/encode-pgarray conn "text")
-        (update :data blob/encode))))
+  (let [file   (-> file
+                   (assoc :created-at timestamp)
+                   (assoc :modified-at timestamp)
+                   (assoc :ignore-sync-until (dt/plus timestamp (dt/duration {:seconds 5})))
+                   (update :features
+                           (fn [features]
+                             (let [features (cfeat/check-supported-features! features)]
+                               (-> (::features cfg #{})
+                                   (set/difference cfeat/frontend-only-features)
+                                   (set/union features))))))
 
-(defn get-params-from-file
-  [file]
-  (let [params {:has-media-trimmed (:has-media-trimmed file)
-                :ignore-sync-until (:ignore-sync-until file)
-                :project-id (:project-id file)
-                :features (:features file)
-                :name (:name file)
-                :is-shared (:is-shared file)
-                :version (:version file)
-                :data (:data file)
-                :id (:id file)
-                :deleted-at (:deleted-at file)
-                :created-at (:created-at file)
-                :modified-at (:modified-at file)
-                :revn (:revn file)
-                :vern (:vern file)}]
+        _      (when (contains? cf/flags :file-schema-validation)
+                 (fval/validate-file-schema! file))
 
-    (-> (d/without-nils params)
-        (assoc :data-backend nil)
-        (assoc :data-ref-id nil))))
+        _      (when (contains? cf/flags :soft-file-schema-validation)
+                 (let [result (ex/try! (fval/validate-file-schema! file))]
+                   (when (ex/exception? result)
+                     (l/error :hint "file schema validation error" :cause result))))
 
-(defn insert-file!
-  "Insert a new file into the database table"
-  [{:keys [::db/conn] :as cfg} file & {:as opts}]
-  (feat.fmigr/upsert-migrations! conn file)
-  (let [params (-> (encode-file cfg file)
-                   (get-params-from-file))]
-    (db/insert! conn :file params opts)))
+        file   (if (contains? (:features file) "fdata/objects-map")
+                 (feat.fdata/enable-objects-map file)
+                 file)
 
-(defn update-file!
-  "Update an existing file on the database."
-  [{:keys [::db/conn ::sto/storage] :as cfg} {:keys [id] :as file} & {:as opts}]
-  (let [file   (encode-file cfg file)
-        params (-> (get-params-from-file file)
-                   (dissoc :id))]
+        file   (if (contains? (:features file) "fdata/pointer-map")
+                 (binding [pmap/*tracked* (pmap/create-tracked)]
+                   (let [file (feat.fdata/enable-pointer-map file)]
+                     (feat.fdata/persist-pointers! cfg id)
+                     file))
+                 file)
 
-    ;; If file was already offloaded, we touch the underlying storage
-    ;; object for properly trigger storage-gc-touched task
-    (when (feat.fdata/offloaded? file)
-      (some->> (:data-ref-id file) (sto/touch-object! storage)))
+        params (-> file
+                   (update :features db/encode-pgarray conn "text")
+                   (update :data blob/encode))]
 
-    (feat.fmigr/upsert-migrations! conn file)
-    (db/update! conn :file params {:id id} opts)))
+    (if (::overwrite cfg)
+      (upsert-file! conn params)
+      (db/insert! conn :file params ::db/return-keys false))
 
-(defn save-file!
-  "Applies all the final validations and perist the file, binfile
-  specific, should not be used outside of binfile domain"
-  [{:keys [::timestamp] :as cfg} file & {:as opts}]
+    file))
 
-  (assert (dt/instant? timestamp) "expected valid timestamp")
+(defn apply-pending-migrations!
+  "Apply alredy registered pending migrations to files"
+  [cfg]
+  (doseq [[feature file-id] (-> *state* deref :pending-to-migrate)]
+    (case feature
+      "components/v2"
+      (feat.compv2/migrate-file! cfg file-id
+                                 :validate? (::validate cfg true)
+                                 :skip-on-graphic-error? true)
 
-  (let [file (-> file
-                 (assoc :created-at timestamp)
-                 (assoc :modified-at timestamp)
-                 (assoc :ignore-sync-until (dt/plus timestamp (dt/duration {:seconds 5})))
-                 (update :features
-                         (fn [features]
-                           (-> (::features cfg #{})
-                               (set/union features)
-                               ;; We never want to store
-                               ;; frontend-only features on file
-                               (set/difference cfeat/frontend-only-features)))))]
+      "fdata/shape-data-type"
+      nil
 
-    (when (contains? cf/flags :file-schema-validation)
-      (fval/validate-file-schema! file))
-
-    (when (contains? cf/flags :soft-file-schema-validation)
-      (let [result (ex/try! (fval/validate-file-schema! file))]
-        (when (ex/exception? result)
-          (l/error :hint "file schema validation error" :cause result))))
-
-    (insert-file! cfg file opts)))
-
-
-(def ^:private sql:get-file-libraries
-  "WITH RECURSIVE libs AS (
-     SELECT fl.*, flr.synced_at
-       FROM file AS fl
-       JOIN file_library_rel AS flr ON (flr.library_file_id = fl.id)
-      WHERE flr.file_id = ?::uuid
-    UNION
-     SELECT fl.*, flr.synced_at
-       FROM file AS fl
-       JOIN file_library_rel AS flr ON (flr.library_file_id = fl.id)
-       JOIN libs AS l ON (flr.file_id = l.id)
-   )
-   SELECT l.id,
-          l.features,
-          l.project_id,
-          p.team_id,
-          l.created_at,
-          l.modified_at,
-          l.deleted_at,
-          l.name,
-          l.revn,
-          l.vern,
-          l.synced_at,
-          l.is_shared
-     FROM libs AS l
-    INNER JOIN project AS p ON (p.id = l.project_id)
-    WHERE l.deleted_at IS NULL OR l.deleted_at > now();")
-
-(defn get-file-libraries
-  [conn file-id]
-  (into []
-        (comp
-         ;; FIXME: :is-indirect set to false to all rows looks
-         ;; completly useless
-         (map #(assoc % :is-indirect false))
-         (map decode-row))
-        (db/exec! conn [sql:get-file-libraries file-id])))
-
-(defn get-resolved-file-libraries
-  "A helper for preload file libraries"
-  [{:keys [::db/conn] :as cfg} file]
-  (->> (get-file-libraries conn (:id file))
-       (into [file] (map #(get-file cfg (:id %))))
-       (d/index-by :id)))
+      (ex/raise :type :internal
+                :code :no-migration-defined
+                :hint (str/ffmt "no migation for feature '%' on file importation" feature)
+                :feature feature))))

backend/src/app/binfile/migrations.clj

@@ -1,47 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; Copyright (c) KALEIDOS INC
-
-(ns app.binfile.migrations
-  "A binfile related migrations handling"
-  (:require
-   [app.binfile.common :as bfc]
-   [app.common.exceptions :as ex]
-   [app.common.features :as cfeat]
-   [clojure.set :as set]
-   [cuerdas.core :as str]))
-
-(defn register-pending-migrations!
-  "All features that are enabled and requires explicit migration are
-  added to the state for a posterior migration step."
-  [cfg {:keys [id features] :as file}]
-  (doseq [feature (-> (::features cfg)
-                      (set/difference cfeat/no-migration-features)
-                      (set/difference cfeat/backend-only-features)
-                      (set/difference features))]
-    (vswap! bfc/*state* update :pending-to-migrate (fnil conj []) [feature id]))
-
-  file)
-
-(defn apply-pending-migrations!
-  "Apply alredy registered pending migrations to files"
-  [_cfg]
-  (doseq [[feature _file-id] (-> bfc/*state* deref :pending-to-migrate)]
-    (case feature
-      "components/v2"
-      nil
-
-      "fdata/shape-data-type"
-      nil
-
-      ;; There is no migration needed, but we don't want to allow
-      ;; copy paste nor import of variant files into no-variant teams
-      "variants/v1"
-      nil
-
-      (ex/raise :type :internal
-                :code :no-migration-defined
-                :hint (str/ffmt "no migation for feature '%' on file importation" feature)
-                :feature feature))))

backend/src/app/binfile/v1.clj

@@ -9,7 +9,6 @@
   (:refer-clojure :exclude [assert])
   (:require
    [app.binfile.common :as bfc]
-   [app.binfile.migrations :as bfm]
    [app.common.data :as d]
    [app.common.data.macros :as dm]
    [app.common.exceptions :as ex]
@@ -50,6 +49,15 @@
 
 (set! *warn-on-reflection* true)
 
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+;; DEFAULTS
+;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+;; Threshold in MiB when we pass from using
+;; in-memory byte-array's to use temporal files.
+(def temp-file-threshold
+  (* 1024 1024 2))
+
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; LOW LEVEL STREAM IO API
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -57,6 +65,11 @@
 (def ^:const buffer-size (:xnio/buffer-size yt/defaults))
 (def ^:const penpot-magic-number 800099563638710213)
 
+
+;; A maximum (storage) object size allowed: 100MiB
+(def ^:const max-object-size
+  (* 1024 1024 100))
+
 (def ^:dynamic *position* nil)
 
 (defn get-mark
@@ -223,7 +236,7 @@
 
 (defn copy-stream!
   [^OutputStream output ^InputStream input ^long size]
-  (let [written (io/copy input output :size size)]
+  (let [written (io/copy! input output :size size)]
     (l/trace :fn "copy-stream!" :position @*position* :size size :written written ::l/sync? true)
     (swap! *position* + written)
     written))
@@ -245,18 +258,18 @@
         p (tmp/tempfile :prefix "penpot.binfile.")]
     (assert-mark m :stream)
 
-    (when (> s bfc/max-object-size)
+    (when (> s max-object-size)
       (ex/raise :type :validation
                 :code :max-file-size-reached
                 :hint (str/ffmt "unable to import storage object with size % bytes" s)))
 
-    (if (> s bfc/temp-file-threshold)
+    (if (> s temp-file-threshold)
       (with-open [^OutputStream output (io/output-stream p)]
-        (let [readed (io/copy input output :offset 0 :size s)]
+        (let [readed (io/copy! input output :offset 0 :size s)]
           (l/trace :fn "read-stream*!" :expected s :readed readed :position @*position* ::l/sync? true)
           (swap! *position* + readed)
           [s p]))
-      [s (io/read input :size s)])))
+      [s (io/read-as-bytes input :size s)])))
 
 (defmacro assert-read-label!
   [input expected-label]
@@ -299,7 +312,7 @@
 (defmulti write-section ::section)
 
 (defn write-export!
-  [{:keys [::bfc/include-libraries ::bfc/embed-assets] :as cfg}]
+  [{:keys [::include-libraries ::embed-assets] :as cfg}]
   (when (and include-libraries embed-assets)
     (throw (IllegalArgumentException.
             "the `include-libraries` and `embed-assets` are mutally excluding options")))
@@ -324,7 +337,7 @@
             [:v1/metadata :v1/files :v1/rels :v1/sobjects]))))
 
 (defmethod write-section :v1/metadata
-  [{:keys [::output ::bfc/ids ::bfc/include-libraries] :as cfg}]
+  [{:keys [::output ::ids ::include-libraries] :as cfg}]
   (if-let [fids (get-files cfg ids)]
     (let [lids (when include-libraries
                  (bfc/get-libraries cfg ids))
@@ -336,7 +349,7 @@
               :hint "unable to retrieve files for export")))
 
 (defmethod write-section :v1/files
-  [{:keys [::output ::bfc/embed-assets ::bfc/include-libraries] :as cfg}]
+  [{:keys [::output ::embed-assets ::include-libraries] :as cfg}]
 
   ;; Initialize SIDS with empty vector
   (vswap! bfc/*state* assoc :sids [])
@@ -368,12 +381,10 @@
              ::l/sync? true)
 
       (doseq [item media]
-        (l/dbg :hint "write penpot file media object"
-               :id (:id item) ::l/sync? true))
+        (l/dbg :hint "write penpot file media object" :id (:id item) ::l/sync? true))
 
       (doseq [item thumbnails]
-        (l/dbg :hint "write penpot file object thumbnail"
-               :media-id (str (:media-id item)) ::l/sync? true))
+        (l/dbg :hint "write penpot file object thumbnail" :media-id (str (:media-id item)) ::l/sync? true))
 
       (doto output
         (write-obj! file)
@@ -383,7 +394,7 @@
       (vswap! bfc/*state* update :sids into bfc/xf-map-media-id thumbnails))))
 
 (defmethod write-section :v1/rels
-  [{:keys [::output ::bfc/include-libraries] :as cfg}]
+  [{:keys [::output ::include-libraries] :as cfg}]
   (let [ids  (-> bfc/*state* deref :files set)
         rels (when include-libraries
                (bfc/get-files-rels cfg ids))]
@@ -422,19 +433,25 @@
 (defmulti read-import ::version)
 (defmulti read-section ::section)
 
-(s/def ::bfc/profile-id ::us/uuid)
-(s/def ::bfc/project-id ::us/uuid)
-(s/def ::bfc/input io/input-stream?)
+(s/def ::profile-id ::us/uuid)
+(s/def ::project-id ::us/uuid)
+(s/def ::input io/input-stream?)
+(s/def ::overwrite? (s/nilable ::us/boolean))
 (s/def ::ignore-index-errors? (s/nilable ::us/boolean))
 
+;; FIXME: replace with schema
 (s/def ::read-import-options
-  (s/keys :req [::db/pool ::sto/storage ::bfc/project-id ::bfc/profile-id ::bfc/input]
-          :opt [::ignore-index-errors?]))
+  (s/keys :req [::db/pool ::sto/storage ::project-id ::profile-id ::input]
+          :opt [::overwrite? ::ignore-index-errors?]))
 
 (defn read-import!
   "Do the importation of the specified resource in penpot custom binary
-  format."
-  [{:keys [::bfc/input ::bfc/timestamp] :or {timestamp (dt/now)} :as options}]
+  format. There are some options for customize the importation
+  behavior:
+
+  `::bfc/overwrite`: if true, instead of creating new files and remapping id references,
+  it reuses all ids and updates existing objects; defaults to `false`."
+  [{:keys [::input ::bfc/timestamp] :or {timestamp (dt/now)} :as options}]
 
   (dm/assert!
    "expected input stream"
@@ -448,9 +465,9 @@
     (read-import (assoc options ::version version ::bfc/timestamp timestamp))))
 
 (defn- read-import-v1
-  [{:keys [::db/conn ::bfc/project-id ::bfc/profile-id ::bfc/input] :as cfg}]
-
-  (bfc/disable-database-timeouts! cfg)
+  [{:keys [::db/conn ::project-id ::profile-id ::input] :as cfg}]
+  (db/exec-one! conn ["SET LOCAL idle_in_transaction_session_timeout = 0"])
+  (db/exec-one! conn ["SET CONSTRAINTS ALL DEFERRED"])
 
   (pu/with-open [input (zstd-input-stream input)
                  input (io/data-input-stream input)]
@@ -468,13 +485,13 @@
                 (let [options (-> cfg
                                   (assoc ::bfc/features features)
                                   (assoc ::section section)
-                                  (assoc ::bfc/input input))]
+                                  (assoc ::input input))]
                   (binding [bfc/*options* options]
                     (events/tap :progress {:op :import :section section})
                     (read-section options))))
               [:v1/metadata :v1/files :v1/rels :v1/sobjects])
 
-        (bfm/apply-pending-migrations! cfg)
+        (bfc/apply-pending-migrations! cfg)
 
         ;; Knowing that the ids of the created files are in index,
         ;; just lookup them and return it as a set
@@ -486,7 +503,7 @@
   (db/tx-run! options read-import-v1))
 
 (defmethod read-section :v1/metadata
-  [{:keys [::bfc/input]}]
+  [{:keys [::input]}]
   (let [{:keys [version files]} (read-obj! input)]
     (l/dbg :hint "metadata readed"
            :version (:full version)
@@ -503,8 +520,18 @@
               (update :object-id #(str/replace-first % #"^(.*?)/" (str file-id "/")))))
         thumbnails))
 
+(defn- clean-features
+  [file]
+  (update file :features (fn [features]
+                           (if (set? features)
+                             (-> features
+                                 (cfeat/migrate-legacy-features)
+                                 (set/difference cfeat/backend-only-features))
+                             #{}))))
+
 (defmethod read-section :v1/files
-  [{:keys [::bfc/input ::bfc/project-id ::bfc/name] :as system}]
+  [{:keys [::db/conn ::input ::project-id ::bfc/overwrite ::name] :as system}]
+
   (doseq [[idx expected-file-id] (d/enumerate (-> bfc/*state* deref :files))]
     (let [file       (read-obj! input)
           media      (read-obj! input)
@@ -512,7 +539,7 @@
           file-id    (:id file)
           file-id'   (bfc/lookup-index file-id)
 
-          file       (bfc/clean-file-features file)
+          file       (clean-features file)
           thumbnails (:thumbnails file)]
 
       (when (not= file-id expected-file-id)
@@ -532,9 +559,7 @@
 
       (when (seq thumbnails)
         (let [thumbnails (remap-thumbnails thumbnails file-id')]
-          (l/dbg :hint "updated index with thumbnails"
-                 :total (count thumbnails)
-                 ::l/sync? true)
+          (l/dbg :hint "updated index with thumbnails" :total (count thumbnails) ::l/sync? true)
           (vswap! bfc/*state* update :thumbnails bfc/into-vec thumbnails)))
 
       (when (seq media)
@@ -551,8 +576,8 @@
                      (cond-> (and (= idx 0) (some? name))
                        (assoc :name name))
                      (assoc :project-id project-id)
-                     (dissoc :thumbnails))
-            file  (bfc/process-file system file)]
+                     (dissoc :thumbnails)
+                     (bfc/process-file))]
 
         ;; All features that are enabled and requires explicit migration are
         ;; added to the state for a posterior migration step.
@@ -562,12 +587,15 @@
           (vswap! bfc/*state* update :pending-to-migrate (fnil conj []) [feature file-id']))
 
         (l/dbg :hint "create file" :id (str file-id') ::l/sync? true)
-        (bfc/save-file! system file ::db/return-keys false)
+        (bfc/persist-file! system file)
+
+        (when overwrite
+          (db/delete! conn :file-thumbnail {:file-id file-id'}))
 
         file-id'))))
 
 (defmethod read-section :v1/rels
-  [{:keys [::db/conn ::bfc/input ::bfc/timestamp]}]
+  [{:keys [::db/conn ::input ::bfc/timestamp]}]
   (let [rels (read-obj! input)
         ids  (into #{} (-> bfc/*state* deref :files))]
     ;; Insert all file relations
@@ -591,7 +619,7 @@
                   ::l/sync? true))))))
 
 (defmethod read-section :v1/sobjects
-  [{:keys [::db/conn ::bfc/input ::bfc/timestamp] :as cfg}]
+  [{:keys [::db/conn ::input ::bfc/overwrite ::bfc/timestamp] :as cfg}]
   (let [storage (sto/resolve cfg)
         ids     (read-obj! input)
         thumb?  (into #{} (map :media-id) (:thumbnails @bfc/*state*))]
@@ -644,7 +672,8 @@
                       (-> item
                           (assoc :file-id file-id)
                           (d/update-when :media-id bfc/lookup-index)
-                          (d/update-when :thumbnail-id bfc/lookup-index))))))
+                          (d/update-when :thumbnail-id bfc/lookup-index))
+                      {::db/on-conflict-do-nothing? overwrite}))))
 
     (doseq [item (:thumbnails @bfc/*state*)]
       (let [item (update item :media-id bfc/lookup-index)]
@@ -653,7 +682,8 @@
                :media-id (str (:media-id item))
                :object-id (:object-id item)
                ::l/sync? true)
-        (db/insert! conn :file-tagged-object-thumbnail item)))))
+        (db/insert! conn :file-tagged-object-thumbnail item
+                    {::db/on-conflict-do-nothing? overwrite})))))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; HIGH LEVEL API
@@ -663,23 +693,23 @@
   "Do the exportation of a specified file in custom penpot binary
   format. There are some options available for customize the output:
 
-  `::bfc/include-libraries`: additionally to the specified file, all the
+  `::include-libraries`: additionally to the specified file, all the
   linked libraries also will be included (including transitive
   dependencies).
 
-  `::bfc/embed-assets`: instead of including the libraries, embed in the
+  `::embed-assets`: instead of including the libraries, embed in the
   same file library all assets used from external libraries."
 
