Merge branch 'requarks:main' into tyclipso

4 months ago · f73dafd7a4
parent 106bde1748 07855ab329
commit f73dafd7a4
6 changed files with 35 additions and 32 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -358,16 +358,16 @@ jobs:
        token: ${{ github.token }}
        artifacts: 'drop/wiki-js.tar.gz,drop-win/wiki-js-windows.tar.gz'

-    - name: Notify Slack Releases Channel
-      uses: slackapi/slack-github-action@v1.26.0
-      with:
-        payload: |
-          {
-            "text": "Wiki.js ${{ github.ref_name }} has been released."
-          }
-      env:
-        SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
-        SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK
+    # - name: Notify Slack Releases Channel
+    #   uses: slackapi/slack-github-action@v1.26.0
+    #   with:
+    #     payload: |
+    #       {
+    #         "text": "Wiki.js ${{ github.ref_name }} has been released."
+    #       }
+    #   env:
+    #     SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
+    #     SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK

    - name: Notify Telegram Channel
      uses: appleboy/telegram-action@v0.1.1
--- a/README.md
+++ b/README.md
@ -14,7 +14,6 @@
 [![Downloads](https://img.shields.io/github/downloads/Requarks/wiki/total.svg?style=flat&logo=github)](https://github.com/Requarks/wiki/releases)
 [![Docker Pulls](https://img.shields.io/docker/pulls/requarks/wiki.svg?logo=docker&logoColor=white)](https://hub.docker.com/r/requarks/wiki/)  
 [![Chat on Discord](https://img.shields.io/badge/discord-join-8D96F6.svg?style=flat&logo=discord&logoColor=white)](https://discord.gg/rcxt9QS2jd)
-[![Chat on Slack](https://img.shields.io/badge/slack-requarks-CC2B5E.svg?style=flat&logo=slack)](https://wiki.requarks.io/slack)
 [![Follow on Bluesky](https://img.shields.io/badge/bluesky-%40js.wiki-blue.svg?style=flat&logo=bluesky&logoColor=white)](https://bsky.app/profile/js.wiki)
 [![Follow on Telegram](https://img.shields.io/badge/telegram-%40wiki__js-blue.svg?style=flat&logo=telegram)](https://t.me/wiki_js)
 [![Reddit](https://img.shields.io/badge/reddit-%2Fr%2Fwikijs-orange?logo=reddit&logoColor=white)](https://www.reddit.com/r/wikijs/)
@ -30,7 +29,7 @@
 - [Demo](https://docs.requarks.io/demo)
 - [Changelog](https://github.com/requarks/wiki/releases)
 - [Feature Requests](https://feedback.js.wiki/wiki)
- Chat with us on [Discord](https://discord.gg/rcxt9QS2jd) / [Slack](https://wiki.requarks.io/slack)
+- Chat with us on [Discord](https://discord.gg/rcxt9QS2jd)
 - [Translations](https://docs.requarks.io/dev/translations) *(We need your help!)*
 - [E2E Testing Results](https://dashboard.cypress.io/projects/r7qxah/runs)
 - [Special Thanks](#special-thanks)
@ -145,13 +144,13 @@ Support this project by becoming a sponsor. Your name will show up in the Contri
        </a>
      </td>
      <td align="center" valign="middle" width="148">
-        <a href="http://www.taicep.org/" target="_blank">
-          <img src="https://avatars.githubusercontent.com/u/160072306?v=4">
+        <a href="https://github.com/shanekearney" target="_blank">
+          Shane Kearney<br />(@shanekearney)
        </a>
      </td>
-      <td align="center" valign="middle" colspan="1">
-        <a href="https://github.com/sponsors/NGPixel" target="_blank">
-          <img src="https://static.requarks.io/sponsors/become-148x72.png">
+      <td align="center" valign="middle" width="148">
+        <a href="http://www.taicep.org/" target="_blank">
+          <img src="https://avatars.githubusercontent.com/u/160072306?v=4">
        </a>
      </td>
    </tr>
--- a/SECURITY.md
+++ b/SECURITY.md
@ -13,15 +13,10 @@ If you find such vulnerability, it's important to disclose it in a quick and sec

 ## Reporting a Vulnerability

-**DO NOT CREATE A GITHUB ISSUE / DISCUSSION** to report a potential vulnerability / security problem. Instead, choose one of these options:
+> [!CAUTION]
+> **DO NOT CREATE A GITHUB ISSUE / DISCUSSION** to report a potential vulnerability / security problem. Instead, use the process below:

-### A) Submit a Vulnerability Report *(recommended)*
-
-Fill in the form on https://github.com/requarks/wiki/security/advisories/new
-
-### B) Send an email
-
-Send an email to security@requarks.io.
+Submit a Vulnerability Report by filling in the form on https://github.com/requarks/wiki/security/advisories/new

