diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 19b3a7d1..05b2e1fe 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -19,7 +19,7 @@ jobs:
packages: write
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- name: Set Build Variables
run: |
@@ -42,20 +42,20 @@ jobs:
cat package.json
- name: Login to DockerHub
- uses: docker/login-action@v2.1.0
+ uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
- uses: docker/login-action@v2.1.0
+ uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push Docker images
- uses: docker/build-push-action@v4.0.0
+ uses: docker/build-push-action@v5
with:
context: .
file: dev/build/Dockerfile
@@ -77,7 +77,7 @@ jobs:
find _dist/wiki/ -printf "%P\n" | tar -czf wiki-js.tar.gz --no-recursion -C _dist/wiki/ -T -
- name: Upload a Build Artifact
- uses: actions/upload-artifact@v3.1.2
+ uses: actions/upload-artifact@v4
with:
name: drop
path: wiki-js.tar.gz
@@ -89,10 +89,10 @@ jobs:
strategy:
matrix:
- dbtype: [postgres, mysql, mariadb, mssql, sqlite]
+ dbtype: [postgres, mysql, mariadb, sqlite]
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- name: Set Test Variables
run: |
@@ -125,11 +125,11 @@ jobs:
include:
- platform: linux/arm64
docker: arm64
- - platform: linux/arm/v7
- docker: armv7
+ # - platform: linux/arm/v7
+ # docker: armv7
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- name: Set Version Variables
run: |
@@ -142,26 +142,26 @@ jobs:
fi
- name: Set up QEMU
- uses: docker/setup-qemu-action@v2.1.0
+ uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
- uses: docker/setup-buildx-action@v2.4.0
+ uses: docker/setup-buildx-action@v3
- name: Login to DockerHub
- uses: docker/login-action@v2.1.0
+ uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
- uses: docker/login-action@v2.1.0
+ uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Download a Build Artifact
- uses: actions/download-artifact@v3.0.2
+ uses: actions/download-artifact@v4
with:
name: drop
path: drop
@@ -172,7 +172,7 @@ jobs:
tar -xzf $GITHUB_WORKSPACE/drop/wiki-js.tar.gz -C $GITHUB_WORKSPACE/build --exclude=node_modules
- name: Build and push Docker images
- uses: docker/build-push-action@v4.0.0
+ uses: docker/build-push-action@v5
with:
context: .
file: dev/build-arm/Dockerfile
@@ -190,12 +190,12 @@ jobs:
steps:
- name: Setup Node.js environment
- uses: actions/setup-node@v3.6.0
+ uses: actions/setup-node@v4
with:
- node-version: 18.x
+ node-version: 20.x
- name: Download a Build Artifact
- uses: actions/download-artifact@v3.0.2
+ uses: actions/download-artifact@v4
with:
name: drop
path: drop
@@ -221,7 +221,7 @@ jobs:
run: tar -czf wiki-js-windows.tar.gz -C $env:GITHUB_WORKSPACE\win .
- name: Upload a Build Artifact
- uses: actions/upload-artifact@v3.1.2
+ uses: actions/upload-artifact@v4
with:
name: drop-win
path: wiki-js-windows.tar.gz
@@ -241,13 +241,13 @@ jobs:
echo "REL_VERSION_STRICT=${GITHUB_REF_NAME#?}" >> $GITHUB_ENV
- name: Login to DockerHub
- uses: docker/login-action@v2.1.0
+ uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
- uses: docker/login-action@v2.1.0
+ uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
@@ -257,8 +257,8 @@ jobs:
run: |
echo "Creating the manifests..."
- docker manifest create requarks/wiki:beta-$REL_VERSION_STRICT requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT requarks/wiki:canary-armv7-$REL_VERSION_STRICT
- docker manifest create ghcr.io/requarks/wiki:beta-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-armv7-$REL_VERSION_STRICT
+ docker manifest create requarks/wiki:beta-$REL_VERSION_STRICT requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT
+ docker manifest create ghcr.io/requarks/wiki:beta-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT
echo "Pushing the manifests..."