-  [{:keys [::bfc/ids] :as cfg} output]
+  [{:keys [::ids] :as cfg} output]
 
   (dm/assert!
-   "expected a set of uuid's for `::bfc/ids` parameter"
+   "expected a set of uuid's for `::ids` parameter"
    (and (set? ids)
         (every? uuid? ids)))
 
   (dm/assert!
    "expected instance of jio/IOFactory for `input`"
-   (io/coercible? output))
+   (satisfies? jio/IOFactory output))
 
   (let [id (uuid/next)
         tp (dt/tpoint)
@@ -708,12 +738,12 @@
                 :cause @cs)))))
 
 (defn import-files!
-  [{:keys [::bfc/input] :as cfg}]
+  [cfg input]
 
   (dm/assert!
    "expected valid profile-id and project-id on `cfg`"
-   (and (uuid? (::bfc/profile-id cfg))
-        (uuid? (::bfc/project-id cfg))))
+   (and (uuid? (::profile-id cfg))
+        (uuid? (::project-id cfg))))
 
   (dm/assert!
    "expected instance of jio/IOFactory for `input`"
@@ -727,7 +757,7 @@
     (try
       (binding [*position* (atom 0)]
         (pu/with-open [input (io/input-stream input)]
-          (read-import! (assoc cfg ::bfc/input input))))
+          (read-import! (assoc cfg ::input input))))
 
       (catch ZstdIOException cause
         (ex/raise :type :validation

backend/src/app/binfile/v2.clj

@@ -141,15 +141,16 @@
       (write! cfg :team-font-variant id font))))
 
 (defn- write-project!
-  [cfg project]
-  (events/tap :progress
-              {:op :export
-               :section :write-project
-               :id (:id project)
-               :name (:name project)})
-  (l/trc :hint "write" :obj "project" :id (str (:id project)))
-  (write! cfg :project (str (:id project)) project)
-  (vswap! bfc/*state* update :projects conj (:id project)))
+  [cfg project-id]
+  (let [project (bfc/get-project cfg project-id)]
+    (events/tap :progress
+                {:op :export
+                 :section :write-project
+                 :id project-id
+                 :name (:name project)})
+    (l/trc :hint "write" :obj "project" :id (str project-id))
+    (write! cfg :project (str project-id) project)
+    (vswap! bfc/*state* update :projects conj project-id)))
 
 (defn- write-file!
   [cfg file-id]
@@ -190,7 +191,7 @@
   [{:keys [::sto/storage] :as cfg} id]
   (let [sobj (sto/get-object storage id)
         data (with-open [input (sto/get-object-data storage sobj)]
-               (io/read input))]
+               (io/read-as-bytes input))]
 
     (l/trc :hint "write" :obj "storage-object" :id (str id) :size (:size sobj))
     (write! cfg :storage-object id (meta sobj) data)))
@@ -281,8 +282,8 @@
 
   (let [file (-> (read-obj cfg :file file-id)
                  (update :id bfc/lookup-index)
-                 (update :project-id bfc/lookup-index))
-        file (bfc/process-file cfg file)]
+                 (update :project-id bfc/lookup-index)
+                 (bfc/process-file))]
 
     (events/tap :progress
                 {:op :import
@@ -297,7 +298,7 @@
                         (set/difference (:features file)))]
       (vswap! bfc/*state* update :pending-to-migrate (fnil conj []) [feature (:id file)]))
 
-    (bfc/save-file! cfg file ::db/return-keys false))
+    (bfc/persist-file! cfg file))
 
   (doseq [thumbnail (read-seq cfg :file-object-thumbnail file-id)]
     (let [thumbnail (-> thumbnail
@@ -362,7 +363,7 @@
                                 (bfc/get-team-projects cfg team-id))
 
                           (run! (partial write-file! cfg)
-                                (bfc/get-team-files-ids cfg team-id))
+                                (bfc/get-team-files cfg team-id))
 
                           (run! (partial write-storage-object! cfg)
                                 (-> bfc/*state* deref :storage-objects))

backend/src/app/config.clj

@@ -12,7 +12,6 @@
    [app.common.exceptions :as ex]
    [app.common.flags :as flags]
    [app.common.schema :as sm]
-   [app.common.uri :as u]
    [app.common.version :as v]
    [app.util.overrides]
    [app.util.time :as dt]
@@ -27,11 +26,11 @@
   [_ data]
   (d/without-nils data))
 
-(defmethod ig/expand-key :default
-  [k v]
-  {k (if (map? v)
-       (d/without-nils v)
-       v)})
+(defmethod ig/prep-key :default
+  [_ data]
+  (if (map? data)
+    (d/without-nils data)
+    data))
 
 (def default
   {:database-uri "postgresql://postgres/penpot"
@@ -43,6 +42,7 @@
    :rpc-rlimit-config "resources/rlimit.edn"
    :rpc-climit-config "resources/climit.edn"
 
+   :auto-file-snapshot-total 10
    :auto-file-snapshot-every 5
    :auto-file-snapshot-timeout "3h"
 
@@ -101,6 +101,7 @@
     [:telemetry-uri {:optional true} :string]
     [:telemetry-with-taiga {:optional true} ::sm/boolean] ;; DELETE
 
+    [:auto-file-snapshot-total {:optional true} ::sm/int]
     [:auto-file-snapshot-every {:optional true} ::sm/int]
     [:auto-file-snapshot-timeout {:optional true} ::dt/duration]
 
@@ -125,7 +126,7 @@
     [:worker-webhook-parallelism {:optional true} ::sm/int]
 
     [:database-password {:optional true} [:maybe :string]]
-    [:database-uri {:optional true} ::sm/uri]
+    [:database-uri {:optional true} :string]
     [:database-username {:optional true} [:maybe :string]]
     [:database-readonly {:optional true} ::sm/boolean]
     [:database-min-pool-size {:optional true} ::sm/int]
@@ -141,10 +142,6 @@
     [:quotes-font-variants-per-team {:optional true} ::sm/int]
     [:quotes-comment-threads-per-file {:optional true} ::sm/int]
     [:quotes-comments-per-file {:optional true} ::sm/int]
-    [:quotes-snapshots-per-file {:optional true} ::sm/int]
-    [:quotes-snapshots-per-team {:optional true} ::sm/int]
-    [:quotes-team-access-requests-per-team {:optional true} ::sm/int]
-    [:quotes-team-access-requests-per-requester {:optional true} ::sm/int]
 
     [:auth-data-cookie-domain {:optional true} :string]
     [:auth-token-cookie-name {:optional true} :string]
@@ -191,7 +188,7 @@
     [:profile-complaint-max-age {:optional true} ::dt/duration]
     [:profile-complaint-threshold {:optional true} ::sm/int]
 
-    [:redis-uri {:optional true} ::sm/uri]
+    [:redis-uri {:optional true} :string]
 
     [:email-domain-blacklist {:optional true} ::fs/path]
     [:email-domain-whitelist {:optional true} ::fs/path]
@@ -219,26 +216,29 @@
     [:storage-assets-fs-directory {:optional true} :string]
     [:storage-assets-s3-bucket {:optional true} :string]
     [:storage-assets-s3-region {:optional true} :keyword]
-    [:storage-assets-s3-endpoint {:optional true} ::sm/uri]
+    [:storage-assets-s3-endpoint {:optional true} :string]
     [:storage-assets-s3-io-threads {:optional true} ::sm/int]
 
     [:objects-storage-backend {:optional true} :keyword]
     [:objects-storage-fs-directory {:optional true} :string]
     [:objects-storage-s3-bucket {:optional true} :string]
     [:objects-storage-s3-region {:optional true} :keyword]
-    [:objects-storage-s3-endpoint {:optional true} ::sm/uri]
+    [:objects-storage-s3-endpoint {:optional true} :string]
     [:objects-storage-s3-io-threads {:optional true} ::sm/int]]))
 
+(def default-flags
+  [:enable-backend-api-doc
+   :enable-backend-openapi-doc
+   :enable-backend-worker
+   :enable-secure-session-cookies
+   :enable-email-verification
+   :enable-v2-migration])
+
 (defn- parse-flags
   [config]
-  (let [public-uri  (c/get config :public-uri)
-        public-uri  (some-> public-uri (u/uri))
-        extra-flags (if (and public-uri
-                             (= (:scheme public-uri) "http")
-                             (not= (:host public-uri) "localhost"))
-                      #{:disable-secure-session-cookies}
-                      #{})]
-    (flags/parse flags/default extra-flags (:flags config))))
+  (flags/parse flags/default
+               default-flags
+               (:flags config)))
 
 (defn read-env
   [prefix]

backend/src/app/db.clj

@@ -11,7 +11,7 @@
    [app.common.exceptions :as ex]
    [app.common.geom.point :as gpt]
    [app.common.logging :as l]
-   [app.common.schema :as sm]
+   [app.common.spec :as us]
    [app.common.transit :as t]
    [app.common.uuid :as uuid]
    [app.db.sql :as sql]
@@ -20,10 +20,10 @@
    [app.util.time :as dt]
    [clojure.java.io :as io]
    [clojure.set :as set]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]
    [next.jdbc :as jdbc]
-   [next.jdbc.date-time :as jdbc-dt]
-   [next.jdbc.transaction])
+   [next.jdbc.date-time :as jdbc-dt])
   (:import
    com.zaxxer.hikari.HikariConfig
    com.zaxxer.hikari.HikariDataSource
@@ -42,8 +42,6 @@
    org.postgresql.util.PGInterval
    org.postgresql.util.PGobject))
 
-(def ^:dynamic *conn* nil)
-
 (declare open)
 (declare create-pool)
 
@@ -51,17 +49,27 @@
 ;; Initialization
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
-(def ^:private schema:pool-options
-  [:map {:title "pool-options"}
-   [::connect-timeout {:optional true} ::sm/int]
-   [::max-size {:optional true} ::sm/int]
-   [::min-size {:optional true} ::sm/int]
-   [::name {:optional true} :keyword]
-   [::uri {:optional true} ::sm/uri]
-   [::password {:optional true} :string]
-   [::username {:optional true} :string]
-   [::validation-timeout {:optional true} ::sm/int]
-   [::read-only {:optional true} ::sm/boolean]])
+(s/def ::connection-timeout ::us/integer)
+(s/def ::max-size ::us/integer)
+(s/def ::min-size ::us/integer)
+(s/def ::name keyword?)
+(s/def ::password ::us/string)
+(s/def ::uri ::us/not-empty-string)
+(s/def ::username ::us/string)
+(s/def ::validation-timeout ::us/integer)
+(s/def ::read-only? ::us/boolean)
+
+(s/def ::pool-options
+  (s/keys :opt [::uri
+                ::name
+                ::min-size
+                ::max-size
+                ::connection-timeout
+                ::validation-timeout
+                ::username
+                ::password
+                ::mtx/metrics
+                ::read-only?]))
 
 (def defaults
   {::name :main
@@ -71,26 +79,27 @@
    ::validation-timeout 10000
    ::idle-timeout 120000 ; 2min
    ::max-lifetime 1800000 ; 30m
-   ::read-only false})
+   ::read-only? false})
 
-(defmethod ig/assert-key ::pool
-  [_ options]
-  (assert (sm/check schema:pool-options options)))
+(defmethod ig/prep-key ::pool
+  [_ cfg]
+  (merge defaults (d/without-nils cfg)))
+
+;; Don't validate here, just validate that a map is received.
+(defmethod ig/pre-init-spec ::pool [_] ::pool-options)
 
 (defmethod ig/init-key ::pool
-  [_ cfg]
-  (let [{:keys [::uri ::read-only] :as cfg}
-        (merge defaults cfg)]
-    (when uri
-      (l/info :hint "initialize connection pool"
-              :name (d/name (::name cfg))
-              :uri (str uri)
-              :read-only read-only
-              :credentials (and (contains? cfg ::username)
-                                (contains? cfg ::password))
-              :min-size (::min-size cfg)
-              :max-size (::max-size cfg))
-      (create-pool cfg))))
+  [_ {:keys [::uri ::read-only?] :as cfg}]
+  (when uri
+    (l/info :hint "initialize connection pool"
+            :name (d/name (::name cfg))
+            :uri uri
+            :read-only read-only?
+            :with-credentials (and (contains? cfg ::username)
+                                   (contains? cfg ::password))
+            :min-size (::min-size cfg)
+            :max-size (::max-size cfg))
+    (create-pool cfg)))
 
 (defmethod ig/halt-key! ::pool
   [_ pool]
@@ -106,15 +115,13 @@
        "SET idle_in_transaction_session_timeout = 300000;"))
 
 (defn- create-datasource-config
-  [{:keys [::uri] :as cfg}]
-
-  ;; (app.common.pprint/pprint cfg)
+  [{:keys [::mtx/metrics ::uri] :as cfg}]
   (let [config (HikariConfig.)]
     (doto config
       (.setJdbcUrl           (str "jdbc:" uri))
       (.setPoolName          (d/name (::name cfg)))
       (.setAutoCommit true)
-      (.setReadOnly          (::read-only cfg))
+      (.setReadOnly          (::read-only? cfg))
       (.setConnectionTimeout (::connection-timeout cfg))
       (.setValidationTimeout (::validation-timeout cfg))
       (.setIdleTimeout       (::idle-timeout cfg))
@@ -125,8 +132,8 @@
       (.setInitializationFailTimeout -1))
 
     ;; When metrics namespace is provided
-    (when-let [instance (::mtx/metrics cfg)]
-      (->> (mtx/get-registry instance)
+    (when metrics
+      (->> (::mtx/registry metrics)
            (PrometheusMetricsTrackerFactory.)
            (.setMetricsTrackerFactory config)))
 
@@ -143,22 +150,10 @@
   [conn]
   (instance? Connection conn))
 
-(defn connectable?
-  [o]
-  (or (connection? o)
-      (pool? o)))
-
-(sm/register!
- {:type ::conn
-  :pred connection?})
-
-(sm/register!
- {:type ::connectable
-  :pred connectable?})
-
-(sm/register!
- {:type ::pool
-  :pred pool?})
+(s/def ::conn some?)
+(s/def ::nilable-pool (s/nilable ::pool))
+(s/def ::pool pool?)
+(s/def ::connectable some?)
 
 (defn closed?
   [pool]
@@ -226,6 +221,16 @@
     (let [^OutputStream os (.getOutputStream ^LargeObject lobj)]
       (io/make-output-stream os opts))))
 
+(defmacro with-atomic
+  [& args]
+  (if (symbol? (first args))
+    (let [cfgs (first args)
+          body (rest args)]
+      `(jdbc/with-transaction [conn# (::pool ~cfgs)]
+         (let [~cfgs (assoc ~cfgs ::conn conn#)]
+           ~@body)))
+    `(jdbc/with-transaction ~@args)))
+
 (defn open
   [system-or-pool]
   (if (pool? system-or-pool)
@@ -263,17 +268,19 @@
     :else           (throw (IllegalArgumentException. "unable to resolve connectable"))))
 
 (def ^:private params-mapping
-  {::return-keys :return-keys})
+  {::return-keys? :return-keys
+   ::return-keys :return-keys})
 
 (defn rename-opts
   [opts]
   (set/rename-keys opts params-mapping))
 
 (def ^:private default-insert-opts
-  (assoc sql/default-opts :return-keys true))
+  {:builder-fn sql/as-kebab-maps
+   :return-keys true})
 
 (def ^:private default-opts
-  sql/default-opts)
+  {:builder-fn sql/as-kebab-maps})
 
 (defn exec!
   ([ds sv] (exec! ds sv nil))
@@ -324,7 +331,7 @@
 (defn update!
   "A helper that build an UPDATE SQL statement and executes it.
 
-  Given a connectable object, a table name, a hash map of columns and
+   Given a connectable object, a table name, a hash map of columns and
   values to set, and either a hash map of columns and values to search
   on or a vector of a SQL where clause and parameters, perform an
   update on the table.
@@ -404,20 +411,10 @@
                 :hint "database object not found"))
     row))
 
-(def ^:private default-plan-opts
-  (-> default-opts
-      (assoc :fetch-size 1000)
-      (assoc :concurrency :read-only)
-      (assoc :cursors :close)
-      (assoc :result-type :forward-only)))
-
 (defn plan
-  ([ds sql]
-   (-> (get-connectable ds)
-       (jdbc/plan sql default-plan-opts)))
-  ([ds sql opts]
-   (-> (get-connectable ds)
-       (jdbc/plan sql (merge default-plan-opts opts)))))
+  [ds sql]
+  (-> (get-connectable ds)
+      (jdbc/plan sql sql/default-opts)))
 
 (defn cursor
   "Return a lazy seq of rows using server side cursors"
@@ -528,31 +525,43 @@
      (l/trc :hint "explicit rollback requested (savepoint)")
      (.rollback conn sp))))
 
-(defn transact!
-  "A lower-level function for executing function in a transaction"
-  ([transactable f] (transact! transactable f {}))
-  ([transactable f opts]
-   (binding [next.jdbc.transaction/*nested-tx* :ignore]
-     (jdbc/transact transactable f opts))))
-
 (defn tx-run!
-  "Run a function in a transaction."
   [system f & params]
-  (if (connection? system)
+  (cond
+    (connection? system)
     (tx-run! {::conn system} f)
-    (if (pool? system)
-      (tx-run! {::pool system} f)
-      (if-let [conn (or (::conn system)
-                        (::pool system))]
-        (transact! conn
-                   (fn [conn]
-                     (let [system' (-> system
-                                       (dissoc ::rollback)
-                                       (assoc ::conn conn))]
-                       (apply f system' params)))
-                   {:rollback-only (::rollback system)
-                    :read-only (::read-only system)})
-        (throw (IllegalArgumentException. "invalid system/cfg provided"))))))
+
+    (pool? system)
+    (tx-run! {::pool system} f)
+
+    (::conn system)
+    (let [conn (::conn system)
+          sp   (savepoint conn)]
+      (try
+        (let [system' (-> system
+                          (assoc ::savepoint sp)
+                          (dissoc ::rollback))
+              result  (apply f system' params)]
+          (if (::rollback system)
+            (rollback! conn sp)
+            (release! conn sp))
+          result)
+        (catch Throwable cause
+          (.rollback ^Connection conn ^Savepoint sp)
+          (throw cause))))
+
+    (::pool system)
+    (with-atomic [conn (::pool system)]
+      (let [system' (-> system
+                        (assoc ::conn conn)
+                        (dissoc ::rollback))
+            result  (apply f system' params)]
+        (when (::rollback system)
+          (rollback! conn))
+        result))
+
+    :else
+    (throw (IllegalArgumentException. "invalid system/cfg provided"))))
 
 (defn run!
   [system f & params]

backend/src/app/db/sql.clj

@@ -15,15 +15,14 @@
 (defn kebab-case [s] (str/replace s #"_" "-"))
 (defn snake-case [s] (str/replace s #"-" "_"))
 
+(def default-opts
+  {:table-fn snake-case
+   :column-fn snake-case})
+
 (defn as-kebab-maps
   [rs opts]
   (jdbc-opt/as-unqualified-modified-maps rs (assoc opts :label-fn kebab-case)))
 
-(def default-opts
-  {:table-fn snake-case
-   :column-fn snake-case
-   :builder-fn as-kebab-maps})
-
 (defn insert
   ([table key-map]
    (insert table key-map nil))
@@ -39,10 +38,7 @@
 
 (defn insert-many
   [table cols rows opts]
-  (let [opts (merge default-opts opts)
-        opts (cond-> opts
-               (::on-conflict-do-nothing opts)
-               (assoc :suffix "ON CONFLICT DO NOTHING"))]
+  (let [opts (merge default-opts opts)]
     (sql/for-insert-multi table cols rows opts)))
 
 (defn select

backend/src/app/email.clj

@@ -12,12 +12,18 @@
    [app.common.logging :as l]
    [app.common.pprint :as pp]
    [app.common.schema :as sm]
+   [app.common.spec :as us]
    [app.config :as cf]
    [app.db :as db]
    [app.db.sql :as sql]
+   [app.email.invite-to-team :as-alias email.invite-to-team]
+   [app.email.join-team :as-alias email.join-team]
+   [app.email.request-team-access :as-alias email.request-team-access]
+   [app.metrics :as mtx]
    [app.util.template :as tmpl]
    [app.worker :as wrk]
    [clojure.java.io :as io]
+   [clojure.spec.alpha :as s]
    [cuerdas.core :as str]
    [integrant.core :as ig])
   (:import
@@ -217,45 +223,50 @@
               [{:type "text/html"
                 :content html}]))}))
 
-(def ^:private schema:context
-  [:map
-   [:to [:or ::sm/email [::sm/vec ::sm/email]]]
-   [:reply-to {:optional true} ::sm/email]
-   [:from {:optional true} ::sm/email]
-   [:lang {:optional true} ::sm/text]
-   [:priority {:optional true} [:enum :high :low]]
-   [:extra-data {:optional true} ::sm/text]])
+(s/def ::priority #{:high :low})
+(s/def ::to (s/or :single ::us/email
+                  :multi (s/coll-of ::us/email)))
+(s/def ::from ::us/email)
+(s/def ::reply-to ::us/email)
+(s/def ::lang string?)
+(s/def ::extra-data ::us/string)
 
-(def ^:private check-context
-  (sm/check-fn schema:context))
+(s/def ::context
+  (s/keys :req-un [::to]
+          :opt-un [::reply-to ::from ::lang ::priority ::extra-data]))
 
 (defn template-factory
-  [& {:keys [id schema]}]
-  (assert (keyword? id) "id should be provided and it should be a keyword")
-  (let [check-fn (if schema
-                   (sm/check-fn schema)
-                   (constantly nil))]
-    (fn [context]
-      (let [context (-> context check-context check-fn)
-            email   (build-email-template id context)]
-        (when-not email
-          (ex/raise :type :internal
-                    :code :email-template-does-not-exists
-                    :hint "seems like the template is wrong or does not exists."
-                    :template-id id))
+  ([id] (template-factory id {}))
+  ([id extra-context]
+   (s/assert keyword? id)
+   (fn [context]
+     (us/verify ::context context)
+     (when-let [spec (s/get-spec id)]
+       (s/assert spec context))
 
-        (cond-> (assoc email :id (name id))
-          (:extra-data context)
-          (assoc :extra-data (:extra-data context))
+     (let [context (merge (if (fn? extra-context)
+                            (extra-context)
+                            extra-context)
+                          context)
+           email   (build-email-template id context)]
+       (when-not email
+         (ex/raise :type :internal
+                   :code :email-template-does-not-exists
+                   :hint "seems like the template is wrong or does not exists."
+                   :context {:id id}))
+       (cond-> (assoc email :id (name id))
+         (:extra-data context)
+         (assoc :extra-data (:extra-data context))
 
-          (:from context)
-          (assoc :from (:from context))
+         (:from context)
+         (assoc :from (:from context))
 
-          (:reply-to context)
-          (assoc :reply-to (:reply-to context))
+         (:reply-to context)
+         (assoc :reply-to (:reply-to context))
+
+         (:to context)
+         (assoc :to (:to context)))))))
 
-          (:to context)
-          (assoc :to (:to context)))))))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; PUBLIC HIGH-LEVEL API
@@ -269,8 +280,7 @@
   "Schedule an already defined email to be sent using asynchronously
   using worker task."
   [{:keys [::conn ::factory] :as context}]
-  (assert (db/connectable? conn) "expected a valid database connection or pool")
-
+  (us/verify some? conn)
   (let [email (if factory
                 (factory context)
                 (dissoc context ::conn))]
@@ -287,6 +297,8 @@
 
 (declare send-to-logger!)
 
