Version 1.5.0

https://freshrss.github.io/FreshRSS/en/admins/02_Installation.html says so

CHANGELOG

@@ -34,3 +34,57 @@
 [0.8.0]
 * Update to FreshRSS 1.9.0
 
+[0.9.0]
+* Update to FreshRSS 1.10.2
+
+[0.10.0]
+* Better apache configs
+* Update extensions
+
+[1.0.0]
+* Fix issue where static extension assets were not served
+
+[1.1.0]
+* Update FreshRSS to 1.11.0
+
+[1.1.1]
+* Update FreshRSS to to 1.11.1
+
+[1.1.2]
+* Update FreshRSS to 1.11.2
+
+[1.2.0]
+* Use latest base image
+
+[1.3.0]
+* Update FreshRSS to 1.12.0
+* Features
+  * Ability to add labels (custom tags) to articles #928
+  * Handle article tags containing spaces, as well as comma-separated tags #2023
+  * Handle authors containing spaces, as well as comma or semi-colon separated authors #2025
+  * Searches by tag, author, etc. accept Unicode characters #2025
+  * New option to disable cache for feeds with invalid HTTP caching #2052
+* UI
+  * New theme Swage #2069
+  * Click on authors to initiate a search by author #2025
+  * Fix CSS for button alignments in older Chrome versions #2020
+* Security
+  * Improved flow for password change (avoid error 403) #2056
+  * Allow dot . in username (best to avoid, though) #2061
+* Performance
+  * Remove some counterproductive preload / prefetch rules #2040
+  * Improved fast flush (earlier transfer, fetching of resources, and rendering) #2045
+
+[1.4.0]
+* Update FreshRSS to 1.13.0
+* [Full changelog](https://github.com/FreshRSS/FreshRSS/blob/1.13.0/CHANGELOG.md)
+* Improvements to the Google Reader API #2093
+* Support for Vienna RSS (client for Mac OS X) #2091
+* Ability to import XML files exported from Tiny-Tiny-RSS #2079
+* Ability to show all the feeds that have a warning #2146
+* Share with Pinboard #1972
+
+[1.5.0]
+* Fix security issue where root directory was exposed
+* Enable mod rewrite for mobile apps like FeedMe to work
+

CloudronManifest.json

@@ -5,7 +5,7 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG",
   "tagline": "RSS feed reader",
-  "version": "0.8.0",
+  "version": "1.5.0",
   "healthCheckPath": "/",
   "httpPort": 8000,
   "addons": {
@@ -33,5 +33,7 @@
   "mediaLinks": [
     "https://s3.amazonaws.com/cloudron-app-screenshots/org.freshrss.cloudronapp/7d731e71a6faa3791e19b7d7daf468a9486349cc/1.png"
   ],
-  "postInstallMessage": "file://POSTINSTALL.md"
+  "postInstallMessage": "file://POSTINSTALL.md",
+  "minBoxVersion": "2.0.0",
+  "documentationUrl": "https://cloudron.io/documentation/apps/freshrss/"
 }

DESCRIPTION.md

@@ -1,4 +1,4 @@
-This app packages FreshRSS <upstream>1.9.0</upstream>.
+This app packages FreshRSS <upstream>1.13.0</upstream>.
 
 FreshRSS is a self-hosted RSS feed aggregator such as Leed or Kriss Feed.
 

Dockerfile

@@ -1,51 +1,38 @@
-FROM cloudron/base:0.10.0
+FROM cloudron/base:1.0.0@sha256:147a648a068a2e746644746bbfb42eb7a50d682437cead3c67c933c546357617
-
-RUN apt-get update \
-    && apt-get -y install php php-curl php-gmp php-intl php-mbstring php-xml php-zip \
-       libapache2-mod-php mysql-client php-mysql
-
-ENV VERSION 1.9.0
-ENV EXTENSIONS_VERSION a60a0ce5d0d864b5654a4d2609167d03c2299500
 
 RUN mkdir -p /app/code
 WORKDIR /app/code
 
-RUN wget "https://github.com/FreshRSS/FreshRSS/archive/${VERSION}.tar.gz" -O - \
+RUN curl -L https://github.com/FreshRSS/FreshRSS/archive/1.13.0.tar.gz | tar -zxvf - --strip-components=1
-    | tar -xz --strip-components=1
 