@@ -282,13 +282,13 @@ jobs:
echo "REL_VERSION_STRICT=${GITHUB_REF_NAME#?}" >> $GITHUB_ENV
- name: Login to DockerHub
- uses: docker/login-action@v2.1.0
+ uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Login to GitHub Container Registry
- uses: docker/login-action@v2.1.0
+ uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
@@ -307,14 +307,14 @@ jobs:
echo "Using major $MAJOR and minor $MINOR..."
echo "Creating the manifests..."
- docker manifest create requarks/wiki:$REL_VERSION_STRICT requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT requarks/wiki:canary-armv7-$REL_VERSION_STRICT
- docker manifest create requarks/wiki:$MAJOR requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT requarks/wiki:canary-armv7-$REL_VERSION_STRICT
- docker manifest create requarks/wiki:$MAJORMINOR requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT requarks/wiki:canary-armv7-$REL_VERSION_STRICT
- docker manifest create requarks/wiki:latest requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT requarks/wiki:canary-armv7-$REL_VERSION_STRICT
- docker manifest create ghcr.io/requarks/wiki:$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-armv7-$REL_VERSION_STRICT
- docker manifest create ghcr.io/requarks/wiki:$MAJOR ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-armv7-$REL_VERSION_STRICT
- docker manifest create ghcr.io/requarks/wiki:$MAJORMINOR ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-armv7-$REL_VERSION_STRICT
- docker manifest create ghcr.io/requarks/wiki:latest ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-armv7-$REL_VERSION_STRICT
+ docker manifest create requarks/wiki:$REL_VERSION_STRICT requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT
+ docker manifest create requarks/wiki:$MAJOR requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT
+ docker manifest create requarks/wiki:$MAJORMINOR requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT
+ docker manifest create requarks/wiki:latest requarks/wiki:canary-$REL_VERSION_STRICT requarks/wiki:canary-arm64-$REL_VERSION_STRICT
+ docker manifest create ghcr.io/requarks/wiki:$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT
+ docker manifest create ghcr.io/requarks/wiki:$MAJOR ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT
+ docker manifest create ghcr.io/requarks/wiki:$MAJORMINOR ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT
+ docker manifest create ghcr.io/requarks/wiki:latest ghcr.io/requarks/wiki:canary-$REL_VERSION_STRICT ghcr.io/requarks/wiki:canary-arm64-$REL_VERSION_STRICT
echo "Pushing the manifests..."
@@ -328,13 +328,13 @@ jobs:
docker manifest push -p ghcr.io/requarks/wiki:latest
- name: Download Linux Build
- uses: actions/download-artifact@v3.0.2
+ uses: actions/download-artifact@v4
with:
name: drop
path: drop
- name: Download Windows Build
- uses: actions/download-artifact@v3.0.2
+ uses: actions/download-artifact@v4
with:
name: drop-win
path: drop-win
@@ -359,7 +359,7 @@ jobs:
artifacts: 'drop/wiki-js.tar.gz,drop-win/wiki-js-windows.tar.gz'
- name: Notify Slack Releases Channel
- uses: slackapi/slack-github-action@v1.18.0
+ uses: slackapi/slack-github-action@v1.26.0
with:
payload: |
{
@@ -381,34 +381,34 @@ jobs:
See [release notes](https://github.com/requarks/wiki/releases) for details.
- name: Notify Discord Channel
- uses: sebastianpopp/discord-action@v1.0
+ uses: sebastianpopp/discord-action@v2.0
with:
webhook: ${{ secrets.DISCORD_WEBHOOK }}
message: Wiki.js ${{ github.ref_name }} has been released! See https://github.com/requarks/wiki/releases for details.
- build-do-image:
- name: Build DigitalOcean Image
- runs-on: ubuntu-latest
- needs: [release]
-
- steps:
- - uses: actions/checkout@v3
-
- - name: Set Version Variables
- run: |
- echo "Using TAG mode: $GITHUB_REF_NAME"
- echo "REL_VERSION_STRICT=${GITHUB_REF_NAME#?}" >> $GITHUB_ENV
-
- - name: Install Packer
- run: |
- curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
- sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
- sudo apt-get update && sudo apt-get install packer
-
- - name: Build Droplet Image
- env:
- DIGITALOCEAN_API_TOKEN: ${{ secrets.DO_TOKEN }}
- WIKI_APP_VERSION: ${{ env.REL_VERSION_STRICT }}
- working-directory: dev/packer
- run: |
- packer build digitalocean.json
+ # build-do-image:
+ # name: Build DigitalOcean Image
+ # runs-on: ubuntu-latest
+ # needs: [release]
+
+ # steps:
+ # - uses: actions/checkout@v4
+
+ # - name: Set Version Variables
+ # run: |
+ # echo "Using TAG mode: $GITHUB_REF_NAME"
+ # echo "REL_VERSION_STRICT=${GITHUB_REF_NAME#?}" >> $GITHUB_ENV
+
+ # - name: Install Packer
+ # run: |
+ # curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
+ # sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
+ # sudo apt-get update && sudo apt-get install packer
+
+ # - name: Build Droplet Image
+ # env:
+ # DIGITALOCEAN_API_TOKEN: ${{ secrets.DO_TOKEN }}
+ # WIKI_APP_VERSION: ${{ env.REL_VERSION_STRICT }}
+ # working-directory: dev/packer
+ # run: |
+ # packer build digitalocean.json
diff --git a/README.md b/README.md
index 40fac120..b4206a88 100644
--- a/README.md
+++ b/README.md
@@ -8,16 +8,15 @@
[](https://github.com/Requarks/wiki/releases)
[](https://github.com/requarks/wiki/blob/master/LICENSE)
[](http://standardjs.com/)
+[](https://github.com/Requarks/wiki/actions/workflows/build.yml)
+[](https://github.com/users/NGPixel/sponsorship)
+[](https://opencollective.com/wikijs)
[](https://github.com/Requarks/wiki/releases)
[](https://hub.docker.com/r/requarks/wiki/)
-[](https://github.com/Requarks/wiki/actions/workflows/build.yml)
-[](https://huntr.dev/bounties/disclose)
-[](https://github.com/users/NGPixel/sponsorship)
-[](https://opencollective.com/wikijs)
+[](https://discord.gg/rcxt9QS2jd)
[](https://wiki.requarks.io/slack)
-[](https://twitter.com/requarks)
+[](https://bsky.app/profile/js.wiki)
[](https://t.me/wiki_js)
-[](https://discord.gg/rcxt9QS2jd)
[](https://www.reddit.com/r/wikijs/)
##### A modern, lightweight and powerful wiki app built on NodeJS
@@ -31,7 +30,7 @@
- [Demo](https://docs.requarks.io/demo)
- [Changelog](https://github.com/requarks/wiki/releases)
- [Feature Requests](https://feedback.js.wiki/wiki)
-- [Chat with us on Slack](https://wiki.requarks.io/slack)
+- Chat with us on [Discord](https://discord.gg/rcxt9QS2jd) / [Slack](https://wiki.requarks.io/slack)
- [Translations](https://docs.requarks.io/dev/translations) *(We need your help!)*
- [E2E Testing Results](https://dashboard.cypress.io/projects/r7qxah/runs)
- [Special Thanks](#special-thanks)
@@ -194,11 +193,11 @@ Support this project by becoming a sponsor. Your name will show up in the Contri
- Mattias Johnson ([@mattiasJohnson](https://github.com/mattiasJohnson))
- Max Ricketts-Uy ([@MaxRickettsUy](https://github.com/MaxRickettsUy))
- Mickael Asseline ([@PAPAMICA](https://github.com/PAPAMICA))
+- Mitchell Rowton ([@mrowton](https://github.com/mrowton))
![]()
-- Mitchell Rowton ([@mrowton](https://github.com/mrowton))
- M. Scott Ford ([@mscottford](https://github.com/mscottford))
- Nick Halase ([@nhalase](https://github.com/nhalase))
- Nick Price ([@DominoTree](https://github.com/DominoTree))
@@ -211,8 +210,10 @@ Support this project by becoming a sponsor. Your name will show up in the Contri
- Ruizhe Li ([@liruizhe1995](https://github.com/liruizhe1995))
- Sam Martin ([@ABitMoreDepth](https://github.com/ABitMoreDepth))
- Sean Coffey ([@seanecoffey](https://github.com/seanecoffey))
+- Simon Ott ([@ottsimon](https://github.com/ottsimon))
- Stephan Kristyn ([@stevek-pro](https://github.com/stevek-pro))
- Theodore Chu ([@TheodoreChu](https://github.com/TheodoreChu))
+- Tim Elmer ([@tim-elmer](https://github.com/tim-elmer))
- Tyler Denman ([@tylerguy](https://github.com/tylerguy))
- Victor Bilgin ([@vbilgin](https://github.com/vbilgin))
- VMO Solutions ([@vmosolutions](https://github.com/vmosolutions))
@@ -394,6 +395,23 @@ Support this project by becoming a sponsor. Your logo will show up in the Contri
|
+
+
+ 
+ |
+
+ 
+ |
+
+ 
+ |
+
+ 
+ |
+
+ 
+ |
+
diff --git a/SECURITY.md b/SECURITY.md
index 44cfc409..a68b8b9f 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -13,11 +13,11 @@ If you find such vulnerability, it's important to disclose it in a quick and sec
## Reporting a Vulnerability
-**DO NOT CREATE AN ISSUE ON GITHUB** to report a potential vulnerability / security problem. Instead, choose one of these options:
+**DO NOT CREATE A GITHUB ISSUE / DISCUSSION** to report a potential vulnerability / security problem. Instead, choose one of these options:
-### A) Disclose on Huntr.dev
+### A) Submit a Vulnerability Report *(recommended)*
-Disclose the vulnerability on [Huntr.dev](https://huntr.dev/bounties/disclose) for the repository `https://github.com/Requarks/wiki`.
+Fill in the form on https://github.com/requarks/wiki/security/advisories/new
### B) Send an email
diff --git a/client/components/tags.vue b/client/components/tags.vue
index 3d717b38..56bc6cbb 100644
--- a/client/components/tags.vue
+++ b/client/components/tags.vue
@@ -98,6 +98,7 @@
:search='innerSearch'
:loading='isLoading'
:options.sync='pagination'
+ @page-count='pageTotal = $event'
hide-default-footer
ref='dude'
)
@@ -183,6 +184,7 @@ export default {
sortDesc: [false]
},
pages: [],
+ pageTotal: 0,
isLoading: true,
scrollStyle: {
vuescroll: {},
@@ -214,9 +216,6 @@ export default {
tagsSelected () {
return _.filter(this.tags, t => _.includes(this.selection, t.tag))
},
- pageTotal () {
- return Math.ceil(this.pages.length / this.pagination.itemsPerPage)
- },
orderByItems () {
return [
{ text: this.$t('tags:orderByField.creationDate'), value: 'createdAt' },
diff --git a/dev/build-arm/Dockerfile b/dev/build-arm/Dockerfile
index 01138056..19342ee3 100644
--- a/dev/build-arm/Dockerfile
+++ b/dev/build-arm/Dockerfile
@@ -1,7 +1,7 @@
# =========================
# --- BUILD NPM MODULES ---
# =========================
-FROM node:18-alpine AS build
+FROM node:20-alpine AS build
RUN apk add yarn g++ make cmake python3 --no-cache
@@ -16,7 +16,7 @@ RUN yarn patch-package
# ===============
# --- Release ---
# ===============
-FROM node:18-alpine
+FROM node:20-alpine
LABEL maintainer="requarks.io"
RUN apk add bash curl git openssh gnupg sqlite --no-cache && \
diff --git a/dev/build/Dockerfile b/dev/build/Dockerfile
index adc5bfc7..fa95ac99 100644
--- a/dev/build/Dockerfile
+++ b/dev/build/Dockerfile
@@ -1,7 +1,7 @@
# ====================
# --- Build Assets ---
# ====================
-FROM node:18-alpine AS assets
+FROM node:20-alpine AS assets
RUN apk add yarn g++ make cmake python3 --no-cache
@@ -25,7 +25,7 @@ RUN yarn patch-package
# ===============
# --- Release ---
# ===============
-FROM node:18-alpine
+FROM node:20-alpine
LABEL maintainer="requarks.io"
RUN apk add bash curl git openssh gnupg sqlite --no-cache && \
diff --git a/dev/helm/Chart.yaml b/dev/helm/Chart.yaml
index 0b8d593a..458defa3 100644
--- a/dev/helm/Chart.yaml
+++ b/dev/helm/Chart.yaml
@@ -2,7 +2,7 @@ apiVersion: v2
name: wiki
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
-version: 2.2.0
+version: 2.3.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
AppVersion: latest
diff --git a/dev/helm/README.md b/dev/helm/README.md
index 87404d76..c1b73e22 100644
--- a/dev/helm/README.md
+++ b/dev/helm/README.md
@@ -97,16 +97,16 @@ The following table lists the configurable parameters of the Wiki.js chart and t
| `image.repository` | Wiki.js image | `requarks/wiki` |
| `image.tag` | Wiki.js image tag | `latest` |
| `imagePullPolicy` | Image pull policy | `IfNotPresent` |
-| `replicacount` | Amount of wiki.js service pods to run | `1` |
-| `revisionHistoryLimit` | Total amount of revision history points | `10` |
-| `resources.limits` | wiki.js service resource limits | `nil` |
-| `resources.requests` | wiki.js service resource requests | `nil` |
-| `nodeSelector` | Node labels for wiki.js pod assignment | `{}` |
-| `affinity` | Affinity settings for wiki.js pod assignment | `{}` |
-| `schedulerName` | Name of an alternate scheduler for wiki.js pod | `nil` |
-| `tolerations` | Toleration labels for wiki.jsk pod assignment | `[]` |
-| `volumeMounts` | Volume mounts for Wiki.js container | `[]` |
-| `volumes` | Volumes for Wiki.js Pod | `[]` |
+| `replicacount` | Number of Wiki.js pods to run | `1` |
+| `revisionHistoryLimit` | Total number of revision history points | `10` |
+| `resources.limits` | Wiki.js service resource limits | `nil` |
+| `resources.requests` | Wiki.js service resource requests | `nil` |
+| `nodeSelector` | Node labels for the Wiki.js pod assignment | `{}` |
+| `affinity` | Affinity settings for the Wiki.js pod assignment | `{}` |
+| `schedulerName` | Name of an alternate scheduler for the Wiki.js pod | `nil` |
+| `tolerations` | Toleration labels for the Wiki.js pod assignment | `[]` |
+| `volumeMounts` | Volume mounts for the Wiki.js container | `[]` |
+| `volumes` | Volumes for the Wiki.js pod | `[]` |
| `ingress.enabled` | Enable ingress controller resource | `false` |
| `ingress.className` | Ingress class name | `""` |
| `ingress.annotations` | Ingress annotations | `{}` |
@@ -114,7 +114,10 @@ The following table lists the configurable parameters of the Wiki.js chart and t
| `ingress.tls` | Ingress TLS configuration | `[]` |
| `sideload.enabled` | Enable sideloading of locale files from git | `false` |
| `sideload.repoURL` | Git repository URL containing locale files | `https://github.com/Requarks/wiki-localization` |
-| `sideload.env` | Environment variables for sideload Container | `{}` |
+| `sideload.env` | Environment variables for the sideload container | `{}` |
+| `sideload.securityContext` | Security context for the sideload container | `nil` |
+| `sideload.resources.limits` | Resource limits for the sideload container | `nil` |
+| `sideload.resources.requests` | Resource requests for the sideload container | `nil` |
| `nodeExtraCaCerts` | Trusted certificates path | `nil` |
| `postgresql.enabled` | Deploy postgres server (see below) | `true` |
| `postgresql.postgresqlDatabase` | Postgres database name | `wiki` |
@@ -122,7 +125,7 @@ The following table lists the configurable parameters of the Wiki.js chart and t
| `postgresql.postgresqlHost` | External postgres host | `nil` |
| `postgresql.postgresqlPassword` | External postgres password | `nil` |
| `postgresql.existingSecret` | Provide an existing `Secret` for postgres | `nil` |
-| `postgresql.existingSecretKey` | The postgres password key in the existing `Secret` | `postgresql-password` |
+| `postgresql.existingSecretKey` | The postgres password key in the existing `Secret` | `postgresql-password` |
| `postgresql.postgresqlPort` | External postgres port | `5432` |
| `postgresql.ssl` | Enable external postgres SSL connection | `false` |
| `postgresql.ca` | Certificate of Authority content for postgres | `nil` |
diff --git a/dev/helm/templates/deployment.yaml b/dev/helm/templates/deployment.yaml
index feebbe30..e6dc786b 100644
--- a/dev/helm/templates/deployment.yaml
+++ b/dev/helm/templates/deployment.yaml
@@ -14,6 +14,8 @@ spec:
metadata:
labels:
{{- include "wiki.selectorLabels" . | nindent 8 }}
+ annotations:
+ {{- toYaml .Values.podAnnotations | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
@@ -25,12 +27,16 @@ spec:
{{- if .Values.sideload.enabled }}
initContainers:
- name: {{ .Chart.Name }}-sideload
+ securityContext:
+ {{- toYaml .Values.sideload.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ default "latest" .Values.image.tag }}"
imagePullPolicy: {{ default "IfNotPresent" .Values.image.imagePullPolicy }}
env:
{{- toYaml .Values.sideload.env | nindent 12 }}
command: [ "sh", "-c" ]
args: [ "mkdir -p /wiki/data/sideload && git clone --depth=1 {{ .Values.sideload.repoURL }} /wiki/data/sideload/" ]
+ resources:
+ {{- toYaml .Values.sideload.resources | nindent 12 }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
diff --git a/dev/helm/values.yaml b/dev/helm/values.yaml
index 2118debd..8e5e3667 100644
--- a/dev/helm/values.yaml
+++ b/dev/helm/values.yaml
@@ -42,6 +42,8 @@ startupProbe:
path: /healthz
port: http
+podAnnotations: {}
+
podSecurityContext: {}
# fsGroup: 2000
@@ -113,6 +115,26 @@ sideload:
# - name: HTTPS_PROXY
# value: http://my.proxy.com:3128
+ securityContext: {}
+ # capabilities:
+ # drop:
+ # - ALL
+ # readOnlyRootFilesystem: true
+ # runAsNonRoot: true
+ # runAsUser: 1000
+
+ resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ # limits:
+ # cpu: 100m
+ # memory: 128Mi
+ # requests:
+ # cpu: 100m
+ # memory: 128Mi
+
## Append extra trusted certificates for node process from extra volume via NODE_EXTRA_CA_CERTS variable
# nodeExtraCaCerts: "/path/to/certs.pem"
diff --git a/dev/templates/legacy.pug b/dev/templates/legacy.pug
index 14f9d489..69ebe948 100644
--- a/dev/templates/legacy.pug
+++ b/dev/templates/legacy.pug
@@ -52,7 +52,7 @@ html
script(
crossorigin='anonymous'
- src='https://polyfill.io/v3/polyfill.min.js?features=EventSource'
+ src='https://cdnjs.cloudflare.com/polyfill/v3/polyfill.min.js?features=EventSource'
)
//- JS
diff --git a/package.json b/package.json
index 283fc29b..a93f5e06 100644
--- a/package.json
+++ b/package.json
@@ -75,6 +75,7 @@
"dotize": "0.3.0",
"elasticsearch6": "npm:@elastic/elasticsearch@6",
"elasticsearch7": "npm:@elastic/elasticsearch@7",
+ "elasticsearch8": "npm:@elastic/elasticsearch@8",
"emoji-regex": "10.2.1",
"eventemitter2": "6.4.9",
"express": "4.18.2",
diff --git a/server/core/auth.js b/server/core/auth.js
index 38f0b3b8..91ef2101 100644
--- a/server/core/auth.js
+++ b/server/core/auth.js
@@ -156,6 +156,9 @@ module.exports = {
} else {
res.cookie('jwt', newToken.token, { expires: DateTime.utc().plus({ days: 365 }).toJSDate() })
}
+
+ // Avoid caching this response
+ res.set('Cache-Control', 'no-store')
} catch (errc) {
WIKI.logger.warn(errc)
return next()
diff --git a/server/core/db.js b/server/core/db.js
index 25f21ad3..b729282a 100644
--- a/server/core/db.js
+++ b/server/core/db.js
@@ -222,7 +222,7 @@ module.exports = {
* Subscribe to database LISTEN / NOTIFY for multi-instances events
*/
async subscribeToNotifications () {
- const useHA = (WIKI.config.ha === true || WIKI.config.ha === 'true' || WIKI.config.ha === 1 || WIKI.config.ha === '1')
+ const useHA = (WIKI.config.ha === true || (typeof WIKI.config.ha === 'string' && WIKI.config.ha.toLowerCase() === 'true') || WIKI.config.ha === 1 || WIKI.config.ha === '1')
if (!useHA) {
return
} else if (WIKI.config.db.type !== 'postgres') {
diff --git a/server/index.js b/server/index.js
index 923680e5..161ebeb7 100644
--- a/server/index.js
+++ b/server/index.js
@@ -8,14 +8,6 @@ const { nanoid } = require('nanoid')
const { DateTime } = require('luxon')
const { gte } = require('semver')
-// ----------------------------------------
-// Check Node.js version
-// ----------------------------------------
-if (gte(process.version, '21.0.0')) {
- console.error('You\'re using an unsupported Node.js version. Please read the requirements.')
- process.exit(1)
-}
-
// ----------------------------------------
// Init WIKI instance
// ----------------------------------------
diff --git a/server/models/users.js b/server/models/users.js
index 33f6b24f..8191621d 100644
--- a/server/models/users.js
+++ b/server/models/users.js
@@ -499,6 +499,10 @@ module.exports = class User extends Model {
})
if (usr) {
+ if (!usr.isActive) {
+ throw new WIKI.Error.AuthAccountBanned()
+ }
+
await WIKI.models.users.query().patch({
password: newPassword,
mustChangePwd: false
@@ -527,6 +531,9 @@ module.exports = class User extends Model {
if (!usr) {
WIKI.logger.debug(`Password reset attempt on nonexistant local account ${email}: [DISCARDED]`)
return
+ } else if (!usr.isActive) {
+ WIKI.logger.debug(`Password reset attempt on disabled local account ${email}: [DISCARDED]`)
+ return
}
const resetToken = await WIKI.models.userKeys.generateToken({
userId: usr.id,
diff --git a/server/modules/comments/artalk/code.yml b/server/modules/comments/artalk/code.yml
index dc61bd79..b2b3688a 100644
--- a/server/modules/comments/artalk/code.yml
+++ b/server/modules/comments/artalk/code.yml
@@ -6,7 +6,7 @@ head: |
body: |