+(s/def ::sendmail fn?)
+
 (defmethod ig/init-key ::sendmail
   [_ cfg]
   (fn [params]
@@ -303,18 +315,19 @@
             (l/dbg :hint "sendmail"
                    :id (:id params)
                    :to (:to params)
-                   :subject (str/trim (:subject params)))
+                   :subject (str/trim (:subject params))
+                   :body (str/join "," (map :type (:body params))))
 
             (.sendMessage ^Transport transport
                           ^MimeMessage message
                           (.getAllRecipients message))))))
 
-    (when (contains? cf/flags :log-emails)
+    (when (or (contains? cf/flags :log-emails)
+              (not (contains? cf/flags :smtp)))
       (send-to-logger! cfg params))))
 
-(defmethod ig/assert-key ::handler
-  [_ params]
-  (assert (fn? (::sendmail params)) "expected valid sendmail handler"))
+(defmethod ig/pre-init-spec ::handler [_]
+  (s/keys :req [::sendmail ::mtx/metrics]))
 
 (defmethod ig/init-key ::handler
   [_ {:keys [::sendmail]}]
@@ -341,152 +354,125 @@
 ;; EMAIL FACTORIES
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
-(def ^:private schema:feedback
-  [:map
-   [:subject ::sm/text]
-   [:content ::sm/text]])
+(s/def ::subject ::us/string)
+(s/def ::content ::us/string)
 
-(def user-feedback
+(s/def ::feedback
+  (s/keys :req-un [::subject ::content]))
+
+(def feedback
   "A profile feedback email."
-  (template-factory
-   :id ::feedback
-   :schema schema:feedback))
+  (template-factory ::feedback))
 
-(def ^:private schema:register
-  [:map [:name ::sm/text]])
+(s/def ::name ::us/string)
+(s/def ::register
+  (s/keys :req-un [::name]))
 
 (def register
   "A new profile registration welcome email."
-  (template-factory
-   :id ::register
-   :schema schema:register))
+  (template-factory ::register))
 
-(def ^:private schema:password-recovery
-  [:map
-   [:name ::sm/text]
-   [:token ::sm/text]])
+(s/def ::token ::us/string)
+(s/def ::password-recovery
+  (s/keys :req-un [::name ::token]))
 
 (def password-recovery
   "A password recovery notification email."
-  (template-factory
-   :id ::password-recovery
-   :schema schema:password-recovery))
+  (template-factory ::password-recovery))
 
-(def ^:private schema:change-email
-  [:map
-   [:name ::sm/text]
-   [:pending-email ::sm/email]
-   [:token ::sm/text]])
+(s/def ::pending-email ::us/email)
+(s/def ::change-email
+  (s/keys :req-un [::name ::pending-email ::token]))
 
 (def change-email
   "Password change confirmation email"
-  (template-factory
-   :id ::change-email
-   :schema schema:change-email))
+  (template-factory ::change-email))
 
-(def ^:private schema:invite-to-team
-  [:map
-   [:invited-by ::sm/text]
-   [:team ::sm/text]
-   [:token ::sm/text]])
+(s/def ::email.invite-to-team/invited-by ::us/string)
+(s/def ::email.invite-to-team/team ::us/string)
+(s/def ::email.invite-to-team/token ::us/string)
+
+(s/def ::invite-to-team
+  (s/keys :req-un [::email.invite-to-team/invited-by
+                   ::email.invite-to-team/token
+                   ::email.invite-to-team/team]))
 
 (def invite-to-team
   "Teams member invitation email."
-  (template-factory
-   :id ::invite-to-team
-   :schema schema:invite-to-team))
+  (template-factory ::invite-to-team))
 
-(def ^:private schema:join-team
-  [:map
-   [:invited-by ::sm/text]
-   [:team ::sm/text]
-   [:team-id ::sm/uuid]])
+
+(s/def ::email.join-team/invited-by ::us/string)
+(s/def ::email.join-team/team ::us/string)
+(s/def ::email.join-team/team-id ::us/uuid)
+
+(s/def ::join-team
+  (s/keys :req-un [::email.join-team/invited-by
+                   ::email.join-team/team-id
+                   ::email.join-team/team]))
 
 (def join-team
   "Teams member joined after request email."
-  (template-factory
-   :id ::join-team
-   :schema schema:join-team))
+  (template-factory ::join-team))
 
-(def ^:private schema:request-file-access
-  [:map
-   [:requested-by ::sm/text]
-   [:requested-by-email ::sm/text]
-   [:team-name ::sm/text]
-   [:team-id ::sm/uuid]
-   [:file-name ::sm/text]
-   [:file-id ::sm/uuid]
-   [:page-id ::sm/uuid]])
+(s/def ::email.request-team-access/requested-by ::us/string)
+(s/def ::email.request-team-access/requested-by-email ::us/string)
+(s/def ::email.request-team-access/team-name ::us/string)
+(s/def ::email.request-team-access/team-id ::us/uuid)
+(s/def ::email.request-team-access/file-name ::us/string)
+(s/def ::email.request-team-access/file-id ::us/uuid)
+(s/def ::email.request-team-access/page-id ::us/uuid)
+
+(s/def ::request-file-access
+  (s/keys :req-un [::email.request-team-access/requested-by
+                   ::email.request-team-access/requested-by-email
+                   ::email.request-team-access/team-name
+                   ::email.request-team-access/team-id
+                   ::email.request-team-access/file-name
+                   ::email.request-team-access/file-id
+                   ::email.request-team-access/page-id]))
 
 (def request-file-access
   "File access request email."
-  (template-factory
-   :id ::request-file-access
-   :schema schema:request-file-access))
+  (template-factory ::request-file-access))
+
+
+(s/def ::request-file-access-yourpenpot
+  (s/keys :req-un [::email.request-team-access/requested-by
+                   ::email.request-team-access/requested-by-email
+                   ::email.request-team-access/team-name
+                   ::email.request-team-access/team-id
+                   ::email.request-team-access/file-name
+                   ::email.request-team-access/file-id
+                   ::email.request-team-access/page-id]))
 
 (def request-file-access-yourpenpot
   "File access on Your Penpot request email."
-  (template-factory
-   :id ::request-file-access-yourpenpot
-   :schema schema:request-file-access))
+  (template-factory ::request-file-access-yourpenpot))
+
+(s/def ::request-file-access-yourpenpot-view
+  (s/keys :req-un [::email.request-team-access/requested-by
+                   ::email.request-team-access/requested-by-email
+                   ::email.request-team-access/team-name
+                   ::email.request-team-access/team-id
+                   ::email.request-team-access/file-name
+                   ::email.request-team-access/file-id
+                   ::email.request-team-access/page-id]))
 
 (def request-file-access-yourpenpot-view
   "File access on Your Penpot view mode request email."
-  (template-factory
-   :id ::request-file-access-yourpenpot-view
-   :schema schema:request-file-access))
+  (template-factory ::request-file-access-yourpenpot-view))
 
-(def ^:private schema:request-team-access
-  [:map
-   [:requested-by ::sm/text]
-   [:requested-by-email ::sm/text]
-   [:team-name ::sm/text]
-   [:team-id ::sm/uuid]])
+(s/def ::request-team-access
+  (s/keys :req-un [::email.request-team-access/requested-by
+                   ::email.request-team-access/requested-by-email
+                   ::email.request-team-access/team-name
+                   ::email.request-team-access/team-id]))
 
 (def request-team-access
   "Team access request email."
-  (template-factory
-   :id ::request-team-access
-   :schema schema:request-team-access))
+  (template-factory ::request-team-access))
 
-(def ^:private schema:comment-mention
-  [:map
-   [:name ::sm/text]
-   [:source-user ::sm/text]
-   [:comment-reference ::sm/text]
-   [:comment-content ::sm/text]
-   [:comment-url ::sm/text]])
-
-(def comment-mention
-  (template-factory
-   :id ::comment-mention
-   :schema schema:comment-mention))
-
-(def ^:private schema:comment-thread
-  [:map
-   [:name ::sm/text]
-   [:source-user ::sm/text]
-   [:comment-reference ::sm/text]
-   [:comment-content ::sm/text]
-   [:comment-url ::sm/text]])
-
-(def comment-thread
-  (template-factory
-   :id ::comment-thread
-   :schema schema:comment-thread))
-
-(def ^:private schema:comment-notification
-  [:map
-   [:name ::sm/text]
-   [:source-user ::sm/text]
-   [:comment-reference ::sm/text]
-   [:comment-content ::sm/text]
-   [:comment-url ::sm/text]])
-
-(def comment-notification
-  (template-factory
-   :id ::comment-notification
-   :schema schema:comment-notification))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; BOUNCE/COMPLAINS HELPERS

backend/src/app/features/fdata.clj

@@ -9,10 +9,7 @@
   (:require
    [app.common.data :as d]
    [app.common.exceptions :as ex]
-   [app.common.files.helpers :as cfh]
-   [app.common.files.migrations :as fmg]
    [app.common.logging :as l]
-   [app.common.types.path :as path]
    [app.db :as db]
    [app.db.sql :as-alias sql]
    [app.storage :as sto]
@@ -33,7 +30,7 @@
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
 (defn enable-objects-map
-  [file & _opts]
+  [file]
   (let [update-page
         (fn [page]
           (if (and (pmap/pointer-map? page)
@@ -139,56 +136,10 @@
 
 (defn enable-pointer-map
   "Enable the fdata/pointer-map feature on the file."
-  [file & _opts]
+  [file]
   (-> file
       (update :data (fn [fdata]
                       (-> fdata
                           (update :pages-index d/update-vals pmap/wrap)
                           (d/update-when :components pmap/wrap))))
       (update :features conj "fdata/pointer-map")))
-
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; PATH-DATA
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(defn enable-path-data
-  "Enable the fdata/path-data feature on the file."
-  [file & _opts]
-  (letfn [(update-object [object]
-            (if (or (cfh/path-shape? object)
-                    (cfh/bool-shape? object))
-              (update object :content path/content)
-              object))
-
-          (update-container [container]
-            (d/update-when container :objects d/update-vals update-object))]
-
-    (-> file
-        (update :data (fn [data]
-                        (-> data
-                            (update :pages-index d/update-vals update-container)
-                            (d/update-when :components d/update-vals update-container))))
-        (update :features conj "fdata/path-data"))))
-
-(defn disable-path-data
-  [file & _opts]
-  (letfn [(update-object [object]
-            (if (or (cfh/path-shape? object)
-                    (cfh/bool-shape? object))
-              (update object :content vec)
-              object))
-
-          (update-container [container]
-            (d/update-when container :objects d/update-vals update-object))]
-
-    (when-let [conn db/*conn*]
-      (db/delete! conn :file-migration {:file-id (:id file)
-                                        :name "0003-convert-path-content"}))
-    (-> file
-        (update :data (fn [data]
-                        (-> data
-                            (update :pages-index d/update-vals update-container)
-                            (d/update-when :components d/update-vals update-container))))
-        (update :features disj "fdata/path-data")
-        (update :migrations disj "0003-convert-path-content")
-        (vary-meta update ::fmg/migrated disj "0003-convert-path-content"))))

backend/src/app/features/file_migrations.clj

@@ -1,39 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; Copyright (c) KALEIDOS INC
-
-(ns app.features.file-migrations
-  "Backend specific code for file migrations. Implemented as permanent feature of files."
-  (:require
-   [app.common.data :as d]
-   [app.common.files.migrations :as fmg :refer [xf:map-name]]
-   [app.db :as db]
-   [app.db.sql :as-alias sql]))
-
-(def ^:private sql:get-file-migrations
-  "SELECT name FROM file_migration WHERE file_id = ? ORDER BY created_at ASC")
-
-(defn resolve-applied-migrations
-  [cfg {:keys [id] :as file}]
-  (let [conn (db/get-connection cfg)]
-    (assoc file :migrations
-           (->> (db/plan conn [sql:get-file-migrations id])
-                (transduce xf:map-name conj (d/ordered-set))
-                (not-empty)))))
-
-(defn upsert-migrations!
-  "Persist or update file migrations. Return the updated/inserted number
-  of rows"
-  [conn {:keys [id] :as file}]
-  (let [migrations (or (-> file meta ::fmg/migrated)
-                       (-> file :migrations not-empty)
-                       fmg/available-migrations)
-        columns    [:file-id :name]
-        rows       (mapv (fn [name] [id name]) migrations)]
-
-    (-> (db/insert-many! conn :file-migration columns rows
-                         {::db/return-keys false
-                          ::sql/on-conflict-do-nothing true})
-        (db/get-update-count))))

backend/src/app/features/logical_deletion.clj

@@ -1,31 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; Copyright (c) KALEIDOS INC
-
-(ns app.features.logical-deletion
-  "A code related to handle logical deletion mechanism"
-  (:require
-   [app.config :as cf]
-   [app.util.time :as dt]))
-
-(defn get-deletion-delay
-  "Calculate the next deleted-at for a resource (file, team, etc) in function
-  of team settings"
-  [team]
-  (if-let [subscription (get team :subscription)]
-    (cond
-      (and (= (:type subscription) "unlimited")
-           (= (:status subscription) "active"))
-      (dt/duration {:days 30})
-
-      (and (= (:type subscription) "enterprise")
-           (= (:status subscription) "active"))
-      (dt/duration {:days 90})
-
-      :else
-      (cf/get-deletion-delay))
-
-    (cf/get-deletion-delay)))
-

backend/src/app/http.clj

@@ -9,7 +9,6 @@
    [app.auth.oidc :as-alias oidc]
    [app.common.data :as d]
    [app.common.logging :as l]
-   [app.common.schema :as sm]
    [app.common.transit :as t]
    [app.db :as-alias db]
    [app.http.access-token :as actoken]
@@ -25,13 +24,14 @@
    [app.rpc :as-alias rpc]
    [app.rpc.doc :as-alias rpc.doc]
    [app.setup :as-alias setup]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]
    [promesa.exec :as px]
    [reitit.core :as r]
    [reitit.middleware :as rr]
-   [yetti.adapter :as yt]
-   [yetti.request :as yreq]
-   [yetti.response :as-alias yres]))
+   [ring.request :as rreq]
+   [ring.response :as-alias rres]
+   [yetti.adapter :as yt]))
 
 (declare router-handler)
 
@@ -39,28 +39,31 @@
 ;; HTTP SERVER
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
-(def default-params
-  {::port 6060
-   ::host "0.0.0.0"
-   ::max-body-size 31457280              ; default  30 MiB
-   ::max-multipart-body-size 367001600}) ; default 350 MiB
+(s/def ::handler fn?)
+(s/def ::router some?)
+(s/def ::port integer?)
+(s/def ::host string?)
+(s/def ::name string?)
 
-(defmethod ig/expand-key ::server
-  [k v]
-  {k (merge default-params (d/without-nils v))})
+(s/def ::max-body-size integer?)
+(s/def ::max-multipart-body-size integer?)
+(s/def ::io-threads integer?)
 
-(def ^:private schema:server-params
-  [:map
-   [::port ::sm/int]
-   [::host ::sm/text]
-   [::max-body-size {:optional true} ::sm/int]
-   [::max-multipart-body-size {:optional true} ::sm/int]
-   [::router {:optional true} [:fn r/router?]]
-   [::handler {:optional true} ::sm/fn]])
+(defmethod ig/prep-key ::server
+  [_ cfg]
+  (merge {::port 6060
+          ::host "0.0.0.0"
+          ::max-body-size (* 1024 1024 30)             ; default 30 MiB
+          ::max-multipart-body-size (* 1024 1024 120)} ; default 120 MiB
+         (d/without-nils cfg)))
 
-(defmethod ig/assert-key ::server
-  [_ params]
-  (assert (sm/check schema:server-params params)))
+(defmethod ig/pre-init-spec ::server [_]
+  (s/keys :req [::port ::host]
+          :opt [::max-body-size
+                ::max-multipart-body-size
+                ::router
+                ::handler
+                ::io-threads]))
 
 (defmethod ig/init-key ::server
   [_ {:keys [::handler ::router ::host ::port] :as cfg}]
@@ -97,12 +100,12 @@
 
 (defn- not-found-handler
   [_]
-  {::yres/status 404})
+  {::rres/status 404})
 
 (defn- router-handler
   [router]
   (letfn [(resolve-handler [request]
-            (if-let [match (r/match-by-path router (yreq/path request))]
+            (if-let [match (r/match-by-path router (rreq/path request))]
               (let [params  (:path-params match)
                     result  (:result match)
                     handler (or (:handler result) not-found-handler)
@@ -111,11 +114,11 @@
               (partial not-found-handler request)))
 
           (on-error [cause request]
-            (let [{:keys [::yres/body] :as response} (errors/handle cause request)]
+            (let [{:keys [::rres/body] :as response} (errors/handle cause request)]
               (cond-> response
                 (map? body)
-                (-> (update ::yres/headers assoc "content-type" "application/transit+json")
-                    (assoc ::yres/body (t/encode-str body {:type :json-verbose}))))))]
+                (-> (update ::rres/headers assoc "content-type" "application/transit+json")
+                    (assoc ::rres/body (t/encode-str body {:type :json-verbose}))))))]
 
     (fn [request]
       (let [handler (resolve-handler request)]
@@ -128,26 +131,18 @@
 ;; HTTP ROUTER
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
-(def ^:private schema:routes
-  [:vector :any])
-
-(def ^:private schema:router-params
-  [:map
-   [::ws/routes schema:routes]
-   [::rpc/routes schema:routes]
-   [::rpc.doc/routes schema:routes]
-   [::oidc/routes schema:routes]
-   [::assets/routes schema:routes]
-   [::debug/routes schema:routes]
-   [::mtx/routes schema:routes]
-   [::awsns/routes schema:routes]
-   ::session/manager
-   ::setup/props
-   ::db/pool])
-
-(defmethod ig/assert-key ::router
-  [_ params]
-  (assert (sm/check schema:router-params params)))
+(defmethod ig/pre-init-spec ::router [_]
+  (s/keys :req [::session/manager
+                ::ws/routes
+                ::rpc/routes
+                ::rpc.doc/routes
+                ::oidc/routes
+                ::setup/props
+                ::assets/routes
+                ::debug/routes
+                ::db/pool
+                ::mtx/routes
+                ::awsns/routes]))
 
 (defmethod ig/init-key ::router
   [_ cfg]
@@ -155,10 +150,10 @@
    [["" {:middleware [[mw/server-timing]
                       [mw/params]
                       [mw/format-response]
-                      [session/soft-auth cfg]
-                      [actoken/soft-auth cfg]
                       [mw/parse-request]
                       [mw/errors errors/handle]
+                      [session/soft-auth cfg]
+                      [actoken/soft-auth cfg]
                       [mw/restrict-methods]]}
 
      (::mtx/routes cfg)

backend/src/app/http/access_token.clj

@@ -12,13 +12,13 @@
    [app.main :as-alias main]
    [app.setup :as-alias setup]
    [app.tokens :as tokens]
-   [yetti.request :as yreq]))
+   [ring.request :as rreq]))
 
 (def header-re #"^Token\s+(.*)")
 
 (defn- get-token
   [request]
-  (some->> (yreq/get-header request "authorization")
+  (some->> (rreq/get-header request "authorization")
            (re-matches header-re)
            (second)))
 

backend/src/app/http/assets.clj

@@ -9,12 +9,14 @@
   (:require
    [app.common.data :as d]
    [app.common.exceptions :as ex]
+   [app.common.spec :as us]
    [app.common.uri :as u]
    [app.db :as db]
    [app.storage :as sto]
    [app.util.time :as dt]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]
-   [yetti.response :as-alias yres]))
+   [ring.response :as-alias rres]))
 
 (def ^:private cache-max-age
   (dt/duration {:hours 24}))
@@ -35,8 +37,8 @@
 (defn- serve-object-from-s3
   [{:keys [::sto/storage] :as cfg} obj]
   (let [{:keys [host port] :as url} (sto/get-object-url storage obj {:max-age signature-max-age})]
-    {::yres/status  307
-     ::yres/headers {"location" (str url)
+    {::rres/status  307
+     ::rres/headers {"location" (str url)
                      "x-host"   (cond-> host port (str ":" port))
                      "x-mtype"  (-> obj meta :content-type)
                      "cache-control" (str "max-age=" (inst-ms cache-max-age))}}))
@@ -49,8 +51,8 @@
         headers {"x-accel-redirect" (:path purl)
                  "content-type" (:content-type mdata)
                  "cache-control" (str "max-age=" (inst-ms cache-max-age))}]
-    {::yres/status 204
-     ::yres/headers headers}))
+    {::rres/status 204
+     ::rres/headers headers}))
 
 (defn- serve-object
   "Helper function that returns the appropriate response depending on
@@ -67,7 +69,7 @@
         obj (sto/get-object storage id)]
     (if obj
       (serve-object cfg obj)
-      {::yres/status 404})))
+      {::rres/status 404})))
 
 (defn- generic-handler
   "A generic handler helper/common code for file-media based handlers."
@@ -78,7 +80,7 @@
         sobj (sto/get-object storage (kf mobj))]
     (if sobj
       (serve-object cfg sobj)
-      {::yres/status 404})))
+      {::rres/status 404})))
 
 (defn file-objects-handler
   "Handler that serves storage objects by file media id."
@@ -93,10 +95,11 @@
 
 ;; --- Initialization
 
-(defmethod ig/assert-key ::routes
-  [_ params]
-  (assert (sto/valid-storage? (::sto/storage params)) "expected valid storage instance")
-  (assert (string? (::path params))))
+(s/def ::path ::us/string)
+(s/def ::routes vector?)
+
+(defmethod ig/pre-init-spec ::routes [_]
+  (s/keys :req [::sto/storage  ::path]))
 
 (defmethod ig/init-key ::routes
   [_ cfg]

backend/src/app/http/awsns.clj

@@ -10,7 +10,6 @@
    [app.common.exceptions :as ex]
    [app.common.logging :as l]
    [app.common.pprint :as pp]
-   [app.common.schema :as sm]
    [app.db :as db]
    [app.db.sql :as sql]
    [app.http.client :as http]
@@ -19,29 +18,29 @@
    [app.tokens :as tokens]
    [app.worker :as-alias wrk]
    [clojure.data.json :as j]
+   [clojure.spec.alpha :as s]
    [cuerdas.core :as str]
    [integrant.core :as ig]
    [promesa.exec :as px]
-   [yetti.request :as yreq]
-   [yetti.response :as-alias yres]))
+   [ring.request :as rreq]
+   [ring.response :as-alias rres]))
 
 (declare parse-json)
 (declare handle-request)
 (declare parse-notification)
 (declare process-report)
 
-(defmethod ig/assert-key ::routes
-  [_ params]
-  (assert (http/client? (::http/client params)) "expect a valid http client")
-  (assert (sm/valid? ::setup/props (::setup/props params)) "expected valid setup props")
-  (assert (db/pool? (::db/pool params)) "expect valid database pool"))
+(defmethod ig/pre-init-spec ::routes [_]
+  (s/keys :req [::http/client
+                ::setup/props
+                ::db/pool]))
 
 (defmethod ig/init-key ::routes
   [_ cfg]
   (letfn [(handler [request]
-            (let [data (-> request yreq/body slurp)]
+            (let [data (-> request rreq/body slurp)]
               (px/run! :vthread (partial handle-request cfg data)))
-            {::yres/status 200})]
+            {::rres/status 200})]
     ["/sns" {:handler handler
              :allowed-methods #{:post}}]))
 

backend/src/app/http/client.clj

@@ -7,20 +7,20 @@
 (ns app.http.client
   "Http client abstraction layer."
   (:require
-   [app.common.schema :as sm]
+   [app.common.spec :as us]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]
    [java-http-clj.core :as http]
    [promesa.core :as p])
   (:import
    java.net.http.HttpClient))
 
-(defn client?
-  [o]
-  (instance? HttpClient o))
+(s/def ::client #(instance? HttpClient %))
+(s/def ::client-holder
+  (s/keys :req [::client]))
 
-(sm/register!
- {:type ::client
-  :pred client?})
+(defmethod ig/pre-init-spec ::client [_]
+  (s/keys :req []))
 
 (defmethod ig/init-key ::client
   [_ _]
@@ -30,7 +30,7 @@
 (defn send!
   ([client req] (send! client req {}))
   ([client req {:keys [response-type sync?] :or {response-type :string sync? false}}]
-   (assert (client? client) "expected valid http client")
+   (us/assert! ::client client)
    (if sync?
      (http/send req {:client client :as response-type})
      (try

backend/src/app/http/debug.clj

@@ -7,12 +7,9 @@
 (ns app.http.debug
   (:refer-clojure :exclude [error-handler])
   (:require
-   [app.binfile.common :as bfc]
    [app.binfile.v1 :as bf.v1]
-   [app.binfile.v3 :as bf.v3]
    [app.common.data :as d]
    [app.common.exceptions :as ex]
-   [app.common.features :as cfeat]
    [app.common.logging :as l]
    [app.common.pprint :as pp]
    [app.common.uuid :as uuid]
@@ -22,22 +19,22 @@
    [app.rpc.commands.auth :as auth]
    [app.rpc.commands.files-create :refer [create-file]]
    [app.rpc.commands.profile :as profile]
-   [app.rpc.commands.teams :as teams]
    [app.setup :as-alias setup]
-   [app.srepl.main :as srepl]
+   [app.srepl.helpers :as srepl]
    [app.storage :as-alias sto]
    [app.storage.tmp :as tmp]
    [app.util.blob :as blob]
    [app.util.template :as tmpl]
    [app.util.time :as dt]
+   [clojure.spec.alpha :as s]
    [cuerdas.core :as str]
    [datoteka.io :as io]
    [emoji.core :as emj]
    [integrant.core :as ig]
    [markdown.core :as md]
    [markdown.transformers :as mdt]
-   [yetti.request :as yreq]
-   [yetti.response :as yres]))
+   [ring.request :as rreq]
+   [ring.response :as rres]))
 
 ;; (selmer.parser/cache-off!)
 
@@ -47,10 +44,10 @@
 
 (defn index-handler
   [_cfg _request]
-  {::yres/status  200
-   ::yres/headers {"content-type" "text/html"}
-   ::yres/body    (-> (io/resource "app/templates/debug.tmpl")
-                      (tmpl/render {:version (:full cf/version)}))})
+  {::rres/status  200
+   ::rres/headers {"content-type" "text/html"}
+   ::rres/body    (-> (io/resource "app/templates/debug.tmpl")
+                      (tmpl/render {}))})
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; FILE CHANGES
@@ -59,17 +56,17 @@
 (defn prepare-response
   [body]
   (let [headers {"content-type" "application/transit+json"}]
-    {::yres/status 200
-     ::yres/body body
-     ::yres/headers headers}))
+    {::rres/status 200
+     ::rres/body body
+     ::rres/headers headers}))
 
 (defn prepare-download-response
   [body filename]
   (let [headers {"content-disposition" (str "attachment; filename=" filename)
                  "content-type" "application/octet-stream"}]
-    {::yres/status 200
-     ::yres/body body
-     ::yres/headers headers}))
+    {::rres/status 200
+     ::rres/body body
+     ::rres/headers headers}))
 
 (def sql:retrieve-range-of-changes
   "select revn, changes from file_change where file_id=? and revn >= ? and revn <= ? order by revn")
@@ -111,8 +108,8 @@
                           (db/update! conn :file
                                       {:data data}
                                       {:id file-id})
-                          {::yres/status 201
-                           ::yres/body "OK CREATED"})))
+                          {::rres/status 201
+                           ::rres/body "OK CREATED"})))
 
         :else
         (prepare-response (blob/decode data))))))
@@ -126,7 +123,7 @@
   [{:keys [::db/pool]} {:keys [::session/profile-id params] :as request}]
   (let [profile    (profile/get-profile pool profile-id)
         project-id (:default-project-id profile)
-        data       (some-> params :file :path io/read*)]
+        data       (some-> params :file :path io/read-as-bytes)]
 
     (if (and data project-id)
       (let [fname     (str "Imported file *: " (dt/now))
@@ -141,8 +138,8 @@
                         {:data data
                          :deleted-at nil}
                         {:id file-id})
-            {::yres/status 200
-             ::yres/body "OK UPDATED"})
+            {::rres/status 200
+             ::rres/body "OK UPDATED"})
 
           (db/run! pool (fn [{:keys [::db/conn] :as cfg}]
                           (create-file cfg {:id file-id
@@ -152,15 +149,15 @@
                           (db/update! conn :file
                                       {:data data}
                                       {:id file-id})
-                          {::yres/status 201
-                           ::yres/body "OK CREATED"}))))
+                          {::rres/status 201
+                           ::rres/body "OK CREATED"}))))
 
-      {::yres/status 500
-       ::yres/body "ERROR"})))
+      {::rres/status 500
+       ::rres/body "ERROR"})))
 
 (defn file-data-handler
   [cfg request]
-  (case (yreq/method request)
+  (case (rreq/method request)
     :get (retrieve-file-data cfg request)
     :post (upload-file-data cfg request)
     (ex/raise :type :http
@@ -241,12 +238,12 @@
                      1 (render-template-v1 report)
                      2 (render-template-v2 report)
                      3 (render-template-v3 report))]
-        {::yres/status 200
-         ::yres/body result
-         ::yres/headers {"content-type" "text/html; charset=utf-8"
+        {::rres/status 200
+         ::rres/body result
+         ::rres/headers {"content-type" "text/html; charset=utf-8"
                          "x-robots-tag" "noindex"}})
-      {::yres/status 404
-       ::yres/body "not found"})))
+      {::rres/status 404
+       ::rres/body "not found"})))
 
 (def sql:error-reports
   "SELECT id, created_at,
@@ -259,10 +256,10 @@
   [{:keys [::db/pool]} _request]
   (let [items (->> (db/exec! pool [sql:error-reports])
                    (map #(update % :created-at dt/format-instant :rfc1123)))]
-    {::yres/status 200
-     ::yres/body (-> (io/resource "app/templates/error-list.tmpl")
+    {::rres/status 200
+     ::rres/body (-> (io/resource "app/templates/error-list.tmpl")
                      (tmpl/render {:items items}))
-     ::yres/headers {"content-type" "text/html; charset=utf-8"
+     ::rres/headers {"content-type" "text/html; charset=utf-8"
                      "x-robots-tag" "noindex"}}))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -284,30 +281,29 @@
       (ex/raise :type :validation
                 :code :missing-arguments))
 
-    (let [path (tmp/tempfile :prefix "penpot.export." :min-age "30m")]
+    (let [path (tmp/tempfile :prefix "penpot.export.")]
       (with-open [output (io/output-stream path)]
         (-> cfg
-            (assoc ::bfc/ids file-ids)
-            (assoc ::bfc/embed-assets embed?)
-            (assoc ::bfc/include-libraries libs?)
-            (bf.v3/export-files! output)))
+            (assoc ::bf.v1/ids file-ids)
+            (assoc ::bf.v1/embed-assets embed?)
+            (assoc ::bf.v1/include-libraries libs?)
+            (bf.v1/export-files! output)))
 
       (if clone?
         (let [profile    (profile/get-profile pool profile-id)
               project-id (:default-project-id profile)
               cfg        (assoc cfg
-                                ::bfc/overwrite false
-                                ::bfc/profile-id profile-id
-                                ::bfc/project-id project-id
-                                ::bfc/input path)]
-          (bf.v3/import-files! cfg)
-          {::yres/status  200
-           ::yres/headers {"content-type" "text/plain"}
-           ::yres/body    "OK CLONED"})
+                                ::bf.v1/overwrite false
+                                ::bf.v1/profile-id profile-id
+                                ::bf.v1/project-id project-id)]
+          (bf.v1/import-files! cfg path)
+          {::rres/status  200
+           ::rres/headers {"content-type" "text/plain"}
+           ::rres/body    "OK CLONED"})
 
-        {::yres/status  200
-         ::yres/body    (io/input-stream path)
-         ::yres/headers {"content-type" "application/octet-stream"
+        {::rres/status  200
+         ::rres/body    (io/input-stream path)
+         ::rres/headers {"content-type" "application/octet-stream"
                          "content-disposition" (str "attachmen; filename=" (first file-ids) ".penpot")}}))))
 
 
@@ -320,30 +316,24 @@
 
   (let [profile    (profile/get-profile pool profile-id)
         project-id (:default-project-id profile)
-        team       (teams/get-team pool
-                                   :profile-id profile-id
-                                   :project-id project-id)]
+        overwrite? (contains? params :overwrite)
+        migrate?   (contains? params :migrate)]
 
     (when-not project-id
       (ex/raise :type :validation
                 :code :missing-project
                 :hint "project not found"))
 
-    (let [path   (-> params :file :path)
-          format (bfc/parse-file-format path)
-          cfg    (assoc cfg
-                        ::bfc/profile-id profile-id
-                        ::bfc/project-id project-id
-                        ::bfc/input path
-                        ::bfc/features (cfeat/get-team-enabled-features cf/flags team))]
-
-      (if (= format :binfile-v3)
-        (bf.v3/import-files! cfg)
-        (bf.v1/import-files! cfg))
-
-      {::yres/status  200
-       ::yres/headers {"content-type" "text/plain"}
-       ::yres/body    "OK"})))
+    (let [path (-> params :file :path)
+          cfg  (assoc cfg
+                      ::bf.v1/overwrite overwrite?
+                      ::bf.v1/migrate migrate?
+                      ::bf.v1/profile-id profile-id
+                      ::bf.v1/project-id project-id)]
+      (bf.v1/import-files! cfg path)
+      {::rres/status  200
+       ::rres/headers {"content-type" "text/plain"}
+       ::rres/body    "OK"})))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; ACTIONS
@@ -373,34 +363,34 @@
                           (db/update! conn :profile {:is-blocked true} {:id (:id profile)})
                           (db/delete! conn :http-session {:profile-id (:id profile)})
 
-                          {::yres/status  200
-                           ::yres/headers {"content-type" "text/plain"}
-                           ::yres/body    (str/ffmt "PROFILE '%' BLOCKED" (:email profile))})
+                          {::rres/status  200
+                           ::rres/headers {"content-type" "text/plain"}
+                           ::rres/body    (str/ffmt "PROFILE '%' BLOCKED" (:email profile))})
 
                         (contains? params :unblock)
                         (do
                           (db/update! conn :profile {:is-blocked false} {:id (:id profile)})
-                          {::yres/status  200
-                           ::yres/headers {"content-type" "text/plain"}
-                           ::yres/body    (str/ffmt "PROFILE '%' UNBLOCKED" (:email profile))})
+                          {::rres/status  200
+                           ::rres/headers {"content-type" "text/plain"}
+                           ::rres/body    (str/ffmt "PROFILE '%' UNBLOCKED" (:email profile))})
 
                         (contains? params :resend)
                         (if (:is-blocked profile)
-                          {::yres/status  200
-                           ::yres/headers {"content-type" "text/plain"}
-                           ::yres/body    "PROFILE ALREADY BLOCKED"}
+                          {::rres/status  200
+                           ::rres/headers {"content-type" "text/plain"}
+                           ::rres/body    "PROFILE ALREADY BLOCKED"}
                           (do
                             (#'auth/send-email-verification! cfg profile)
-                            {::yres/status  200
-                             ::yres/headers {"content-type" "text/plain"}
-                             ::yres/body    (str/ffmt "RESENDED FOR '%'" (:email profile))}))
+                            {::rres/status  200
+                             ::rres/headers {"content-type" "text/plain"}
+                             ::rres/body    (str/ffmt "RESENDED FOR '%'" (:email profile))}))
 
                         :else
                         (do
                           (db/update! conn :profile {:is-active true} {:id (:id profile)})
-                          {::yres/status  200
-                           ::yres/headers {"content-type" "text/plain"}
-                           ::yres/body    (str/ffmt "PROFILE '%' ACTIVATED" (:email profile))}))))))
+                          {::rres/status  200
+                           ::rres/headers {"content-type" "text/plain"}
+                           ::rres/body    (str/ffmt "PROFILE '%' ACTIVATED" (:email profile))}))))))
 
 
 (defn- reset-file-version
@@ -425,55 +415,11 @@
 
     (db/tx-run! cfg srepl/process-file! file-id #(assoc % :version version))
 
-    {::yres/status  200
-     ::yres/headers {"content-type" "text/plain"}
-     ::yres/body    "OK"}))
+    {::rres/status  200
+     ::rres/headers {"content-type" "text/plain"}
+     ::rres/body    "OK"}))
 
 
-(defn- add-team-feature
-  [{:keys [params] :as request}]
-  (let [team-id (some-> params :team-id d/parse-uuid)
-        feature (some-> params :feature str)
-        skip-check (contains? params :skip-check)]
-
-    (when-not (contains? params :force)
-      (ex/raise :type :validation
-                :code :missing-force
-                :hint "missing force checkbox"))
-
-    (when (nil? team-id)
-      (ex/raise :type :validation
-                :code :invalid-team-id
-                :hint "provided invalid team id"))
-
-    (srepl/enable-team-feature! team-id feature :skip-check skip-check)
-
-    {::yres/status  200
-     ::yres/headers {"content-type" "text/plain"}
-     ::yres/body    "OK"}))
-
-(defn- remove-team-feature
-  [{:keys [params] :as request}]
-  (let [team-id   (some-> params :team-id d/parse-uuid)
-        feature   (some-> params :feature str)
-        skip-check (contains? params :skip-check)]
-
-    (when-not (contains? params :force)
-      (ex/raise :type :validation
-                :code :missing-force
-                :hint "missing force checkbox"))
-
-    (when (nil? team-id)
-      (ex/raise :type :validation
-                :code :invalid-team-id
-                :hint "provided invalid team id"))
-
-    (srepl/disable-team-feature! team-id feature :skip-check skip-check)
-
-    {::yres/status  200
-     ::yres/headers {"content-type" "text/plain"}
-     ::yres/body    "OK"}))
-
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; OTHER SMALL VIEWS/HANDLERS
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
@@ -483,13 +429,13 @@
   [{:keys [::db/pool]} _]
   (try
     (db/exec-one! pool ["select count(*) as count from server_prop;"])
-    {::yres/status 200
-     ::yres/body "OK"}
+    {::rres/status 200
+     ::rres/body "OK"}
     (catch Throwable cause
       (l/warn :hint "unable to execute query on health handler"
               :cause cause)
-      {::yres/status 503
-       ::yres/body "KO"})))
+      {::rres/status 503
+       ::rres/body "KO"})))
 
 (defn changelog-handler
   [_ _]
@@ -498,11 +444,11 @@
           (md->html [text]
             (md/md-to-html-string text :replacement-transformers (into [transform-emoji] mdt/transformer-vector)))]
     (if-let [clog (io/resource "changelog.md")]
-      {::yres/status 200
-       ::yres/headers {"content-type" "text/html; charset=utf-8"}
-       ::yres/body (-> clog slurp md->html)}
-      {::yres/status 404
-       ::yres/body "NOT FOUND"})))
+      {::rres/status 200
+       ::rres/headers {"content-type" "text/html; charset=utf-8"}
+       ::rres/body (-> clog slurp md->html)}
+      {::rres/status 404
+       ::rres/body "NOT FOUND"})))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; INIT
@@ -525,10 +471,8 @@
            (ex/raise :type :authentication
                      :code :only-admins-allowed)))))})
 
-(defmethod ig/assert-key ::routes
-  [_ params]
-  (assert (db/pool? (::db/pool params)) "expected a valid database pool")
-  (assert (session/manager? (::session/manager params)) "expected a valid session manager"))
+(defmethod ig/pre-init-spec ::routes [_]
+  (s/keys :req [::db/pool ::session/manager]))
 
 (defmethod ig/init-key ::routes
   [_ {:keys [::db/pool] :as cfg}]
@@ -544,10 +488,6 @@
      {:handler (partial resend-email-notification cfg)}]
     ["/actions/reset-file-version"
      {:handler (partial reset-file-version cfg)}]
-    ["/actions/add-team-feature"
-     {:handler (partial add-team-feature)}]
-    ["/actions/remove-team-feature"
-     {:handler (partial remove-team-feature)}]
     ["/file/export" {:handler (partial export-handler cfg)}]
     ["/file/import" {:handler (partial import-handler cfg)}]
     ["/file/data" {:handler (partial file-data-handler cfg)}]

backend/src/app/http/errors.clj

@@ -16,8 +16,8 @@
    [app.http.session :as-alias session]
    [app.util.inet :as inet]
    [clojure.spec.alpha :as s]
-   [yetti.request :as yreq]
-   [yetti.response :as yres]))
+   [ring.request :as rreq]
+   [ring.response :as rres]))
 
 (defn request->context
   "Extracts error report relevant context data from request."
@@ -25,13 +25,14 @@
   (let [claims (-> {}
                    (into (::session/token-claims request))
                    (into (::actoken/token-claims request)))]
+
     {:request/path       (:path request)
      :request/method     (:method request)
      :request/params     (:params request)
-     :request/user-agent (yreq/get-header request "user-agent")
+     :request/user-agent (rreq/get-header request "user-agent")
      :request/ip-addr    (inet/parse-request request)
      :request/profile-id (:uid claims)
-     :version/frontend   (or (yreq/get-header request "x-frontend-version") "unknown")
+     :version/frontend   (or (rreq/get-header request "x-frontend-version") "unknown")
      :version/backend    (:full cf/version)}))
 