-RUN mkdir -p /app/data \
+RUN mv data data-orig && ln -s /app/data data
-    && mv data data-orig \
-    && ln -s /app/data data
 
-ADD change-ttrss-file-path.patch /app/code/change-ttrss-file-path.patch
+# official extensions
+RUN wget https://github.com/FreshRSS/Extensions/archive/2d0358e75961cbfcac7c2cbe09b098905ff67803.tar.gz -O - | tar -xz --strip-components=1 -C /app/code/extensions && \
+    mv /app/code/extensions /app/code/extensions-orig && \
+    ln -s /app/data/extensions /app/code/extensions
 
-RUN wget https://github.com/FreshRSS/Extensions/archive/${EXTENSIONS_VERSION}.tar.gz -O - \
+# configure apache
-    | tar -xz --strip-components=1 -C /app/code/extensions \
+RUN rm /etc/apache2/sites-enabled/*
-    && patch -p0 -d /app/code < /app/code/change-ttrss-file-path.patch \
+RUN sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf
-    && mv /app/code/extensions /app/code/extensions-orig \
+COPY apache/mpm_prefork.conf /etc/apache2/mods-available/mpm_prefork.conf
-    && ln -s /app/data/extensions /app/code/extensions \
-    && ln -s /app/data/extensions/ttrss.php /app/code/p/api/ttrss.php
 
-ADD apache2.conf /etc/apache2/sites-available/freshrss.conf
+RUN a2disconf other-vhosts-access-log
+ADD apache/freshrss.conf /etc/apache2/sites-enabled/freshrss.conf
+RUN echo "Listen 8000" > /etc/apache2/ports.conf
 
-RUN rm /etc/apache2/sites-enabled/* \
+RUN a2enmod headers expires deflate mime dir rewrite
-    && sed -e 's,^ErrorLog.*,ErrorLog "/dev/stderr",' -i /etc/apache2/apache2.conf \
-    && sed -e "s,MaxSpareServers[^:].*,MaxSpareServers 5," -i /etc/apache2/mods-available/mpm_prefork.conf \
-    && a2disconf other-vhosts-access-log \
-    && echo "Listen 8000" > /etc/apache2/ports.conf \
-    && a2enmod headers expires \
-    && a2ensite freshrss
 
 RUN rm -rf /var/lib/php \
     && ln -s /run/php /var/lib/php \
     && mkdir -p /run/php/session
 
-RUN crudini --set /etc/php/7.0/apache2/php.ini PHP upload_max_filesize 64M && \
+RUN crudini --set /etc/php/7.2/apache2/php.ini PHP upload_max_filesize 64M && \
-    crudini --set /etc/php/7.0/apache2/php.ini PHP post_max_size 64M && \
+    crudini --set /etc/php/7.2/apache2/php.ini PHP post_max_size 64M && \
-    crudini --set /etc/php/7.0/apache2/php.ini PHP memory_limit 64M && \
+    crudini --set /etc/php/7.2/apache2/php.ini PHP memory_limit 64M && \
-    crudini --set /etc/php/7.0/apache2/php.ini Session session.save_path /run/php/session && \
+    crudini --set /etc/php/7.2/apache2/php.ini Session session.save_path /run/php/session && \
-    crudini --set /etc/php/7.0/apache2/php.ini Session session.gc_probability 1 && \
+    crudini --set /etc/php/7.2/apache2/php.ini Session session.gc_probability 1 && \
-    crudini --set /etc/php/7.0/apache2/php.ini Session session.gc_divisor 100
+    crudini --set /etc/php/7.2/apache2/php.ini Session session.gc_divisor 100
 
 ADD start.sh /app/code/start.sh
 

POSTINSTALL.md

@@ -3,7 +3,7 @@ This application does not integrate with Cloudron authentication.
 There is a preconfigured administrator account with the following credentials:
 
 * Username: `admin`
-* Password: `password`
+* Password: `changeme`
 
 (Please change that password on first login)
 

README.md

@@ -34,3 +34,18 @@ npm install
 PATH=$PATH:node_modules/.bin mocha --bail test.js
 ```
 
+## Debugging
+
+
+* Update your data/config.php with the following, to get more debugging information:
+
+```
+'environment' => 'development',
+
+```
+
+* Check your logs:
+  * Web server / PHP logs
+  * FreshRSS API log in ./data/users/_/log_api.txt
+  * FreshRSS logs in ./data/users/you/log.txt
+

apache/freshrss.conf

@@ -1,11 +1,11 @@
 <VirtualHost *:8000>
-    DocumentRoot /app/code  
+    DocumentRoot /app/code/p
     AllowEncodedSlashes On
 
     ErrorLog /dev/stderr 
     CustomLog /dev/stdout combined
 
-    <Directory /app/code/>
+    <Directory /app/code/p/>
         Options +FollowSymLinks
         AllowOverride All
         Require all granted

apache/mpm_prefork.conf

@@ -0,0 +1,17 @@
+<IfModule mpm_prefork_module>
+    # On startup, start these many servers
+	StartServers	2
+
+    # At any given time, keep atleast these many servers
+	MinSpareServers	2
+
+    # At any given time, keep atmost these many idle servers (this is always >= MinSpareServers+1)
+	MaxSpareServers 3
+
+    # Maximum number of servers at any given instant. Requests will be queued after this
+	MaxRequestWorkers	  6
+
+    # Recycle process after handling these many requests. This protected against accidental memory leaks
+	MaxConnectionsPerChild   100
+</IfModule>
+

change-ttrss-file-path.patch

@@ -1,21 +0,0 @@
-diff -ru extensions-orig/xExtension-TTRSS_API/extension.php extensions/xExtension-TTRSS_API/extension.php
---- extensions-orig/xExtension-TTRSS_API/extension.php	2016-12-15 10:24:17.000000000 +0000
-+++ extensions/xExtension-TTRSS_API/extension.php	2017-02-18 13:06:59.640761922 +0000
-@@ -9,7 +9,7 @@
- 	public function install() {
- 		$filename = 'ttrss.php';
- 		$file_source = join_path($this->getPath(), $filename);
--		$path_destination = join_path(PUBLIC_PATH, 'api');
-+		$path_destination = '/app/data/extensions';
- 		$file_destination = join_path($path_destination, $filename);
- 
- 		if (!is_writable($path_destination)) {
-@@ -35,7 +35,7 @@
- 
- 	public function uninstall() {
- 		$filename = 'ttrss.php';
--		$file_destination = join_path(PUBLIC_PATH, 'api', $filename);
-+		$file_destination = join_path('/app/data/extensions', $filename);
- 
- 		if (file_exists($file_destination) && !unlink($file_destination)) {
- 			return 'API file cannot be removed';

start.sh

@@ -13,7 +13,7 @@ if ! [ -f /app/data/.installed ]; then
     --db-user "${MYSQL_USERNAME}" --db-password "${MYSQL_PASSWORD}" \
     --db-base "${MYSQL_DATABASE}" --db-prefix "" \
     --disable_update
-  php cli/create-user.php --user admin --password password --language en
+  php cli/create-user.php --user admin --password changeme --language en
   php cli/actualize-user.php --user admin
   touch /app/data/.installed
   echo "Done."
@@ -25,18 +25,17 @@ rm -f /app/data/users/_/log_api.txt
 touch /tmp/log_api.txt
 ln -s /tmp/log_api.txt /app/data/users/_/log_api.txt
 
-
+# We have to copy instead of symlinking extensions (see #2)
-echo "Symlinking packaged extensions"
+echo "Copying packaged extensions"
 mkdir -p /app/data/extensions
 for f in $(ls /app/code/extensions-orig); do
-  if ! [ -e "/app/data/extensions/$f" ]; then
+    rm -rf "/app/data/extensions/$f"
-    ln -s "/app/code/extensions-orig/$f" "/app/data/extensions/$f"
+    cp -r "/app/code/extensions-orig/$f" "/app/data/extensions"
-  fi
 done
 
 
 echo "Updating config file"
-php cli/reconfigure.php --default_user admin --base_url "https://${APP_DOMAIN}/p" \
+php cli/reconfigure.php --default_user admin --base_url "https://${APP_DOMAIN}" \
     --db-type mysql --db-host "${MYSQL_HOST}" \
     --db-user "${MYSQL_USERNAME}" --db-password "${MYSQL_PASSWORD}" \
     --db-base "${MYSQL_DATABASE}" --db-prefix "" \

test/package-lock.json

@@ -100,9 +100,9 @@
       "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw="
     },
     "chromedriver": {
-      "version": "2.36.0",
+      "version": "2.38.3",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-2.36.0.tgz",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-2.38.3.tgz",
-      "integrity": "sha512-Lq2HrigCJ4RVdIdCmchenv1rVrejNSJ7EUCQojycQo12ww3FedQx4nb+GgTdqMhjbOMTqq5+ziaiZlrEN2z1gQ==",
+      "integrity": "sha512-tczy6RHl0LOVA4p+xezcu3NRjr9A1iLyyfjP9yPIUynvV28YSKH/Ll1iw0jMCjN9jwtaB2HB4aPjv0Uuw2VARw==",
       "requires": {
         "del": "3.0.0",
         "extract-zip": "1.6.6",

test/package.json

@@ -9,6 +9,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
+    "chromedriver": "^2.38.3",
     "ejs": "^2.4.2",
     "expect.js": "^0.3.1",
     "mkdirp": "^0.5.1",
@@ -16,7 +17,6 @@
     "rimraf": "^2.5.3",
     "selenium-server-standalone-jar": "^2.53.1",
     "selenium-webdriver": "^2.53.3",
-    "superagent": "^1.4.0",
+    "superagent": "^1.8.5"
-    "chromedriver": "^2.27.0"
   }
 }

test/test.js

@@ -2,17 +2,19 @@
 
 'use strict';
 
+require('chromedriver');
+
 var execSync = require('child_process').execSync,
     expect = require('expect.js'),
     path = require('path'),
+    superagent = require('superagent'),
     webdriver = require('selenium-webdriver');
 
 var by = webdriver.By,
     until = webdriver.until;
 
 var username = 'admin',
-    password = 'password';
+    password = 'changeme';
-
 
 process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
 
@@ -42,93 +44,119 @@ describe('Application life cycle test', function () {
     var TEST_TIMEOUT = 10000;
     var app;
 
-    function exists(selector, callback) {
+    function exists(selector) {
-        return browser.wait(until.elementLocated(selector), TEST_TIMEOUT).then(function () {
+        return browser.wait(until.elementLocated(selector), TEST_TIMEOUT);
-            callback();
-        });
     }
 
     function visible(selector, callback) {
-        exists(selector, function () {
+        return exists(selector).then(function () {
-            browser.wait(until.elementIsVisible(browser.findElement(selector)), TEST_TIMEOUT).then(function () {
+            return browser.wait(until.elementIsVisible(browser.findElement(selector)), TEST_TIMEOUT);
-                callback();
-            });
         });
     }
 
-    function login(callback) {
+    function baseUrl() {
-        browser.manage().deleteAllCookies();
+        if (app.manifest.version === '1.4.0') return `https://${app.fqdn}/p`;
-        browser.get('https://' + app.fqdn);
+        return `https://${app.fqdn}`;
+    }
 
-        visible(by.id('loginButton'), function () {
+    // we do this because it perm redirects to /p/ in old versions
-            browser.findElement(by.id('username')).sendKeys(username);
+    function clearCache() {
-            browser.findElement(by.id('passwordPlain')).sendKeys(password);
+        // https://stackoverflow.com/questions/49614217/selenium-clear-chrome-cache
-            browser.findElement(by.id('loginButton')).click();
+        // defaut clearance is 1 hour of cache
-            browser.wait(until.elementLocated(by.id('dropdown-configure')), TEST_TIMEOUT).then(function () { callback(); });
+        return browser.get('chrome://settings/clearBrowserData').then(function () {
+            return visible(by.css('* /deep/ #clearBrowsingDataConfirm'));
+        }).then(function () {
+            return browser.findElement(by.css('* /deep/ #clearBrowsingDataConfirm')).click();
+        }).then(function () {
+            return browser.sleep(5000);
+        });
+    }
+
+    function login(password, callback) {
+        clearCache().then(function () {
+            return browser.get('https://' + app.fqdn);
+        }).then(function () {
+            return visible(by.id('loginButton'));
+        }).then(function () {
+            return browser.findElement(by.id('username')).sendKeys(username);
+        }).then(function () {
+            return browser.findElement(by.id('passwordPlain')).sendKeys(password);
+        }).then(function () {
+            return browser.findElement(by.id('loginButton')).click();
+        }).then(function () {
+            return browser.wait(until.elementLocated(by.id('dropdown-configure')), TEST_TIMEOUT);
+        }).then(function () {
+            callback();
         });
     }
 
     function logout(callback) {
         var logout_btn = by.xpath('//ul[@class="dropdown-menu"]/li/a[@class="signout"]');
 
-        browser.get('https://' + app.fqdn);
+        browser.get('https://' + app.fqdn).then(function () {
