fix: backward-compat for ESM etherpad

[SamTV12345]

This PR makes the plugin backward-compatible with the upcoming ESM etherpad branch (ether/etherpad#7605).

Change: Migrate log4js from require("ep_etherpad-lite/node_modules/log4js") to ep_plugin_helpers/logger

This change is backward-compatible with the current CJS etherpad release.

[qodo-code-review]

Qodo reviews are paused for this user.

Troubleshooting steps vary by plan Learn more →

On a Teams plan?
Reviews resume once this user has a paid seat and their Git account is linked in Qodo.
Link Git account →

Using GitHub Enterprise Server, GitLab Self-Managed, or Bitbucket Data Center?
These require an Enterprise plan - Contact us
Contact us →

[qodo-free-for-open-source-projects]

Review Summary by Qodo

Migrate to ep_plugin_helpers for ESM etherpad compatibility

🐞 Bug fix ✨ Enhancement

Walkthroughs

Description

• Migrate log4js from direct node_modules path to ep_plugin_helpers/logger
• Ensures ESM etherpad compatibility with stricter exports resolution
• Maintains backward compatibility with current CJS etherpad release
• Add ep_plugin_helpers dependency and bump version to 1.0.50

Diagram

flowchart LR
  A["ep_etherpad-lite/node_modules/log4js"] -->|"migrate to"| B["ep_plugin_helpers/logger"]
  B -->|"createLogger"| C["logger instance"]
  D["package.json"] -->|"add dependency"| B

Loading

File Changes

1. index.js 🐞 Bug fix +2/-2

Update logger import to use ep_plugin_helpers

• Replace direct log4js require from ep_etherpad-lite/node_modules with ep_plugin_helpers/logger
• Update logger initialization from log4js.getLogger to createLogger function
• Maintains same logger functionality with cleaner import path

index.js

---

2. package.json Dependencies +4/-1

Add ep_plugin_helpers dependency and version bump

• Bump version from 1.0.49 to 1.0.50
• Add ep_plugin_helpers as a dependency with version ^0.6.7
• Ensure proper dependency management for logger functionality

package.json

---

[qodo-free-for-open-source-projects]

Code Review by Qodo

🐞 Bugs (3) 📘 Rule violations (1)

1. No regression test for logger 📘 Rule violation ☼ Reliability

Description

This PR changes the logger import to fix ESM compatibility but does not add or update any automated
regression test in the same change. Without test coverage, the compatibility fix could regress
without being detected by CI.

Code

index.js[R3-5]

Evidence

PR Compliance ID 1 requires every bug fix to include a regression test in the same commit. The PR
modifies runtime code in index.js to address ESM compatibility and updates package.json, but
does not add or update any test code as part of the change shown in the PR.

AGENTS.md: Every Bug Fix Must Include a Regression Test
index.js[3-5]
package.json[22-28]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
The PR introduces a backward-compatibility bug fix but does not include a new/updated automated regression test that fails before the fix and passes after.

## Issue Context
The logger import was changed from `ep_etherpad-lite/node_modules/log4js` to `ep_plugin_helpers/logger` to be compatible with Etherpad's upcoming ESM work. Compliance requires adding regression test coverage as part of the bug fix.

## Fix Focus Areas
- static/tests/backend/specs/logger-compat.spec.js[1-120]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

2. Outdated pnpm lockfile 🐞 Bug ☼ Reliability

Description

package.json adds the new runtime dependency ep_plugin_helpers, but pnpm-lock.yaml is not updated to
include it, so pnpm i --frozen-lockfile will fail. This will block the npm publish workflow (and
any CI step that installs with a frozen lockfile).

Code

package.json[R26-28]

Evidence

The PR introduces a new dependency in package.json, while the lockfile's importer section lists only
devDependencies, indicating the lockfile is not in sync. The release workflow uses `pnpm i
--frozen-lockfile`, which will fail when package.json and pnpm-lock.yaml diverge.

package.json[22-28]
pnpm-lock.yaml[7-20]
.github/workflows/npmpublish.yml[71-75]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`package.json` adds a new dependency (`ep_plugin_helpers`) but `pnpm-lock.yaml` does not reflect it. Because the release workflow runs `pnpm i --frozen-lockfile`, the workflow will error out due to an outdated lockfile.

## Issue Context
The repository includes a committed `pnpm-lock.yaml` and the publish workflow explicitly uses frozen-lockfile installs.