 
@@ -45,38 +46,34 @@
 
 (defmethod handle-error :authentication
   [err _ _]
-  {::yres/status 401
-   ::yres/body (ex-data err)})
+  {::rres/status 401
+   ::rres/body (ex-data err)})
 
 (defmethod handle-error :authorization
   [err _ _]
-  {::yres/status 403
-   ::yres/body (ex-data err)})
+  {::rres/status 403
+   ::rres/body (ex-data err)})
 
 (defmethod handle-error :restriction
-  [err request _]
+  [err _ _]
   (let [{:keys [code] :as data} (ex-data err)]
     (if (= code :method-not-allowed)
-      {::yres/status 405
-       ::yres/body data}
-
-      (binding [l/*context* (request->context request)]
-        (l/err :hint "restriction error"
-               :cause err)
-        {::yres/status 400
-         ::yres/body data}))))
+      {::rres/status 405
+       ::rres/body data}
+      {::rres/status 400
+       ::rres/body data})))
 
 (defmethod handle-error :rate-limit
   [err _ _]
   (let [headers (-> err ex-data ::http/headers)]
-    {::yres/status 429
-     ::yres/headers headers}))
+    {::rres/status 429
+     ::rres/headers headers}))
 
 (defmethod handle-error :concurrency-limit
   [err _ _]
   (let [headers (-> err ex-data ::http/headers)]
-    {::yres/status 429
-     ::yres/headers headers}))
+    {::rres/status 429
+     ::rres/headers headers}))
 
 (defmethod handle-error :validation
   [err request parent-cause]
@@ -87,26 +84,22 @@
           (= code :schema-validation)
           (= code :data-validation))
       (let [explain (ex/explain data)]
-        {::yres/status 400
-         ::yres/body   (-> data
+        {::rres/status 400
+         ::rres/body   (-> data
                            (dissoc ::s/problems ::s/value ::s/spec ::sm/explain)
                            (cond-> explain (assoc :explain explain)))})
 
-      (= code :vern-conflict)
-      {::yres/status 409 ;; 409 - Conflict
-       ::yres/body data}
-
       (= code :request-body-too-large)
-      {::yres/status 413 ::yres/body data}
+      {::rres/status 413 ::rres/body data}
 
       (= code :invalid-image)
       (binding [l/*context* (request->context request)]
         (let [cause (or parent-cause err)]
-          (l/warn :hint "image process error" :cause cause)
-          {::yres/status 400 ::yres/body data}))
+          (l/warn :hint "unexpected error on processing image" :cause cause)
+          {::rres/status 400 ::rres/body data}))
 
       :else
-      {::yres/status 400 ::yres/body data})))
+      {::rres/status 400 ::rres/body data})))
 
 (defmethod handle-error :assertion
   [error request parent-cause]
@@ -117,47 +110,46 @@
         (= code :data-validation)
         (let [explain (ex/explain data)]
           (l/error :hint "data assertion error" :cause cause)
-          {::yres/status 500
-           ::yres/body   (-> data
-                             (dissoc ::sm/explain)
-                             (cond-> explain (assoc :explain explain))
-                             (assoc :type :server-error)
-                             (assoc :code :assertion))})
+          {::rres/status 500
+           ::rres/body   {:type :server-error
+                          :code :assertion
+                          :data (-> data
+                                    (dissoc ::sm/explain)
+                                    (cond-> explain (assoc :explain explain)))}})
 
         (= code :spec-validation)
         (let [explain (ex/explain data)]
           (l/error :hint "spec assertion error" :cause cause)
-          {::yres/status 500
-           ::yres/body   (-> data
-                             (dissoc ::s/problems ::s/value ::s/spec)
-                             (cond-> explain (assoc :explain explain))
-                             (assoc :type :server-error)
-                             (assoc :code :assertion))})
+          {::rres/status 500
+           ::rres/body   {:type :server-error
+                          :code :assertion
+                          :data (-> data
+                                    (dissoc ::s/problems ::s/value ::s/spec)
+                                    (cond-> explain (assoc :explain explain)))}})
 
         :else
         (do
           (l/error :hint "assertion error" :cause cause)
-          {::yres/status 500
-           ::yres/body   (-> data
-                             (assoc :type :server-error)
-                             (assoc :code :assertion))})))))
+          {::rres/status 500
+           ::rres/body   {:type :server-error
+                          :code :assertion
+                          :data data}})))))
 
 (defmethod handle-error :not-found
   [err _ _]
-  {::yres/status 404
-   ::yres/body (ex-data err)})
+  {::rres/status 404
+   ::rres/body (ex-data err)})
 
 (defmethod handle-error :internal
   [error request parent-cause]
   (binding [l/*context* (request->context request)]
-    (let [cause (or parent-cause error)
-          data  (ex-data error)]
+    (let [cause (or parent-cause error)]
       (l/error :hint "internal error" :cause cause)
-      {::yres/status 500
-       ::yres/body (-> data
-                       (assoc :type :server-error)
-                       (update :code #(or % :unhandled))
-                       (assoc :hint (ex-message error)))})))
+      {::rres/status 500
+       ::rres/body {:type :server-error
+                    :code :unhandled
+                    :hint (ex-message error)
+                    :data (ex-data error)}})))
 
 (defmethod handle-error :default
   [error request parent-cause]
@@ -177,24 +169,24 @@
   (let [state (.getSQLState ^java.sql.SQLException error)
         cause (or parent-cause error)]
     (binding [l/*context* (request->context request)]
-      (l/error :hint "postgresql error"
+      (l/error :hint "PSQL error"
                :cause cause)
       (cond
         (= state "57014")
-        {::yres/status 504
-         ::yres/body {:type :server-error
+        {::rres/status 504
+         ::rres/body {:type :server-error
                       :code :statement-timeout
                       :hint (ex-message error)}}
 
         (= state "25P03")
-        {::yres/status 504
-         ::yres/body {:type :server-error
+        {::rres/status 504
+         ::rres/body {:type :server-error
                       :code :idle-in-transaction-timeout
                       :hint (ex-message error)}}
 
         :else
-        {::yres/status 500
-         ::yres/body {:type :server-error
+        {::rres/status 500
+         ::rres/body {:type :server-error
                       :code :unexpected
                       :hint (ex-message error)
                       :state state}}))))
@@ -208,25 +200,25 @@
       (nil? edata)
       (binding [l/*context* (request->context request)]
         (l/error :hint "unexpected error" :cause cause)
-        {::yres/status 500
-         ::yres/body {:type :server-error
+        {::rres/status 500
+         ::rres/body {:type :server-error
                       :code :unexpected
                       :hint (ex-message error)}})
 
       :else
       (binding [l/*context* (request->context request)]
         (l/error :hint "unhandled error" :cause cause)
-        {::yres/status 500
-         ::yres/body (-> edata
-                         (assoc :type :server-error)
-                         (update :code #(or % :unhandled))
-                         (assoc :hint (ex-message error)))}))))
+        {::rres/status 500
+         ::rres/body {:type :server-error
+                      :code :unhandled
+                      :hint (ex-message error)
+                      :data edata}}))))
 
 (defmethod handle-exception java.io.IOException
   [cause _ _]
   (l/wrn :hint "io exception" :cause cause)
-  {::yres/status 500
-   ::yres/body {:type :server-error
+  {::rres/status 500
+   ::rres/body {:type :server-error
                 :code :io-exception
                 :hint (ex-message cause)}})
 
@@ -252,4 +244,4 @@
 
 (defn handle'
   [cause request]
-  (::yres/body (handle cause request)))
+  (::rres/body (handle cause request)))

backend/src/app/http/middleware.clj

@@ -15,10 +15,10 @@
    [app.http.errors :as errors]
    [app.util.pointer-map :as pmap]
    [cuerdas.core :as str]
+   [ring.request :as rreq]
+   [ring.response :as rres]
    [yetti.adapter :as yt]
-   [yetti.middleware :as ymw]
-   [yetti.request :as yreq]
-   [yetti.response :as yres])
+   [yetti.middleware :as ymw])
   (:import
    io.undertow.server.RequestTooBigException
    java.io.InputStream
@@ -37,17 +37,17 @@
 (defn- get-reader
   ^java.io.BufferedReader
   [request]
-  (let [^InputStream body (yreq/body request)]
+  (let [^InputStream body (rreq/body request)]
     (java.io.BufferedReader.
      (java.io.InputStreamReader. body))))
 
 (defn wrap-parse-request
   [handler]
   (letfn [(process-request [request]
-            (let [header (yreq/get-header request "content-type")]
+            (let [header (rreq/get-header request "content-type")]
               (cond
                 (str/starts-with? header "application/transit+json")
-                (with-open [^InputStream is (yreq/body request)]
+                (with-open [^InputStream is (rreq/body request)]
                   (let [params (t/read! (t/reader is))]
                     (-> request
                         (assoc :body-params params)
@@ -85,7 +85,7 @@
               (errors/handle cause request)))]
 
     (fn [request]
-      (if (= (yreq/method request) :post)
+      (if (= (rreq/method request) :post)
         (try
           (-> request process-request handler)
           (catch Throwable cause
@@ -113,53 +113,57 @@
 
 (defn wrap-format-response
   [handler]
-  (letfn [(transit-streamable-body [data opts _ output-stream]
-            (try
-              (with-open [^OutputStream bos (buffered-output-stream output-stream buffer-size)]
-                (let [tw (t/writer bos opts)]
-                  (t/write! tw data)))
-              (catch java.io.IOException _)
-              (catch Throwable cause
-                (binding [l/*context* {:value data}]
-                  (l/error :hint "unexpected error on encoding response"
-                           :cause cause)))
-              (finally
-                (.close ^OutputStream output-stream))))
+  (letfn [(transit-streamable-body [data opts]
+            (reify rres/StreamableResponseBody
+              (-write-body-to-stream [_ _ output-stream]
+                (try
+                  (with-open [^OutputStream bos (buffered-output-stream output-stream buffer-size)]
+                    (let [tw (t/writer bos opts)]
+                      (t/write! tw data)))
+                  (catch java.io.IOException _)
+                  (catch Throwable cause
+                    (binding [l/*context* {:value data}]
+                      (l/error :hint "unexpected error on encoding response"
+                               :cause cause)))
+                  (finally
+                    (.close ^OutputStream output-stream))))))
 
-          (json-streamable-body [data _ output-stream]
-            (try
-              (let [encode (or (-> data meta :encode/json) identity)
-                    data   (encode data)]
-                (with-open [^OutputStream bos (buffered-output-stream output-stream buffer-size)]
-                  (with-open [^java.io.OutputStreamWriter writer (java.io.OutputStreamWriter. bos)]
-                    (json/write writer data :key-fn json/write-camel-key :value-fn write-json-value))))
-              (catch java.io.IOException _)
-              (catch Throwable cause
-                (binding [l/*context* {:value data}]
-                  (l/error :hint "unexpected error on encoding response"
-                           :cause cause)))
-              (finally
-                (.close ^OutputStream output-stream))))
+          (json-streamable-body [data]
+            (reify rres/StreamableResponseBody
+              (-write-body-to-stream [_ _ output-stream]
+                (try
+                  (let [encode (or (-> data meta :encode/json) identity)
+                        data   (encode data)]
+                    (with-open [^OutputStream bos (buffered-output-stream output-stream buffer-size)]
+                      (with-open [^java.io.OutputStreamWriter writer (java.io.OutputStreamWriter. bos)]
+                        (json/write writer data :key-fn json/write-camel-key :value-fn write-json-value))))
+                  (catch java.io.IOException _)
+                  (catch Throwable cause
+                    (binding [l/*context* {:value data}]
+                      (l/error :hint "unexpected error on encoding response"
+                               :cause cause)))
+                  (finally
+                    (.close ^OutputStream output-stream))))))
 
           (format-response-with-json [response _]
-            (let [body (::yres/body response)]
+            (let [body (::rres/body response)]
               (if (or (boolean? body) (coll? body))
                 (-> response
-                    (update ::yres/headers assoc "content-type" "application/json")
-                    (assoc ::yres/body (yres/stream-body (partial json-streamable-body body))))
+                    (update ::rres/headers assoc "content-type" "application/json")
+                    (assoc ::rres/body (json-streamable-body body)))
                 response)))
 
           (format-response-with-transit [response request]
-            (let [body (::yres/body response)]
+            (let [body (::rres/body response)]
               (if (or (boolean? body) (coll? body))
-                (let [qs   (yreq/query request)
+                (let [qs   (rreq/query request)
                       opts (if (or (contains? cf/flags :transit-readable-response)
                                    (str/includes? qs "transit_verbose"))
                              {:type :json-verbose}
                              {:type :json})]
                   (-> response
-                      (update ::yres/headers assoc "content-type" "application/transit+json")
-                      (assoc ::yres/body (yres/stream-body (partial transit-streamable-body body opts)))))
+                      (update ::rres/headers assoc "content-type" "application/transit+json")
+                      (assoc ::rres/body (transit-streamable-body body opts))))
                 response)))
 
           (format-from-params [{:keys [query-params] :as request}]
@@ -168,7 +172,7 @@
 
           (format-response [response request]
             (let [accept (or (format-from-params request)
-                             (yreq/get-header request "accept"))]
+                             (rreq/get-header request "accept"))]
               (cond
                 (or (= accept "application/transit+json")
                     (str/includes? accept "application/transit+json"))
@@ -217,11 +221,11 @@
 (defn wrap-cors
   [handler]
   (fn [request]
-    (let [response (if (= (yreq/method request) :options)
-                     {::yres/status 200}
+    (let [response (if (= (rreq/method request) :options)
+                     {::rres/status 200}
                      (handler request))
-          origin   (yreq/get-header request "origin")]
-      (update response ::yres/headers with-cors-headers origin))))
+          origin   (rreq/get-header request "origin")]
+      (update response ::rres/headers with-cors-headers origin))))
 
 (def cors
   {:name ::cors
@@ -236,7 +240,7 @@
      (when-let [allowed (:allowed-methods data)]
        (fn [handler]
          (fn [request]
-           (let [method (yreq/method request)]
+           (let [method (rreq/method request)]
              (if (contains? allowed method)
                (handler request)
-               {::yres/status 405}))))))})
+               {::rres/status 405}))))))})

backend/src/app/http/session.clj

@@ -9,7 +9,7 @@
   (:require
    [app.common.data :as d]
    [app.common.logging :as l]
-   [app.common.schema :as sm]
+   [app.common.spec :as us]
    [app.common.uri :as u]
    [app.config :as cf]
    [app.db :as db]
@@ -19,9 +19,11 @@
    [app.setup :as-alias setup]
    [app.tokens :as tokens]
    [app.util.time :as dt]
+   [clojure.spec.alpha :as s]
    [cuerdas.core :as str]
    [integrant.core :as ig]
-   [yetti.request :as yreq]))
+   [ring.request :as rreq]
+   [yetti.request :as yrq]))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; DEFAULTS
@@ -50,32 +52,21 @@
   (update! [_ data])
   (delete! [_ key]))
 
-(defn manager?
-  [o]
-  (satisfies? ISessionManager o))
-
-(sm/register!
- {:type ::manager
-  :pred manager?})
+(s/def ::manager #(satisfies? ISessionManager %))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; STORAGE IMPL
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
-(def ^:private schema:params
-  [:map {:title "session-params"}
-   [:user-agent ::sm/text]
-   [:profile-id ::sm/uuid]
-   [:created-at ::sm/inst]])
-
-(def ^:private valid-params?
-  (sm/validator schema:params))
+(s/def ::session-params
+  (s/keys :req-un [::user-agent
+                   ::profile-id
+                   ::created-at]))
 
 (defn- prepare-session-params
   [key params]
-  (assert (string? key) "expected key to be a string")
-  (assert (not (str/blank? key)) "expected key to be not empty")
-  (assert (valid-params? params) "expected valid params")
+  (us/assert! ::us/not-empty-string key)
+  (us/assert! ::session-params params)
 
   {:user-agent (:user-agent params)
    :profile-id (:profile-id params)
@@ -126,9 +117,8 @@
         (swap! cache dissoc token)
         nil))))
 
-(defmethod ig/assert-key ::manager
-  [_ params]
-  (assert (db/pool? (::db/pool params)) "expect valid database pool"))
+(defmethod ig/pre-init-spec ::manager [_]
+  (s/keys :req [::db/pool]))
 
 (defmethod ig/init-key ::manager
   [_ {:keys [::db/pool]}]
@@ -151,11 +141,11 @@
 
 (defn create-fn
   [{:keys [::manager ::setup/props]} profile-id]
-  (assert (manager? manager) "expected valid session manager")
-  (assert (uuid? profile-id) "expected valid uuid for profile-id")
+  (us/assert! ::manager manager)
+  (us/assert! ::us/uuid profile-id)
 
   (fn [request response]
-    (let [uagent  (yreq/get-header request "user-agent")
+    (let [uagent  (rreq/get-header request "user-agent")
           params  {:profile-id profile-id
                    :user-agent uagent
                    :created-at (dt/now)}
@@ -168,10 +158,10 @@
 
 (defn delete-fn
   [{:keys [::manager]}]
-  (assert (manager? manager) "expected valid session manager")
+  (us/assert! ::manager manager)
   (fn [request response]
     (let [cname   (cf/get :auth-token-cookie-name default-auth-token-cookie-name)
-          cookie  (yreq/get-cookie request cname)]
+          cookie  (yrq/get-cookie request cname)]
       (l/trace :hint "delete" :profile-id (:profile-id request))
       (some->> (:value cookie) (delete! manager))
       (-> response
@@ -193,7 +183,7 @@
 (defn- get-token
   [request]
   (let [cname  (cf/get :auth-token-cookie-name default-auth-token-cookie-name)
-        cookie (some-> (yreq/get-cookie request cname) :value)]
+        cookie (some-> (yrq/get-cookie request cname) :value)]
     (when-not (str/empty? cookie)
       cookie)))
 
@@ -209,7 +199,7 @@
 
 (defn- wrap-soft-auth
   [handler {:keys [::manager ::setup/props]}]
-  (assert (manager? manager) "expected valid session manager")
+  (us/assert! ::manager manager)
   (letfn [(handle-request [request]
             (try
               (let [token  (get-token request)
@@ -227,7 +217,7 @@
 
 (defn- wrap-authz
   [handler {:keys [::manager]}]
-  (assert (manager? manager) "expected valid session manager")
+  (us/assert! ::manager manager)
   (fn [request]
     (let [session  (get-session manager (::token request))
           request  (cond-> request
@@ -318,17 +308,16 @@
 ;; TASK: SESSION GC
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
-;; FIXME: MOVE
+(s/def ::tasks/max-age ::dt/duration)
 
-(defmethod ig/assert-key ::tasks/gc
-  [_ params]
-  (assert (db/pool? (::db/pool params)) "expected valid database pool")
-  (assert (dt/duration? (::tasks/max-age params))))
+(defmethod ig/pre-init-spec ::tasks/gc [_]
+  (s/keys :req [::db/pool]
+          :opt [::tasks/max-age]))
 
-(defmethod ig/expand-key ::tasks/gc
-  [k v]
+(defmethod ig/prep-key ::tasks/gc
+  [_ cfg]
   (let [max-age (cf/get :auth-token-cookie-max-age default-cookie-max-age)]
-    {k (merge {::tasks/max-age max-age} (d/without-nils v))}))
+    (merge {::tasks/max-age max-age} (d/without-nils cfg))))
 
 (def ^:private
   sql:delete-expired
@@ -337,17 +326,16 @@
        or (updated_at is null and
            created_at < now() - ?::interval)")
 
-(defn- collect-expired-tasks
-  [{:keys [::db/conn ::tasks/max-age]}]
-  (let [interval (db/interval max-age)
-        result   (db/exec-one! conn [sql:delete-expired interval interval])
-        result   (:next.jdbc/update-count result)]
-    (l/debug :task "gc"
-             :hint "clean http sessions"
-             :deleted result)
-    result))
-
 (defmethod ig/init-key ::tasks/gc
-  [_ {:keys [::tasks/max-age] :as cfg}]
+  [_ {:keys [::db/pool ::tasks/max-age] :as cfg}]
   (l/debug :hint "initializing session gc task" :max-age max-age)
-  (fn [_] (db/tx-run! cfg collect-expired-tasks)))
+  (fn [_]
+    (db/with-atomic [conn pool]
+      (let [interval (db/interval max-age)
+            result   (db/exec-one! conn [sql:delete-expired interval interval])
+            result   (:next.jdbc/update-count result)]
+        (l/debug :task "gc"
+                 :hint "clean http sessions"
+                 :deleted result)
+        result))))
+

backend/src/app/http/sse.clj

@@ -16,7 +16,7 @@
    [promesa.exec :as px]
    [promesa.exec.csp :as sp]
    [promesa.util :as pu]
-   [yetti.response :as yres])
+   [ring.response :as rres])
   (:import
    java.io.OutputStream))
 