 Include as much details as possible, such as:
 - The version(s) of Wiki.js that are impacted
@ -31,3 +26,6 @@ Include as much details as possible, such as:
 - Your GitHub username if you'd like to be included as a collaborator on the private fix branch

 The vulnerability will be investigated ASAP. If deemed valid, a draft security advisory will be created on GitHub and you will be included as a collaborator. A fix will be worked on in a private branch to resolves the issue. Once a fix is available, the advisory will be published.
+
+> [!NOTE]
+> There's no reward for submitting a report. As this is open source project and not corporate owned, we are not able to provide monetary rewards. You will however be credited as the bug reporter in the release notes.
--- a/dev/helm/templates/deployment.yaml
+++ b/dev/helm/templates/deployment.yaml
@ -51,7 +51,7 @@ spec:
            {{- end }}
            - name: DB_TYPE
              value: postgres
-            {{- if (.Values.externalPostgresql).databaseURL }}
+            {{- if and .Values.externalPostgresql .Values.externalPostgresql.databaseURL }}
            - name: DATABASE_URL
              value: {{ .Values.externalPostgresql.databaseURL }}
            - name: NODE_TLS_REJECT_UNAUTHORIZED
--- a/package.json
+++ b/package.json
@ -338,7 +338,8 @@
  },
  "resolutions": {
    "apollo-server-express/**/graphql-tools": "4.0.8",
-    "graphql": "15.3.0"
+    "graphql": "15.3.0",
+    "passport-saml/**/xml-crypto": "2.1.6"
  },
  "browserslist": [
    "> 1%",
--- a/yarn.lock
+++ b/yarn.lock
@ -4360,6 +4360,11 @@
  resolved "https://registry.yarnpkg.com/@xmldom/xmldom/-/xmldom-0.7.7.tgz#16bd8a4e5c953018b8168e5d0a7d26b117cd7fa9"
  integrity sha512-RwEdIYho2kjbSZ7fpvhkHy5wk1Y3x0O6e/EHL3/SoiAfFWH+yhV2/XZQvsBoAeGRNFwgScJS/gRZv+uIwoj7yA==

+"@xmldom/xmldom@^0.7.9":
+  version "0.7.13"
+  resolved "https://registry.yarnpkg.com/@xmldom/xmldom/-/xmldom-0.7.13.tgz#ff34942667a4e19a9f4a0996a76814daac364cf3"
+  integrity sha512-lm2GW5PkosIzccsaZIz7tp8cPADSIlIHWDFTR1N0SzfinhhYgeIQjFMz4rYzanCScr3DqQLeomUDArp6MWKm+g==
+
 "@xtuc/ieee754@^1.2.0":
  version "1.2.0"
  resolved "https://registry.yarnpkg.com/@xtuc/ieee754/-/ieee754-1.2.0.tgz#eef014a3145ae477a1cbc00cd1e552336dceb790"
@ -20635,12 +20640,12 @@ ws@^7.2.3:
  resolved "https://registry.yarnpkg.com/ws/-/ws-7.2.5.tgz#abb1370d4626a5a9cd79d8de404aa18b3465d10d"
  integrity sha512-C34cIU4+DB2vMyAbmEKossWq2ZQDr6QEyuuCzWrM9zfw1sGc0mYiJ0UnG9zzNykt49C2Fi34hvr2vssFQRS6EA==

-xml-crypto@^2.1.3:
-  version "2.1.3"
-  resolved "https://registry.yarnpkg.com/xml-crypto/-/xml-crypto-2.1.3.tgz#6a7272b610ea3e4ea7f13e9e4876f1b20cbc32c8"
-  integrity sha512-MpXZwnn9JK0mNPZ5mnFIbNnQa+8lMGK4NtnX2FlJMfMWR60sJdFO9X72yO6ji068pxixzk53O7x0/iSKh6IhyQ==
+xml-crypto@2.1.6, xml-crypto@^2.1.3:
+  version "2.1.6"
+  resolved "https://registry.yarnpkg.com/xml-crypto/-/xml-crypto-2.1.6.tgz#c51a016cc8391fc1d9ebd9abc589e4c08b62d652"
+  integrity sha512-jjvpO8vHNV8QFhW5bMypP+k4BjBqHe/HrpIwpPcdUnUTIJakSIuN96o3Sdah4tKu2z64kM/JHEH8iEHGCc6Gyw==
  dependencies:
-    "@xmldom/xmldom" "^0.7.0"
+    "@xmldom/xmldom" "^0.7.9"
    xpath "0.0.32"

 xml-encryption@^2.0.0: