Go to file
Anders Kaseorg 4a61e36def CVE-2022-36048: Rewrite only specific local links to relative.
Due to mismatches between the URL parsers in Python and browsers, it
was possible to hoodwink rewrite_local_links_to_relative into
generating links that browsers would interpret as absolute.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2022-08-24 16:29:09 -07:00
.github ci: Test upgrades from the minimum of each major version, not the max. 2022-07-16 10:43:40 -07:00
.tx
.vscode vscode: Recommend remote development extension. 2021-11-03 16:03:46 -07:00
analytics decorator: Refactor decorators expecting UserProfile with ParamSpec. 2022-08-06 16:19:48 -07:00
confirmation confirmation: Remove Realm from ConfirmationObjT. 2022-07-27 17:07:11 -07:00
corporate urls: Move /hello files to the corporate folder. 2022-08-22 15:53:43 -07:00
docs type_debug: Remove type_debug. 2022-08-22 13:19:09 -07:00
frontend_tests user groups: Rename settings_user_groups to settings_user_groups_legacy. 2022-08-23 17:30:39 -07:00
locale i18n: Update translation data from Transifex. 2022-07-14 16:22:29 -07:00
pgroonga typing: Use BaseDatabaseSchemaEditor in place of DatabaseSchemaEditor. 2022-05-30 14:18:53 -07:00
puppet uwsgi: Increase timeout before harakiri. 2022-08-23 15:28:10 -07:00
requirements requirements: Upgrade types-stripe to 3.5.1. 2022-08-10 16:29:04 -07:00
scripts install-node: Upgrade Node.js from 16.15.1 to 16.16.0. 2022-08-04 13:51:51 -07:00
static unread_ops: Harden against bugs involving recent topics. 2022-08-24 16:13:56 -07:00
stubs/taint actions: Split out zerver.actions.message_send. 2022-04-14 17:14:34 -07:00
templates help: Document "Private messages" mobile app feature. 2022-08-24 15:21:42 -07:00
tools user groups: Set up right panel for user group edit. 2022-08-23 17:40:02 -07:00
var/puppeteer puppeteer_tests: Port to TypeScript. 2021-02-22 16:03:10 -08:00
zerver CVE-2022-36048: Rewrite only specific local links to relative. 2022-08-24 16:29:09 -07:00
zilencer rate_limit: Replace rate_limit with inlined rate limit checks. 2022-08-17 12:05:38 -07:00
zproject urls: Move URLs that don't belong on self-hosted servers to corporate URLs. 2022-08-22 15:53:43 -07:00
.browserslistrc zjsunit: Set browserslist target to current Node for Node tests. 2022-05-04 09:56:07 -07:00
.codecov.yml
.codespellignore emoji: Store customized emoji in file separate from emoji_names.py. 2022-07-21 13:22:07 -07:00
.editorconfig editorconfig: Restore indent_size = 2 for Markdown. 2021-08-20 23:14:37 -07:00
.eslintignore requirements: Remove Thumbor. 2021-05-06 20:07:32 -07:00
.eslintrc.json js: Enable no-jquery/no-constructor-attributes. 2022-08-16 13:42:28 -07:00
.gitattributes .gitattributes: Mark *.bmp, *.bson, *.mp3, *.pdf as binary. 2022-02-07 18:51:06 -08:00
.gitignore editor: Add `.vscode/extensions.json` file. 2021-10-29 15:47:44 -07:00
.gitlint lint: Re-enable imperative-mood checking. 2021-02-23 14:54:07 -08:00
.mailmap mailmap: Add entries to deduplicate more contributors. 2022-03-29 12:13:21 -07:00
.npmignore
.prettierignore prettier: Exclude backend-processed Markdown files. 2021-08-20 23:14:37 -07:00
.pyre_configuration pysa: Update .pyre_configuration to point to typeshed. 2020-09-22 15:44:47 -07:00
.sonarcloud.properties tools: Configure Zulip to be scannable by SonarCloud. 2020-06-24 12:41:17 -07:00
.yarnrc
CODE_OF_CONDUCT.md docs: Apply bullet style changes from Prettier. 2021-09-08 12:06:24 -07:00
CONTRIBUTING.md docs: Link to new licensing page from main CONTRIBUTING page. 2022-07-07 14:06:34 -07:00
Dockerfile-postgresql docker: Document the PostgreSQL Dockerfile build steps. 2022-04-26 18:00:00 -07:00
LICENSE license: Move copyright notice from LICENSE to NOTICE. 2021-02-05 09:28:12 -08:00
NOTICE docs: Bump copyright year. 2021-02-05 09:28:15 -08:00
README.md docs: Update README and installation guide. 2022-03-04 13:59:17 -08:00
SECURITY.md SECURITY.md: Reorder and make clearer how to subscribe to announcements. 2022-01-07 15:56:26 -08:00
Vagrantfile Remove Debian 10 support. 2022-04-26 16:32:02 -07:00
babel.config.js babel: Bump configured corejs version. 2022-07-07 21:12:31 -07:00
manage.py manage: Remove ineffective Python 2 check. 2022-06-30 11:15:14 -07:00
package.json node_tests: Use a spec-compliant FormData implementation. 2022-08-18 08:53:55 -07:00
postcss.config.js css: Replace "night-mode-block" with "dark-theme-block". 2021-11-26 22:03:29 -08:00
prettier.config.js prettier: Disable embedded language formatting for Markdown. 2021-08-20 23:14:37 -07:00
pyproject.toml mypy: Enable local_partial_types. 2022-07-06 17:33:13 -07:00
setup.cfg pycodestyle: Improve comments documenting excludes. 2021-02-12 13:11:25 -08:00
stylelint.config.js yarn: Add package which allows creating css mixins. 2021-12-09 18:15:18 -08:00
tsconfig.json tsconfig: Enable noImplicitOverride. 2021-09-13 10:10:34 -07:00
version.py node_tests: Use a spec-compliant FormData implementation. 2022-08-18 08:53:55 -07:00
webpack.config.ts webpack: Remove LoaderOptionsPlugin. 2021-10-17 07:13:57 -07:00
yarn.lock node_tests: Use a spec-compliant FormData implementation. 2022-08-18 08:53:55 -07:00

README.md

Zulip overview

Zulip is an open-source team collaboration tool with unique topic-based threading that combines the best of email and chat to make remote work productive and delightful. Fortune 500 companies, leading open source projects, and thousands of other organizations use Zulip every day. Zulip is the only modern team chat app that is designed for both live and asynchronous conversations.

Zulip is built by a distributed community of developers from all around the world, with 74+ people who have each contributed 100+ commits. With over 1000 contributors merging over 500 commits a month, Zulip is the largest and fastest growing open source team chat project.

Come find us on the development community chat!

GitHub Actions build status coverage status Mypy coverage code style: black code style: prettier GitHub release docs Zulip chat Twitter GitHub Sponsors

Getting started

You may also be interested in reading our blog, and following us on Twitter and LinkedIn.

Zulip is distributed under the Apache 2.0 license.