@@ -49,24 +49,21 @@
 (defn response
   [handler & {:keys [buf] :or {buf 32} :as opts}]
   (fn [request]
-    {::yres/headers default-headers
-     ::yres/status 200
-     ::yres/body (yres/stream-body
-                  (fn [_ output]
-                    (let [channel  (sp/chan :buf buf :xf (keep encode))
-                          listener (events/start-listener
-                                    channel
-                                    (partial write! output)
-                                    (partial pu/close! output))]
-                      (try
-                        (binding [events/*channel* channel]
-                          (let [result (handler)]
-                            (events/tap :end result)))
-
-                        (catch Throwable cause
-                          (let [result (errors/handle' cause request)]
-                            (events/tap channel :error result)))
-
-                        (finally
-                          (sp/close! channel)
-                          (px/await! listener))))))}))
+    {::rres/headers default-headers
+     ::rres/status 200
+     ::rres/body (reify rres/StreamableResponseBody
+                   (-write-body-to-stream [_ _ output]
+                     (binding [events/*channel* (sp/chan :buf buf :xf (keep encode))]
+                       (let [listener (events/start-listener
+                                       (partial write! output)
+                                       (partial pu/close! output))]
+                         (try
+                           (let [result (handler)]
+                             (events/tap :end result))
+                           (catch Throwable cause
+                             (l/err :hint "unexpected error on processing sse response"
+                                    :cause cause)
+                             (events/tap :error (errors/handle' cause request)))
+                           (finally
+                             (sp/close! events/*channel*)
+                             (px/await! listener)))))))}))

backend/src/app/http/websocket.clj

@@ -18,8 +18,10 @@
    [app.msgbus :as mbus]
    [app.util.time :as dt]
    [app.util.websocket :as ws]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]
    [promesa.exec.csp :as sp]
+   [ring.websocket :as rws]
    [yetti.websocket :as yws]))
 
 (def recv-labels
@@ -111,6 +113,7 @@
         fsub (::file-subscription @state)
         tsub (::team-subscription @state)
         msg  {:type :disconnect
+              :subs-id profile-id
               :profile-id profile-id
               :session-id session-id}]
 
@@ -135,7 +138,9 @@
   (l/trace :fn "handle-message" :event "subscribe-team" :team-id team-id :conn-id id)
   (let [prev-subs (get @state ::team-subscription)
         channel   (sp/chan :buf (sp/dropping-buffer 64)
-                           :xf  (remove #(= (:session-id %) session-id)))]
+                           :xf  (comp
+                                 (remove #(= (:session-id %) session-id))
+                                 (map #(assoc % :subs-id team-id))))]
 
     (sp/pipe channel output-ch false)
     (mbus/sub! msgbus :topic team-id :chan channel)
@@ -154,7 +159,8 @@
   (l/trace :fn "handle-message" :event "subscribe-file" :file-id file-id :conn-id id)
   (let [psub (::file-subscription @state)
         fch  (sp/chan :buf (sp/dropping-buffer 64)
-                      :xf  (remove #(= (:session-id %) session-id)))]
+                      :xf  (comp (remove #(= (:session-id %) session-id))
+                                 (map #(assoc % :subs-id file-id))))]
 
     (let [subs {:file-id file-id :channel fch :topic file-id}]
       (swap! state assoc ::file-subscription subs))
@@ -185,6 +191,7 @@
     ;; Notifify the rest of participants of the new connection.
     (let [message {:type :join-file
                    :file-id file-id
+                   :subs-id file-id
                    :session-id session-id
                    :profile-id profile-id}]
       (mbus/pub! msgbus :topic file-id :message message))))
@@ -271,18 +278,25 @@
             :inc 1)
   message)
 
+(def ^:private schema:params
+  [:map {:title "params"}
+   [:session-id ::sm/uuid]])
+
+(def ^:private decode-params
+  (sm/decoder schema:params sm/json-transformer))
+
+(def ^:private validate-params!
+  (sm/validate-fn schema:params))
+
 (defn- http-handler
   [cfg {:keys [params ::session/profile-id] :as request}]
-  (let [session-id (some-> params :session-id uuid/parse*)]
-    (when-not (uuid? session-id)
-      (ex/raise :type :validation
-                :code :missing-session-id
-                :hint "missing or invalid session-id found"))
-
+  (let [{:keys [session-id]} (-> params
+                                 decode-params
+                                 validate-params!)]
     (cond
       (not profile-id)
       (ex/raise :type :authentication
-                :hint "authentication required")
+                :hint "Authentication required.")
 
       ;; WORKAROUND: we use the adapter specific predicate for
       ;; performance reasons; for now, the ring default impl for
@@ -296,7 +310,7 @@
       :else
       (do
         (l/trace :hint "websocket request" :profile-id profile-id :session-id session-id)
-        {::yws/listener (ws/listener request
+        {::rws/listener (ws/listener request
                                      ::ws/on-rcv-message (partial on-rcv-message cfg)
                                      ::ws/on-snd-message (partial on-snd-message cfg)
                                      ::ws/on-connect (partial on-connect cfg)
@@ -304,17 +318,13 @@
                                      ::profile-id profile-id
                                      ::session-id session-id)}))))
 
+(defmethod ig/pre-init-spec ::routes [_]
+  (s/keys :req [::mbus/msgbus
+                ::mtx/metrics
+                ::db/pool
+                ::session/manager]))
 
-(def ^:private schema:routes-params
-  [:map
-   ::mbus/msgbus
-   ::mtx/metrics
-   ::db/pool
-   ::session/manager])
-
-(defmethod ig/assert-key ::routes
-  [_ params]
-  (assert (sm/valid? schema:routes-params params)))
+(s/def ::routes vector?)
 
 (defmethod ig/init-key ::routes
   [_ cfg]

backend/src/app/loggers/audit.clj

@@ -10,7 +10,7 @@
    [app.common.data :as d]
    [app.common.data.macros :as dm]
    [app.common.logging :as l]
-   [app.common.schema :as sm]
+   [app.common.spec :as us]
    [app.common.uuid :as uuid]
    [app.config :as cf]
    [app.db :as db]
@@ -25,7 +25,9 @@
    [app.util.services :as-alias sv]
    [app.util.time :as dt]
    [app.worker :as wrk]
-   [cuerdas.core :as str]))
+   [clojure.spec.alpha :as s]
+   [cuerdas.core :as str]
+   [integrant.core :as ig]))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; HELPERS
@@ -93,38 +95,55 @@
 ;; --- SPECS
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; COLLECTOR API
+;; COLLECTOR
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
 ;; Defines a service that collects the audit/activity log using
 ;; internal database. Later this audit log can be transferred to
 ;; an external storage and data cleared.
 
-(def ^:private schema:event
-  [:map {:title "event"}
-   [::type ::sm/text]
-   [::name ::sm/text]
-   [::profile-id ::sm/uuid]
-   [::ip-addr {:optional true} ::sm/text]
-   [::props {:optional true} [:map-of :keyword :any]]
-   [::context {:optional true} [:map-of :keyword :any]]
-   [::tracked-at {:optional true} ::sm/inst]
-   [::webhooks/event? {:optional true} ::sm/boolean]
-   [::webhooks/batch-timeout {:optional true} ::dt/duration]
-   [::webhooks/batch-key {:optional true}
-    [:or ::sm/fn ::sm/text :keyword]]])
+(s/def ::profile-id ::us/uuid)
+(s/def ::name ::us/string)
+(s/def ::type ::us/string)
+(s/def ::props (s/map-of ::us/keyword any?))
+(s/def ::ip-addr ::us/string)
 
-(def ^:private check-event
-  (sm/check-fn schema:event))
+(s/def ::webhooks/event? ::us/boolean)
+(s/def ::webhooks/batch-timeout ::dt/duration)
+(s/def ::webhooks/batch-key
+  (s/or :fn fn? :str string? :kw keyword?))
+
+(s/def ::event
+  (s/keys :req [::type ::name ::profile-id]
+          :opt [::ip-addr
+                ::props
+                ::webhooks/event?
+                ::webhooks/batch-timeout
+                ::webhooks/batch-key]))
+
+(s/def ::collector
+  (s/keys :req [::wrk/executor ::db/pool]))
+
+(defmethod ig/pre-init-spec ::collector [_]
+  (s/keys :req [::db/pool ::wrk/executor]))
+
+(defmethod ig/init-key ::collector
+  [_ {:keys [::db/pool] :as cfg}]
+  (cond
+    (db/read-only? pool)
+    (l/warn :hint "audit disabled (db is read-only)")
+
+    :else
+    cfg))
 
 (defn prepare-event
   [cfg mdata params result]
-  (let [resultm      (meta result)
-        request      (-> params meta ::http/request)
-        profile-id   (or (::profile-id resultm)
-                         (:profile-id result)
-                         (::rpc/profile-id params)
-                         uuid/zero)
+  (let [resultm    (meta result)
+        request    (-> params meta ::http/request)
+        profile-id (or (::profile-id resultm)
+                       (:profile-id result)
+                       (::rpc/profile-id params)
+                       uuid/zero)
 
         session-id   (get params ::rpc/external-session-id)
         event-origin (get params ::rpc/external-event-origin)
@@ -136,14 +155,14 @@
 
                          (clean-props))
 
-        token-id     (::actoken/id request)
-        context      (-> (::context resultm)
-                         (assoc :external-session-id session-id)
-                         (assoc :external-event-origin event-origin)
-                         (assoc :access-token-id (some-> token-id str))
-                         (d/without-nils))
+        token-id  (::actoken/id request)
+        context   (-> (::context resultm)
+                      (assoc :external-session-id session-id)
+                      (assoc :external-event-origin event-origin)
+                      (assoc :access-token-id (some-> token-id str))
+                      (d/without-nils))
 
-        ip-addr      (inet/parse-request request)]
+        ip-addr   (inet/parse-request request)]
 
     {::type (or (::type resultm)
                 (::rpc/type cfg))
@@ -254,12 +273,12 @@
   "Submit audit event to the collector."
   [cfg event]
   (try
-    (let [event (-> (d/without-nils event)
-                    (check-event))
+    (let [event (d/without-nils event)
           cfg   (-> cfg
                     (assoc ::rtry/when rtry/conflict-exception?)
                     (assoc ::rtry/max-retries 6)
                     (assoc ::rtry/label "persist-audit-log"))]
+      (us/verify! ::event event)
       (rtry/invoke! cfg db/tx-run! handle-event! event))
     (catch Throwable cause
       (l/error :hint "unexpected error processing event" :cause cause))))
@@ -270,8 +289,8 @@
   logic."
   [cfg event]
   (when (contains? cf/flags :audit-log)
-    (let [event (-> (d/without-nils event)
-                    (check-event))]
+    (let [event (d/without-nils event)]
+      (us/verify! ::event event)
       (db/run! cfg (fn [cfg]
                      (let [tnow   (dt/now)
                            params (-> (event->params event)

backend/src/app/loggers/audit/archive_task.clj

@@ -8,7 +8,6 @@
   (:require
    [app.common.exceptions :as ex]
    [app.common.logging :as l]
-   [app.common.schema :as sm]
    [app.common.transit :as t]
    [app.common.uuid :as uuid]
    [app.config :as cf]
@@ -17,6 +16,7 @@
    [app.setup :as-alias setup]
    [app.tokens :as tokens]
    [app.util.time :as dt]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]
    [lambdaisland.uri :as u]
    [promesa.exec :as px]))
@@ -108,15 +108,8 @@
                           (mark-archived! cfg rows)
                           (count events)))))))
 
-(def ^:private schema:handler-params
-  [:map
-   ::db/pool
-   ::setup/props
-   ::http/client])
-
-(defmethod ig/assert-key ::handler
-  [_ params]
-  (assert (sm/valid? schema:handler-params params) "valid params expected for handler"))
+(defmethod ig/pre-init-spec ::handler [_]
+  (s/keys :req [::db/pool ::setup/props ::http/client]))
 
 (defmethod ig/init-key ::handler
   [_ cfg]

backend/src/app/loggers/audit/gc_task.clj

@@ -8,6 +8,7 @@
   (:require
    [app.common.logging :as l]
    [app.db :as db]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]))
 
 (def ^:private sql:clean-archived
@@ -21,9 +22,8 @@
     (l/debug :hint "delete archived audit log entries" :deleted result)
     result))
 
-(defmethod ig/assert-key ::handler
-  [_ params]
-  (assert (db/pool? (::db/pool params)) "valid database pool expected"))
+(defmethod ig/pre-init-spec ::handler [_]
+  (s/keys :req [::db/pool]))
 
 (defmethod ig/init-key ::handler
   [_ cfg]

backend/src/app/loggers/database.clj

@@ -12,6 +12,7 @@
    [app.common.logging :as l]
    [app.common.pprint :as pp]
    [app.common.schema :as sm]
+   [app.common.spec :as us]
    [app.config :as cf]
    [app.db :as db]
    [clojure.spec.alpha :as s]
@@ -37,11 +38,11 @@
 
 (defn record->report
   [{:keys [::l/context ::l/message ::l/props ::l/logger ::l/level ::l/cause] :as record}]
-  (assert (l/valid-record? record) "expectd valid log record")
+  (us/assert! ::l/record record)
   (if (or (instance? java.util.concurrent.CompletionException cause)
           (instance? java.util.concurrent.ExecutionException cause))
     (-> record
-        (assoc ::trace (ex/format-throwable cause :data? true :explain? false :header? false :summary? false))
+        (assoc ::trace (ex/format-throwable cause :data? false :explain? false :header? false :summary? false))
         (assoc ::l/cause (ex-cause cause))
         (record->report))
 
@@ -53,34 +54,30 @@
                    (assoc :logger/name logger)
                    (assoc :logger/level level)
                    (dissoc :request/params :value :params :data))]
-
       (merge
        {:context (-> (into (sorted-map) ctx)
                      (pp/pprint-str :length 50))
         :props   (pp/pprint-str props :length 50)
-        :hint    (or (when-let [message (ex-message cause)]
-                       (if-let [props-hint (:hint props)]
-                         (str props-hint ": " message)
-                         message))
-                     @message)
+        :hint    (or (ex-message cause) @message)
         :trace   (or (::trace record)
-                     (some-> cause (ex/format-throwable :data? true :explain? false :header? false :summary? false)))}
+                     (ex/format-throwable cause :data? false :explain? false :header? false :summary? false))}
 
        (when-let [params (or (:request/params context) (:params context))]
-         {:params (pp/pprint-str params :length 20 :level 20)})
+         {:params (pp/pprint-str params :length 30 :level 12)})
 
        (when-let [value (:value context)]
-         {:value (pp/pprint-str value :length 30 :level 13)})
+         {:value (pp/pprint-str value :length 30 :level 12)})
 
        (when-let [data (some-> data (dissoc ::s/problems ::s/value ::s/spec ::sm/explain :hint))]
-         {:data (pp/pprint-str data :length 30 :level 13)})
+         {:data (pp/pprint-str data :length 30 :level 12)})
 
-       (when-let [explain (ex/explain data :length 30 :level 13)]
+       (when-let [explain (ex/explain data :length 30 :level 12)]
          {:explain explain})))))
 
 (defn error-record?
-  [{:keys [::l/level]}]
-  (= :error level))
+  [{:keys [::l/level ::l/cause]}]
+  (and (= :error level)
+       (ex/exception? cause)))
 
 (defn- handle-event
   [{:keys [::db/pool]} {:keys [::l/id] :as record}]
@@ -94,9 +91,8 @@
     (catch Throwable cause
       (l/warn :hint "unexpected exception on database error logger" :cause cause))))
 
-(defmethod ig/assert-key ::reporter
-  [_ params]
-  (assert (db/pool? (::db/pool params)) "expect valid database pool"))
+(defmethod ig/pre-init-spec ::reporter [_]
+  (s/keys :req [::db/pool]))
 
 (defmethod ig/init-key ::reporter
   [_ cfg]

backend/src/app/loggers/mattermost.clj

@@ -9,10 +9,12 @@
   (:require
    [app.common.exceptions :as ex]
    [app.common.logging :as l]
+   [app.common.spec :as us]
    [app.config :as cf]
    [app.http.client :as http]
    [app.loggers.database :as ldb]
    [app.util.json :as json]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]
    [promesa.exec :as px]
    [promesa.exec.csp :as sp]))
@@ -52,7 +54,7 @@
 
 (defn record->report
   [{:keys [::l/context ::l/id ::l/cause] :as record}]
-  (assert (l/valid-record? record) "expectd valid log record")
+  (us/assert! ::l/record record)
   {:id               id
    :tenant           (cf/get :tenant)
    :host             (cf/get :host)
@@ -73,9 +75,8 @@
       (catch Throwable cause
         (l/warn :hint "unhandled error" :cause cause)))))
 
-(defmethod ig/assert-key ::reporter
-  [_ params]
-  (assert (http/client? (::http/client params)) "expect valid http client"))
+(defmethod ig/pre-init-spec ::reporter [_]
+  (s/keys :req [::http/client]))
 
 (defmethod ig/init-key ::reporter
   [_ cfg]

backend/src/app/loggers/webhooks.clj

@@ -15,10 +15,10 @@
    [app.config :as cf]
    [app.db :as db]
    [app.http.client :as http]
-   [app.loggers.audit :as audit]
    [app.util.time :as dt]
    [app.worker :as wrk]
    [clojure.data.json :as json]
+   [clojure.spec.alpha :as s]
    [cuerdas.core :as str]
    [integrant.core :as ig]))
 
@@ -60,35 +60,24 @@
       (some->> (:project-id props) (lookup-webhooks-by-project pool))
       (some->> (:file-id props) (lookup-webhooks-by-file pool))))
 
-(defmethod ig/assert-key ::process-event-handler
-  [_ params]
-  (assert (db/pool? (::db/pool params)) "expect valid database pool")
-  (assert (http/client? (::http/client params)) "expect valid http client"))
+(defmethod ig/pre-init-spec ::process-event-handler [_]
+  (s/keys :req [::db/pool]))
 
 (defmethod ig/init-key ::process-event-handler
   [_ cfg]
   (fn [{:keys [props] :as task}]
+    (l/dbg :hint "process webhook event" :name (:name props))
 
-    (let [items (lookup-webhooks cfg props)
-          event {::audit/profile-id (:profile-id props)
-                 ::audit/name "webhook"
-                 ::audit/type "trigger"
-                 ::audit/props {:name (get props :name)
-                                :event-id (get props :id)
-                                :total-affected (count items)}}]
-
-      (audit/insert! cfg event)
-
-      (when items
-        (l/trc :hint "webhooks found for event" :total (count items))
-        (db/tx-run! cfg (fn [cfg]
-                          (doseq [item items]
-                            (wrk/submit! (-> cfg
-                                             (assoc ::wrk/task :run-webhook)
-                                             (assoc ::wrk/queue :webhooks)
-                                             (assoc ::wrk/max-retries 3)
-                                             (assoc ::wrk/params {:event props
-                                                                  :config item}))))))))))
+    (when-let [items (lookup-webhooks cfg props)]
+      (l/trc :hint "webhooks found for event" :total (count items))
+      (db/tx-run! cfg (fn [cfg]
+                        (doseq [item items]
+                          (wrk/submit! (-> cfg
+                                           (assoc ::wrk/task :run-webhook)
+                                           (assoc ::wrk/queue :webhooks)
+                                           (assoc ::wrk/max-retries 3)
+                                           (assoc ::wrk/params {:event props
+                                                                :config item})))))))))
 ;; --- RUN
 
 (declare interpret-exception)
@@ -98,14 +87,12 @@
   {:key-fn str/camel
    :indent true})
 
-(defmethod ig/assert-key ::run-webhook-handler
-  [_ params]
-  (assert (db/pool? (::db/pool params)) "expect valid database pool")
-  (assert (http/client? (::http/client params)) "expect valid http client"))
+(defmethod ig/pre-init-spec ::run-webhook-handler [_]
+  (s/keys :req [::http/client ::db/pool]))
 
-(defmethod ig/expand-key ::run-webhook-handler
-  [k v]
-  {k (merge {::max-errors 3} (d/without-nils v))})
+(defmethod ig/prep-key ::run-webhook-handler
+  [_ cfg]
+  (merge {::max-errors 3} (d/without-nils cfg)))
 
 (defmethod ig/init-key ::run-webhook-handler
   [_ {:keys [::db/pool ::max-errors] :as cfg}]
@@ -148,7 +135,7 @@
 
         (l/dbg :hint "run webhook"
                :event-name (:name event)
-               :webhook-id (str (:id whook))
+               :webhook-id (:id whook)
                :webhook-uri (:uri whook)
                :webhook-mtype (:mtype whook))
 

backend/src/app/main.clj

@@ -9,7 +9,6 @@
    [app.auth.ldap :as-alias ldap]
    [app.auth.oidc :as-alias oidc]
    [app.auth.oidc.providers :as-alias oidc.providers]
-   [app.common.exceptions :as ex]
    [app.common.logging :as l]
    [app.config :as cf]
    [app.db :as-alias db]
@@ -25,10 +24,10 @@
    [app.loggers.webhooks :as-alias webhooks]
    [app.metrics :as-alias mtx]
    [app.metrics.definition :as-alias mdef]
+   [app.migrations.v2 :as migrations.v2]
    [app.msgbus :as-alias mbus]
    [app.redis :as-alias rds]
    [app.rpc :as-alias rpc]
-   [app.rpc.climit :as-alias climit]
    [app.rpc.doc :as-alias rpc.doc]
    [app.setup :as-alias setup]
    [app.srepl :as-alias srepl]
@@ -40,6 +39,7 @@
    [app.svgo :as-alias svgo]
    [app.util.time :as dt]
    [app.worker :as-alias wrk]
+   [cider.nrepl :refer [cider-nrepl-handler]]
    [clojure.test :as test]
    [clojure.tools.namespace.repl :as repl]
    [cuerdas.core :as str]
@@ -169,7 +169,7 @@
    {::db/uri        (cf/get :database-uri)
     ::db/username   (cf/get :database-username)
     ::db/password   (cf/get :database-password)
-    ::db/read-only  (cf/get :database-readonly false)
+    ::db/read-only? (cf/get :database-readonly false)
     ::db/min-size   (cf/get :database-min-pool-size 0)
     ::db/max-size   (cf/get :database-max-pool-size 60)
     ::mtx/metrics   (ig/ref ::mtx/metrics)}
@@ -245,7 +245,7 @@
     :base-dn        (cf/get :ldap-base-dn)
     :bind-dn        (cf/get :ldap-bind-dn)
     :bind-password  (cf/get :ldap-bind-password)
-    :enabled        (contains? cf/flags :login-with-ldap)}
+    :enabled?       (contains? cf/flags :login-with-ldap)}
 
    ::oidc.providers/google
    {}
@@ -302,11 +302,9 @@
     ::http.assets/cache-max-agesignature-max-age (dt/duration {:hours 24 :minutes 5})
     ::sto/storage  (ig/ref ::sto/storage)}
 
-   ::rpc/climit
-   {::mtx/metrics        (ig/ref ::mtx/metrics)
-    ::wrk/executor       (ig/ref ::wrk/executor)
-    ::climit/config      (cf/get :rpc-climit-config)
-    ::climit/enabled     (contains? cf/flags :rpc-climit)}
+   :app.rpc/climit
+   {::mtx/metrics  (ig/ref ::mtx/metrics)
+    ::wrk/executor (ig/ref ::wrk/executor)}
 
    :app.rpc/rlimit
    {::wrk/executor (ig/ref ::wrk/executor)}
@@ -321,6 +319,7 @@
     ::mtx/metrics        (ig/ref ::mtx/metrics)
     ::mbus/msgbus        (ig/ref ::mbus/msgbus)
     ::rds/redis          (ig/ref ::rds/redis)
+    ::svgo/optimizer     (ig/ref ::svgo/optimizer)
 
     ::rpc/climit         (ig/ref ::rpc/climit)
     ::rpc/rlimit         (ig/ref ::rpc/rlimit)
@@ -331,7 +330,7 @@
     ::email/whitelist    (ig/ref ::email/whitelist)}
 
    :app.rpc.doc/routes
-   {:app.rpc/methods (ig/ref :app.rpc/methods)}
+   {:methods (ig/ref :app.rpc/methods)}
 
    :app.rpc/routes
    {::rpc/methods     (ig/ref :app.rpc/methods)
@@ -347,6 +346,7 @@
      :file-gc            (ig/ref :app.tasks.file-gc/handler)
      :file-gc-scheduler  (ig/ref :app.tasks.file-gc-scheduler/handler)
      :offload-file-data  (ig/ref :app.tasks.offload-file-data/handler)
+     :file-xlog-gc       (ig/ref :app.tasks.file-xlog-gc/handler)
      :tasks-gc           (ig/ref :app.tasks.tasks-gc/handler)
      :telemetry          (ig/ref :app.tasks.telemetry/handler)
      :storage-gc-deleted (ig/ref ::sto.gc-deleted/handler)
@@ -379,7 +379,8 @@
     ::email/default-from     (cf/get :smtp-default-from)}
 
    ::email/handler
-   {::email/sendmail (ig/ref ::email/sendmail)}
+   {::email/sendmail (ig/ref ::email/sendmail)
+    ::mtx/metrics    (ig/ref ::mtx/metrics)}
 
    :app.tasks.tasks-gc/handler
    {::db/pool (ig/ref ::db/pool)}
@@ -402,6 +403,10 @@
    {::db/pool     (ig/ref ::db/pool)
     ::sto/storage (ig/ref ::sto/storage)}
 
+   :app.tasks.file-xlog-gc/handler
+   {::db/pool     (ig/ref ::db/pool)
+    ::sto/storage (ig/ref ::sto/storage)}
+
    :app.tasks.telemetry/handler
    {::db/pool            (ig/ref ::db/pool)
     ::http.client/client (ig/ref ::http.client/client)
@@ -425,6 +430,9 @@
     ;; module requires the migrations to run before initialize.
     ::migrations (ig/ref :app.migrations/migrations)}
 
+   ::svgo/optimizer
+   {}
+
    :app.loggers.audit.archive-task/handler
    {::setup/props        (ig/ref ::setup/props)
     ::db/pool            (ig/ref ::db/pool)
@@ -467,8 +475,7 @@
     ::sto.s3/bucket     (or (cf/get :storage-assets-s3-bucket)
                             (cf/get :objects-storage-s3-bucket))
     ::sto.s3/io-threads (or (cf/get :storage-assets-s3-io-threads)
-                            (cf/get :objects-storage-s3-io-threads))
-    ::wrk/executor      (ig/ref ::wrk/executor)}
+                            (cf/get :objects-storage-s3-io-threads))}
 
    :app.storage.fs/backend
    {::sto.fs/directory (or (cf/get :storage-assets-fs-directory)
@@ -480,7 +487,10 @@
    {::wrk/registry            (ig/ref ::wrk/registry)
     ::db/pool                 (ig/ref ::db/pool)
     ::wrk/entries
-    [{:cron #app/cron "0 0 0 * * ?" ;; daily
+    [{:cron #app/cron "0 0 * * * ?" ;; hourly
+      :task :file-xlog-gc}
+
+     {:cron #app/cron "0 0 0 * * ?" ;; daily
       :task :session-gc}
 
      {:cron #app/cron "0 0 0 * * ?" ;; daily
@@ -512,13 +522,11 @@
    ::wrk/dispatcher
    {::rds/redis   (ig/ref ::rds/redis)
     ::mtx/metrics (ig/ref ::mtx/metrics)
-    ::db/pool     (ig/ref ::db/pool)
-    ::wrk/tenant  (cf/get :tenant)}
+    ::db/pool     (ig/ref ::db/pool)}
 
    [::default ::wrk/runner]
    {::wrk/parallelism (cf/get ::worker-default-parallelism 1)
     ::wrk/queue       :default
-    ::wrk/tenant      (cf/get :tenant)
     ::rds/redis       (ig/ref ::rds/redis)
     ::wrk/registry    (ig/ref ::wrk/registry)
     ::mtx/metrics     (ig/ref ::mtx/metrics)
@@ -527,7 +535,6 @@
    [::webhook ::wrk/runner]
    {::wrk/parallelism (cf/get ::worker-webhook-parallelism 1)
     ::wrk/queue       :webhooks
-    ::wrk/tenant      (cf/get :tenant)
     ::rds/redis       (ig/ref ::rds/redis)
     ::wrk/registry    (ig/ref ::wrk/registry)
     ::mtx/metrics     (ig/ref ::mtx/metrics)
@@ -545,7 +552,7 @@
                              (-> system-config
                                  (cond-> (contains? cf/flags :backend-worker)
                                    (merge worker-config))
-                                 (ig/expand)
+                                 (ig/prep)
                                  (ig/init))))
   (l/inf :hint "welcome to penpot"
          :flags (str/join "," (map name cf/flags))
@@ -558,7 +565,7 @@
   (alter-var-root #'system (fn [sys]
                              (when sys (ig/halt! sys))
                              (-> config
-                                 (ig/expand)
+                                 (ig/prep)
                                  (ig/init)))))
 
 (defn stop
@@ -604,11 +611,22 @@
     (let [p (promise)]
       (when (contains? cf/flags :nrepl-server)
         (l/inf :hint "start nrepl server" :port 6064)
-        (nrepl/start-server :bind "0.0.0.0" :port 6064))
+        (nrepl/start-server :bind "0.0.0.0" :port 6064 :handler cider-nrepl-handler))
 
       (start)
+
+      (when (contains? cf/flags :v2-migration)
+        (px/sleep 5000)
+        (migrations.v2/migrate app.main/system))
+
       (deref p))
     (catch Throwable cause
-      (ex/print-throwable cause)
+      (binding [*out* *err*]
+        (println "==== ERROR ===="))
+      (.printStackTrace cause)
+      (when-let [cause' (ex-cause cause)]
+        (binding [*out* *err*]
+          (println "==== CAUSE ===="))
+        (.printStackTrace cause'))
       (px/sleep 500)
       (System/exit -1))))

backend/src/app/media.clj

@@ -8,11 +8,12 @@
   "Media & Font postprocessing."
   (:require
    [app.common.data :as d]
-   [app.common.data.macros :as dm]
    [app.common.exceptions :as ex]
    [app.common.media :as cm]
    [app.common.schema :as sm]
    [app.common.schema.openapi :as-alias oapi]
+   [app.common.spec :as us]
+   [app.common.svg :as csvg]
    [app.config :as cf]
    [app.db :as-alias db]
    [app.storage :as-alias sto]
@@ -21,41 +22,41 @@
    [buddy.core.bytes :as bb]
    [buddy.core.codecs :as bc]
    [clojure.java.shell :as sh]
-   [clojure.xml :as xml]
+   [clojure.spec.alpha :as s]
    [cuerdas.core :as str]
    [datoteka.fs :as fs]
    [datoteka.io :as io])
   (:import
-   clojure.lang.XMLHandler
-   java.io.InputStream
-   javax.xml.XMLConstants
-   javax.xml.parsers.SAXParserFactory
-   org.apache.commons.io.IOUtils
    org.im4java.core.ConvertCmd
    org.im4java.core.IMOperation
    org.im4java.core.Info))
 
-(def schema:upload
-  (sm/register!
-   ^{::sm/type ::upload}
-   [:map {:title "Upload"}
-    [:filename :string]
-    [:size ::sm/int]
-    [:path ::fs/path]
-    [:mtype {:optional true} :string]
-    [:headers {:optional true}
-     [:map-of :string :string]]]))
+(s/def ::path fs/path?)
+(s/def ::filename string?)
+(s/def ::size integer?)
+(s/def ::headers (s/map-of string? string?))
+(s/def ::mtype string?)
 
-(def ^:private schema:input
-  [:map {:title "Input"}
+(s/def ::upload
+  (s/keys :req-un [::filename ::size ::path]
+          :opt-un [::mtype ::headers]))
+
+;; A subset of fields from the ::upload spec
+(s/def ::input
+  (s/keys :req-un [::path]
+          :opt-un [::mtype]))
+
+(sm/register! ::upload
+  [:map {:title "Upload"}
+   [:filename :string]
+   [:size ::sm/int]
    [:path ::fs/path]
-   [:mtype {:optional true} ::sm/text]])
-
-(def ^:private check-input
-  (sm/check-fn schema:input))
+   [:mtype {:optional true} :string]
+   [:headers {:optional true}
+    [:map-of :string :string]]])
 
 (defn validate-media-type!
-  ([upload] (validate-media-type! upload cm/image-types))
+  ([upload] (validate-media-type! upload cm/valid-image-types))
   ([upload allowed]
    (when-not (contains? allowed (:mtype upload))
      (ex/raise :type :validation
@@ -95,44 +96,17 @@
     (catch Throwable e
       (process-error e))))
 
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;; SVG PARSING
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-
-(defn- secure-parser-factory
-  [^InputStream input ^XMLHandler handler]
-  (.. (doto (SAXParserFactory/newInstance)
-        (.setFeature XMLConstants/FEATURE_SECURE_PROCESSING true)
-        (.setFeature "http://apache.org/xml/features/disallow-doctype-decl" true))
-      (newSAXParser)
-      (parse input handler)))
-
-(defn- strip-doctype
-  [data]
-  (cond-> data
-    (str/includes? data "<!DOCTYPE")
-    (str/replace #"<\!DOCTYPE[^>]*>" "")))
-
-(defn- parse-svg
-  [text]
-  (let [text (strip-doctype text)]
-    (dm/with-open [istream (IOUtils/toInputStream text "UTF-8")]
-      (xml/parse istream secure-parser-factory))))
-
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; IMAGE THUMBNAILS
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
-(def ^:private schema:thumbnail-params
-  [:map {:title "ThumbnailParams"}
-   [:input schema:input]
-   [:format [:enum :jpeg :webp :png]]
-   [:quality [:int {:min 1 :max 100}]]
-   [:width :int]
-   [:height :int]])
+(s/def ::width integer?)
+(s/def ::height integer?)
+(s/def ::format #{:jpeg :webp :png})
+(s/def ::quality #(< 0 % 101))
 
-(def ^:private check-thumbnail-params
-  (sm/check-fn schema:thumbnail-params))
+(s/def ::thumbnail-params
+  (s/keys :req-un [::input ::format ::width ::height]))
 
 ;; Related info on how thumbnails generation
 ;;  http://www.imagemagick.org/Usage/thumbnails/
@@ -154,38 +128,30 @@
            :data   tmp)))
 
 (defmethod process :generic-thumbnail
-  [params]
-  (let [{:keys [quality width height] :as params}
-        (check-thumbnail-params params)
-
-        operation
-        (doto (IMOperation.)
-          (.addImage)
-          (.autoOrient)
-          (.strip)
-          (.thumbnail ^Integer (int width) ^Integer (int height) ">")
-          (.quality (double quality))
-          (.addImage))]
-
-    (generic-process (assoc params :operation operation))))
+  [{:keys [quality width height] :as params}]
+  (us/assert ::thumbnail-params params)
+  (let [op (doto (IMOperation.)
+             (.addImage)
+             (.autoOrient)
+             (.strip)
+             (.thumbnail ^Integer (int width) ^Integer (int height) ">")
+             (.quality (double quality))
+             (.addImage))]
+    (generic-process (assoc params :operation op))))
 
 (defmethod process :profile-thumbnail
-  [params]
-  (let [{:keys [quality width height] :as params}
-        (check-thumbnail-params params)
-
-        operation
-        (doto (IMOperation.)
-          (.addImage)
-          (.autoOrient)
-          (.strip)
-          (.thumbnail ^Integer (int width) ^Integer (int height) "^")
-          (.gravity "center")
-          (.extent (int width) (int height))
-          (.quality (double quality))
-          (.addImage))]
-
-    (generic-process (assoc params :operation operation))))
+  [{:keys [quality width height] :as params}]
+  (us/assert ::thumbnail-params params)
+  (let [op (doto (IMOperation.)
+             (.addImage)
+             (.autoOrient)
+             (.strip)
+             (.thumbnail ^Integer (int width) ^Integer (int height) "^")
+             (.gravity "center")
+             (.extent (int width) (int height))
+             (.quality (double quality))
+             (.addImage))]
+    (generic-process (assoc params :operation op))))
 
 (defn get-basic-info-from-svg
   [{:keys [tag attrs] :as data}]
@@ -217,9 +183,10 @@
 
 (defmethod process :info
   [{:keys [input] :as params}]
-  (let [{:keys [path mtype] :as input} (check-input input)]
+  (us/assert ::input input)
+  (let [{:keys [path mtype]} input]
     (if (= mtype "image/svg+xml")
-      (let [info (some-> path slurp parse-svg get-basic-info-from-svg)]
+      (let [info (some-> path slurp csvg/parse get-basic-info-from-svg)]
         (when-not info
           (ex/raise :type :validation
                     :code :invalid-svg-file
@@ -258,7 +225,7 @@
   (letfn [(ttf->otf [data]
             (let [finput  (tmp/tempfile :prefix "penpot.font." :suffix "")
                   foutput (fs/path (str finput ".otf"))
-                  _       (io/write* finput data)
+                  _       (io/write-to-file! data finput)
                   res     (sh/sh "fontforge" "-lang=ff" "-c"
                                  (str/fmt "Open('%s'); Generate('%s')"
                                           (str finput)
@@ -269,7 +236,7 @@
           (otf->ttf [data]
             (let [finput  (tmp/tempfile :prefix "penpot.font." :suffix "")
                   foutput (fs/path (str finput ".ttf"))
-                  _       (io/write* finput data)
+                  _       (io/write-to-file! data finput)
                   res     (sh/sh "fontforge" "-lang=ff" "-c"
                                  (str/fmt "Open('%s'); Generate('%s')"
                                           (str finput)
@@ -283,14 +250,14 @@
             ;; command.
             (let [finput  (tmp/tempfile :prefix "penpot.font." :suffix "")
                   foutput (fs/path (str finput ".woff"))
-                  _       (io/write* finput data)
+                  _       (io/write-to-file! data finput)
                   res     (sh/sh "sfnt2woff" (str finput))]
               (when (zero? (:exit res))
                 foutput)))
 
           (woff->sfnt [data]
             (let [finput  (tmp/tempfile :prefix "penpot" :suffix "")
-                  _       (io/write* finput data)
+                  _       (io/write-to-file! data finput)
                   res     (sh/sh "woff2sfnt" (str finput)
                                  :out-enc :bytes)]
               (when (zero? (:exit res))

backend/src/app/metrics.clj

@@ -8,8 +8,9 @@
   (:refer-clojure :exclude [run!])
   (:require
    [app.common.logging :as l]
-   [app.common.schema :as sm]
+   [app.common.spec :as us]
    [app.metrics.definition :as-alias mdef]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig])
   (:import
    io.prometheus.client.CollectorRegistry
@@ -33,52 +34,41 @@
 (declare create-collector)
 (declare handler)
 
-(defprotocol IMetrics
-  (get-registry [_])
-  (get-collector [_ id])
-  (get-handler [_]))
-
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; METRICS SERVICE PROVIDER
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 
-(sm/register!
- {:type ::collector
-  :pred #(instance? SimpleCollector %)
-  :type-properties
-  {:title "collector"
-   :description "An instance of SimpleCollector"}})
+(s/def ::mdef/name string?)
+(s/def ::mdef/help string?)
+(s/def ::mdef/labels (s/every string? :kind vector?))
+(s/def ::mdef/type #{:gauge :counter :summary :histogram})
 
-(sm/register!
- {:type ::registry
-  :pred  #(instance? CollectorRegistry %)
-  :type-properties
-  {:title "Metrics Registry"
-   :description "Instance of CollectorRegistry"}})
+(s/def ::mdef/instance
+  #(instance? SimpleCollector %))
 
-(def ^:private schema:definitions
-  [:map-of :keyword
-   [:map {:title "definition"}
-    [::mdef/name :string]
-    [::mdef/help :string]
-    [::mdef/type [:enum :gauge :counter :summary :histogram]]
-    [::mdef/labels {:optional true} [::sm/vec :string]]
-    [::mdef/instance {:optional true} ::collector]]])
+(s/def ::mdef/definition
+  (s/keys :req [::mdef/name
+                ::mdef/help
+                ::mdef/type]
+          :opt [::mdef/labels
+                ::mdef/instance]))
 
-(defn metrics?
-  [o]
-  (satisfies? IMetrics o))
+(s/def ::definitions
+  (s/map-of keyword? ::mdef/definition))
 
-(sm/register!
- {:type ::metrics
-  :pred metrics?})
+(s/def ::registry
+  #(instance? CollectorRegistry %))
 
-(def ^:private valid-definitions?
-  (sm/validator schema:definitions))
+(s/def ::handler fn?)
+(s/def ::metrics
+  (s/keys :req [::registry
+                ::handler
+                ::definitions]))
 
-(defmethod ig/assert-key ::metrics
-  [_ {:keys [default]}]
-  (assert (valid-definitions? default) "expected valid definitions"))
+(s/def ::default ::definitions)
+
+(defmethod ig/pre-init-spec ::metrics [_]
+  (s/keys :req-un [::default]))
 
 (defmethod ig/init-key ::metrics
   [_ cfg]
@@ -91,14 +81,12 @@
                                {}
                                (:default cfg))]
 
-    (reify
-      IMetrics
-      (get-handler [_]
-        (partial handler registry))
-      (get-collector [_ id]
-        (get definitions id))
-      (get-registry [_]
-        registry))))
+    (us/verify! ::definitions definitions)
+
+    {::handler (partial handler registry)
+     ::definitions definitions
+     ::registry registry}))
+
 
 (defn- handler
   [registry _]
@@ -108,14 +96,17 @@
     {:headers {"content-type" TextFormat/CONTENT_TYPE_004}
      :body (.toString writer)}))
 
-(defmethod ig/assert-key ::routes
-  [_ {:keys [::metrics]}]
-  (assert (metrics? metrics) "expected a valid instance for metrics"))
+
+
+(s/def ::routes vector?)
+(defmethod ig/pre-init-spec ::routes [_]
+  (s/keys :req [::metrics]))
 
 (defmethod ig/init-key ::routes
   [_ {:keys [::metrics]}]
-  ["/metrics" {:handler (get-handler metrics)
-               :allowed-methods #{:get}}])
+  (let [registry (::registry metrics)]
+    ["/metrics" {:handler (partial handler registry)
+                 :allowed-methods #{:get}}]))
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ;; Implementation
@@ -135,9 +126,8 @@
 (defmulti create-collector ::mdef/type)
 
 (defn run!
-  [instance & {:keys [id] :as params}]
-  (assert (metrics? instance) "expected valid metrics instance")
-  (when-let [mobj (get-collector instance id)]
+  [{:keys [::definitions]} & {:keys [id] :as params}]
+  (when-let [mobj (get definitions id)]
     (run-collector! mobj params)
     true))
 

backend/src/app/migrations.clj

@@ -11,6 +11,7 @@
    [app.db :as db]
    [app.migrations.clj.migration-0023 :as mg0023]
    [app.util.migrations :as mg]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]))
 
 (def migrations
@@ -411,34 +412,7 @@
     :fn (mg/resource "app/migrations/sql/0129-mod-file-change-table.sql")}
 
    {:name "0130-mod-file-change-table"
-    :fn (mg/resource "app/migrations/sql/0130-mod-file-change-table.sql")}
-
-   {:name "0131-mod-webhook-table"
-    :fn (mg/resource "app/migrations/sql/0131-mod-webhook-table.sql")}
-
-   {:name "0132-mod-file-change-table"
-    :fn (mg/resource "app/migrations/sql/0132-mod-file-change-table.sql")}
-
-   {:name "0133-mod-file-table"
-    :fn (mg/resource "app/migrations/sql/0133-mod-file-table.sql")}
-
-   {:name "0134-mod-file-change-table"
-    :fn (mg/resource "app/migrations/sql/0134-mod-file-change-table.sql")}
-
-   {:name "0135-mod-team-invitation-table.sql"
-    :fn (mg/resource "app/migrations/sql/0135-mod-team-invitation-table.sql")}
-
-   {:name "0136-mod-comments-mentions.sql"
-    :fn (mg/resource "app/migrations/sql/0136-mod-comments-mentions.sql")}
-
-   {:name "0137-add-file-migration-table.sql"
-    :fn (mg/resource "app/migrations/sql/0137-add-file-migration-table.sql")}
-
-   {:name "0138-mod-file-data-fragment-table.sql"
-    :fn (mg/resource "app/migrations/sql/0138-mod-file-data-fragment-table.sql")}
-
-   {:name "0139-mod-file-change-table.sql"
-    :fn (mg/resource "app/migrations/sql/0139-mod-file-change-table.sql")}])
+    :fn (mg/resource "app/migrations/sql/0130-mod-file-change-table.sql")}])
 
 (defn apply-migrations!
   [pool name migrations]
@@ -446,9 +420,9 @@
     (mg/setup! conn)
     (mg/migrate! conn {:name name :steps migrations})))
 
-(defmethod ig/assert-key ::migrations
-  [_ {:keys [::db/pool]}]
-  (assert (db/pool? pool) "expected valid pool"))
+(defmethod ig/pre-init-spec ::migrations
+  [_]
+  (s/keys :req [::db/pool]))
 
 (defmethod ig/init-key ::migrations
   [module {:keys [::db/pool]}]

backend/src/app/migrations/media_refs.clj

@@ -1,49 +0,0 @@
-;; This Source Code Form is subject to the terms of the Mozilla Public
-;; License, v. 2.0. If a copy of the MPL was not distributed with this
-;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
-;;
-;; Copyright (c) KALEIDOS INC
-
-(ns app.migrations.media-refs
-  "A media refs migration fixer script"
-  (:require
-   [app.common.exceptions :as ex]
-   [app.common.logging :as l]
-   [app.common.pprint]
-   [app.srepl.fixes.media-refs :refer [process-file]]
-   [app.srepl.main :as srepl]
-   [clojure.edn :as edn]))
-
-(def ^:private required-services
-  [:app.storage.s3/backend
-   :app.storage.fs/backend
-   :app.storage/storage
-   :app.metrics/metrics
-   :app.db/pool
-   :app.worker/executor])
-
-(defn -main
-  [& [options]]
-  (try
-    (let [config-var (requiring-resolve 'app.main/system-config)
-          start-var  (requiring-resolve 'app.main/start-custom)
-          stop-var   (requiring-resolve 'app.main/stop)
-          config     (select-keys @config-var required-services)]
-
-      (start-var config)
-
-      (let [options (if (string? options)
-                      (ex/ignoring (edn/read-string options))
-                      {})]
-
-        (l/inf :hint "executing media-refs migration" :options options)
-        (srepl/process-files! process-file options))
-
-      (stop-var)
-      (System/exit 0))
-    (catch Throwable cause
-      (ex/print-throwable cause)
-      (flush)
-      (System/exit -1))))
-
-

backend/src/app/migrations/sql/0131-mod-webhook-table.sql

@@ -1,6 +0,0 @@
-ALTER TABLE webhook
-  ADD COLUMN profile_id uuid NULL REFERENCES profile (id) ON DELETE SET NULL;
-
-CREATE INDEX webhook__profile_id__idx
-    ON webhook (profile_id)
- WHERE profile_id IS NOT NULL;

backend/src/app/migrations/sql/0132-mod-file-change-table.sql

@@ -1,2 +0,0 @@
-ALTER TABLE file_change
-  ADD COLUMN created_by text NOT NULL DEFAULT 'system';

backend/src/app/migrations/sql/0133-mod-file-table.sql

@@ -1,2 +0,0 @@
-ALTER TABLE file
-  ADD COLUMN vern int NOT NULL DEFAULT 0;

backend/src/app/migrations/sql/0134-mod-file-change-table.sql

@@ -1,18 +0,0 @@
-ALTER TABLE file_change
-  ADD COLUMN updated_at timestamptz DEFAULT now(),
-  ADD COLUMN deleted_at timestamptz DEFAULT NULL,
-ALTER COLUMN created_at SET DEFAULT now();
-
-DROP INDEX file_change__created_at__idx;
-DROP INDEX file_change__created_at__label__idx;
-DROP INDEX file_change__label__idx;
-
-CREATE INDEX file_change__deleted_at__idx
-    ON file_change (deleted_at, id)
- WHERE deleted_at IS NOT NULL;
-
-CREATE INDEX file_change__system_snapshots__idx
-    ON file_change (file_id, created_at)
- WHERE data IS NOT NULL
-   AND created_by = 'system'
-   AND deleted_at IS NULL;

backend/src/app/migrations/sql/0135-mod-team-invitation-table.sql

@@ -1,2 +0,0 @@
-ALTER TABLE team_invitation
-  ADD COLUMN created_by uuid NULL REFERENCES profile(id) ON DELETE SET NULL;

backend/src/app/migrations/sql/0136-mod-comments-mentions.sql

@@ -1,3 +0,0 @@
-ALTER TABLE comment ADD COLUMN mentions uuid[] NULL DEFAULT '{}';
-
-ALTER TABLE comment_thread ADD COLUMN mentions uuid[] NULL DEFAULT '{}';

backend/src/app/migrations/sql/0137-add-file-migration-table.sql

@@ -1,7 +0,0 @@
-CREATE TABLE file_migration (
-  file_id uuid NOT NULL REFERENCES file(id) ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED,
-  name text NOT NULL,
-  created_at timestamptz NOT NULL DEFAULT clock_timestamp(),
-
-  PRIMARY KEY(file_id, name)
-);

backend/src/app/migrations/sql/0138-mod-file-data-fragment-table.sql

@@ -1,2 +0,0 @@
-ALTER TABLE file_data_fragment
-ALTER CONSTRAINT file_data_fragment_file_id_fkey DEFERRABLE INITIALLY DEFERRED;

backend/src/app/migrations/sql/0139-mod-file-change-table.sql

@@ -1,5 +0,0 @@
-ALTER TABLE file_change
- DROP CONSTRAINT file_change_file_id_fkey,
- DROP CONSTRAINT file_change_profile_id_fkey,
-  ADD FOREIGN KEY (file_id) REFERENCES file(id) DEFERRABLE,
-  ADD FOREIGN KEY (profile_id) REFERENCES profile(id) ON DELETE SET NULL DEFERRABLE;

backend/src/app/migrations/v2.clj

@@ -0,0 +1,103 @@
+;; This Source Code Form is subject to the terms of the Mozilla Public
+;; License, v. 2.0. If a copy of the MPL was not distributed with this
+;; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;;
+;; Copyright (c) KALEIDOS INC
+
+(ns app.migrations.v2
+  (:require
+   [app.common.exceptions :as ex]
+   [app.common.logging :as l]
+   [app.db :as db]
+   [app.features.components-v2 :as feat]
+   [app.setup :as setup]
+   [app.util.time :as dt]))
+
+(def ^:private sql:get-teams
+  "SELECT id, features,
+          row_number() OVER (ORDER BY created_at DESC) AS rown
+    FROM team
+   WHERE deleted_at IS NULL
+     AND (not (features @> '{components/v2}') OR features IS NULL)
+   ORDER BY created_at DESC")
+
+(defn- get-teams
+  [conn]
+  (->> (db/cursor conn [sql:get-teams] {:chunk-size 1})
+       (map feat/decode-row)))
+
+(defn- migrate-teams
+  [{:keys [::db/conn] :as system}]
+  ;; Allow long running transaction for this connection
+  (db/exec-one! conn ["SET LOCAL idle_in_transaction_session_timeout = 0"])
+
+  ;; Do not allow other migration running in the same time
+  (db/xact-lock! conn 0)
+
+  ;; Run teams migration
+  (run! (fn [{:keys [id rown]}]
+          (try
+            (-> (assoc system ::db/rollback false)
+                (feat/migrate-team! id
+                                    :rown rown
+                                    :label "v2-migration"
+                                    :validate? false
+                                    :skip-on-graphics-error? true))
+            (catch Throwable _
+              (swap! feat/*stats* update :errors (fnil inc 0))
+              (l/wrn :hint "error on migrating team (skiping)"))))
+        (get-teams conn))
+
+  (setup/set-prop! system :v2-migrated true))
+
+(defn migrate
+  [system]
+  (let [tpoint    (dt/tpoint)
+        stats     (atom {})
+        migrated? (setup/get-prop system :v2-migrated false)]
+
+    (when-not migrated?
+      (l/inf :hint "v2 migration started")
+      (try
+        (binding [feat/*stats* stats]
+          (db/tx-run! system migrate-teams))
+
+        (let [stats   (deref stats)
+              elapsed (dt/format-duration (tpoint))]
+          (l/inf :hint "v2 migration finished"
+                 :files (:processed-files stats)
+                 :teams (:processed-teams stats)
+                 :errors (:errors stats)
+                 :elapsed elapsed))
+
+        (catch Throwable cause
+          (l/err :hint "error on aplying v2 migration" :cause cause))))))
+
+(def ^:private required-services
+  [[:app.main/assets :app.storage.s3/backend]
+   [:app.main/assets :app.storage.fs/backend]
+   :app.storage/storage
+   :app.db/pool
+   :app.setup/props
+   :app.svgo/optimizer
+   :app.metrics/metrics
+   :app.migrations/migrations
+   :app.http.client/client])
+
+(defn -main
+  [& _args]
+  (try
+    (let [config-var (requiring-resolve 'app.main/system-config)
+          start-var  (requiring-resolve 'app.main/start-custom)
+          stop-var   (requiring-resolve 'app.main/stop)
+          system-var (requiring-resolve 'app.main/system)
+          config     (select-keys @config-var required-services)]
+
+      (start-var config)
+      (migrate @system-var)
+      (stop-var)
+      (System/exit 0))
+    (catch Throwable cause
+      (ex/print-throwable cause)
+      (flush)
+      (System/exit -1))))

backend/src/app/msgbus.clj

@@ -9,27 +9,22 @@
   (:require
    [app.common.data :as d]
    [app.common.logging :as l]
-   [app.common.schema :as sm]
+   [app.common.spec :as us]
    [app.common.transit :as t]
    [app.config :as cfg]
    [app.redis :as rds]
    [app.util.time :as dt]
    [app.worker :as wrk]
+   [clojure.spec.alpha :as s]
    [integrant.core :as ig]
    [promesa.core :as p]
    [promesa.exec :as px]
    [promesa.exec.csp :as sp]))
 
 (set! *warn-on-reflection* true)
+
 (def ^:private prefix (cfg/get :tenant))
 
-(defprotocol IMsgBus
-  (-sub [_ topics chan])
-  (-pub [_ topic message])
-  (-purge [_ chans]))
-
-
-
 (defn- prefix-topic
   [topic]
   (str prefix "." topic))
@@ -37,33 +32,30 @@
 (def ^:private xform-prefix-topic
   (map (fn [obj] (update obj :topic prefix-topic))))
 
-(declare ^:private redis-pub)
-(declare ^:private redis-sub)
-(declare ^:private redis-unsub)
-(declare ^:private start-io-loop)
+(declare ^:private redis-pub!)
+(declare ^:private redis-sub!)
+(declare ^:private redis-unsub!)
+(declare ^:private start-io-loop!)
 (declare ^:private subscribe-to-topics)
 (declare ^:private unsubscribe-channels)
 
-(defn msgbus?
-  [o]
-  (satisfies? IMsgBus o))
+(s/def ::cmd-ch sp/chan?)
+(s/def ::rcv-ch sp/chan?)
+(s/def ::pub-ch sp/chan?)
+(s/def ::state ::us/agent)
+(s/def ::pconn ::rds/connection-holder)
+(s/def ::sconn ::rds/connection-holder)
+(s/def ::msgbus
+  (s/keys :req [::cmd-ch ::rcv-ch ::pub-ch ::state ::pconn ::sconn ::wrk/executor]))
 
-(sm/register!
- {:type ::msgbus
-  :pred msgbus?})
+(defmethod ig/pre-init-spec ::msgbus [_]
+  (s/keys :req [::rds/redis ::wrk/executor]))
 
-(defmethod ig/expand-key ::msgbus
-  [k v]
-  {k (-> (d/without-nils v)
-         (assoc ::buffer-size 128)
-         (assoc ::timeout (dt/duration {:seconds 30})))})
-
-(def ^:private schema:params
-  [:map ::rds/redis ::wrk/executor])
-
-(defmethod ig/assert-key ::msgbus
-  [_ params]
-  (assert (sm/check schema:params params)))
+(defmethod ig/prep-key ::msgbus
+  [_ cfg]
+  (-> cfg
+      (assoc ::buffer-size 128)
+      (assoc ::timeout (dt/duration {:seconds 30}))))
 
 (defmethod ig/init-key ::msgbus
   [_ {:keys [::buffer-size ::wrk/executor ::timeout ::rds/redis] :as cfg}]
@@ -74,66 +66,46 @@
                         :xf  xform-prefix-topic)
         state  (agent {})
 
-        pconn  (rds/connect redis :type :default :timeout timeout)
+        pconn  (rds/connect redis :timeout timeout)
         sconn  (rds/connect redis :type :pubsub :timeout timeout)
-
-        _      (set-error-handler! state #(l/error :cause % :hint "unexpected error on agent" ::l/sync? true))
-        _      (set-error-mode! state :continue)
-
-        cfg    (-> cfg
+        msgbus (-> cfg
                    (assoc ::pconn pconn)
                    (assoc ::sconn sconn)
                    (assoc ::cmd-ch cmd-ch)
                    (assoc ::rcv-ch rcv-ch)
                    (assoc ::pub-ch pub-ch)
-                   (assoc ::state state))
+                   (assoc ::state state)
+                   (assoc ::wrk/executor executor))]
 
-        io-thr (start-io-loop cfg)]
+    (set-error-handler! state #(l/error :cause % :hint "unexpected error on agent" ::l/sync? true))
+    (set-error-mode! state :continue)
 
-    (reify
-      java.lang.AutoCloseable
-      (close [_]
-        (px/interrupt! io-thr)
-        (sp/close! cmd-ch)
-        (sp/close! rcv-ch)
-        (sp/close! pub-ch)
-        (d/close! pconn)
-        (d/close! sconn))
-
-      IMsgBus
-      (-sub [_ topics chan]
-        (l/debug :hint "subscribe" :topics topics :chan (hash chan))
-        (send-via executor state subscribe-to-topics cfg topics chan))
-
-      (-pub [_ topic message]
-        (let [message (assoc message :topic topic)]
-          (sp/put! pub-ch {:topic topic :message message})))
-
-      (-purge [_ chans]
-        (l/debug :hint "purge" :chans (count chans))
-        (send-via executor state unsubscribe-channels cfg chans)))))
+    (assoc msgbus ::io-thr (start-io-loop! msgbus))))
 
 (defmethod ig/halt-key! ::msgbus
-  [_ instance]
-  (d/close! instance))
+  [_ msgbus]
+  (px/interrupt! (::io-thr msgbus))
+  (sp/close! (::cmd-ch msgbus))
+  (sp/close! (::rcv-ch msgbus))
+  (sp/close! (::pub-ch msgbus))
+  (d/close! (::pconn msgbus))
+  (d/close! (::sconn msgbus)))
 
 (defn sub!
-  [instance & {:keys [topic topics chan]}]
-  (assert (satisfies? IMsgBus instance) "expected valid msgbus instance")
+  [{:keys [::state ::wrk/executor] :as cfg} & {:keys [topic topics chan]}]
   (let [topics (into [] (map prefix-topic) (if topic [topic] topics))]
-    (-sub instance topics chan)
+    (l/debug :hint "subscribe" :topics topics :chan (hash chan))
+    (send-via executor state subscribe-to-topics cfg topics chan)
     nil))
 
 (defn pub!
-  [instance & {:keys [topic message]}]
-  (assert (satisfies? IMsgBus instance) "expected valid msgbus instance")
-  (-pub instance topic message))
+  [{::keys [pub-ch]} & {:as params}]
+  (sp/put! pub-ch params))
 
 (defn purge!
-  [instance chans]
-  (assert (satisfies? IMsgBus instance) "expected valid msgbus instance")
-  (assert (every? sp/chan? chans) "expected a seq of chans")
-  (-purge instance chans)
+  [{:keys [::state ::wrk/executor] :as msgbus} chans]
+  (l/debug :hint "purge" :chans (count chans))
+  (send-via executor state unsubscribe-channels msgbus chans)
   nil)
 
 ;; --- IMPL
@@ -146,7 +118,7 @@
   (let [nsubs (if (nil? nsubs) #{chan} (conj nsubs chan))]
     (when (= 1 (count nsubs))
       (l/trace :hint "open subscription" :topic topic ::l/sync? true)
-      (redis-sub cfg topic))
+      (redis-sub! cfg topic))
     nsubs))
 
 (defn- disj-subscription
@@ -157,7 +129,7 @@
   (let [nsubs (disj nsubs chan)]
     (when (empty? nsubs)
       (l/trace :hint "close subscription" :topic topic ::l/sync? true)
-      (redis-unsub cfg topic))
+      (redis-unsub! cfg topic))
     nsubs))
 
 (defn- subscribe-to-topics
@@ -198,7 +170,7 @@
                    (when-not (sp/offer! rcv-ch val)
                      (l/warn :msg "dropping message on subscription loop"))))))
 
-(defn- process-input
+(defn- process-input!
   [{:keys [::state ::wrk/executor] :as cfg} topic message]
   (let [chans (get-in @state [:topics topic])]
     (when-let [closed (loop [chans  (seq chans)
@@ -211,9 +183,9 @@
       (send-via executor state unsubscribe-channels cfg closed))))
 
 
-(defn start-io-loop
+(defn start-io-loop!
   [{:keys [::sconn ::rcv-ch ::pub-ch ::state ::wrk/executor] :as cfg}]
-  (rds/add-listener sconn (create-listener rcv-ch))
+  (rds/add-listener! sconn (create-listener rcv-ch))
 
   (px/thread
     {:name "penpot/msgbus/io-loop"
@@ -237,12 +209,12 @@
 
             (identical? port rcv-ch)
             (let [{:keys [topic message]} val]
-              (process-input cfg topic message)
+              (process-input! cfg topic message)
               (recur))
 
             (identical? port pub-ch)
             (do
-              (redis-pub cfg val)
+              (redis-pub! cfg val)
               (recur)))))
 
       (catch InterruptedException _
@@ -258,12 +230,13 @@
 
         (l/debug :hint "io-loop thread terminated")))))
 
-(defn- redis-pub
+
+(defn- redis-pub!
   "Publish a message to the redis server. Asynchronous operation,
   intended to be used in core.async go blocks."
   [{:keys [::pconn] :as cfg} {:keys [topic message]}]
   (try
-    (p/await! (rds/publish pconn topic (t/encode message)))
+    (p/await! (rds/publish! pconn topic (t/encode message)))
     (catch InterruptedException cause
       (throw cause))
     (catch Throwable cause
@@ -271,23 +244,23 @@
                :message message
                :cause cause))))
 
-(defn- redis-sub
+(defn- redis-sub!
   "Create redis subscription. Blocking operation, intended to be used
   inside an agent."
   [{:keys [::sconn] :as cfg} topic]
   (try
-    (rds/subscribe sconn [topic])
+    (rds/subscribe! sconn topic)
     (catch InterruptedException cause
       (throw cause))
     (catch Throwable cause
       (l/trace :hint "exception on subscribing" :topic topic :cause cause))))
 
-(defn- redis-unsub
+(defn- redis-unsub!
   "Removes redis subscription. Blocking operation, intended to be used
   inside an agent."
   [{:keys [::sconn] :as cfg} topic]
   (try
-    (rds/unsubscribe sconn [topic])
+    (rds/unsubscribe! sconn topic)
     (catch InterruptedException cause
       (throw cause))
     (catch Throwable cause