docs: Update README.md

.github/workflows/build.yml

@@ -19,7 +19,7 @@ jobs:
       packages: write
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 
     - name: Set Build Variables
       run: |
@@ -42,20 +42,20 @@ jobs:
         cat package.json
 
     - name: Login to DockerHub
-      uses: docker/login-action@v2.1.0
+      uses: docker/login-action@v3
       with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_TOKEN }}
 
     - name: Login to GitHub Container Registry
-      uses: docker/login-action@v2.1.0
+      uses: docker/login-action@v3
       with:
         registry: ghcr.io
         username: ${{ github.repository_owner }}
         password: ${{ secrets.GITHUB_TOKEN }}
 
     - name: Build and push Docker images
-      uses: docker/build-push-action@v4.0.0
+      uses: docker/build-push-action@v5
       with:
         context: .
         file: dev/build/Dockerfile
@@ -77,7 +77,7 @@ jobs:
         find _dist/wiki/ -printf "%P\n" | tar -czf wiki-js.tar.gz --no-recursion -C _dist/wiki/ -T -
 
     - name: Upload a Build Artifact
-      uses: actions/upload-artifact@v3.1.2
+      uses: actions/upload-artifact@v4
       with:
         name: drop
         path: wiki-js.tar.gz
@@ -92,7 +92,7 @@ jobs:
         dbtype: [postgres, mysql, mariadb, mssql, sqlite]
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 
     - name: Set Test Variables
       run: |
@@ -129,7 +129,7 @@ jobs:
             docker: armv7
 
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
 
     - name: Set Version Variables
       run: |
@@ -142,26 +142,26 @@ jobs:
         fi
 
     - name: Set up QEMU
-      uses: docker/setup-qemu-action@v2.1.0
+      uses: docker/setup-qemu-action@v3
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v2.4.0
+      uses: docker/setup-buildx-action@v3
 
     - name: Login to DockerHub
-      uses: docker/login-action@v2.1.0
+      uses: docker/login-action@v3
       with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_TOKEN }}
 
     - name: Login to GitHub Container Registry
-      uses: docker/login-action@v2.1.0
+      uses: docker/login-action@v3
       with:
         registry: ghcr.io
         username: ${{ github.repository_owner }}
         password: ${{ secrets.GITHUB_TOKEN }}
 
     - name: Download a Build Artifact
-      uses: actions/download-artifact@v3.0.2
+      uses: actions/download-artifact@v4
       with:
         name: drop
         path: drop
@@ -172,7 +172,7 @@ jobs:
         tar -xzf $GITHUB_WORKSPACE/drop/wiki-js.tar.gz -C $GITHUB_WORKSPACE/build --exclude=node_modules
 
     - name: Build and push Docker images
-      uses: docker/build-push-action@v4.0.0
+      uses: docker/build-push-action@v5
       with:
         context: .
         file: dev/build-arm/Dockerfile
@@ -190,12 +190,12 @@ jobs:
 
     steps:
     - name: Setup Node.js environment
-      uses: actions/setup-node@v3.6.0
+      uses: actions/setup-node@v4
       with:
         node-version: 18.x
 
     - name: Download a Build Artifact
-      uses: actions/download-artifact@v3.0.2
+      uses: actions/download-artifact@v4
       with:
         name: drop
         path: drop
@@ -221,7 +221,7 @@ jobs:
       run: tar -czf wiki-js-windows.tar.gz -C $env:GITHUB_WORKSPACE\win .
 
     - name: Upload a Build Artifact
-      uses: actions/upload-artifact@v3.1.2
+      uses: actions/upload-artifact@v4
       with:
         name: drop-win
         path: wiki-js-windows.tar.gz
@@ -241,13 +241,13 @@ jobs:
         echo "REL_VERSION_STRICT=${GITHUB_REF_NAME#?}" >> $GITHUB_ENV
 
     - name: Login to DockerHub
-      uses: docker/login-action@v2.1.0
+      uses: docker/login-action@v3
       with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_TOKEN }}
 
     - name: Login to GitHub Container Registry
-      uses: docker/login-action@v2.1.0
+      uses: docker/login-action@v3
       with:
         registry: ghcr.io
         username: ${{ github.repository_owner }}
@@ -282,13 +282,13 @@ jobs:
         echo "REL_VERSION_STRICT=${GITHUB_REF_NAME#?}" >> $GITHUB_ENV
 
     - name: Login to DockerHub
-      uses: docker/login-action@v2.1.0
+      uses: docker/login-action@v3
       with:
         username: ${{ secrets.DOCKERHUB_USERNAME }}
         password: ${{ secrets.DOCKERHUB_TOKEN }}
 
     - name: Login to GitHub Container Registry
-      uses: docker/login-action@v2.1.0
+      uses: docker/login-action@v3
       with:
         registry: ghcr.io
         username: ${{ github.repository_owner }}
@@ -328,13 +328,13 @@ jobs:
         docker manifest push -p ghcr.io/requarks/wiki:latest
 
     - name: Download Linux Build
-      uses: actions/download-artifact@v3.0.2
+      uses: actions/download-artifact@v4
       with:
         name: drop
         path: drop
 
     - name: Download Windows Build
-      uses: actions/download-artifact@v3.0.2
+      uses: actions/download-artifact@v4
       with:
         name: drop-win
         path: drop-win
@@ -359,7 +359,7 @@ jobs:
         artifacts: 'drop/wiki-js.tar.gz,drop-win/wiki-js-windows.tar.gz'
 
     - name: Notify Slack Releases Channel
-      uses: slackapi/slack-github-action@v1.18.0
+      uses: slackapi/slack-github-action@v1.26.0
       with:
         payload: |
           {
@@ -381,34 +381,34 @@ jobs:
           See [release notes](https://github.com/requarks/wiki/releases) for details.
 
     - name: Notify Discord Channel
-      uses: sebastianpopp/discord-action@v1.0
+      uses: sebastianpopp/discord-action@v2.0
       with:
         webhook: ${{ secrets.DISCORD_WEBHOOK }}
         message: Wiki.js ${{ github.ref_name }} has been released! See https://github.com/requarks/wiki/releases for details.
 
-  build-do-image:
-    name: Build DigitalOcean Image
-    runs-on: ubuntu-latest
-    needs: [release]
-
-    steps:
-    - uses: actions/checkout@v3
-
-    - name: Set Version Variables
-      run: |
-        echo "Using TAG mode: $GITHUB_REF_NAME"
-        echo "REL_VERSION_STRICT=${GITHUB_REF_NAME#?}" >> $GITHUB_ENV
-
-    - name: Install Packer
-      run: |
-        curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
-        sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
-        sudo apt-get update && sudo apt-get install packer
-
-    - name: Build Droplet Image
-      env:
-        DIGITALOCEAN_API_TOKEN: ${{ secrets.DO_TOKEN }}
-        WIKI_APP_VERSION: ${{ env.REL_VERSION_STRICT }}
-      working-directory: dev/packer
-      run: |
-        packer build digitalocean.json
+  # build-do-image:
+  #   name: Build DigitalOcean Image
+  #   runs-on: ubuntu-latest
+  #   needs: [release]
+
+  #   steps:
+  #   - uses: actions/checkout@v4
+
+  #   - name: Set Version Variables
+  #     run: |
+  #       echo "Using TAG mode: $GITHUB_REF_NAME"
+  #       echo "REL_VERSION_STRICT=${GITHUB_REF_NAME#?}" >> $GITHUB_ENV
+
+  #   - name: Install Packer
+  #     run: |
+  #       curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo apt-key add -
+  #       sudo apt-add-repository "deb [arch=amd64] https://apt.releases.hashicorp.com $(lsb_release -cs) main"
+  #       sudo apt-get update && sudo apt-get install packer
+
+  #   - name: Build Droplet Image
+  #     env:
+  #       DIGITALOCEAN_API_TOKEN: ${{ secrets.DO_TOKEN }}
+  #       WIKI_APP_VERSION: ${{ env.REL_VERSION_STRICT }}
+  #     working-directory: dev/packer
+  #     run: |
+  #       packer build digitalocean.json

README.md

@@ -211,6 +211,7 @@ Support this project by becoming a sponsor. Your name will show up in the Contri
 - Ruizhe Li ([@liruizhe1995](https://github.com/liruizhe1995))
 - Sam Martin ([@ABitMoreDepth](https://github.com/ABitMoreDepth))
 - Sean Coffey ([@seanecoffey](https://github.com/seanecoffey))
+- Simon Ott ([@ottsimon](https://github.com/ottsimon))
 - Stephan Kristyn ([@stevek-pro](https://github.com/stevek-pro))
 - Theodore Chu ([@TheodoreChu](https://github.com/TheodoreChu))
 - Tyler Denman ([@tylerguy](https://github.com/tylerguy))

SECURITY.md

@@ -13,11 +13,11 @@ If you find such vulnerability, it's important to disclose it in a quick and sec
 
 ## Reporting a Vulnerability
 
-**DO NOT CREATE AN ISSUE ON GITHUB** to report a potential vulnerability / security problem. Instead, choose one of these options:
+**DO NOT CREATE A GITHUB ISSUE / DISCUSSION** to report a potential vulnerability / security problem. Instead, choose one of these options:
 
-### A) Disclose on Huntr.dev
+### A) Submit a Vulnerability Report *(recommended)*
 
-Disclose the vulnerability on [Huntr.dev](https://huntr.dev/bounties/disclose) for the repository `https://github.com/Requarks/wiki`.
+Fill in the form on https://github.com/requarks/wiki/security/advisories/new
 
 ### B) Send an email