## Fix Focus Areas
- package.json[26-28]
- pnpm-lock.yaml[7-20]

## Fix
1. Run `pnpm install` (or `pnpm i`) in the repo root to regenerate/update `pnpm-lock.yaml`.
2. Verify `pnpm-lock.yaml` now contains `ep_plugin_helpers` in the importer dependencies and package resolution entries.
3. Commit the updated lockfile.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

3. Stale helpers usage docs 🐞 Bug ⚙ Maintainability

Description

AGENTS.md states that ep_plugin_helpers is not a dependency, but this PR adds it, leaving the agent
guide incorrect. This will mislead maintainers/contributors about which helpers are in use.

Code

package.json[R26-28]

Evidence

AGENTS.md explicitly says ep_plugin_helpers is not a dependency, while package.json now declares it
under dependencies.

AGENTS.md[23-26]
package.json[26-28]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
AGENTS.md currently documents that `ep_plugin_helpers` is not a dependency, but the PR adds it to `package.json`, making the documentation stale.

## Issue Context
The agent guide is meant to reflect the current helper/dependency state of the plugin.

## Fix Focus Areas
- AGENTS.md[23-26]
- package.json[26-28]

## Fix
Update AGENTS.md to reflect that `ep_plugin_helpers` is now used (and optionally note which helper(s), e.g. logger).

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

4. Loose pre-1.0 dependency range 🐞 Bug ☼ Reliability

Description

The dependency is declared as ^0.6.7, which permits upgrades within 0.6.x without code changes and
can unexpectedly change the ep_plugin_helpers/logger API surface pulled by fresh installs. This
increases the risk of unplanned breakage for consumers installing at different times.

Code

package.json[R26-28]

Evidence

package.json uses a caret range on a 0.x dependency, which by definition allows newer 0.6.x versions
to be resolved on fresh installs.

package.json[26-28]

Agent prompt

The issue below was found during a code review. Follow the provided context and guidance below and implement a solution

## Issue description
`ep_plugin_helpers` is specified as `^0.6.7`, which allows automatic updates within the 0.6.x line. For pre-1.0 dependencies, this can increase the chance of unexpected compatibility changes for users.

## Issue Context
This plugin directly depends on `ep_plugin_helpers/logger` and its exported API.

## Fix Focus Areas
- package.json[26-28]

## Fix
Consider pinning to an exact version (e.g. `0.6.7`) or using a narrower range (e.g. `~0.6.7`) to reduce surprise upgrades; adjust per project policy.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

---

[qodo-free-for-open-source-projects]

1. No regression test for logger 📘 Rule violation ☼ Reliability

This PR changes the logger import to fix ESM compatibility but does not add or update any automated
regression test in the same change. Without test coverage, the compatibility fix could regress
without being detected by CI.

Agent Prompt

## Issue description
The PR introduces a backward-compatibility bug fix but does not include a new/updated automated regression test that fails before the fix and passes after.

## Issue Context
The logger import was changed from `ep_etherpad-lite/node_modules/log4js` to `ep_plugin_helpers/logger` to be compatible with Etherpad's upcoming ESM work. Compliance requires adding regression test coverage as part of the bug fix.

## Fix Focus Areas
- static/tests/backend/specs/logger-compat.spec.js[1-120]

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools

[qodo-free-for-open-source-projects]

2. Outdated pnpm lockfile 🐞 Bug ☼ Reliability

package.json adds the new runtime dependency ep_plugin_helpers, but pnpm-lock.yaml is not updated to
include it, so pnpm i --frozen-lockfile will fail. This will block the npm publish workflow (and
any CI step that installs with a frozen lockfile).

Agent Prompt

## Issue description
`package.json` adds a new dependency (`ep_plugin_helpers`) but `pnpm-lock.yaml` does not reflect it. Because the release workflow runs `pnpm i --frozen-lockfile`, the workflow will error out due to an outdated lockfile.

## Issue Context
The repository includes a committed `pnpm-lock.yaml` and the publish workflow explicitly uses frozen-lockfile installs.

## Fix Focus Areas
- package.json[26-28]
- pnpm-lock.yaml[7-20]

## Fix
1. Run `pnpm install` (or `pnpm i`) in the repo root to regenerate/update `pnpm-lock.yaml`.
2. Verify `pnpm-lock.yaml` now contains `ep_plugin_helpers` in the importer dependencies and package resolution entries.
3. Commit the updated lockfile.

ⓘ Copy this prompt and use it to remediate the issue with your preferred AI generation tools