Merge pull request #400 from linkwarden/dev

updated version
2024-01-02 15:15:41 -05:00 · 2024-01-02 15:15:14 -05:00 · 2024-01-02 15:12:56 -05:00 · 2024-01-02 15:11:38 -05:00 · 2024-01-02 12:41:34 -05:00 · 2024-01-02 17:39:50 +00:00
28 changed files with 43 additions and 27 deletions
@@ -1,17 +1,19 @@
-# Security Policy
+# Security

-## Supported Versions
+The Linkwarden team and community take security bugs in Linkwarden seriously. We appreciate your efforts to responsibly disclose your findings, and will make every effort to acknowledge your contributions.

-| Version | Supported |
-| ------- | --------- |
-| 1.x.x   | ✅        |
+# Reporting Security Issues

-## Reporting a Vulnerability
+**Please do not report security vulnerabilities through public GitHub issues.**

-First off, we really appreciate the time you spent!
+Instead, please use the GitHub Security Advisory ["Report a Vulnerability"](https://github.com/linkwarden/linkwarden/security/advisories/new) tab.

-If you found a vulnerability, these are the ways you can reach us:
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message:
+[security@linkwarden.app](mailto:security@linkwarden.app)

-Email: [security@linkwarden.app](mailto:security@linkwarden.app)

-Or you can directly DM me via Twitter: [@daniel31x13](https://twitter.com/Daniel31X13).
+After the initial reply to your report, the security team will keep you informed of the progress towards a fix and full announcement, and may ask for additional information or guidance.
+
+# Preferred Languages
+
+We prefer all communications to be in English.
@@ -9,7 +9,7 @@ WORKDIR /data
 COPY ./package.json ./yarn.lock ./playwright.config.ts ./

 # Increase timeout to pass github actions arm64 build
-RUN yarn install --network-timeout 10000000
+RUN --mount=type=cache,sharing=locked,target=/usr/local/share/.cache/yarn yarn install --network-timeout 10000000

 RUN npx playwright install-deps && \
    apt-get clean && \
@@ -27,17 +27,21 @@ Additionally, Linkwarden is designed with collaboration in mind, sharing links w
 <img src="./assets/dashboard.png" />

 <div align="center">
-<img src="./assets/all_links.png" width="32%" />
+<img src="./assets/all_links.jpg" width="23%" />

-<img src="./assets/all_collections.png" width="32%" />
+<img src="./assets/list_view.jpg" width="23%" />

-<img src="./assets/manage_team.png" width="32%" />
+<img src="./assets/all_collections.jpg" width="23%" />

-<img src="./assets/readable_view.png" width="32%" />
+<img src="./assets/manage_team.jpg" width="23%" />

-<img src="./assets/public_page.png" width="32%" />
+<img src="./assets/readable_view.jpg" width="23%" />

-<img src="./assets/light_mode.png" width="32%" />
+<img src="./assets/preserved_formats.jpg" width="23%" />
+
+<img src="./assets/public_page.jpg" width="23%" />
+
+<img src="./assets/light_dashboard.jpg" width="23%" />
 </div>

 <details>
@@ -69,11 +69,13 @@ export default function PreservedFormatsModal({ onClose, activeLink }: Props) {

  const isReady = () => {
    return (
-      collectionOwner.archiveAsScreenshot ===
-        (link && link.pdf && link.pdf !== "pending") &&
-      collectionOwner.archiveAsPDF ===
-        (link && link.pdf && link.pdf !== "pending") &&
      link &&
+      (collectionOwner.archiveAsScreenshot === true
+        ? link.pdf && link.pdf !== "pending"
+        : true) &&
+      (collectionOwner.archiveAsPDF === true
+        ? link.pdf && link.pdf !== "pending"
+        : true) &&
      link.readable &&
      link.readable !== "pending"
    );
@@ -4,7 +4,7 @@ import { useRouter } from "next/router";
 import React, { useEffect, useState } from "react";

 export default function SettingsSidebar({ className }: { className?: string }) {
-  const LINKWARDEN_VERSION = "v2.4.7";
+  const LINKWARDEN_VERSION = "v2.4.8";

  const { collections } = useCollectionStore();

@@ -11,7 +11,8 @@ services:
    environment:
      - DATABASE_URL=postgresql://postgres:${POSTGRES_PASSWORD}@postgres:5432/postgres
    restart: always
-    image: ghcr.io/linkwarden/linkwarden:latest
+    # build: . # uncomment this line to build from source
+    image: ghcr.io/linkwarden/linkwarden:latest # comment this line to build from source
    ports:
      - 3000:3000
    volumes:
@@ -50,11 +50,11 @@ export default async function archiveHandler(link: LinksAndCollectionAndOwner) {
        let imageExtension = "png";

        if (!link.url) linkType = link.type;
-        else if (contentType === "application/pdf") linkType = "pdf";
+        else if (contentType?.includes("application/pdf")) linkType = "pdf";
        else if (contentType?.startsWith("image")) {
          linkType = "image";
-          if (contentType === "image/jpeg") imageExtension = "jpeg";
-          else if (contentType === "image/png") imageExtension = "png";
+          if (contentType.includes("image/jpeg")) imageExtension = "jpeg";
+          else if (contentType.includes("image/png")) imageExtension = "png";
        }

        const user = link.collection?.owner;
@@ -1,6 +1,6 @@
 {
  "name": "linkwarden",
-  "version": "2.4.7",
+  "version": "2.4.8",
  "main": "index.js",
  "repository": "https://github.com/linkwarden/linkwarden.git",
  "author": "Daniel31X13 <daniel31x13@gmail.com>",
@@ -39,6 +39,7 @@
    "crypto-js": "^4.2.0",
    "csstype": "^3.1.2",
    "dompurify": "^3.0.6",
+    "dotenv": "^16.3.1",
    "eslint": "8.46.0",
    "eslint-config-next": "13.4.9",
    "formidable": "^3.5.1",
@@ -1,3 +1,4 @@
+import 'dotenv/config';
 import { Collection, Link, User } from "@prisma/client";
 import { prisma } from "../lib/api/db";
 import archiveHandler from "../lib/api/archiveHandler";
@@ -2714,6 +2714,11 @@ dompurify@^3.0.6:
  resolved "https://registry.yarnpkg.com/dompurify/-/dompurify-3.0.6.tgz#925ebd576d54a9531b5d76f0a5bef32548351dae"
  integrity sha512-ilkD8YEnnGh1zJ240uJsW7AzE+2qpbOUYjacomn3AvJ6J4JhKGSZ2nh4wUIXPZrEPppaCLx5jFe8T89Rk8tQ7w==

+dotenv@^16.3.1:
+  version "16.3.1"
+  resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-16.3.1.tgz#369034de7d7e5b120972693352a3bf112172cc3e"
+  integrity sha512-IPzF4w4/Rd94bA9imS68tZBaYyBWSCE47V1RGuMrB94iyTOIEwRmVL2x/4An+6mETpLrKJ5hQkB8W4kFAadeIQ==
+
 ecc-jsbn@~0.1.1:
  version "0.1.2"
  resolved "https://registry.yarnpkg.com/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz#3a83a904e54353287874c564b7549386849a98c9"
Author	SHA1	Message	Date
Daniel	07eb242c26	Merge pull request #400 from linkwarden/dev updated version	2024-01-02 15:15:41 -05:00
daniel31x13	7880551c4d	updated version	2024-01-02 15:15:14 -05:00
Daniel	f71acd86df	Merge pull request #399 from linkwarden/dev bug fixed + improved docker image	2024-01-02 15:12:56 -05:00
daniel31x13	98fbb5b678	bug fixed	2024-01-02 15:11:38 -05:00
Daniel	0c2c837028	Merge pull request #398 from modem7/yarn-cache Implement docker cache mount for yarn	2024-01-02 12:41:34 -05:00
modem7	a5b166f41d	implement docker cache mount for yarn	2024-01-02 17:39:50 +00:00
Daniel	89de1829c2	Merge pull request #395 from linkwarden/dev Revert "updated README.md"	2024-01-02 07:16:56 -05:00
daniel31x13	fbca98984b	Revert "updated README.md" This reverts commit `4da2310e95`.	2024-01-02 07:16:11 -05:00
Daniel	06ab784441	Merge pull request #394 from linkwarden/dev updated README.md	2024-01-02 07:12:50 -05:00
daniel31x13	4da2310e95	updated README.md	2024-01-02 07:12:18 -05:00
Daniel	a8f4072f1c	Merge pull request #393 from linkwarden/dev updated SECURITY.md	2024-01-02 07:01:28 -05:00
daniel31x13	93bcfc67fe	updated SECURITY.md	2024-01-02 07:01:04 -05:00
Daniel	ba49946974	Merge pull request #391 from linkwarden/dev Dev	2024-01-01 17:13:16 -05:00
Daniel	d16b296b15	Merge pull request #390 from QAComet/qacomet/worker-environment-variables fix: load environment variables in the worker script	2024-01-01 17:12:46 -05:00
QAComet	3fc61ac5ce	fix: load environment variables in the worker script	2024-01-01 15:09:55 -07:00
daniel31x13	ced51e4801	minor fix	2024-01-01 10:37:20 -05:00
Daniel	254c090605	Merge pull request #387 from linkwarden/dev Dev	2023-12-31 16:05:41 -05:00
daniel31x13	2a83ced9d8	updated README	2023-12-31 16:05:18 -05:00
daniel31x13	52d333f085	updated README	2023-12-31 16:03:19 -05:00