-
+            return visible(by.id('stream'));
-        visible(by.id('stream'), function () {
+        }).then(function () {
-            browser.findElement(by.className('dropdown-toggle')).click();
+            return browser.findElement(by.className('dropdown-toggle')).click();
-            visible(logout_btn, function () {
+        }).then(function () {
-                browser.findElement(logout_btn).click();
+            return visible(logout_btn);
-
+        }).then(function () {
-                browser.wait(until.elementLocated(by.id('loginButton')), TEST_TIMEOUT).then(function () { callback(); });
+            return browser.findElement(logout_btn).click();
-            });
+        }).then(function () {
+            return browser.wait(until.elementLocated(by.id('loginButton')), TEST_TIMEOUT);
+        }).then(function () {
+            callback();
         });
     }
 
     function addSubscription(callback) {
         var url = "https://cloudron.io/blog/rss.xml";
 
-        browser.get('https://' + app.fqdn);
+        browser.get(`${baseUrl()}/i/?c=subscription`).then(function () {
-
+            return visible(by.xpath('//input[@name="url_rss"]'));
-        visible(by.id('stream'), function () {
+        }).then(function () {
-            browser.findElement(by.xpath('//a[@href=".?c=subscription"]')).click();
+            return browser.findElement(by.xpath('//input[@name="url_rss"]')).sendKeys(url);
-            visible(by.id('add_rss'), function () {
+        }).then(function () {
-                browser.findElement(by.xpath('//input[@name="url_rss"]')).sendKeys(url);
+            return browser.findElement(by.xpath('//form[@id="add_rss"]/div/button[@type="submit"]')).click();
-                browser.findElement(by.xpath('//form[@id="add_rss"]/div/button[@type="submit"]')).click();
+        }).then(function () {
-                visible(by.xpath('//div[@id="notification" and @class="notification good"]'), function() { callback(); });
+            return visible(by.xpath('//div[@id="notification" and @class="notification good"]'));
-            });
+        }).then(function () {
+            callback();
         });
     }
 
-    function addUser(callback) {
+    function addUser(password, callback) {
         var test_username = 'test';
-        var manage_users_btn = by.xpath('//a[@href=".?c=user&a=manage"]');
 
-        browser.get('https://' + app.fqdn);
+        browser.get(`${baseUrl()}/i/?c=user&a=manage`).then(function () {
-
+            return visible(by.id('new_user_name'));
-        visible(by.id('stream'), function () {
+        }).then(function () {
-            browser.findElement(by.className('dropdown-toggle')).click();
+            return browser.findElement(by.id('new_user_name')).sendKeys(test_username);
-            visible(manage_users_btn, function () {
+        }).then(function () {
-                browser.findElement(manage_users_btn).click();
+            return browser.findElement(by.id('new_user_passwordPlain')).sendKeys(password);
-                visible(by.id('new_user_name'), function () {
+        }).then(function () {
-                    browser.findElement(by.id('new_user_name')).sendKeys(test_username);
+            return browser.findElement(by.xpath('//button[text()="Create"]')).click();
-                    browser.findElement(by.id('new_user_passwordPlain')).sendKeys(password);
+        }).then(function () {
-                    browser.findElement(by.xpath('//form[@action=".?c=user&a=create"]/div/div/button[@type="submit"]')).click();
+            return visible(by.xpath('//div[@id="notification" and @class="notification good"]'));
-                    visible(by.xpath('//div[@id="notification" and @class="notification good"]'), function() { callback(); });
+        }).then(function () {
-                });
+            callback();
-            });
         });
     }
 
     function enableApi(callback) {
-        browser.get('https://' + app.fqdn + '/p/i/?c=auth').then(function () {
+        browser.get(`${baseUrl()}/i/?c=auth`).then(function () {
             return browser.findElement(by.id('api_enabled')).click();
         }).then(function () {
-            return browser.findElement(by.xpath('//form[@action=".?c=auth"]')).submit();
+            return browser.findElement(by.xpath('//button[text()="Submit"]')).submit();
-        }).then(callback);
+        }).then(function () {
+            callback();
+        });
     }
 
     function checkApiConfiguration(callback) {
-        browser.get('https://' + app.fqdn + '/p/api/greader.php/check%2Fcompatibility').then(function () {
+        browser.get(`${baseUrl()}/api/greader.php/check%2Fcompatibility`).then(function () {
-            exists(by.xpath('//pre[text()="PASS"]'), callback);
+            return exists(by.xpath('//pre[text()="PASS"]'));
+        }).then(function () {
+            callback();
         });
     }
 
@@ -139,9 +167,22 @@ describe('Application life cycle test', function () {
     }
 
     function subscriptionExists(callback) {
-        browser.get('https://' + app.fqdn + '/p/i/?get=c_1');
+        browser.get(`${baseUrl()}/i/?get=c_1`).then(function () {
+            return visible(by.xpath('//a[text()="Cloudron.io"]'));
+        }).then(function () {
+            callback();
+        });
+    }
 
-        visible(by.xpath('//a[text()="Cloudron.io"]'), callback);
+    function getStaticExtensionFile(callback) {
+        superagent.get(`${baseUrl()}/ext.php?f=xExtension-StickyFeeds/static/script.js&t=js`)
+            .buffer(true)
+            .end(function (err, res) {
+                expect(err).to.be(null);
+                expect(res.status).to.be(200);
+                expect(res.text).to.contain('sticky_feeds'); // relies on the buffer flag above
+                callback();
+        });
     }
 
     xit('build app', function () {
@@ -154,12 +195,13 @@ describe('Application life cycle test', function () {
 
     it('can get app information', getAppInfo);
 
-    it('can login', login);
+    it('can login', login.bind(null, password));
     it('can subscribe', addSubscription);
-    it('can add users', addUser);
+    it('can add users', addUser.bind(null, password));
     it('can enable API', enableApi);
     it('can check configuration', checkApiConfiguration);
     it('subscription exists', subscriptionExists);
+    it('can get static extension file', getStaticExtensionFile);
     it('can logout', logout);
 
     it('backup app', function () {
@@ -170,9 +212,10 @@ describe('Application life cycle test', function () {
         execSync('cloudron restore --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
     });
 
-    it('can login', login);
+    it('can login', login.bind(null, password));
     it('can check configuration', checkApiConfiguration);
     it('subscription exists', subscriptionExists);
+    it('can get static extension file', getStaticExtensionFile);
     it('can logout', logout);
 
     it('move to different location', function () {
@@ -183,9 +226,10 @@ describe('Application life cycle test', function () {
         expect(app).to.be.an('object');
     });
 
-    it('can login', login);
+    it('can login', login.bind(null, password));
     it('can check configuration', checkApiConfiguration);
     it('subscription exists', subscriptionExists);
+    it('can get static extension file', getStaticExtensionFile);
     it('can logout', logout);
 
     it('uninstall app', function () {
@@ -198,9 +242,9 @@ describe('Application life cycle test', function () {
     });
 
     it('can get app information', getAppInfo);
-    it('can login', login);
+    it('can login', login.bind(null, 'password'));
     it('can subscribe', addSubscription);
-    it('can add users', addUser);
+    it('can add users', addUser.bind(null, password));
 
     it('can update', function () {
         execSync('cloudron install --wait --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
@@ -209,8 +253,9 @@ describe('Application life cycle test', function () {
         expect(app).to.be.an('object');
     });
 
-    it('can login', login);
+    it('can login', login.bind(null, 'password'));
     it('subscription exists', subscriptionExists);
+    it('can get static extension file', getStaticExtensionFile);
 
     it('uninstall app', function () {
         execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });