starred/NPMplus
1
0
Fork 0
mirror of https://github.com/ZoeyVid/NPMplus.git synced 2026-03-03 04:16:58 +00:00
Code Issues Packages Projects Releases 21 Wiki Activity

Compare commits

base: starred:2026-02-19-r1
Branches Tags
starred:develop starred:renovate-deps-update-happy-dom-monorepo starred:renovate-deps-update-postcss-8.x starred:renovate-deps-update-pg-8.x starred:php
starred:2026-02-20-b1 starred:2026-02-19-r3 starred:2026-02-19-r2 starred:2026-02-19-r1 starred:2026-02-18-b1 starred:2026-02-17-b1 starred:2026-02-15-b4 starred:2026-02-15-b3 starred:2026-02-15-b2 starred:2026-02-14-b1 starred:2026-02-06-r1 starred:2026-02-05-r1 starred:2026-02-04-r1 starred:2026-01-22-r1 starred:2026-01-20-r2 starred:2026-01-17-r3 starred:2026-01-17-r2 starred:2026-01-17-r1 starred:2026-01-16-r2 starred:2026-01-16-r1 starred:2026-01-15-b2 starred:2026-01-15-b1 starred:2026-01-14-b2 starred:2026-01-14-b1 starred:2026-01-13-b4 starred:2026-01-05-b2 starred:2026-01-05-b1 starred:2026-01-03-b2 starred:2026-01-01-b1 starred:2025-12-31-b1 starred:2025-12-30-b4 starred:2025-12-30-b3 starred:2025-12-30-b2 starred:2025-12-30-b1 starred:2025-12-29-b1 starred:2025-05-07-r1 starred:2025-03-24-r2 starred:2025-03-24-r1 starred:2025-03-21-r1 starred:2025-03-20-r1 starred:2025-02-25-r1 starred:2025-02-24-r1 starred:2025-02-07-r1 starred:2025-02-06-r1 starred:2025-02-03-r1 starred:2025-02-02-r1 starred:2025-01-28-r1 starred:2025-01-26-r1 starred:2025-01-11-r3 starred:2025-01-11-r2 starred:2025-01-11-r1 starred:2025-01-10-r1 starred:2025-01-03-alpha starred:2024-12-14-r1 starred:ocsp-stapling-must-staple starred:2024-11-25-r1 starred:2024-11-02-r1 starred:2024-10-24-r1 starred:2024-10-23-r1 starred:2024-10-22-r1 starred:2024-10-21-r1 starred:2024-10-05-r1 starred:2024-10-02-r1 starred:2024-10-01-alpha starred:2024-08-15-r1 starred:2024-08-03-r1 starred:2024-07-11-r1 starred:2024-07-02-r1 starred:2024-07-01-r1 starred:2024-06-29-r1 starred:2024-06-28-r1 starred:2024-06-22-r1 starred:2024-06-10-r1 starred:2024-06-09-r1 starred:2024-06-04-r1 starred:2024-06-02-r2 starred:2024-06-02-r1 starred:2024-06-01-r1 starred:2024-05-23-r1 starred:2024-05-03-r1 starred:2024-04-27-r1 starred:2024-04-19-r2 starred:2024-04-19-r1 starred:php-rewrite starred:2024-03-25-r1 starred:2024-03-21-r2 starred:2024-03-21-r1 starred:2024-03-12-r3 starred:2024-03-12-r2 starred:2024-03-12-r1 starred:2024-03-11-r1 starred:2024-03-09-r1 starred:2024-03-03-r4 starred:2024-03-03-r3 starred:2024-03-03-r2 starred:2024-03-03-r1 starred:2024-02-19-r1 starred:2024-02-18-r1 starred:2024-02-14-r1 starred:2024-02-12-r1 starred:2024-02-11-r3 starred:2024-02-11-r2 starred:2024-02-11-r1 starred:2024-01-31-r1 starred:2024-01-27-r1 starred:2024-01-26-r2 starred:2024-01-26-r1 starred:2024-01-25-r1 starred:2024-01-24-r1 starred:2024-01-21-r1 starred:2024-01-15-r1 starred:2024-01-14-r3 starred:2024-01-14-r2 starred:2024-01-14-r1 starred:2024-01-12-r1 starred:07.01.2024-r2 starred:07.01.2024 starred:02.01.2024 starred:01.01.2024 starred:19.12.2023-r2 starred:19.12.2023 starred:03.12.2023 starred:26.11.2023 starred:12.11.2023-r3 starred:12.11.2023-r2 starred:12.11.2023 starred:11.11.2023 starred:28.10.2023 starred:25.10.2023 starred:10.10.2023-r5 starred:10.10.2023-r4 starred:10.10.2023-r3 starred:10.10.2023-r2 starred:10.10.2023 starred:09.10.2023 starred:26.09.2023 starred:25.09.2023 starred:02.09.2023-r2 starred:02.09.2023 starred:26.08.2023 starred:16.08.2023 starred:12.08.2023 starred:07.08.2023 starred:02.08.2023-r2 starred:02.08.2023 starred:08.07.2023 starred:15.06.2023 starred:30.05.2023 starred:2026-02-15-b1
...
compare: starred:develop
Branches Tags
starred:renovate-deps-update-happy-dom-monorepo starred:renovate-deps-update-postcss-8.x starred:develop starred:renovate-deps-update-pg-8.x starred:php
starred:2026-02-20-b1 starred:2026-02-19-r3 starred:2026-02-19-r2 starred:2026-02-19-r1 starred:2026-02-18-b1 starred:2026-02-17-b1 starred:2026-02-15-b4 starred:2026-02-15-b3 starred:2026-02-15-b2 starred:2026-02-14-b1 starred:2026-02-06-r1 starred:2026-02-05-r1 starred:2026-02-04-r1 starred:2026-01-22-r1 starred:2026-01-20-r2 starred:2026-01-17-r3 starred:2026-01-17-r2 starred:2026-01-17-r1 starred:2026-01-16-r2 starred:2026-01-16-r1 starred:2026-01-15-b2 starred:2026-01-15-b1 starred:2026-01-14-b2 starred:2026-01-14-b1 starred:2026-01-13-b4 starred:2026-01-05-b2 starred:2026-01-05-b1 starred:2026-01-03-b2 starred:2026-01-01-b1 starred:2025-12-31-b1 starred:2025-12-30-b4 starred:2025-12-30-b3 starred:2025-12-30-b2 starred:2025-12-30-b1 starred:2025-12-29-b1 starred:2025-05-07-r1 starred:2025-03-24-r2 starred:2025-03-24-r1 starred:2025-03-21-r1 starred:2025-03-20-r1 starred:2025-02-25-r1 starred:2025-02-24-r1 starred:2025-02-07-r1 starred:2025-02-06-r1 starred:2025-02-03-r1 starred:2025-02-02-r1 starred:2025-01-28-r1 starred:2025-01-26-r1 starred:2025-01-11-r3 starred:2025-01-11-r2 starred:2025-01-11-r1 starred:2025-01-10-r1 starred:2025-01-03-alpha starred:2024-12-14-r1 starred:ocsp-stapling-must-staple starred:2024-11-25-r1 starred:2024-11-02-r1 starred:2024-10-24-r1 starred:2024-10-23-r1 starred:2024-10-22-r1 starred:2024-10-21-r1 starred:2024-10-05-r1 starred:2024-10-02-r1 starred:2024-10-01-alpha starred:2024-08-15-r1 starred:2024-08-03-r1 starred:2024-07-11-r1 starred:2024-07-02-r1 starred:2024-07-01-r1 starred:2024-06-29-r1 starred:2024-06-28-r1 starred:2024-06-22-r1 starred:2024-06-10-r1 starred:2024-06-09-r1 starred:2024-06-04-r1 starred:2024-06-02-r2 starred:2024-06-02-r1 starred:2024-06-01-r1 starred:2024-05-23-r1 starred:2024-05-03-r1 starred:2024-04-27-r1 starred:2024-04-19-r2 starred:2024-04-19-r1 starred:php-rewrite starred:2024-03-25-r1 starred:2024-03-21-r2 starred:2024-03-21-r1 starred:2024-03-12-r3 starred:2024-03-12-r2 starred:2024-03-12-r1 starred:2024-03-11-r1 starred:2024-03-09-r1 starred:2024-03-03-r4 starred:2024-03-03-r3 starred:2024-03-03-r2 starred:2024-03-03-r1 starred:2024-02-19-r1 starred:2024-02-18-r1 starred:2024-02-14-r1 starred:2024-02-12-r1 starred:2024-02-11-r3 starred:2024-02-11-r2 starred:2024-02-11-r1 starred:2024-01-31-r1 starred:2024-01-27-r1 starred:2024-01-26-r2 starred:2024-01-26-r1 starred:2024-01-25-r1 starred:2024-01-24-r1 starred:2024-01-21-r1 starred:2024-01-15-r1 starred:2024-01-14-r3 starred:2024-01-14-r2 starred:2024-01-14-r1 starred:2024-01-12-r1 starred:07.01.2024-r2 starred:07.01.2024 starred:02.01.2024 starred:01.01.2024 starred:19.12.2023-r2 starred:19.12.2023 starred:03.12.2023 starred:26.11.2023 starred:12.11.2023-r3 starred:12.11.2023-r2 starred:12.11.2023 starred:11.11.2023 starred:28.10.2023 starred:25.10.2023 starred:10.10.2023-r5 starred:10.10.2023-r4 starred:10.10.2023-r3 starred:10.10.2023-r2 starred:10.10.2023 starred:09.10.2023 starred:26.09.2023 starred:25.09.2023 starred:02.09.2023-r2 starred:02.09.2023 starred:26.08.2023 starred:16.08.2023 starred:12.08.2023 starred:07.08.2023 starred:02.08.2023-r2 starred:02.08.2023 starred:08.07.2023 starred:15.06.2023 starred:30.05.2023 starred:2026-02-15-b1

55 Commits
2026-02-19 ... develop

Author SHA1 Message Date
Zoey
0da1cc184f fix #2847 2026-03-02 21:41:30 +01:00
Zoey
19c819fc95 fix #2843 by moving the advanced_config to the top of custom locations, but this could cause other isses 2026-03-02 21:41:30 +01:00
Zoey
8521cf19cc invert default of NGINX_TRUST_SECPR1 to true / add AUTH_REQUEST_ANUBIS_USE_CUSTOM_IMAGES env 2026-03-02 21:41:30 +01:00
Zoey
daed77142f fix some things there made async a few commits ago 2026-03-02 21:41:30 +01:00
Zoey
537ca98f8f improve php-fpm settings 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-03-02 18:42:15 +01:00
renovate[bot]
f1e95f7ba6 dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-03-02 18:42:15 +01:00
Zoey
842b7d9a72 do not build images for PRs 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-03-01 11:25:23 +01:00
Zoey
ca8f602466 merge upstream 2026-02-27 23:12:46 +01:00
Zoey
57605b455c Merge remote-tracking branch 'upstream/develop' into develop 2026-02-27 23:02:50 +01:00
Zoey
bd06d48f0b make more async 2026-02-27 22:57:26 +01:00
jc21
c1d09eaceb Merge pull request #5353 from NginxProxyManager/dependabot/npm_and_yarn/docs/rollup-4.59.0 
Bump rollup from 4.24.0 to 4.59.0 in /docs
 2026-02-27 10:34:54 +10:00
jc21
9c509f30de Merge pull request #5355 from NginxProxyManager/dependabot/npm_and_yarn/frontend/rollup-4.59.0 
Bump rollup from 4.57.1 to 4.59.0 in /frontend
 2026-02-27 10:19:55 +10:00
dependabot[bot]
c85b11ee33 Bump rollup from 4.57.1 to 4.59.0 in /frontend 
Bumps [rollup](https://github.com/rollup/rollup) from 4.57.1 to 4.59.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.57.1...v4.59.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-26 22:11:06 +00:00
jc21
cd5ef390b9 Merge pull request #5350 from NginxProxyManager/dependabot/npm_and_yarn/backend/basic-ftp-5.2.0 
Bump basic-ftp from 5.1.0 to 5.2.0 in /backend
 2026-02-27 08:09:57 +10:00
dependabot[bot]
d49cab1c0e Bump rollup from 4.24.0 to 4.59.0 in /docs 
Bumps [rollup](https://github.com/rollup/rollup) from 4.24.0 to 4.59.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.24.0...v4.59.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-version: 4.59.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-26 11:05:43 +00:00
renovate[bot]
d2b446192f dep updates 
Signed-off-by: Zoey <zoey@z0ey.de>
 2026-02-26 09:17:55 +01:00
dependabot[bot]
33b1a993ec Bump basic-ftp from 5.1.0 to 5.2.0 in /backend 
Bumps [basic-ftp](https://github.com/patrickjuchli/basic-ftp) from 5.1.0 to 5.2.0.
- [Release notes](https://github.com/patrickjuchli/basic-ftp/releases)
- [Changelog](https://github.com/patrickjuchli/basic-ftp/blob/master/CHANGELOG.md)
- [Commits](https://github.com/patrickjuchli/basic-ftp/compare/v5.1.0...v5.2.0)

---
updated-dependencies:
- dependency-name: basic-ftp
  dependency-version: 5.2.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-25 23:29:28 +00:00
Jamie Curnow
67d40e186f Attempt to fix #5335 by allowing resovler generation to be opt-out with a env var 2026-02-26 08:32:02 +10:00
jc21
52be66c43e Merge pull request #5346 from siimaarmaa/develop 
Added Estonia langugae support.
 2026-02-25 08:38:17 +10:00
jc21
ec46cabcd4 Merge pull request #5334 from bill-mahoney/fix/atomic-ipv6-config-write 
Fix silent nginx config corruption in 50-ipv6.sh
 2026-02-25 08:35:11 +10:00
jc21
a7a9cc3acb Merge pull request #5337 from NginxProxyManager/dependabot/npm_and_yarn/test/prod-patch-updates-2e2637830d 
Bump eslint from 10.0.0 to 10.0.1 in /test in the prod-patch-updates group
 2026-02-25 08:31:03 +10:00
jc21
020b3ebb33 Merge pull request #5338 from NginxProxyManager/dependabot/npm_and_yarn/backend/dev-patch-updates-d8f01b0b39 
Bump nodemon from 3.1.13 to 3.1.14 in /backend in the dev-patch-updates group
 2026-02-25 08:30:51 +10:00
jc21
c1c4baf389 Merge pull request #5339 from NginxProxyManager/dependabot/npm_and_yarn/test/prod-minor-updates-22dc529b9a 
Bump eslint-plugin-cypress from 6.0.0 to 6.1.0 in /test in the prod-minor-updates group
 2026-02-25 08:30:40 +10:00
jc21
672b5d6dd9 Merge pull request #5341 from NginxProxyManager/dependabot/npm_and_yarn/backend/prod-patch-updates-07cfa309fd 
Bump mysql2 from 3.17.3 to 3.17.5 in /backend in the prod-patch-updates group
 2026-02-25 08:30:00 +10:00
jc21
cd230b5878 Merge pull request #5342 from NginxProxyManager/dependabot/npm_and_yarn/frontend/dev-minor-updates-a1de0f9639 
Bump happy-dom from 20.6.3 to 20.7.0 in /frontend in the dev-minor-updates group
 2026-02-25 08:29:49 +10:00
jc21
a8f35062af Merge pull request #5343 from NginxProxyManager/dependabot/npm_and_yarn/frontend/prod-patch-updates-bfb85ae48b 
Bump country-flag-icons from 1.6.13 to 1.6.14 in /frontend in the prod-patch-updates group
 2026-02-25 08:29:06 +10:00
Jamie Curnow
da5955412d Command to regenerate nginx configs 2026-02-25 08:13:38 +10:00
siimaarmaa
adb27fe67d Added Estonia langugae support. First Estonia lanuage update is HelpDocs. By Siim Aarmaa 2026-02-23 20:49:06 +02:00
dependabot[bot]
d874af8692 Bump country-flag-icons in /frontend in the prod-patch-updates group 
Bumps the prod-patch-updates group in /frontend with 1 update: [country-flag-icons](https://gitlab.com/catamphetamine/country-flag-icons).


Updates `country-flag-icons` from 1.6.13 to 1.6.14
- [Changelog](https://gitlab.com/catamphetamine/country-flag-icons/blob/master/CHANGELOG.md)
- [Commits](https://gitlab.com/catamphetamine/country-flag-icons/compare/v1.6.13...v1.6.14)

---
updated-dependencies:
- dependency-name: country-flag-icons
  dependency-version: 1.6.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 13:51:21 +00:00
dependabot[bot]
0844dade98 Bump happy-dom in /frontend in the dev-minor-updates group 
Bumps the dev-minor-updates group in /frontend with 1 update: [happy-dom](https://github.com/capricorn86/happy-dom).


Updates `happy-dom` from 20.6.3 to 20.7.0
- [Release notes](https://github.com/capricorn86/happy-dom/releases)
- [Commits](https://github.com/capricorn86/happy-dom/compare/v20.6.3...v20.7.0)

---
updated-dependencies:
- dependency-name: happy-dom
  dependency-version: 20.7.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: dev-minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 13:50:56 +00:00
dependabot[bot]
71d59516e8 Bump mysql2 in /backend in the prod-patch-updates group 
Bumps the prod-patch-updates group in /backend with 1 update: [mysql2](https://github.com/sidorares/node-mysql2).


Updates `mysql2` from 3.17.3 to 3.17.5
- [Release notes](https://github.com/sidorares/node-mysql2/releases)
- [Changelog](https://github.com/sidorares/node-mysql2/blob/master/Changelog.md)
- [Commits](https://github.com/sidorares/node-mysql2/compare/v3.17.3...v3.17.5)

---
updated-dependencies:
- dependency-name: mysql2
  dependency-version: 3.17.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 13:50:35 +00:00
dependabot[bot]
06e220e184 Bump nodemon in /backend in the dev-patch-updates group 
Bumps the dev-patch-updates group in /backend with 1 update: [nodemon](https://github.com/remy/nodemon).


Updates `nodemon` from 3.1.13 to 3.1.14
- [Release notes](https://github.com/remy/nodemon/releases)
- [Commits](https://github.com/remy/nodemon/compare/v3.1.13...v3.1.14)

---
updated-dependencies:
- dependency-name: nodemon
  dependency-version: 3.1.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: dev-patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 13:50:13 +00:00
dependabot[bot]
dc53647e76 Bump eslint-plugin-cypress in /test in the prod-minor-updates group 
Bumps the prod-minor-updates group in /test with 1 update: [eslint-plugin-cypress](https://github.com/cypress-io/eslint-plugin-cypress).


Updates `eslint-plugin-cypress` from 6.0.0 to 6.1.0
- [Release notes](https://github.com/cypress-io/eslint-plugin-cypress/releases)
- [Commits](https://github.com/cypress-io/eslint-plugin-cypress/compare/v6.0.0...v6.1.0)

---
updated-dependencies:
- dependency-name: eslint-plugin-cypress
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-minor-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 13:50:13 +00:00
dependabot[bot]
4c04e89483 Bump eslint in /test in the prod-patch-updates group 
Bumps the prod-patch-updates group in /test with 1 update: [eslint](https://github.com/eslint/eslint).


Updates `eslint` from 10.0.0 to 10.0.1
- [Release notes](https://github.com/eslint/eslint/releases)
- [Commits](https://github.com/eslint/eslint/compare/v10.0.0...v10.0.1)

---
updated-dependencies:
- dependency-name: eslint
  dependency-version: 10.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-patch-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-23 13:50:02 +00:00
Zoey
8c3e0f2809 use node:crypto instead of openssl/use dayjs instead of moment 2026-02-22 18:45:28 +01:00
Zoey
074a01546a add docs route 2026-02-22 18:04:58 +01:00
renovate[bot]
246d31c2fd dep updates 2026-02-22 18:04:58 +01:00
William Mahoney
7241869a9e Fix silent config corruption in 50-ipv6.sh on NFS volumes 
Replace unsafe `echo "$(sed ...)" > $FILE` with atomic temp-file write.

The current pattern reads a file with sed inside a command substitution,
then writes the result back via echo redirection. If sed reads an empty
or momentarily unreadable file (e.g., NFS transient issue during
container recreation by Watchtower or similar tools), it produces no
output. The echo then writes exactly 1 byte (a newline) to the config
file, silently destroying its contents.

The fix writes sed output to a temp file first, checks it's non-empty
with `[ -s ]`, then atomically replaces the original via `mv`. If sed
produces empty output, the original file is preserved and a warning is
logged to stderr.
 2026-02-20 21:24:40 -07:00
Zoey
0333ab08f3 Merge remote-tracking branch 'upstream/develop' into develop 2026-02-20 17:47:45 +01:00
Brian Norman
dda1c5ebe0 Adding additional instructions to help those using open-appsec cloud and crowdsec as it took me hours to work out why crowdsec was not seeing the events (#2790) 
Signed-off-by: Brian Norman <703352+gingemonster@users.noreply.github.com>
Signed-off-by: Zoey <zoey@z0ey.de>
Co-authored-by: Zoey <zoey@z0ey.de>
 2026-02-20 17:46:52 +01:00
Zoey
951062a6b9 switch to aws-lc/add patches for zlib-ng and brotli cert compression 2026-02-20 17:41:02 +01:00
jc21
94f6191a21 Merge pull request #5332 from NginxProxyManager/update-deps 
Update deps
 2026-02-20 11:54:46 +10:00
Jamie Curnow
cac52dd0ff Update linked deps 2026-02-20 11:20:59 +10:00
dependabot[bot]
906f177960 Bump tar from 7.5.7 to 7.5.9 in /test 
Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.7 to 7.5.9.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.9)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.9
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-20 11:20:59 +10:00
dependabot[bot]
f52afced5d Bump systeminformation from 5.30.6 to 5.31.1 in /test 
Bumps [systeminformation](https://github.com/sebhildebrandt/systeminformation) from 5.30.6 to 5.31.1.
- [Release notes](https://github.com/sebhildebrandt/systeminformation/releases)
- [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sebhildebrandt/systeminformation/compare/v5.30.6...v5.31.1)

---
updated-dependencies:
- dependency-name: systeminformation
  dependency-version: 5.31.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-20 11:20:59 +10:00
Jamie Curnow
e8224ff0af Update all dependencies 2026-02-20 11:02:56 +10:00
jc21
a4fa83d0ce Merge pull request #5326 from NginxProxyManager/dependabot/npm_and_yarn/test/tar-7.5.9 
Bump tar from 7.5.7 to 7.5.9 in /test
 2026-02-20 10:53:03 +10:00
jc21
770716ebf8 Merge pull request #5327 from NginxProxyManager/dependabot/npm_and_yarn/test/systeminformation-5.31.1 
Bump systeminformation from 5.30.6 to 5.31.1 in /test
 2026-02-20 10:52:51 +10:00
Zoey
17c2a68ff0 fix sec-fetch for oidc 2026-02-19 22:27:02 +01:00
Zoey
d144f54a6c fix missing default / location if custom location / is disabled 2026-02-19 22:09:54 +01:00
renovate[bot]
27fe362854 dep updates 2026-02-19 21:41:30 +01:00
Zoey
507a71cf9b improve error logging of ratelimited requests 2026-02-19 21:23:57 +01:00
Zoey
1b713e3a88 patch openappsec attachment to use zlib-ng 2026-02-19 21:04:10 +01:00
dependabot[bot]
f1067d3308 Bump systeminformation from 5.30.6 to 5.31.1 in /test 
Bumps [systeminformation](https://github.com/sebhildebrandt/systeminformation) from 5.30.6 to 5.31.1.
- [Release notes](https://github.com/sebhildebrandt/systeminformation/releases)
- [Changelog](https://github.com/sebhildebrandt/systeminformation/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sebhildebrandt/systeminformation/compare/v5.30.6...v5.31.1)

---
updated-dependencies:
- dependency-name: systeminformation
  dependency-version: 5.31.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-18 22:37:39 +00:00
dependabot[bot]
85c1a935ea Bump tar from 7.5.7 to 7.5.9 in /test 
Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.7 to 7.5.9.
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.9)

---
updated-dependencies:
- dependency-name: tar
  dependency-version: 7.5.9
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-02-18 22:37:36 +00:00
120 changed files with 2355 additions and 1210 deletions
Expand all files Collapse all files

38
.github/workflows/dependency-updates.yml vendored
View File

@@ -43,14 +43,12 @@ jobs:
- name: update dynamic_tls_records version
id: update
run: |
git clone https://github.com/nginx-modules/ngx_http_tls_dyn_size ngx_http_tls_dyn_size
git clone --depth 1 https://github.com/nginx-modules/ngx_http_tls_dyn_size ngx_http_tls_dyn_size
DTR_VER="$(
ls ngx_http_tls_dyn_size/nginx__dynamic_tls_records_*.patch \
| sed "s|ngx_http_tls_dyn_size/nginx__dynamic_tls_records_\([0-9.]\+\)+.patch|\1|g" \
| sort -V \
| grep -v rc \
| tail -1 \
| sed "s|\^{}||g"
| tail -1
)"
rm -r ngx_http_tls_dyn_size
sed -i "s|ARG DTR_VER=.*|ARG DTR_VER=$DTR_VER|" Dockerfile
@@ -72,12 +70,11 @@ jobs:
- name: update resolver_conf_parsing version
id: update
run: |
git clone https://github.com/openresty/openresty openresty
git clone --depth 1 https://github.com/openresty/openresty openresty
RCP_VER="$(
ls openresty/patches/nginx \
| sort -V \
| tail -1 \
| sed "s|\^{}||g"
| tail -1
)"
rm -r openresty
sed -i "s|ARG RCP_VER=.*|ARG RCP_VER=$RCP_VER|" Dockerfile
@@ -91,6 +88,33 @@ jobs:
branch: update-resolver_conf_parsing-version
title: update resolver_conf_parsing version to ${{ steps.update.outputs.version }}
body: update resolver_conf_parsing version to ${{ steps.update.outputs.version }}
zlib-ng-patch-update:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
- name: update zlib-ng-patch version
id: update
run: |
git clone --depth 1 https://github.com/zlib-ng/patches zlib-ng-patches
ZNP_VER="$(
ls zlib-ng-patches/nginx/*-zlib-ng.patch \
| sed "s|zlib-ng-patches/nginx/\([0-9.]\+\)-zlib-ng.patch|\1|g" \
| sort -V \
| tail -1
)"
rm -r zlib-ng-patches
sed -i "s|ARG ZNP_VER=.*|ARG ZNP_VER=$ZNP_VER|" Dockerfile
echo "version=$ZNP_VER" >> $GITHUB_OUTPUT
- name: Create Pull Request
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8
with:
signoff: true
delete-branch: true
commit-message: update zlib-ng-patch version to ${{ steps.update.outputs.version }}
branch: update-zlib-ng-patch-version
title: update zlib-ng-patch version to ${{ steps.update.outputs.version }}
body: update zlib-ng-patch version to ${{ steps.update.outputs.version }}
ngx_brotli-update:
runs-on: ubuntu-latest

47
.github/workflows/docker.yml vendored
View File

@@ -3,7 +3,6 @@ on:
push:
branches:
- develop
pull_request:
workflow_dispatch:
jobs:
build-x86_64:
@@ -28,7 +27,6 @@ jobs:
sed -i "s|\"0.0.0\"|\"$(git rev-parse --short HEAD)\"|g" backend/package.json
- name: Build
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
if: ${{ github.event_name != 'pull_request' }}
with:
context: .
file: ./Dockerfile
@@ -36,20 +34,6 @@ jobs:
tags: ghcr.io/zoeyvid/npmplus:develop-x86_64
build-args: |
FLAGS=-march=x86-64-v2 -mtune=generic -fcf-protection=full
- name: Set PR-Number (PR)
if: ${{ github.event_name == 'pull_request' }}
id: pr
run: echo "pr=$(echo pr-develop | sed "s|refs/pull/:||g" | sed "s|/merge||g")" >> $GITHUB_OUTPUT
- name: Build (PR)
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
if: ${{ github.event_name == 'pull_request' }}
with:
context: .
file: ./Dockerfile
push: true
tags: ghcr.io/zoeyvid/npmplus:${{ steps.pr.outputs.pr }}-x86_64
build-args: |
FLAGS=-march=x86-64-v2 -mtune=generic -fcf-protection=full
build-aarch64:
runs-on: ubuntu-24.04-arm
@@ -73,7 +57,6 @@ jobs:
sed -i "s|\"0.0.0\"|\"$(git rev-parse --short HEAD)\"|g" backend/package.json
- name: Build
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
if: ${{ github.event_name != 'pull_request' }}
with:
context: .
file: ./Dockerfile
@@ -81,20 +64,6 @@ jobs:
tags: ghcr.io/zoeyvid/npmplus:develop-aarch64
build-args: |
FLAGS=-mbranch-protection=standard
- name: Set PR-Number (PR)
if: ${{ github.event_name == 'pull_request' }}
id: pr
run: echo "pr=$(echo pr-develop | sed "s|refs/pull/:||g" | sed "s|/merge||g")" >> $GITHUB_OUTPUT
- name: Build (PR)
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
if: ${{ github.event_name == 'pull_request' }}
with:
context: .
file: ./Dockerfile
push: true
tags: ghcr.io/zoeyvid/npmplus:${{ steps.pr.outputs.pr }}-aarch64
build-args: |
FLAGS=-mbranch-protection=standard
merge:
runs-on: ubuntu-latest
@@ -102,7 +71,6 @@ jobs:
if: ${{ github.repository_owner == 'ZoeyVid' }}
steps:
- name: Login to DockerHub
if: ${{ github.event_name != 'pull_request' }}
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
with:
username: ${{ secrets.DOCKER_USERNAME }}
@@ -114,21 +82,6 @@ jobs:
username: zoeyvid
password: ${{ github.token }}
- name: create multiarch
if: ${{ github.event_name != 'pull_request' }}
run: |
docker buildx imagetools create --tag zoeyvid/npmplus:develop ghcr.io/zoeyvid/npmplus:develop-x86_64 ghcr.io/zoeyvid/npmplus:develop-aarch64
docker buildx imagetools create --tag ghcr.io/zoeyvid/npmplus:develop ghcr.io/zoeyvid/npmplus:develop-x86_64 ghcr.io/zoeyvid/npmplus:develop-aarch64
- name: Set PR-Number (PR)
if: ${{ github.event_name == 'pull_request' }}
id: pr
run: echo "pr=$(echo pr-develop | sed "s|refs/pull/:||g" | sed "s|/merge||g")" >> $GITHUB_OUTPUT
- name: create multiarch (PR)
if: ${{ github.event_name == 'pull_request' }}
run: docker buildx imagetools create --tag ghcr.io/zoeyvid/npmplus:${{ steps.pr.outputs.pr }} ghcr.io/zoeyvid/npmplus:${{ steps.pr.outputs.pr }}-x86_64 ghcr.io/zoeyvid/npmplus:${{ steps.pr.outputs.pr }}-aarch64
- name: add comment (PR)
uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2
if: ${{ github.event_name == 'pull_request' }}
with:
message: "The Docker Image can now be found here: `ghcr.io/zoeyvid/npmplus:${{ steps.pr.outputs.pr }}`"
repo-token: ${{ github.token }}
refresh-message-position: true

31
Dockerfile
View File

@@ -8,12 +8,13 @@ ARG LUAJIT_LIB=/usr/lib
ARG NGINX_VER=release-1.29.5
ARG DTR_VER=1.29.2
ARG RCP_VER=1.29.4
ARG ZNP_VER=1.26.3
ARG NB_VER=master
ARG NUB_VER=main
ARG ZNM_VER=master
ARG NHUZFM_VER=main
ARG NF_VER=master
ARG NF_VER=v0.6.0
ARG HMNM_VER=v0.39
ARG NDK_VER=v0.3.4
ARG LNM_VER=v0.10.29R2
@@ -26,21 +27,17 @@ ARG NHG2M_VER=3.4
ARG FLAGS
ARG CC=clang
ARG CFLAGS="$FLAGS -m64 -O3 -pipe -flto=thin -fstack-clash-protection -fstack-protector-strong -ftrivial-auto-var-init=zero -fno-delete-null-pointer-checks -fno-strict-overflow -fno-strict-aliasing -fno-plt -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3 -Wformat=2 -Werror=format-security -Wno-sign-compare"
ARG CFLAGS="$FLAGS -m64 -O3 -pipe -flto=full -fstack-clash-protection -fstack-protector-strong -ftrivial-auto-var-init=zero -fno-delete-null-pointer-checks -fno-strict-overflow -fno-strict-aliasing -fno-plt -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3 -Wformat=2 -Werror=format-security -Wno-sign-compare"
ARG CXX=clang++
ARG CXXFLAGS="$FLAGS -m64 -O3 -pipe -flto=thin -fstack-clash-protection -fstack-protector-strong -ftrivial-auto-var-init=zero -fno-delete-null-pointer-checks -fno-strict-overflow -fno-strict-aliasing -fno-plt -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3 -D_GLIBCXX_ASSERTIONS -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS=1 -D_LIBCPP_HARDENING_MODE=_LIBCPP_HARDENING_MODE_FAST -Wformat=2 -Werror=format-security -Wno-sign-compare"
ARG LDFLAGS="-fuse-ld=lld -m64 -Wl,-s -Wl,-O1 -Wl,-z,noexecstack -Wl,-z,relro -Wl,-z,now -Wl,--sort-common -Wl,--as-needed -Wl,-z,pack-relative-relocs"
ARG CXXFLAGS="$FLAGS -m64 -O3 -pipe -flto=full -fstack-clash-protection -fstack-protector-strong -ftrivial-auto-var-init=zero -fno-delete-null-pointer-checks -fno-strict-overflow -fno-strict-aliasing -fno-plt -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=3 -D_GLIBCXX_ASSERTIONS -D_LIBCPP_ENABLE_THREAD_SAFETY_ANNOTATIONS=1 -D_LIBCPP_HARDENING_MODE=_LIBCPP_HARDENING_MODE_FAST -Wformat=2 -Werror=format-security -Wno-sign-compare"
ARG LDFLAGS="-fuse-ld=lld -m64 -Wl,-s -Wl,-O2 -Wl,-z,noexecstack -Wl,-z,relro -Wl,-z,now -Wl,--sort-common -Wl,--as-needed -Wl,-z,pack-relative-relocs"
COPY nginx/nginx.patch /src/nginx.patch
COPY nginx/ngx_brotli.patch /src/ngx_brotli.patch
COPY nginx/ngx_unbrotli.patch /src/ngx_unbrotli.patch
COPY nginx/zstd-nginx-module.patch /src/zstd-nginx-module.patch
#COPY nginx/lua-nginx-module.patch /src/lua-nginx-module.patch
COPY nginx/attachment.patch /src/attachment.patch
WORKDIR /src
COPY patches/*.patch /src
RUN apk upgrade --no-cache -a && \
apk add --no-cache ca-certificates build-base clang lld cmake ninja git \
linux-headers libatomic_ops-dev openssl-dev pcre2-dev luajit-dev zlib-ng-dev brotli-dev zstd-dev libxslt-dev openldap-dev quickjs-ng-dev libmaxminddb-dev
apk add --no-cache git make clang lld cmake ninja file \
linux-headers libatomic_ops-dev aws-lc aws-lc-dev pcre2-dev luajit-dev zlib-ng-dev brotli-dev zstd-dev libxslt-dev openldap-dev quickjs-ng-dev libmaxminddb-dev clang-dev
RUN git clone --depth 1 https://github.com/nginx/nginx --branch "$NGINX_VER" /src/nginx && \
cd /src/nginx && \
@@ -50,7 +47,7 @@ RUN git clone --depth 1 https://github.com/nginx/nginx --branch "$NGINX_VER" /sr
git apply /src/nginx/2.patch && \
wget -q https://patch-diff.githubusercontent.com/raw/nginx/nginx/pull/689.patch -O /src/nginx/3.patch && \
git apply /src/nginx/3.patch && \
wget -q https://raw.githubusercontent.com/zlib-ng/patches/refs/heads/master/nginx/1.26.3-zlib-ng.patch -O /src/nginx/4.patch && \
wget -q https://raw.githubusercontent.com/zlib-ng/patches/refs/heads/master/nginx/"$ZNP_VER"-zlib-ng.patch -O /src/nginx/4.patch && \
git apply /src/nginx/4.patch && \
git apply /src/nginx.patch && \
\
@@ -68,12 +65,12 @@ RUN git clone --depth 1 https://github.com/nginx/nginx --branch "$NGINX_VER" /sr
git apply /src/zstd-nginx-module/1.patch && \
git apply /src/zstd-nginx-module/2.patch && \
git clone --depth 1 https://github.com/HanadaLee/ngx_http_unzstd_filter_module --branch "$NHUZFM_VER" /src/ngx_http_unzstd_filter_module && \
git clone --depth 1 https://github.com/Zoey2936/ngx-fancyindex --branch "$NF_VER" /src/ngx-fancyindex && \
git clone --depth 1 https://github.com/aperezdc/ngx-fancyindex --branch "$NF_VER" /src/ngx-fancyindex && \
git clone --depth 1 https://github.com/openresty/headers-more-nginx-module --branch "$HMNM_VER" /src/headers-more-nginx-module && \
git clone --depth 1 https://github.com/vision5/ngx_devel_kit --branch "$NDK_VER" /src/ngx_devel_kit && \
git clone --depth 1 https://github.com/openresty/lua-nginx-module --branch "$LNM_VER" /src/lua-nginx-module && \
# cd /src/lua-nginx-module && \
# git apply /src/lua-nginx-module.patch && \
cd /src/lua-nginx-module && \
git apply /src/lua-nginx-module.patch && \
\
git clone --depth 1 https://github.com/nginx/njs --branch "$NJS_VER" /src/njs && \
git clone --depth 1 https://github.com/kvspb/nginx-auth-ldap --branch "$NAL_VER" /src/nginx-auth-ldap && \
@@ -193,7 +190,7 @@ COPY COPYING /COPYING
WORKDIR /app
RUN apk upgrade --no-cache -a && \
apk add --no-cache tzdata tini \
libssl3 libcrypto3 pcre2 luajit zlib-ng brotli zstd lua5.1-cjson libxml2 libldap quickjs-ng-libs libmaxminddb-libs \
aws-lc pcre2 luajit zlib-ng brotli zstd lua5.1-cjson libxml2 libldap quickjs-ng-libs libmaxminddb-libs \
curl coreutils findutils grep jq openssl shadow su-exec util-linux-misc \
bash bash-completion nano \
logrotate goaccess fcgi \

12
README.md
View File

@@ -95,8 +95,12 @@ name: appsec
source: appsec
labels:
type: appsec
# if you use openappsec you can enable this
#---
# If you use open-appsec, uncomment the section below.
# If connecting to open-appsec cloud, you must edit the default 'log trigger'
# in the cloud dashboard: check "Log to > gateway / agent" and click 'enforce'.
# Otherwise, no intrusion events will be logged to the local agent
# for CrowdSec to process.
#source: file
#filenames:
# - /opt/openappsec/logs/cp-nano-http-transaction-handler.log*
@@ -118,7 +122,7 @@ labels:
2. Make other settings (like TLS)
3. Create a custom location `/` set the scheme to `path`, put in the path, the press the gear button and fill this in (edit the last line):
```
location ~* \.php(?:$|/) {
location ~* [^/]\.php(?:$|/) {
fastcgi_split_path_info ^(.*\.php)(/.*)$;
try_files $fastcgi_script_name =404;
fastcgi_pass ...; # set this to the address of your php-fpm (socket/tcp): https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_pass
@@ -156,7 +160,7 @@ status_codes:
DENY: 403
```
3. Set the AUTH_REQUEST_ANUBIS_UPSTREAM env in the NPMplus compose.yaml and select anubis in the Auth Request selection, no custom/advanced config/locations needed
4. You can override the images used by default by creating a custom location `/.within.website/x/cmd/anubis/static/img` which acts as a file server and serves the files `happy.webp`, `pensive.webp` and `reject.webp`
4. You can override the "allow", "checking" and "blocked" images used by default by setting the `AUTH_REQUEST_ANUBIS_USE_CUSTOM_IMAGES` env to true and putting put your custom images as happy.webp, pensive.webp and reject.webp to /opt/npmplus/anubis
### Tinyauth
1. Set the AUTH_REQUEST_TINYAUTH_UPSTREAM and AUTH_REQUEST_TINYAUTH_DOMAIM env in the NPMplus compose.yaml and select tinyauth in the Auth Request selection, no custom/advanced config/locations needed
@@ -165,7 +169,7 @@ status_codes:
1. Set the AUTH_REQUEST_AUTHELIA_UPSTREAM env in the NPMplus compose.yaml and select authelia (modern) in the Auth Request selection, no custom/advanced config/locations needed
### Authentik
1. Set the AUTH_REQUEST_AUTHENTIK_UPSTREAM env (and optional AUTH_REQUEST_AUTHENTIK_DOMAIN env if you use "domain level", this env may not work if you use the "single application" variant) in the NPMplus compose.yaml and select authentik/authentik-send-basic-auth in the Auth Request selection, no custom/advanced config/locations needed
1. Set the AUTH_REQUEST_AUTHENTIK_UPSTREAM env (and optional AUTH_REQUEST_AUTHENTIK_DOMAIN env if you use the "domain level" variant in authentik, do not set this env if you use the "single application" variant) in the NPMplus compose.yaml and select authentik/authentik-send-basic-auth in the Auth Request selection, no custom/advanced config/locations needed
## Load Balancing
1. Open and edit this file: `/opt/npmplus/custom_nginx/http_top.conf` (or `/opt/npmplus/custom_nginx/stream_top.conf` for streams), if you changed /opt/npmplus to a different path make sure to change the path to fit

20
backend/app.js
View File

@@ -26,12 +26,22 @@ app.enable("trust proxy", ["loopback", "linklocal", "uniquelocal"]);
app.enable("strict routing");
app.use((req, res, next) => {
if (!["same-origin", undefined, "none"].includes(req.get("sec-fetch-site"))) {
return res.status(403).json({
error: { message: "Rejected Sec-Fetch-Site Value." },
});
if (["same-origin", undefined, "none"].includes(req.get("sec-fetch-site"))) {
return next();
}
next();
if (
req.method === "GET" &&
req.path === "/api/oidc/callback" &&
req.get("sec-fetch-mode") === "navigate" &&
req.get("sec-fetch-dest") === "document"
) {
return next();
}
res.status(403).json({
error: { message: "Rejected Sec-Fetch-Site Value." },
});
});
// pretty print JSON when not live

2
backend/biome.json
View File

@@ -1,5 +1,5 @@
{
"$schema": "https://biomejs.dev/schemas/2.4.2/schema.json",
"$schema": "https://biomejs.dev/schemas/2.4.5/schema.json",
"vcs": {
"enabled": true,
"clientKind": "git",

233
backend/internal/certificate.js
View File

@@ -1,10 +1,11 @@
import { createPrivateKey, X509Certificate } from "node:crypto";
import { mkdir, readFile, rm, writeFile } from "node:fs/promises";
import fs from "node:fs";
import path from "node:path";
import { domainToASCII } from "node:url";
import archiver from "archiver";
import dayjs from "dayjs";
import _ from "lodash";
import moment from "moment";
import tempWrite from "temp-write";
import dnsPlugins from "../certbot/dns-plugins.json" with { type: "json" };
import { installPlugin } from "../lib/certbot.js";
import error from "../lib/error.js";
@@ -85,7 +86,7 @@ const internalCertificate = {
.where("id", certificate.id)
.andWhere("provider", "letsencrypt")
.patch({
expires_on: moment(certInfo.dates.to, "X").format("YYYY-MM-DD HH:mm:ss"),
expires_on: dayjs.unix(certInfo.dates.to).format("YYYY-MM-DD HH:mm:ss"),
});
} catch (err) {
// Don't want to stop the train here, just log the error
@@ -137,7 +138,7 @@ const internalCertificate = {
const savedRow = await certificateModel
.query()
.patchAndFetchById(certificate.id, {
expires_on: moment(certInfo.dates.to, "X").format("YYYY-MM-DD HH:mm:ss"),
expires_on: dayjs.unix(certInfo.dates.to).format("YYYY-MM-DD HH:mm:ss"),
})
.then(utils.omitRow(omissions()));
@@ -361,8 +362,8 @@ const internalCertificate = {
// Revoke the cert
await internalCertificate.revokeCertbot(row);
} else {
fs.rmSync(`/data/tls/custom/npm-${row.id}`, { force: true, recursive: true });
fs.rmSync(`/data/tls/custom/npm-${row.id}.der`, { force: true });
await rm(`/data/tls/custom/npm-${row.id}`, { force: true, recursive: true });
await rm(`/data/tls/custom/npm-${row.id}.der`, { force: true });
}
return true;
},
@@ -430,43 +431,17 @@ const internalCertificate = {
* @returns {Promise}
*/
writeCustomCert: async (certificate) => {
if (certificate.provider === "letsencrypt") {
throw new Error("Refusing to write certbot certs here");
}
logger.info("Writing Custom Certificate:", certificate.id);
const dir = `/data/tls/custom/npm-${certificate.id}`;
return new Promise((resolve, reject) => {
if (certificate.provider === "letsencrypt") {
reject(new Error("Refusing to write certbot certs here"));
return;
}
try {
if (!fs.existsSync(dir)) {
fs.mkdirSync(dir);
}
} catch (err) {
reject(err);
return;
}
fs.writeFile(`${dir}/fullchain.pem`, certificate.meta.certificate, (err) => {
if (err) {
reject(err);
} else {
resolve();
}
});
}).then(() => {
return new Promise((resolve, reject) => {
fs.writeFile(`${dir}/privkey.pem`, certificate.meta.certificate_key, (err) => {
if (err) {
reject(err);
} else {
resolve();
}
});
});
});
await mkdir(dir, { recursive: true });
await writeFile(`${dir}/fullchain.pem`, certificate.meta.certificate);
await writeFile(`${dir}/privkey.pem`, certificate.meta.certificate_key);
},
/**
@@ -491,40 +466,22 @@ const internalCertificate = {
* @param {Object} data.files
* @returns {Promise}
*/
validate: (data) => {
// Put file contents into an object
const files = {};
_.map(data.files, (file, name) => {
if (internalCertificate.allowedSslFiles.indexOf(name) !== -1) {
files[name] = file.data.toString();
validate: async (data) => {
const finalData = {};
for (const [name, file] of Object.entries(data.files)) {
if (internalCertificate.allowedSslFiles.includes(name)) {
const content = file.data.toString();
let res;
if (name === "certificate_key") {
res = await internalCertificate.checkPrivateKey(content);
} else {
res = await internalCertificate.getCertificateInfo(content, true);
}
finalData[name] = res;
}
});
}
// For each file, create a temp file and write the contents to it
// Then test it depending on the file type
const promises = [];
_.map(files, (content, type) => {
promises.push(
new Promise((resolve) => {
if (type === "certificate_key") {
resolve(internalCertificate.checkPrivateKey(content));
} else {
// this should handle `certificate` and intermediate certificate
resolve(internalCertificate.getCertificateInfo(content, true));
}
}).then((res) => {
return { [type]: res };
}),
);
});
return Promise.all(promises).then((files) => {
let data = {};
_.each(files, (file) => {
data = _.assign({}, data, file);
});
return data;
});
return finalData;
},
/**
@@ -554,8 +511,8 @@ const internalCertificate = {
const certificate = await internalCertificate.update(access, {
id: data.id,
expires_on: moment(validations.certificate.dates.to, "X").format("YYYY-MM-DD HH:mm:ss"),
domain_names: [validations.certificate.cn],
expires_on: dayjs.unix(validations.certificate.dates.to).format("YYYY-MM-DD HH:mm:ss"),
domain_names: validations.certificate.cn,
meta: _.clone(row.meta), // Prevent the update method from changing this value that we'll use later
});
@@ -571,24 +528,10 @@ const internalCertificate = {
* @param {String} privateKey This is the entire key contents as a string
*/
checkPrivateKey: async (privateKey) => {
const filepath = await tempWrite(privateKey);
const failTimeout = setTimeout(() => {
throw new error.ValidationError(
"Result Validation Error: Validation timed out. This could be due to the key being passphrase-protected.",
);
}, 10000);
try {
const result = await utils.execFile("openssl", ["pkey", "-in", filepath, "-check", "-noout"]);
clearTimeout(failTimeout);
if (!result.toLowerCase().includes("key is valid")) {
throw new error.ValidationError(`Result Validation Error: ${result}`);
}
fs.unlinkSync(filepath);
createPrivateKey(privateKey);
return true;
} catch (err) {
clearTimeout(failTimeout);
fs.unlinkSync(filepath);
throw new error.ValidationError(`Certificate Key is not valid (${err.message})`, err);
}
},
@@ -601,77 +544,38 @@ const internalCertificate = {
* @param {Boolean} [throwExpired] Throw when the certificate is out of date
*/
getCertificateInfo: async (certificate, throwExpired) => {
const filepath = await tempWrite(certificate);
try {
const certData = await internalCertificate.getCertificateInfoFromFile(filepath, throwExpired);
fs.unlinkSync(filepath);
return certData;
} catch (err) {
fs.unlinkSync(filepath);
throw err;
}
},
/**
* Uses the openssl command to both validate and get info out of the certificate.
* It will save the file to disk first, then run commands on it, then delete the file.
*
* @param {String} certificateFile The file location on disk
* @param {Boolean} [throw_expired] Throw when the certificate is out of date
*/
getCertificateInfoFromFile: async (certificateFile, throw_expired) => {
const certData = {};
try {
const result = await utils.execFile("openssl", ["x509", "-in", certificateFile, "-subject", "-noout"]);
// Examples:
// subject=CN = *.jc21.com
// subject=CN = something.example.com
const regex = /(?:subject=)?[^=]+=\s*(\S+)/gim;
const match = regex.exec(result);
if (match && typeof match[1] !== "undefined") {
certData.cn = match[1];
}
const cert = new X509Certificate(certificate);
const result2 = await utils.execFile("openssl", ["x509", "-in", certificateFile, "-issuer", "-noout"]);
// Examples:
// issuer=C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
// issuer=C = US, O = Let's Encrypt, CN = E5
// issuer=O = NginxProxyManager, CN = NginxProxyManager Intermediate CA","O = NginxProxyManager, CN = NginxProxyManager Intermediate CA
const regex2 = /^(?:issuer=)?(.*)$/gim;
const match2 = regex2.exec(result2);
if (match2 && typeof match2[1] !== "undefined") {
certData.issuer = match2[1];
}
const result3 = await utils.execFile("openssl", ["x509", "-in", certificateFile, "-dates", "-noout"]);
// notBefore=Jul 14 04:04:29 2018 GMT
// notAfter=Oct 12 04:04:29 2018 GMT
let validFrom = null;
let validTo = null;
const lines = result3.split("\n");
lines.map((str) => {
const regex = /^(\S+)=(.*)$/gim;
const match = regex.exec(str.trim());
if (match && typeof match[2] !== "undefined") {
const date = Number.parseInt(moment(match[2], "MMM DD HH:mm:ss YYYY z").format("X"), 10);
if (match[1].toLowerCase() === "notbefore") {
validFrom = date;
} else if (match[1].toLowerCase() === "notafter") {
validTo = date;
}
if (cert.subjectAltName) {
certData.cn = cert.subjectAltName.split(", ").map((entry) => {
const firstColonIdx = entry.indexOf(":");
return firstColonIdx === -1 ? entry.trim() : entry.substring(firstColonIdx + 1).trim();
});
} else {
const cnMatch = /\bCN=([^\n]+)/i.exec(cert.subject);
if (cnMatch?.[1]) {
certData.cn = [cnMatch[1].trim()];
} else {
certData.cn = [];
}
return true;
});
if (!validFrom || !validTo) {
throw new error.ValidationError(`Could not determine dates from certificate: ${result}`);
}
if (throw_expired && validTo < Number.parseInt(moment().format("X"), 10)) {
if (cert.issuer) {
certData.issuer = cert.issuer.replace(/\n/g, ", ");
}
const validFrom = Math.floor(new Date(cert.validFrom).getTime() / 1000);
const validTo = Math.floor(new Date(cert.validTo).getTime() / 1000);
if (Number.isNaN(validFrom) || Number.isNaN(validTo)) {
throw new error.ValidationError("Could not determine dates from certificate");
}
const now = Math.floor(Date.now() / 1000);
if (throwExpired && validTo < now) {
throw new error.ValidationError("Certificate has expired");
}
@@ -686,6 +590,18 @@ const internalCertificate = {
}
},
/**
* Uses the openssl command to both validate and get info out of the certificate.
* It will save the file to disk first, then run commands on it, then delete the file.
*
* @param {String} certificateFile The file location on disk
* @param {Boolean} [throwExpired] Throw when the certificate is out of date
*/
getCertificateInfoFromFile: async (certificateFile, throwExpired) => {
const certContent = await readFile(certificateFile);
return internalCertificate.getCertificateInfo(certContent, throwExpired);
},
/**
* Cleans the tls keys from the meta object and sets them
* @param {String} email the email address to use for registration to "true"
@@ -752,7 +668,7 @@ const internalCertificate = {
);
const credentialsLocation = `/tmp/certbot-credentials/credentials-${certificate.id}`;
fs.writeFileSync(credentialsLocation, certificate.meta.dns_provider_credentials, { mode: 0o600 });
await writeFile(credentialsLocation, certificate.meta.dns_provider_credentials, { mode: 0o600 });
try {
const result = await utils.execFile("certbot", [
@@ -778,8 +694,7 @@ const internalCertificate = {
logger.info(result);
return result;
} catch (err) {
// Don't fail if file does not exist, so no need for action in the callback
fs.unlink(credentialsLocation, () => {});
await rm(credentialsLocation, { force: true });
throw err;
}
},
@@ -805,7 +720,7 @@ const internalCertificate = {
);
const updatedCertificate = await certificateModel.query().patchAndFetchById(certificate.id, {
expires_on: moment(certInfo.dates.to, "X").format("YYYY-MM-DD HH:mm:ss"),
expires_on: dayjs.unix(certInfo.dates.to).format("YYYY-MM-DD HH:mm:ss"),
});
// Add to audit log
@@ -929,7 +844,7 @@ const internalCertificate = {
"unspecified",
"--delete-after-revoke",
]);
fs.rmSync(`/data/tls/certbot/live/npm-${certificate.id}.der`, { force: true });
await rm(`/data/tls/certbot/live/npm-${certificate.id}.der`, { force: true });
logger.info(result);
return result;
} catch (err) {
@@ -953,7 +868,7 @@ const internalCertificate = {
const testChallengeDir = "/data/tls/certbot/acme-challenge/.well-known/acme-challenge";
const testChallengeFile = `${testChallengeDir}/test-challenge`;
fs.mkdirSync(testChallengeDir, { recursive: true });
fs.writeFileSync(testChallengeFile, "Success", { encoding: "utf8" });
await writeFile(testChallengeFile, "Success", { encoding: "utf8" });
const results = [];
@@ -965,7 +880,7 @@ const internalCertificate = {
}
// Remove the test challenge file
fs.unlinkSync(testChallengeFile);
await rm(testChallengeFile, { force: true });
return results;
},

13
backend/internal/ip_ranges.js
View File

@@ -1,4 +1,4 @@
import fs from "node:fs";
import { readFile, writeFile } from "node:fs/promises";
import { dirname } from "node:path";
import { fileURLToPath } from "node:url";
import utils from "../lib/utils.js";
@@ -82,20 +82,21 @@ const internalIpRanges = {
generateConfig: async (ip_ranges) => {
try {
const renderEngine = utils.getRenderEngine();
const template = fs.readFileSync(`${__dirname}/../templates/ip_ranges.conf`, { encoding: "utf8" });
const template = await readFile(`${__dirname}/../templates/ip_ranges.conf`, { encoding: "utf8" });
const newConfig = await renderEngine.parseAndRender(template, { ip_ranges: ip_ranges });
const filePath = "/usr/local/nginx/conf/conf.d/ip_ranges.conf";
if (fs.existsSync("/usr/local/nginx/conf/conf.d/ip_ranges.conf")) {
const oldConfig = fs.readFileSync("/usr/local/nginx/conf/conf.d/ip_ranges.conf", {
try {
const oldConfig = await readFile(filePath, {
encoding: "utf8",
});
if (oldConfig === newConfig) {
logger.info("Not updating Cloudflared IPs");
return false;
}
}
} catch {}
fs.writeFileSync("/usr/local/nginx/conf/conf.d/ip_ranges.conf", newConfig, { encoding: "utf8" });
await writeFile(filePath, newConfig, { encoding: "utf8" });
logger.info("Updated Cloudflared IPs");
return true;
} catch (err) {

427
backend/internal/nginx.js
View File

@@ -1,4 +1,4 @@
import fs from "node:fs";
import { readFile, rename, rm, writeFile } from "node:fs/promises";
import { dirname } from "node:path";
import { domainToASCII, fileURLToPath } from "node:url";
import _ from "lodash";
@@ -24,111 +24,81 @@ const internalNginx = {
* @param {Object} host
* @returns {Promise}
*/
configure: (model, host_type, host) => {
configure: async (model, host_type, host) => {
let combined_meta = {};
return internalNginx
.test()
.then(() => {
return internalNginx.deleteConfig(host_type, host);
})
.then(() => {
return internalNginx.reload();
})
.then(() => {
return internalNginx.generateConfig(host_type, host);
})
.then(() => {
// Test nginx again and update meta with result
return internalNginx
.test()
.then(() => {
// nginx is ok
combined_meta = _.assign({}, host.meta, {
nginx_online: true,
nginx_err: null,
});
await internalNginx.deleteConfig(host_type, host);
await internalNginx.generateConfig(host_type, host);
return model.query().where("id", host.id).patch({
meta: combined_meta,
});
})
.catch((err) => {
logger.error(err.message);
// config is bad, update meta and rename config
combined_meta = _.assign({}, host.meta, {
nginx_online: false,
nginx_err: err.message,
});
return model
.query()
.where("id", host.id)
.patch({
meta: combined_meta,
})
.then(() => {
internalNginx.renameConfigAsError(host_type, host);
});
});
})
.then(() => {
return internalNginx.reload();
})
.then(() => {
return combined_meta;
try {
await internalNginx.test();
combined_meta = _.assign({}, host.meta, {
nginx_online: true,
nginx_err: null,
});
await model.query().where("id", host.id).patch({
meta: combined_meta,
});
} catch (err) {
logger.error(err.message);
// config is bad, update meta and rename config
combined_meta = _.assign({}, host.meta, {
nginx_online: false,
nginx_err: err.message,
});
await model.query().where("id", host.id).patch({
meta: combined_meta,
});
await internalNginx.renameConfigAsError(host_type, host);
}
await internalNginx.reload();
return combined_meta;
},
/**
* @returns {Promise}
*/
test: () => {
test: async () => {
return utils.execFile("nginx", ["-tq"]);
},
/**
* @returns {Promise}
*/
reload: () => {
const promises = [];
reload: async () => {
if (process.env.ACME_OCSP_STAPLING === "true") {
promises.push(
utils
.execFile("certbot-ocsp-fetcher.sh", [
"-c",
"/data/tls/certbot/live",
"-o",
"/data/tls/certbot/live",
"--no-reload-webserver",
"--quiet",
])
.catch(() => {}),
);
try {
await utils.execFile("certbot-ocsp-fetcher.sh", [
"-c",
"/data/tls/certbot/live",
"-o",
"/data/tls/certbot/live",
"--no-reload-webserver",
"--quiet",
]);
} catch {}
}
if (process.env.CUSTOM_OCSP_STAPLING === "true") {
promises.push(
utils
.execFile("certbot-ocsp-fetcher.sh", [
"-c",
"/data/tls/custom",
"-o",
"/data/tls/custom",
"--no-reload-webserver",
"--quiet",
])
.catch(() => {}),
);
try {
await utils.execFile("certbot-ocsp-fetcher.sh", [
"-c",
"/data/tls/custom",
"-o",
"/data/tls/custom",
"--no-reload-webserver",
"--quiet",
]);
} catch {}
}
return Promise.all(promises).finally(() => {
return internalNginx.test().then(() => {
return utils.execFile("nginx", ["-s", "reload"]);
});
});
await internalNginx.test();
return utils.execFile("nginx", ["-s", "reload"]);
},
/**
@@ -148,45 +118,40 @@ const internalNginx = {
* @param {Object} host
* @returns {Promise}
*/
renderLocations: (host) => {
return new Promise((resolve, reject) => {
let template;
renderLocations: async (host) => {
let template;
try {
template = fs.readFileSync(`${__dirname}/../templates/_proxy_host_custom_location.conf`, {
encoding: "utf8",
});
} catch (err) {
reject(new errs.ConfigurationError(err.message));
return;
try {
template = await readFile(`${__dirname}/../templates/_proxy_host_custom_location.conf`, {
encoding: "utf8",
});
} catch (err) {
throw new errs.ConfigurationError(err.message);
}
const renderEngine = utils.getRenderEngine();
let renderedLocations = "";
for (const location of host.locations) {
if (location.npmplus_enabled === false) {
continue;
}
const renderEngine = utils.getRenderEngine();
let renderedLocations = "";
if (
location.forward_host.indexOf("/") > -1 &&
!location.forward_host.startsWith("/") &&
!location.forward_host.startsWith("unix")
) {
const split = location.forward_host.split("/");
const locationRendering = async () => {
for (let i = 0; i < host.locations.length; i++) {
if (host.locations[i].npmplus_enabled === false) {
continue;
}
location.forward_host = split.shift();
location.forward_path = `/${split.join("/")}`;
}
if (
host.locations[i].forward_host.indexOf("/") > -1 &&
!host.locations[i].forward_host.startsWith("/") &&
!host.locations[i].forward_host.startsWith("unix")
) {
const split = host.locations[i].forward_host.split("/");
renderedLocations += await renderEngine.parseAndRender(template, location);
}
host.locations[i].forward_host = split.shift();
host.locations[i].forward_path = `/${split.join("/")}`;
}
renderedLocations += await renderEngine.parseAndRender(template, host.locations[i]);
}
};
locationRendering().then(() => resolve(renderedLocations));
});
return renderedLocations;
},
/**
@@ -194,132 +159,97 @@ const internalNginx = {
* @param {Object} host
* @returns {Promise}
*/
generateConfig: (host_type, host_row) => {
generateConfig: async (host_type, host_row) => {
// Prevent modifying the original object:
const host = JSON.parse(JSON.stringify(host_row));
const nice_host_type = internalNginx.getFileFriendlyHostType(host_type);
const renderEngine = utils.getRenderEngine();
return new Promise((resolve, reject) => {
let template = null;
const filename = internalNginx.getConfigName(nice_host_type, host.id);
let template = null;
const filename = internalNginx.getConfigName(nice_host_type, host.id);
try {
template = fs.readFileSync(`${__dirname}/../templates/${nice_host_type}.conf`, { encoding: "utf8" });
} catch (err) {
reject(new errs.ConfigurationError(err.message));
return;
}
let locationsPromise;
let origLocations;
// Manipulate the data a bit before sending it to the template
if (nice_host_type !== "default") {
host.use_default_location = true;
if (typeof host.advanced_config !== "undefined" && host.advanced_config) {
host.use_default_location = !internalNginx.advancedConfigHasDefaultLocation(host.advanced_config);
}
}
// For redirection hosts, if the scheme is not http or https, set it to $scheme
if (
nice_host_type === "redirection_host" &&
["http", "https"].indexOf(host.forward_scheme.toLowerCase()) === -1
) {
host.forward_scheme = "$scheme";
}
if (host.locations) {
//logger.info ('host.locations = ' + JSON.stringify(host.locations, null, 2));
origLocations = [].concat(host.locations);
locationsPromise = internalNginx.renderLocations(host).then((renderedLocations) => {
host.locations = renderedLocations;
});
// Allow someone who is using / custom location path to use it, and skip the default / location
_.map(host.locations, (location) => {
if (location.path === "/" && location.location_type !== "= ") {
host.use_default_location = false;
}
if (location.npmplus_auth_request === "anubis") {
host.create_anubis_locations = true;
}
if (location.npmplus_auth_request === "tinyauth") {
host.create_tinyauth_locations = true;
}
if (location.npmplus_auth_request === "authelia") {
host.create_authelia_locations = true;
}
if (
location.npmplus_auth_request === "authentik" ||
location.npmplus_auth_request === "authentik-send-basic-auth"
) {
host.create_authentik_locations = true;
}
});
} else {
locationsPromise = Promise.resolve();
}
if (
host.forward_host &&
host.forward_host.indexOf("/") > -1 &&
!host.forward_host.startsWith("/") &&
!host.forward_host.startsWith("unix")
) {
const split = host.forward_host.split("/");
host.forward_host = split.shift();
host.forward_path = `/${split.join("/")}`;
}
if (host.domain_names) {
host.server_names = host.domain_names.map((domain_name) => domainToASCII(domain_name) || domain_name);
}
host.env = process.env;
locationsPromise.then(() => {
renderEngine
.parseAndRender(template, host)
.then((config_text) => {
fs.writeFileSync(filename, config_text, { encoding: "utf8" });
debug(logger, "Wrote config:", filename);
// Restore locations array
host.locations = origLocations;
resolve(true);
})
.catch((err) => {
debug(logger, `Could not write ${filename}:`, err.message);
reject(new errs.ConfigurationError(err.message));
})
.then(() => {
if (process.env.DISABLE_NGINX_BEAUTIFIER === "false") {
utils.execFile("nginxbeautifier", ["-s", "4", filename]).catch(() => {});
}
});
});
});
},
/**
* A simple wrapper around unlinkSync that writes to the logger
*
* @param {String} filename
*/
deleteFile: (filename) => {
if (!fs.existsSync(filename)) {
return;
}
try {
debug(logger, `Deleting file: ${filename}`);
fs.unlinkSync(filename);
template = await readFile(`${__dirname}/../templates/${nice_host_type}.conf`, { encoding: "utf8" });
} catch (err) {
debug(logger, "Could not delete file:", JSON.stringify(err, null, 2));
throw new errs.ConfigurationError(err.message);
}
let origLocations;
// Manipulate the data a bit before sending it to the template
if (nice_host_type !== "default") {
host.use_default_location = true;
if (typeof host.advanced_config !== "undefined" && host.advanced_config) {
host.use_default_location = !internalNginx.advancedConfigHasDefaultLocation(host.advanced_config);
}
}
// For redirection hosts, if the scheme is not http or https, set it to $scheme
if (
nice_host_type === "redirection_host" &&
["http", "https"].indexOf(host.forward_scheme.toLowerCase()) === -1
) {
host.forward_scheme = "$scheme";
}
if (host.locations) {
_.map(host.locations, (location) => {
if (location.path === "/" && location.location_type !== "= " && location.npmplus_enabled !== false) {
host.use_default_location = false;
}
if (location.npmplus_auth_request === "anubis") {
host.create_anubis_locations = true;
}
if (location.npmplus_auth_request === "tinyauth") {
host.create_tinyauth_locations = true;
}
if (location.npmplus_auth_request === "authelia") {
host.create_authelia_locations = true;
}
if (
location.npmplus_auth_request === "authentik" ||
location.npmplus_auth_request === "authentik-send-basic-auth"
) {
host.create_authentik_locations = true;
}
});
host.locations = await internalNginx.renderLocations(host);
}
if (
host.forward_host &&
host.forward_host.indexOf("/") > -1 &&
!host.forward_host.startsWith("/") &&
!host.forward_host.startsWith("unix")
) {
const split = host.forward_host.split("/");
host.forward_host = split.shift();
host.forward_path = `/${split.join("/")}`;
}
if (host.domain_names) {
host.server_names = host.domain_names.map((domain_name) => domainToASCII(domain_name) || domain_name);
}
host.env = process.env;
try {
const config_text = await renderEngine.parseAndRender(template, host);
await writeFile(filename, config_text, { encoding: "utf8" });
debug(logger, "Wrote config:", filename);
if (process.env.DISABLE_NGINX_BEAUTIFIER === "false") {
await utils.execFile("nginxbeautifier", ["-s", "4", filename]).catch(() => {});
}
return true;
} catch (err) {
debug(logger, `Could not write ${filename}:`, err.message);
throw new errs.ConfigurationError(err.message);
}
},
@@ -337,17 +267,22 @@ const internalNginx = {
* @param {Object} [host]
* @returns {Promise}
*/
deleteConfig: (host_type, host) => {
deleteConfig: async (host_type, host) => {
const config_file = internalNginx.getConfigName(
internalNginx.getFileFriendlyHostType(host_type),
typeof host === "undefined" ? 0 : host.id,
);
return new Promise((resolve /*, reject*/) => {
internalNginx.deleteFile(config_file);
internalNginx.deleteFile(`${config_file}.err`);
resolve();
});
const filesToDelete = [config_file, `${config_file}.err`];
for (const filename of filesToDelete) {
try {
debug(logger, `Deleting file: ${filename}`);
await rm(filename, { force: true });
} catch (err) {
debug(logger, "Could not delete file:", JSON.stringify(err, null, 2));
}
}
},
/**
@@ -355,17 +290,15 @@ const internalNginx = {
* @param {Object} [host]
* @returns {Promise}
*/
renameConfigAsError: (host_type, host) => {
renameConfigAsError: async (host_type, host) => {
const config_file = internalNginx.getConfigName(
internalNginx.getFileFriendlyHostType(host_type),
typeof host === "undefined" ? 0 : host.id,
);
return new Promise((resolve /*, reject */) => {
fs.rename(config_file, `${config_file}.err`, () => {
resolve();
});
});
try {
await rename(config_file, `${config_file}.err`);
} catch {}
},
/**

6
backend/internal/token.js
View File

@@ -74,7 +74,7 @@ export default {
};
}
// Create a moment of the expiry expression
// Create a dayjs of the expiry expression
const expiry = parseDatePeriod(data.expiry);
if (expiry === null) {
throw new errs.AuthError(`Invalid expiry time: ${data.expiry}`);
@@ -117,7 +117,7 @@ export default {
throw new errs.AuthError(ERROR_MESSAGE_INVALID_AUTH);
}
// Create a moment of the expiry expression
// Create a dayjs of the expiry expression
const expiry = parseDatePeriod(data.expiry);
if (expiry === null) {
throw new errs.AuthError(`Invalid expiry time: ${data.expiry}`);
@@ -152,7 +152,7 @@ export default {
thisData.expiry = thisData.expiry || "1d";
if (access?.token.getUserId(0)) {
// Create a moment of the expiry expression
// Create a dayjs of the expiry expression
const expiry = parseDatePeriod(thisData.expiry);
if (expiry === null) {
throw new errs.AuthError(`Invalid expiry time: ${thisData.expiry}`);

6
backend/lib/helpers.js
View File

@@ -1,9 +1,9 @@
import moment from "moment";
import dayjs from "dayjs";
import { ref } from "objection";
import { isPostgres } from "./config.js";
/**
* Takes an expression such as 30d and returns a moment object of that date in future
* Takes an expression such as 30d and returns a dayjs object of that date in future
*
* Key Shorthand
* ==================
@@ -23,7 +23,7 @@ import { isPostgres } from "./config.js";
const parseDatePeriod = (expression) => {
const matches = expression.match(/^([0-9]+)(y|Q|M|w|d|h|m|s|ms)$/m);
if (matches) {
return moment().add(matches[1], matches[2]);
return dayjs().add(matches[1], matches[2]);
}
return null;

23
backend/lib/utils.js
View File

@@ -1,4 +1,5 @@
import { execFile as nodeExecFile } from "node:child_process";
import { promisify } from "node:util";
import { dirname } from "node:path";
import { fileURLToPath } from "node:url";
import { Liquid } from "liquidjs";
@@ -11,6 +12,8 @@ import errs from "./error.js";
const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);
const nodeExecFilePromises = promisify(nodeExecFile);
const writeHash = () => {
const envVars = fs.readdirSync(`${__dirname}/../templates`).flatMap((file) => {
const content = fs.readFileSync(`${__dirname}/../templates/${file}`, "utf8");
@@ -31,18 +34,18 @@ const writeHash = () => {
* @param {Array} args
* @returns {Promise}
*/
const execFile = (cmd, args) => {
const execFile = async (cmd, args) => {
debug(logger, `CMD: ${cmd} ${args ? args.join(" ") : ""}`);
return new Promise((resolve, reject) => {
nodeExecFile(cmd, args, (err, stdout, stderr) => {
if (err && typeof err === "object") {
reject(new errs.CommandError((stdout + stderr).trim(), 1, err));
} else {
resolve((stdout + stderr).trim());
}
});
});
try {
const { stdout, stderr } = await nodeExecFilePromises(cmd, args);
return `${stdout || ""}${stderr || ""}`.trim();
} catch (err) {
if (err && typeof err === "object") {
throw new errs.CommandError(`${err.stdout || ""}${err.stderr || ""}`.trim(), 1, err);
}
throw err;
}
};
/**

12
backend/package.json
View File

@@ -7,12 +7,13 @@
"main": "index.js",
"type": "module",
"dependencies": {
"@apidevtools/json-schema-ref-parser": "15.2.2",
"@apidevtools/json-schema-ref-parser": "15.3.1",
"ajv": "8.18.0",
"archiver": "7.0.1",
"bcryptjs": "3.0.3",
"better-sqlite3": "12.6.2",
"cookie-parser": "1.4.7",
"dayjs": "1.11.19",
"express": "5.2.1",
"express-fileupload": "1.5.2",
"express-rate-limit": "8.2.1",
@@ -20,17 +21,16 @@
"knex": "3.1.0",
"liquidjs": "10.24.0",
"lodash": "4.17.23",
"moment": "2.30.1",
"mysql2": "3.17.3",
"mysql2": "3.18.2",
"objection": "3.1.5",
"openid-client": "6.8.2",
"otplib": "13.3.0",
"pg": "8.18.0",
"pg": "8.19.0",
"signale": "1.4.0",
"temp-write": "6.0.1"
"swagger-ui-express": "5.0.1"
},
"devDependencies": {
"@apidevtools/swagger-parser": "12.1.0",
"@biomejs/biome": "2.4.2"
"@biomejs/biome": "2.4.5"
}
}

78
backend/password-reset.js
View File

@@ -2,7 +2,7 @@
// based on: https://github.com/jlesage/docker-nginx-proxy-manager/blob/796734a3f9a87e0b1561b47fd418f82216359634/rootfs/opt/nginx-proxy-manager/bin/reset-password
import fs from "node:fs";
import { existsSync } from "node:fs";
import bcrypt from "bcryptjs";
import Database from "better-sqlite3";
@@ -13,7 +13,7 @@ Reset password of a NPMplus user.
Arguments:
USER_EMAIL Email address of the user to reset the password.
PASSWORD Optional new password of the user. If not set, password is set to 'changeme'.`);
PASSWORD New password of the user.`);
process.exit(1);
}
@@ -21,57 +21,35 @@ const args = process.argv.slice(2);
const USER_EMAIL = args[0];
const PASSWORD = args[1];
if (!USER_EMAIL && !PASSWORD) {
console.error("ERROR: User email address must be set.");
console.error("ERROR: Password must be set.");
if (!USER_EMAIL || !PASSWORD) {
if (!USER_EMAIL) console.error("ERROR: User email address must be set.");
if (!PASSWORD) console.error("ERROR: Password must be set.");
usage();
}
if (!USER_EMAIL) {
console.error("ERROR: User email address must be set.");
usage();
}
if (!PASSWORD) {
console.error("ERROR: Password must be set.");
usage();
}
if (fs.existsSync("/data/npmplus/database.sqlite")) {
bcrypt.hash(PASSWORD, 13, (err, PASSWORD_HASH) => {
if (err) {
console.error(err);
process.exit(1);
}
const db = new Database("/data/npmplus/database.sqlite");
try {
const stmt = db.prepare(`
UPDATE auth
SET secret = ?
WHERE EXISTS (
SELECT *
FROM user
WHERE user.id = auth.user_id AND user.email = ?
)`);
const result = stmt.run(PASSWORD_HASH, USER_EMAIL);
if (result.changes > 0) {
console.log(`Password for user ${USER_EMAIL} has been reset.`);
} else {
console.log(`No user found with email ${USER_EMAIL}.`);
}
} catch (error) {
console.error(error);
process.exit(1);
} finally {
db.close();
}
process.exit(0);
});
} else {
if (!existsSync("/data/npmplus/database.sqlite")) {
console.error("ERROR: Cannot connect to the sqlite database.");
process.exit(1);
}
let db;
try {
db = new Database("/data/npmplus/database.sqlite");
const PASSWORD_HASH = bcrypt.hashSync(PASSWORD, 13);
const stmt = db.prepare(
"UPDATE auth SET secret = ? WHERE EXISTS (SELECT * FROM user WHERE user.id = auth.user_id AND user.email = ?)",
);
const result = stmt.run(PASSWORD_HASH, USER_EMAIL);
if (result.changes > 0) {
console.log(`Password for user ${USER_EMAIL} has been reset.`);
} else {
console.log(`No user found with email ${USER_EMAIL}.`);
}
} catch (error) {
console.error(error);
process.exitCode = 1;
} finally {
if (db) db.close();
}

351
backend/pnpm-lock.yaml generated
View File

@@ -9,8 +9,8 @@ importers:
.:
dependencies:
'@apidevtools/json-schema-ref-parser':
specifier: 15.2.2
version: 15.2.2(@types/json-schema@7.0.15)
specifier: 15.3.1
version: 15.3.1(@types/json-schema@7.0.15)
ajv:
specifier: 8.18.0
version: 8.18.0
@@ -26,6 +26,9 @@ importers:
cookie-parser:
specifier: 1.4.7
version: 1.4.7
dayjs:
specifier: 1.11.19
version: 1.11.19
express:
specifier: 5.2.1
version: 5.2.1
@@ -40,22 +43,19 @@ importers:
version: 9.0.3
knex:
specifier: 3.1.0
version: 3.1.0(better-sqlite3@12.6.2)(mysql2@3.17.3)(pg@8.18.0)
version: 3.1.0(better-sqlite3@12.6.2)(mysql2@3.18.2(@types/node@25.3.3))(pg@8.19.0)
liquidjs:
specifier: 10.24.0
version: 10.24.0
lodash:
specifier: 4.17.23
version: 4.17.23
moment:
specifier: 2.30.1
version: 2.30.1
mysql2:
specifier: 3.17.3
version: 3.17.3
specifier: 3.18.2
version: 3.18.2(@types/node@25.3.3)
objection:
specifier: 3.1.5
version: 3.1.5(knex@3.1.0(better-sqlite3@12.6.2)(mysql2@3.17.3)(pg@8.18.0))
version: 3.1.5(knex@3.1.0(better-sqlite3@12.6.2)(mysql2@3.18.2(@types/node@25.3.3))(pg@8.19.0))
openid-client:
specifier: 6.8.2
version: 6.8.2
@@ -63,21 +63,21 @@ importers:
specifier: 13.3.0
version: 13.3.0
pg:
specifier: 8.18.0
version: 8.18.0
specifier: 8.19.0
version: 8.19.0
signale:
specifier: 1.4.0
version: 1.4.0
temp-write:
specifier: 6.0.1
version: 6.0.1
swagger-ui-express:
specifier: 5.0.1
version: 5.0.1(express@5.2.1)
devDependencies:
'@apidevtools/swagger-parser':
specifier: 12.1.0
version: 12.1.0(openapi-types@12.1.3)
'@biomejs/biome':
specifier: 2.4.2
version: 2.4.2
specifier: 2.4.5
version: 2.4.5
packages:
@@ -85,8 +85,8 @@ packages:
resolution: {integrity: sha512-Oc96zvmxx1fqoSEdUmfmvvb59/KDOnUoJ7s2t7bISyAn0XEz57LCCw8k2Y4Pf3mwKaZLMciESALORLgfe2frCw==}
engines: {node: '>= 16'}
'@apidevtools/json-schema-ref-parser@15.2.2':
resolution: {integrity: sha512-54fvjSwWiBTdVviiUItOCeyxtPSBmCrSEjlOl8XFEDuYD3lXY1lOBWKim/WJ3i1EYzdGx6rSOjK5KRDMppLI4Q==}
'@apidevtools/json-schema-ref-parser@15.3.1':
resolution: {integrity: sha512-FIweGOR9zrNuskfDXn8dfsA4eJEe8LmmGsGSDikEZvgYm36SO36yMhasXSOX7/OTGZ3b7I9iPhOxB24D8xL5uQ==}
engines: {node: '>=20'}
peerDependencies:
'@types/json-schema': ^7.0.15
@@ -103,59 +103,59 @@ packages:
peerDependencies:
openapi-types: '>=7'
'@biomejs/biome@2.4.2':
resolution: {integrity: sha512-vVE/FqLxNLbvYnFDYg3Xfrh1UdFhmPT5i+yPT9GE2nTUgI4rkqo5krw5wK19YHBd7aE7J6r91RRmb8RWwkjy6w==}
'@biomejs/biome@2.4.5':
resolution: {integrity: sha512-OWNCyMS0Q011R6YifXNOg6qsOg64IVc7XX6SqGsrGszPbkVCoaO7Sr/lISFnXZ9hjQhDewwZ40789QmrG0GYgQ==}
engines: {node: '>=14.21.3'}
hasBin: true
'@biomejs/cli-darwin-arm64@2.4.2':
resolution: {integrity: sha512-3pEcKCP/1POKyaZZhXcxFl3+d9njmeAihZ17k8lL/1vk+6e0Cbf0yPzKItFiT+5Yh6TQA4uKvnlqe0oVZwRxCA==}
'@biomejs/cli-darwin-arm64@2.4.5':
resolution: {integrity: sha512-lGS4Nd5O3KQJ6TeWv10mElnx1phERhBxqGP/IKq0SvZl78kcWDFMaTtVK+w3v3lusRFxJY78n07PbKplirsU5g==}
engines: {node: '>=14.21.3'}
cpu: [arm64]
os: [darwin]
'@biomejs/cli-darwin-x64@2.4.2':
resolution: {integrity: sha512-P7hK1jLVny+0R9UwyGcECxO6sjETxfPyBm/1dmFjnDOHgdDPjPqozByunrwh4xPKld8sxOr5eAsSqal5uKgeBg==}
'@biomejs/cli-darwin-x64@2.4.5':
resolution: {integrity: sha512-6MoH4tyISIBNkZ2Q5T1R7dLd5BsITb2yhhhrU9jHZxnNSNMWl+s2Mxu7NBF8Y3a7JJcqq9nsk8i637z4gqkJxQ==}
engines: {node: '>=14.21.3'}
cpu: [x64]
os: [darwin]
'@biomejs/cli-linux-arm64-musl@2.4.2':
resolution: {integrity: sha512-/x04YK9+7erw6tYEcJv9WXoBHcULI/wMOvNdAyE9S3JStZZ9yJyV67sWAI+90UHuDo/BDhq0d96LDqGlSVv7WA==}
'@biomejs/cli-linux-arm64-musl@2.4.5':
resolution: {integrity: sha512-iqLDgpzobG7gpBF0fwEVS/LT8kmN7+S0E2YKFDtqliJfzNLnAiV2Nnyb+ehCDCJgAZBASkYHR2o60VQWikpqIg==}
engines: {node: '>=14.21.3'}
cpu: [arm64]
os: [linux]
libc: [musl]
'@biomejs/cli-linux-arm64@2.4.2':
resolution: {integrity: sha512-DI3Mi7GT2zYNgUTDEbSjl3e1KhoP76OjQdm8JpvZYZWtVDRyLd3w8llSr2TWk1z+U3P44kUBWY3X7H9MD1/DGQ==}
'@biomejs/cli-linux-arm64@2.4.5':
resolution: {integrity: sha512-U1GAG6FTjhAO04MyH4xn23wRNBkT6H7NentHh+8UxD6ShXKBm5SY4RedKJzkUThANxb9rUKIPc7B8ew9Xo/cWg==}
engines: {node: '>=14.21.3'}
cpu: [arm64]
os: [linux]
libc: [glibc]
'@biomejs/cli-linux-x64-musl@2.4.2':
resolution: {integrity: sha512-wbBmTkeAoAYbOQ33f6sfKG7pcRSydQiF+dTYOBjJsnXO2mWEOQHllKlC2YVnedqZFERp2WZhFUoO7TNRwnwEHQ==}
'@biomejs/cli-linux-x64-musl@2.4.5':
resolution: {integrity: sha512-NlKa7GpbQmNhZf9kakQeddqZyT7itN7jjWdakELeXyTU3pg/83fTysRRDPJD0akTfKDl6vZYNT9Zqn4MYZVBOA==}
engines: {node: '>=14.21.3'}
cpu: [x64]
os: [linux]
libc: [musl]
'@biomejs/cli-linux-x64@2.4.2':
resolution: {integrity: sha512-GK2ErnrKpWFigYP68cXiCHK4RTL4IUWhK92AFS3U28X/nuAL5+hTuy6hyobc8JZRSt+upXt1nXChK+tuHHx4mA==}
'@biomejs/cli-linux-x64@2.4.5':
resolution: {integrity: sha512-NdODlSugMzTlENPTa4z0xB82dTUlCpsrOxc43///aNkTLblIYH4XpYflBbf5ySlQuP8AA4AZd1qXhV07IdrHdQ==}
engines: {node: '>=14.21.3'}
cpu: [x64]
os: [linux]
libc: [glibc]
'@biomejs/cli-win32-arm64@2.4.2':
resolution: {integrity: sha512-k2uqwLYrNNxnaoiW3RJxoMGnbKda8FuCmtYG3cOtVljs3CzWxaTR+AoXwKGHscC9thax9R4kOrtWqWN0+KdPTw==}
'@biomejs/cli-win32-arm64@2.4.5':
resolution: {integrity: sha512-EBfrTqRIWOFSd7CQb/0ttjHMR88zm3hGravnDwUA9wHAaCAYsULKDebWcN5RmrEo1KBtl/gDVJMrFjNR0pdGUw==}
engines: {node: '>=14.21.3'}
cpu: [arm64]
os: [win32]
'@biomejs/cli-win32-x64@2.4.2':
resolution: {integrity: sha512-9ma7C4g8Sq3cBlRJD2yrsHXB1mnnEBdpy7PhvFrylQWQb4PoyCmPucdX7frvsSBQuFtIiKCrolPl/8tCZrKvgQ==}
'@biomejs/cli-win32-x64@2.4.5':
resolution: {integrity: sha512-Pmhv9zT95YzECfjEHNl3mN9Vhusw9VA5KHY0ZvlGsxsjwS5cb7vpRnHzJIv0vG7jB0JI7xEaMH9ddfZm/RozBw==}
engines: {node: '>=14.21.3'}
cpu: [x64]
os: [win32]
@@ -190,12 +190,18 @@ packages:
resolution: {integrity: sha512-+1VkjdD0QBLPodGrJUeqarH8VAIvQODIbwh9XpP5Syisf7YoQgsJKPNFoqqLQlu+VQ/tVSshMR6loPMn8U+dPg==}
engines: {node: '>=14'}
'@scarf/scarf@1.4.0':
resolution: {integrity: sha512-xxeapPiUXdZAE3che6f3xogoJPeZgig6omHEy1rIY5WVsB3H2BHNnZH+gHG6x91SCWyQCzWGsuL2Hh3ClO5/qQ==}
'@scure/base@2.0.0':
resolution: {integrity: sha512-3E1kpuZginKkek01ovG8krQ0Z44E3DHPjc5S2rjJw9lZn3KSQOs8S7wqikF/AH7iRanHypj85uGyxk0XAyC37w==}
'@types/json-schema@7.0.15':
resolution: {integrity: sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==}
'@types/node@25.3.3':
resolution: {integrity: sha512-DpzbrH7wIcBaJibpKo9nnSQL0MTRdnWttGyE5haGwK86xgMOkFLp7vEyfQPGLOJh5wNYiJ3V9PmUMDhV9u8kkQ==}
abort-controller@3.0.0:
resolution: {integrity: sha512-h8lQ8tacZYnR3vNQTgibj+tODHI5/+l06Au2Pcriv/Gmet0eaj4TwWH41sO9wnHDiQsEj19q0drzdWdeAHtweg==}
engines: {node: '>=6.5'}
@@ -261,8 +267,8 @@ packages:
resolution: {integrity: sha512-NZKeq9AfyQvEeNlN0zSYAaWrmBffJh3IELMZfRpJVWgrpEbtEpnjvzqBPf+mxoI287JohRDoa+/nsfqqiZmF6g==}
engines: {node: '>= 6.0.0'}
b4a@1.7.5:
resolution: {integrity: sha512-iEsKNwDh1wiWTps1/hdkNdmBgDlDVZP5U57ZVOlt+dNFqpc/lpPouCIxZw+DYBgc4P9NDfIZMPNR4CHNhzwLIA==}
b4a@1.8.0:
resolution: {integrity: sha512-qRuSmNSkGQaHwNbM7J78Wwy+ghLEYF1zNrSeMxj4Kgw6y33O3mXcQ6Ie9fRvfU/YnxWkOchPXbaLb73TkIsfdg==}
peerDependencies:
react-native-b4a: '*'
peerDependenciesMeta:
@@ -280,6 +286,36 @@ packages:
bare-abort-controller:
optional: true
bare-fs@4.5.5:
resolution: {integrity: sha512-XvwYM6VZqKoqDll8BmSww5luA5eflDzY0uEFfBJtFKe4PAAtxBjU3YIxzIBzhyaEQBy1VXEQBto4cpN5RZJw+w==}
engines: {bare: '>=1.16.0'}
peerDependencies:
bare-buffer: '*'
peerDependenciesMeta:
bare-buffer:
optional: true
bare-os@3.7.0:
resolution: {integrity: sha512-64Rcwj8qlnTZU8Ps6JJEdSmxBEUGgI7g8l+lMtsJLl4IsfTcHMTfJ188u2iGV6P6YPRZrtv72B2kjn+hp+Yv3g==}
engines: {bare: '>=1.14.0'}
bare-path@3.0.0:
resolution: {integrity: sha512-tyfW2cQcB5NN8Saijrhqn0Zh7AnFNsnczRcuWODH0eYAXBsJ5gVxAUuNr7tsHSC6IZ77cA0SitzT+s47kot8Mw==}
bare-stream@2.8.0:
resolution: {integrity: sha512-reUN0M2sHRqCdG4lUK3Fw8w98eeUIZHL5c3H7Mbhk2yVBL+oofgaIp0ieLfD5QXwPCypBpmEEKU2WZKzbAk8GA==}
peerDependencies:
bare-buffer: '*'
bare-events: '*'
peerDependenciesMeta:
bare-buffer:
optional: true
bare-events:
optional: true
bare-url@2.3.2:
resolution: {integrity: sha512-ZMq4gd9ngV5aTMa5p9+UfY0b3skwhHELaDkhEHetMdX0LRkW9kzaym4oo/Eh+Ghm0CCDuMTsRIGM/ytUc1ZYmw==}
base64-js@1.5.1:
resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==}
@@ -406,6 +442,9 @@ packages:
resolution: {integrity: sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==}
engines: {node: '>= 8'}
dayjs@1.11.19:
resolution: {integrity: sha512-t5EcLVS6QPBNqM2z8fakk/NKel+Xzshgt8FFKAn+qwlD1pzZWxh0nVCrvFK7ZDb6XucZeF9z8C7CBWTRIVApAw==}
db-errors@0.2.3:
resolution: {integrity: sha512-OOgqgDuCavHXjYSJoV2yGhv6SeG8nk42aoCSoyXLZUH7VwFG27rxbavU1z+VrZbZjphw5UkDQwUlD21MwZpUng==}
@@ -673,10 +712,6 @@ packages:
resolution: {integrity: sha512-hFoiJiTl63nn+kstHGBtewWSKnQLpyb155KHheA1l39uvtO9nWIop1p3udqPcUd/xbF1VLMO4n7OI6p7RbngDg==}
engines: {node: '>=8'}
is-stream@4.0.1:
resolution: {integrity: sha512-Dnz92NInDqYckGEUJv689RbRiTSEHCQ7wOVeALbkOz999YpqT46yMRIGtSNl2iCL1waAZSx40+h59NV/EwzV/A==}
engines: {node: '>=18'}
isarray@1.0.0:
resolution: {integrity: sha512-VLghIWNM6ELQzo7zwmcg0NmTVyWKYjvIeM83yjp0wRDTmUnrM678fQbcKBo6n2CJEF0szoG//ytg+TKla89ALQ==}
@@ -812,12 +847,12 @@ packages:
resolution: {integrity: sha512-z0yWI+4FDrrweS8Zmt4Ej5HdJmky15+L2e6Wgn3+iK5fWzb6T3fhNFq2+MeTRb064c6Wr4N/wv0DzQTjNzHNGQ==}
engines: {node: '>=10'}
minimatch@5.1.6:
resolution: {integrity: sha512-lKwV/1brpG6mBUFHtb7NUmtABCb2WZZmm2wNiOA5hAb8VdCS4B3dtMWyvcoViccwAW/COERjXLt0zP1zXUN26g==}
minimatch@5.1.9:
resolution: {integrity: sha512-7o1wEA2RyMP7Iu7GNba9vc0RWWGACJOCZBJX2GJWip0ikV+wcOsgVuY9uE8CPiyQhkGFSlhuSkZPavN7u1c2Fw==}
engines: {node: '>=10'}
minimatch@9.0.5:
resolution: {integrity: sha512-G6T0ZX48xgozx7587koeX9Ys2NYy6Gmv//P89sEte9V9whIapMNF4idKxnW2QtCcLiTWlb/wfCabAtAFWhhBow==}
minimatch@9.0.9:
resolution: {integrity: sha512-OBwBN9AL4dqmETlpS2zasx+vTeWclWzkblfZk7KTA5j3jeOONz/tRCnZomUyvNg83wL5Zv9Ss6HMJXAgL8R2Yg==}
engines: {node: '>=16 || 14 >=14.17'}
minimist@1.2.8:
@@ -830,18 +865,17 @@ packages:
mkdirp-classic@0.5.3:
resolution: {integrity: sha512-gKLcREMhtuZRwRAfqP3RFW+TK4JqApVBtOIftVgjuABpAtpxhPGaDcfvbhNvD0B8iD1oUr/txX35NjcaY6Ns/A==}
moment@2.30.1:
resolution: {integrity: sha512-uEmtNhbDOrWPFS+hdjFCBfy9f2YoyzRpwcl+DqpC6taX21FzsTLQVbMV/W7PzNSX6x/bhC1zA3c2UQ5NzH6how==}
ms@2.1.2:
resolution: {integrity: sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==}
ms@2.1.3:
resolution: {integrity: sha512-6FlzubTLZG3J2a/NVCAleEhjzq5oxgHyaCU9yYXvcLsvoVaHJq/s5xXI6/XXP6tz7R9xAOtHnSO/tXtF3WRTlA==}
mysql2@3.17.3:
resolution: {integrity: sha512-uCLmQMe1l96Sb6J3Ii8YJTOWJkhRmxlLJFdOfhD68jPpGTzK2fxEkFMpf5gewyHgUB0FJKzuAuPhYS+oPB0/vA==}
mysql2@3.18.2:
resolution: {integrity: sha512-UfEShBFAZZEAKjySnTUuE7BgqkYT4mx+RjoJ5aqtmwSSvNcJ/QxQPXz/y3jSxNiVRedPfgccmuBtiPCSiEEytw==}
engines: {node: '>= 8.0'}
peerDependencies:
'@types/node': '>= 8'
named-placeholders@1.1.6:
resolution: {integrity: sha512-Tz09sEL2EEuv5fFowm419c1+a/jSMiBjI9gHxVLrVdbUkkNUUfjsVYs9pVZu5oCon/kmRh9TfLEObFtkVxmY0w==}
@@ -945,20 +979,20 @@ packages:
resolution: {integrity: sha512-WCtabS6t3c8SkpDBUlb1kjOs7l66xsGdKpIPZsg4wR+B3+u9UAum2odSsF9tnvxg80h4ZxLWMy4pRjOsFIqQpw==}
engines: {node: '>=4.0.0'}
pg-pool@3.11.0:
resolution: {integrity: sha512-MJYfvHwtGp870aeusDh+hg9apvOe2zmpZJpyt+BMtzUWlVqbhFmMK6bOBXLBUPd7iRtIF9fZplDc7KrPN3PN7w==}
pg-pool@3.12.0:
resolution: {integrity: sha512-eIJ0DES8BLaziFHW7VgJEBPi5hg3Nyng5iKpYtj3wbcAUV9A1wLgWiY7ajf/f/oO1wfxt83phXPY8Emztg7ITg==}
peerDependencies:
pg: '>=8.0'
pg-protocol@1.11.0:
resolution: {integrity: sha512-pfsxk2M9M3BuGgDOfuy37VNRRX3jmKgMjcvAcWqNDpZSf4cUmv8HSOl5ViRQFsfARFn0KuUQTgLxVMbNq5NW3g==}
pg-protocol@1.12.0:
resolution: {integrity: sha512-uOANXNRACNdElMXJ0tPz6RBM0XQ61nONGAwlt8da5zs/iUOOCLBQOHSXnrC6fMsvtjxbOJrZZl5IScGv+7mpbg==}
pg-types@2.2.0:
resolution: {integrity: sha512-qTAAlrEsl8s4OiEQY69wDvcMIdQN6wdz5ojQiOy6YRMuynxenON0O5oCpJI6lshc6scgAY8qvJ2On/p+CXY0GA==}
engines: {node: '>=4'}
pg@8.18.0:
resolution: {integrity: sha512-xqrUDL1b9MbkydY/s+VZ6v+xiMUmOUk7SS9d/1kpyQxoJ6U9AO1oIJyUWVZojbfe5Cc/oluutcgFG4L9RDP1iQ==}
pg@8.19.0:
resolution: {integrity: sha512-QIcLGi508BAHkQ3pJNptsFz5WQMlpGbuBGBaIaXsWK8mel2kQ/rThYI+DbgjUvZrIr7MiuEuc9LcChJoEZK1xQ==}
engines: {node: '>= 16.0.0'}
peerDependencies:
pg-native: '>=3.0.1'
@@ -996,6 +1030,7 @@ packages:
prebuild-install@7.1.3:
resolution: {integrity: sha512-8Mf2cbV7x1cXPUILADGI3wuhfqWvtiLA1iclTDbFRZkgRQS0NqsPZphna9V+HyTEadheuPmjaJMsbzKQFOzLug==}
engines: {node: '>=10'}
deprecated: No longer maintained. Please contact the author of the relevant native addon; alternatives are available.
hasBin: true
process-nextick-args@2.0.1:
@@ -1009,8 +1044,8 @@ packages:
resolution: {integrity: sha512-llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg==}
engines: {node: '>= 0.10'}
pump@3.0.3:
resolution: {integrity: sha512-todwxLMY7/heScKmntwQG8CXVkWUOdYxIvY2s0VWAAMh/nd8SoYiRaKjlr7+iCs984f2P8zvrfWcDDYVb73NfA==}
pump@3.0.4:
resolution: {integrity: sha512-VS7sjc6KR7e1ukRFhQSY5LM2uBWAUPiOPa/A3mkKmiMwSmRFUITt0xuj+/lesgnCv+dPIEYlkzrcyXgquIHMcA==}
qs@6.15.0:
resolution: {integrity: sha512-mAZTtNCeetKMH+pSjrb76NAM8V9a05I9aBZOHztWy/UqcJdQYNsf59vrRKWnojAT9Y+GbIvoTBC++CPHqpDBhQ==}
@@ -1163,8 +1198,8 @@ packages:
resolution: {integrity: sha512-Y38VPSHcqkFrCpFnQ9vuSXmquuv5oXOKpGeT6aGrr3o3Gc9AlVa6JBfUSOCnbxGGZF+/0ooI7KrPuUSztUdU5A==}
engines: {node: '>=8'}
strip-ansi@7.1.2:
resolution: {integrity: sha512-gmBGslpoQJtgnMAvOVqGZpEz9dyoKTCzy2nfz/n8aIFhN/jCE/rCmcxabB6jOOHV+0WNnylOxaxBQPSvcWklhA==}
strip-ansi@7.2.0:
resolution: {integrity: sha512-yDPMNjp4WyfYBkHnjIRLfca1i6KMyGCtsVgoKe/z1+6vukgaENdgGBZt+ZmKPc4gavvEZ5OgHfHdrazhgNyG7w==}
engines: {node: '>=12'}
strip-bom@3.0.0:
@@ -1183,6 +1218,15 @@ packages:
resolution: {integrity: sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==}
engines: {node: '>= 0.4'}
swagger-ui-dist@5.32.0:
resolution: {integrity: sha512-nKZB0OuDvacB0s/lC2gbge+RigYvGRGpLLMWMFxaTUwfM+CfndVk9Th2IaTinqXiz6Mn26GK2zriCpv6/+5m3Q==}
swagger-ui-express@5.0.1:
resolution: {integrity: sha512-SrNU3RiBGTLLmFU8GIJdOdanJTl4TOmT27tt3bWWHppqYmAZ6IDuEuBvMU6nZq0zLEe6b/1rACXCgLZqO6ZfrA==}
engines: {node: '>= v0.10.32'}
peerDependencies:
express: '>=4.0.0 || >=5.0.0-beta'
tar-fs@2.1.4:
resolution: {integrity: sha512-mDAjwmZdh7LTT6pNleZ05Yt65HC3E+NiQzl672vQG38jIrehtJk/J3mNwIg+vShQPcLF/LV7CMnDW6vjj6sfYQ==}
@@ -1190,20 +1234,15 @@ packages:
resolution: {integrity: sha512-ujeqbceABgwMZxEJnk2HDY2DlnUZ+9oEcb1KzTVfYHio0UE6dG71n60d8D2I4qNvleWrrXpmjpt7vZeF1LnMZQ==}
engines: {node: '>=6'}
tar-stream@3.1.7:
resolution: {integrity: sha512-qJj60CXt7IU1Ffyc3NJMjh6EkuCFej46zUqJ4J7pqYlThyd9bO0XBTmcOIhSzZJVWfsLks0+nle/j538YAW9RQ==}
tar-stream@3.1.8:
resolution: {integrity: sha512-U6QpVRyCGHva435KoNWy9PRoi2IFYCgtEhq9nmrPPpbRacPs9IH4aJ3gbrFC8dPcXvdSZ4XXfXT5Fshbp2MtlQ==}
tarn@3.0.2:
resolution: {integrity: sha512-51LAVKUSZSVfI05vjPESNc5vwqqZpbXCsU+/+wxlOrUjk2SnFTt97v9ZgQrD4YmxYW1Px6w2KjaDitCfkvgxMQ==}
engines: {node: '>=8.0.0'}
temp-dir@3.0.0:
resolution: {integrity: sha512-nHc6S/bwIilKHNRgK/3jlhDoIHcp45YgyiwcAk46Tr0LfEqGBVpmiAyuiuxeVE44m3mXnEeVhaipLOEWmH+Njw==}
engines: {node: '>=14.16'}
temp-write@6.0.1:
resolution: {integrity: sha512-6bj9LlNld+knzEOQvnZK6YxiPF+foOUjvG/WoWj1/Mt9c6f2kQCPsh8KZ+NyTk0AejubTQSPpx2alcswE1bF8g==}
engines: {node: '>=18'}
teex@1.0.1:
resolution: {integrity: sha512-eYE6iEI62Ni1H8oIa7KlDU6uQBtqr4Eajni3wX7rpfXD8ysFx8z0+dri+KWEPWpBsxXfxu58x/0jvTVT1ekOSg==}
text-decoder@1.2.7:
resolution: {integrity: sha512-vlLytXkeP4xvEq2otHeJfSQIRyWxo/oZGEbXrtEEF9Hnmrdly59sUbzZ/QgyWuLYHctCHxFF4tRQZNQ9k60ExQ==}
@@ -1223,6 +1262,9 @@ packages:
resolution: {integrity: sha512-OZs6gsjF4vMp32qrCbiVSkrFmXtG/AZhY3t0iAMrMBiAZyV9oALtXO8hsrHbMXF9x6L3grlFuwW2oAz7cav+Gw==}
engines: {node: '>= 0.6'}
undici-types@7.18.2:
resolution: {integrity: sha512-AsuCzffGHJybSaRrmr5eHr81mwJU3kjw6M+uprWvCXiNeN9SOGwQ3Jn8jb8m3Z6izVgknn1R0FTCEAP2QrLY/w==}
unpipe@1.0.0:
resolution: {integrity: sha512-pjy2bYhSsufwWlKwPc+l3cN7+wuJlK6uz0YdJEOlQDbl6jo/YlPi4mb8agUkVC8BF7V8NuzeyPNqRksA3hztKQ==}
engines: {node: '>= 0.8'}
@@ -1265,7 +1307,7 @@ snapshots:
'@types/json-schema': 7.0.15
js-yaml: 4.1.1
'@apidevtools/json-schema-ref-parser@15.2.2(@types/json-schema@7.0.15)':
'@apidevtools/json-schema-ref-parser@15.3.1(@types/json-schema@7.0.15)':
dependencies:
'@types/json-schema': 7.0.15
js-yaml: 4.1.1
@@ -1284,46 +1326,46 @@ snapshots:
call-me-maybe: 1.0.2
openapi-types: 12.1.3
'@biomejs/biome@2.4.2':
'@biomejs/biome@2.4.5':
optionalDependencies:
'@biomejs/cli-darwin-arm64': 2.4.2
'@biomejs/cli-darwin-x64': 2.4.2
'@biomejs/cli-linux-arm64': 2.4.2
'@biomejs/cli-linux-arm64-musl': 2.4.2
'@biomejs/cli-linux-x64': 2.4.2
'@biomejs/cli-linux-x64-musl': 2.4.2
'@biomejs/cli-win32-arm64': 2.4.2
'@biomejs/cli-win32-x64': 2.4.2
'@biomejs/cli-darwin-arm64': 2.4.5
'@biomejs/cli-darwin-x64': 2.4.5
'@biomejs/cli-linux-arm64': 2.4.5
'@biomejs/cli-linux-arm64-musl': 2.4.5
'@biomejs/cli-linux-x64': 2.4.5
'@biomejs/cli-linux-x64-musl': 2.4.5
'@biomejs/cli-win32-arm64': 2.4.5
'@biomejs/cli-win32-x64': 2.4.5
'@biomejs/cli-darwin-arm64@2.4.2':
'@biomejs/cli-darwin-arm64@2.4.5':
optional: true
'@biomejs/cli-darwin-x64@2.4.2':
'@biomejs/cli-darwin-x64@2.4.5':
optional: true
'@biomejs/cli-linux-arm64-musl@2.4.2':
'@biomejs/cli-linux-arm64-musl@2.4.5':
optional: true
'@biomejs/cli-linux-arm64@2.4.2':
'@biomejs/cli-linux-arm64@2.4.5':
optional: true
'@biomejs/cli-linux-x64-musl@2.4.2':
'@biomejs/cli-linux-x64-musl@2.4.5':
optional: true
'@biomejs/cli-linux-x64@2.4.2':
'@biomejs/cli-linux-x64@2.4.5':
optional: true
'@biomejs/cli-win32-arm64@2.4.2':
'@biomejs/cli-win32-arm64@2.4.5':
optional: true
'@biomejs/cli-win32-x64@2.4.2':
'@biomejs/cli-win32-x64@2.4.5':
optional: true
'@isaacs/cliui@8.0.2':
dependencies:
string-width: 5.1.2
string-width-cjs: string-width@4.2.3
strip-ansi: 7.1.2
strip-ansi: 7.2.0
strip-ansi-cjs: strip-ansi@6.0.1
wrap-ansi: 8.1.0
wrap-ansi-cjs: wrap-ansi@7.0.0
@@ -1360,10 +1402,16 @@ snapshots:
'@pkgjs/parseargs@0.11.0':
optional: true
'@scarf/scarf@1.4.0': {}
'@scure/base@2.0.0': {}
'@types/json-schema@7.0.15': {}
'@types/node@25.3.3':
dependencies:
undici-types: 7.18.2
abort-controller@3.0.0:
dependencies:
event-target-shim: 5.0.1
@@ -1419,10 +1467,11 @@ snapshots:
buffer-crc32: 1.0.0
readable-stream: 4.7.0
readdir-glob: 1.1.3
tar-stream: 3.1.7
tar-stream: 3.1.8
zip-stream: 6.0.1
transitivePeerDependencies:
- bare-abort-controller
- bare-buffer
- react-native-b4a
argparse@2.0.1: {}
@@ -1431,12 +1480,43 @@ snapshots:
aws-ssl-profiles@1.1.2: {}
b4a@1.7.5: {}
b4a@1.8.0: {}
balanced-match@1.0.2: {}
bare-events@2.8.2: {}
bare-fs@4.5.5:
dependencies:
bare-events: 2.8.2
bare-path: 3.0.0
bare-stream: 2.8.0(bare-events@2.8.2)
bare-url: 2.3.2
fast-fifo: 1.3.2
transitivePeerDependencies:
- bare-abort-controller
- react-native-b4a
bare-os@3.7.0: {}
bare-path@3.0.0:
dependencies:
bare-os: 3.7.0
bare-stream@2.8.0(bare-events@2.8.2):
dependencies:
streamx: 2.23.0
teex: 1.0.1
optionalDependencies:
bare-events: 2.8.2
transitivePeerDependencies:
- bare-abort-controller
- react-native-b4a
bare-url@2.3.2:
dependencies:
bare-path: 3.0.0
base64-js@1.5.1: {}
bcryptjs@3.0.3: {}
@@ -1568,6 +1648,8 @@ snapshots:
shebang-command: 2.0.0
which: 2.0.2
dayjs@1.11.19: {}
db-errors@0.2.3: {}
debug@4.3.4:
@@ -1762,7 +1844,7 @@ snapshots:
dependencies:
foreground-child: 3.3.1
jackspeak: 3.4.3
minimatch: 9.0.5
minimatch: 9.0.9
minipass: 7.1.3
package-json-from-dist: 1.0.1
path-scurry: 1.11.1
@@ -1817,8 +1899,6 @@ snapshots:
is-stream@2.0.1: {}
is-stream@4.0.1: {}
isarray@1.0.0: {}
isexe@2.0.0: {}
@@ -1863,7 +1943,7 @@ snapshots:
jwa: 2.0.1
safe-buffer: 5.2.1
knex@3.1.0(better-sqlite3@12.6.2)(mysql2@3.17.3)(pg@8.18.0):
knex@3.1.0(better-sqlite3@12.6.2)(mysql2@3.18.2(@types/node@25.3.3))(pg@8.19.0):
dependencies:
colorette: 2.0.19
commander: 10.0.1
@@ -1881,8 +1961,8 @@ snapshots:
tildify: 2.0.0
optionalDependencies:
better-sqlite3: 12.6.2
mysql2: 3.17.3
pg: 8.18.0
mysql2: 3.18.2(@types/node@25.3.3)
pg: 8.19.0
transitivePeerDependencies:
- supports-color
@@ -1942,11 +2022,11 @@ snapshots:
mimic-response@3.1.0: {}
minimatch@5.1.6:
minimatch@5.1.9:
dependencies:
brace-expansion: 2.0.2
minimatch@9.0.5:
minimatch@9.0.9:
dependencies:
brace-expansion: 2.0.2
@@ -1956,14 +2036,13 @@ snapshots:
mkdirp-classic@0.5.3: {}
moment@2.30.1: {}
ms@2.1.2: {}
ms@2.1.3: {}
mysql2@3.17.3:
mysql2@3.18.2(@types/node@25.3.3):
dependencies:
'@types/node': 25.3.3
aws-ssl-profiles: 1.1.2
denque: 2.1.0
generate-function: 2.3.1
@@ -1991,12 +2070,12 @@ snapshots:
object-inspect@1.13.4: {}
objection@3.1.5(knex@3.1.0(better-sqlite3@12.6.2)(mysql2@3.17.3)(pg@8.18.0)):
objection@3.1.5(knex@3.1.0(better-sqlite3@12.6.2)(mysql2@3.18.2(@types/node@25.3.3))(pg@8.19.0)):
dependencies:
ajv: 8.18.0
ajv-formats: 2.1.1(ajv@8.18.0)
db-errors: 0.2.3
knex: 3.1.0(better-sqlite3@12.6.2)(mysql2@3.17.3)(pg@8.18.0)
knex: 3.1.0(better-sqlite3@12.6.2)(mysql2@3.18.2(@types/node@25.3.3))(pg@8.19.0)
on-finished@2.4.1:
dependencies:
@@ -2063,11 +2142,11 @@ snapshots:
pg-int8@1.0.1: {}
pg-pool@3.11.0(pg@8.18.0):
pg-pool@3.12.0(pg@8.19.0):
dependencies:
pg: 8.18.0
pg: 8.19.0
pg-protocol@1.11.0: {}
pg-protocol@1.12.0: {}
pg-types@2.2.0:
dependencies:
@@ -2077,11 +2156,11 @@ snapshots:
postgres-date: 1.0.7
postgres-interval: 1.2.0
pg@8.18.0:
pg@8.19.0:
dependencies:
pg-connection-string: 2.11.0
pg-pool: 3.11.0(pg@8.18.0)
pg-protocol: 1.11.0
pg-pool: 3.12.0(pg@8.19.0)
pg-protocol: 1.12.0
pg-types: 2.2.0
pgpass: 1.0.5
optionalDependencies:
@@ -2117,7 +2196,7 @@ snapshots:
mkdirp-classic: 0.5.3
napi-build-utils: 2.0.0
node-abi: 3.87.0
pump: 3.0.3
pump: 3.0.4
rc: 1.2.8
simple-get: 4.0.1
tar-fs: 2.1.4
@@ -2132,7 +2211,7 @@ snapshots:
forwarded: 0.2.0
ipaddr.js: 1.9.1
pump@3.0.3:
pump@3.0.4:
dependencies:
end-of-stream: 1.4.5
once: 1.4.0
@@ -2183,7 +2262,7 @@ snapshots:
readdir-glob@1.1.3:
dependencies:
minimatch: 5.1.6
minimatch: 5.1.9
rechoir@0.8.0:
dependencies:
@@ -2321,7 +2400,7 @@ snapshots:
dependencies:
eastasianwidth: 0.2.0
emoji-regex: 9.2.2
strip-ansi: 7.1.2
strip-ansi: 7.2.0
string_decoder@1.1.1:
dependencies:
@@ -2335,7 +2414,7 @@ snapshots:
dependencies:
ansi-regex: 5.0.1
strip-ansi@7.1.2:
strip-ansi@7.2.0:
dependencies:
ansi-regex: 6.2.2
@@ -2349,11 +2428,20 @@ snapshots:
supports-preserve-symlinks-flag@1.0.0: {}
swagger-ui-dist@5.32.0:
dependencies:
'@scarf/scarf': 1.4.0
swagger-ui-express@5.0.1(express@5.2.1):
dependencies:
express: 5.2.1
swagger-ui-dist: 5.32.0
tar-fs@2.1.4:
dependencies:
chownr: 1.1.4
mkdirp-classic: 0.5.3
pump: 3.0.3
pump: 3.0.4
tar-stream: 2.2.0
tar-stream@2.2.0:
@@ -2364,28 +2452,29 @@ snapshots:
inherits: 2.0.4
readable-stream: 3.6.2
tar-stream@3.1.7:
tar-stream@3.1.8:
dependencies:
b4a: 1.7.5
b4a: 1.8.0
bare-fs: 4.5.5
fast-fifo: 1.3.2
streamx: 2.23.0
transitivePeerDependencies:
- bare-abort-controller
- bare-buffer
- react-native-b4a
tarn@3.0.2: {}
teex@1.0.1:
dependencies:
streamx: 2.23.0
transitivePeerDependencies:
- bare-abort-controller
- react-native-b4a
tarn@3.0.2: {}
temp-dir@3.0.0: {}
temp-write@6.0.1:
dependencies:
graceful-fs: 4.2.11
is-stream: 4.0.1
temp-dir: 3.0.0
text-decoder@1.2.7:
dependencies:
b4a: 1.7.5
b4a: 1.8.0
transitivePeerDependencies:
- react-native-b4a
@@ -2403,6 +2492,8 @@ snapshots:
media-typer: 1.1.0
mime-types: 3.0.2
undici-types@7.18.2: {}
unpipe@1.0.0: {}
util-deprecate@1.0.2: {}
@@ -2423,7 +2514,7 @@ snapshots:
dependencies:
ansi-styles: 6.2.3
string-width: 5.1.2
strip-ansi: 7.1.2
strip-ansi: 7.2.0
wrappy@1.0.2: {}

36
backend/routes/docs.js Normal file
View File

@@ -0,0 +1,36 @@
import express from "express";
import swaggerUi from "swagger-ui-express";
import { debug, express as logger } from "../logger.js";
import PACKAGE from "../package.json" with { type: "json" };
import { getCompiledSchema } from "../schema/index.js";
const router = express.Router({
caseSensitive: true,
strict: true,
mergeParams: true,
});
router.use("/", swaggerUi.serve);
router
.route("/")
.options((_, res) => {
res.sendStatus(204);
})
/**
* GET / (Now serves the Swagger UI interface)
*/
.get(async (req, res, next) => {
try {
const swaggerJSON = await getCompiledSchema();
swaggerJSON.info.version = PACKAGE.version;
swaggerJSON.servers[0].url = `${req.protocol}://${req.get("host")}/api`;
res.status(200).send(swaggerUi.generateHTML(swaggerJSON));
} catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.originalUrl}: ${err}`);
next(err);
}
});
export default router;

2
backend/routes/main.js
View File

@@ -10,6 +10,7 @@ import proxyHostsRoutes from "./nginx/proxy_hosts.js";
import redirectionHostsRoutes from "./nginx/redirection_hosts.js";
import streamsRoutes from "./nginx/streams.js";
import reportsRoutes from "./reports.js";
import docsRoutes from "./docs.js";
import schemaRoutes from "./schema.js";
import settingsRoutes from "./settings.js";
import tokensRoutes from "./tokens.js";
@@ -44,6 +45,7 @@ router.get(["/api", "/api/"], async (_, res /*, next*/) => {
});
});
router.use("/api/docs", docsRoutes);
router.use("/api/schema", schemaRoutes);
router.use("/api/tokens", tokensRoutes);
if (isOIDCenabled) router.use("/api/oidc", oidcRoutes);

15
backend/routes/schema.js
View File

@@ -18,22 +18,11 @@ router
/**
* GET /schema
*/
.get(async (req, res) => {
.get(async (req, res, next) => {
try {
const swaggerJSON = await getCompiledSchema();
let proto = req.protocol;
if (typeof req.headers["x-forwarded-proto"] !== "undefined" && req.headers["x-forwarded-proto"]) {
proto = req.headers["x-forwarded-proto"];
}
let origin = `${proto}://${req.hostname}`;
if (typeof req.headers.origin !== "undefined" && req.headers.origin) {
origin = req.headers.origin;
}
swaggerJSON.info.version = PACKAGE.version;
swaggerJSON.servers[0].url = `${origin}/api`;
swaggerJSON.servers[0].url = `${req.protocol}://${req.get("host")}/api`;
res.status(200).send(swaggerJSON);
} catch (err) {
debug(logger, `${req.method.toUpperCase()} ${req.originalUrl}: ${err}`);

1
backend/routes/tokens.js
View File

@@ -16,6 +16,7 @@ const router = express.Router({
const limiter = rateLimit({
windowMs: 5 * 60 * 1000,
limit: 10,
message: { error: { message: "Too many requests, please try again later." } },
standardHeaders: "draft-8",
legacyHeaders: false,
ipv6Subnet: 64,

6
backend/schema/common.json
View File

@@ -127,17 +127,17 @@
"example": true
},
"block_exploits": {
"description": "Should we block common exploits",
"description": "This is always disabled. Your value will be ignored",
"type": "boolean",
"example": false
},
"caching_enabled": {
"description": "Should we cache assets",
"description": "This is always disabled. Your value will be ignored",
"type": "boolean",
"example": false
},
"allow_websocket_upgrade": {
"description": "Allow Websocket Upgrade for all paths",
"description": "This is always enabled. Your value will be ignored",
"type": "boolean",
"example": true
},

9
backend/schema/components/security-schemes.json
View File

@@ -1,8 +1,7 @@
{
"bearerAuth": {
"type": "http",
"scheme": "bearer",
"bearerFormat": "JWT",
"description": "JWT Bearer Token authentication"
"cookieAuth": {
"type": "apiKey",
"in": "cookie",
"name": "token"
}
}

8
backend/schema/components/token-object.json
View File

@@ -2,8 +2,7 @@
"type": "object",
"description": "Token object",
"required": [
"expires",
"token"
"expires"
],
"additionalProperties": false,
"properties": {
@@ -11,11 +10,6 @@
"description": "Token Expiry ISO Time String",
"example": "2025-02-04T20:40:46.340Z",
"type": "string"
},
"token": {
"description": "JWT Token",
"example": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4",
"type": "string"
}
}
}

2
backend/schema/paths/audit-log/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/paths/audit-log/id/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/paths/nginx/access-lists/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"access_lists.view"
]
}

2
backend/schema/paths/nginx/access-lists/listID/delete.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"access_lists.manage"
]
}

2
backend/schema/paths/nginx/access-lists/listID/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"access_lists.view"
]
}

2
backend/schema/paths/nginx/access-lists/listID/put.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"access_lists.manage"
]
}

2
backend/schema/paths/nginx/access-lists/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"access_lists.manage"
]
}

2
backend/schema/paths/nginx/certificates/certID/delete.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.manage"
]
}

2
backend/schema/paths/nginx/certificates/certID/download/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.manage"
]
}

2
backend/schema/paths/nginx/certificates/certID/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.view"
]
}

2
backend/schema/paths/nginx/certificates/certID/renew/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.manage"
]
}

2
backend/schema/paths/nginx/certificates/certID/upload/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.manage"
]
}

2
backend/schema/paths/nginx/certificates/dns-providers/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.view"
]
}

2
backend/schema/paths/nginx/certificates/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.view"
]
}

2
backend/schema/paths/nginx/certificates/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.manage"
]
}

2
backend/schema/paths/nginx/certificates/test-http/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.view"
]
}

2
backend/schema/paths/nginx/certificates/validate/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"certificates.manage"
]
}

2
backend/schema/paths/nginx/dead-hosts/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"dead_hosts.view"
]
}

2
backend/schema/paths/nginx/dead-hosts/hostID/delete.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"dead_hosts.manage"
]
}

2
backend/schema/paths/nginx/dead-hosts/hostID/disable/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"dead_hosts.manage"
]
}

2
backend/schema/paths/nginx/dead-hosts/hostID/enable/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"dead_hosts.manage"
]
}

2
backend/schema/paths/nginx/dead-hosts/hostID/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"dead_hosts.view"
]
}

2
backend/schema/paths/nginx/dead-hosts/hostID/put.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"dead_hosts.manage"
]
}

2
backend/schema/paths/nginx/dead-hosts/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"dead_hosts.manage"
]
}

2
backend/schema/paths/nginx/proxy-hosts/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"proxy_hosts.view"
]
}

2
backend/schema/paths/nginx/proxy-hosts/hostID/delete.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"proxy_hosts.manage"
]
}

2
backend/schema/paths/nginx/proxy-hosts/hostID/disable/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"proxy_hosts.manage"
]
}

2
backend/schema/paths/nginx/proxy-hosts/hostID/enable/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"proxy_hosts.manage"
]
}

2
backend/schema/paths/nginx/proxy-hosts/hostID/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"proxy_hosts.view"
]
}

2
backend/schema/paths/nginx/proxy-hosts/hostID/put.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"proxy_hosts.manage"
]
}

2
backend/schema/paths/nginx/proxy-hosts/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"proxy_hosts.manage"
]
}

2
backend/schema/paths/nginx/redirection-hosts/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"redirection_hosts.view"
]
}

2
backend/schema/paths/nginx/redirection-hosts/hostID/delete.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"redirection_hosts.manage"
]
}

2
backend/schema/paths/nginx/redirection-hosts/hostID/disable/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"redirection_hosts.manage"
]
}

2
backend/schema/paths/nginx/redirection-hosts/hostID/enable/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"redirection_hosts.manage"
]
}

2
backend/schema/paths/nginx/redirection-hosts/hostID/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"redirection_hosts.view"
]
}

2
backend/schema/paths/nginx/redirection-hosts/hostID/put.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"redirection_hosts.manage"
]
}

2
backend/schema/paths/nginx/redirection-hosts/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"redirection_hosts.manage"
]
}

2
backend/schema/paths/nginx/streams/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"streams.view"
]
}

2
backend/schema/paths/nginx/streams/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"streams.manage"
]
}

2
backend/schema/paths/nginx/streams/streamID/delete.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"streams.manage"
]
}

2
backend/schema/paths/nginx/streams/streamID/disable/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"streams.manage"
]
}

2
backend/schema/paths/nginx/streams/streamID/enable/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"streams.manage"
]
}

2
backend/schema/paths/nginx/streams/streamID/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"streams.view"
]
}

2
backend/schema/paths/nginx/streams/streamID/put.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"streams.manage"
]
}

2
backend/schema/paths/reports/hosts/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": []
"cookieAuth": []
}
],
"responses": {

2
backend/schema/paths/settings/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/paths/settings/settingID/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/paths/settings/settingID/put.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

3
backend/schema/paths/tokens/2fa/post.json
View File

@@ -39,8 +39,7 @@
"examples": {
"default": {
"value": {
"expires": "2025-02-04T20:40:46.340Z",
"token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4"
"expires": "2025-02-04T20:40:46.340Z"
}
}
},

5
backend/schema/paths/tokens/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": []
"cookieAuth": []
}
],
"responses": {
@@ -17,8 +17,7 @@
"examples": {
"default": {
"value": {
"expires": "2025-02-04T20:40:46.340Z",
"token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4"
"expires": "2025-02-04T20:40:46.340Z"
}
}
},

3
backend/schema/paths/tokens/post.json
View File

@@ -51,8 +51,7 @@
"examples": {
"default": {
"value": {
"expires": "2025-02-04T20:40:46.340Z",
"token": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4"
"expires": "2025-02-04T20:40:46.340Z"
}
}
},

2
backend/schema/paths/users/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/paths/users/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/paths/users/userID/2fa/get.json
View File

@@ -4,7 +4,7 @@
"tags": ["users"],
"security": [
{
"bearerAuth": []
"cookieAuth": []
}
],
"parameters": [

2
backend/schema/paths/users/userID/auth/put.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/paths/users/userID/delete.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/paths/users/userID/get.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

9
backend/schema/paths/users/userID/login/post.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}
@@ -32,7 +32,6 @@
"examples": {
"default": {
"value": {
"token": "eyJhbGciOiJSUzI1NiIsInR...16OjT8B3NLyXg",
"expires": "2020-01-31T10:56:23.239Z",
"user": {
"id": 1,
@@ -53,16 +52,10 @@
"description": "Login object",
"required": [
"expires",
"token",
"user"
],
"additionalProperties": false,
"properties": {
"token": {
"description": "JWT Token",
"type": "string",
"example": "eyJhbGciOiJSUzUxMiIsInR5cCI6IkpXVCJ9.ey...xaHKYr3Kk6MvkUjcC4"
},
"expires": {
"description": "Token Expiry Timestamp",
"type": "string",

2
backend/schema/paths/users/userID/permissions/put.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/paths/users/userID/put.json
View File

@@ -6,7 +6,7 @@
],
"security": [
{
"bearerAuth": [
"cookieAuth": [
"admin"
]
}

2
backend/schema/swagger.json
View File

@@ -3,7 +3,7 @@
"info": {
"title": "NPMplus API",
"version": "2.x.x",
"description": "This is the official API documentation for NPMplus.\n\nMost endpoints require authentication via Bearer Token (JWT). You can generate a token by logging in via the `POST /tokens` endpoint.\n\nFor more information, visit the [Nginx Proxy Manager Documentation](https://nginxproxymanager.com)."
"description": "This is the official API documentation for NPMplus.\n\nMost endpoints require authentication via a token cookie. You can generate a token by logging in via the `POST /tokens` endpoint."
},
"servers": [
{

9
backend/setup.js
View File

@@ -1,4 +1,4 @@
import fs from "node:fs";
import { writeFile } from "node:fs/promises";
import { installPlugins } from "./lib/certbot.js";
import utils from "./lib/utils.js";
import { setup as logger } from "./logger.js";
@@ -110,20 +110,19 @@ const setupCertbotPlugins = async () => {
const plugins = [];
const promises = [];
certificates.map((certificate) => {
for (const certificate of certificates) {
if (certificate.meta && certificate.meta.dns_challenge === true) {
if (plugins.indexOf(certificate.meta.dns_provider) === -1) {
plugins.push(certificate.meta.dns_provider);
}
fs.writeFileSync(
await writeFile(
`/tmp/certbot-credentials/credentials-${certificate.id}`,
certificate.meta.dns_provider_credentials,
{ mode: 0o600 },
);
}
return true;
});
}
await installPlugins(plugins);

2
backend/templates/_common.conf
View File

@@ -25,6 +25,7 @@ listen unix:/run/nginx.sock;
ssl_stapling on;
ssl_stapling_verify on;
ssl_stapling_file /data/tls/certbot/live/npm-{{ certificate_id }}.der;
ssl_certificate_compression off;
{% endif %}
{% else %}
# Custom TLS
@@ -34,6 +35,7 @@ listen unix:/run/nginx.sock;
ssl_stapling on;
ssl_stapling_verify on;
ssl_stapling_file /data/tls/custom/npm-{{ certificate_id }}.der;
ssl_certificate_compression off;
{% endif %}
{% endif %}

6
backend/templates/_proxy_host_custom_location.conf
View File

@@ -9,6 +9,8 @@
{% endif %}
location {{ location_type }}{{ path }} {
{{ advanced_config }}
{% if npmplus_noindex == true %}include noindex-nofollow.conf;{% endif %}
{% if npmplus_crowdsec_appsec == true %}set $crowdsec_disable_appsec 1;{% endif %}
@@ -48,7 +50,7 @@ location {{ location_type }}{{ path }} {
{% if npmplus_fancyindex == true %}fancyindex on;{% endif %}
{% if forward_path != null %}
location ~* \.php(?:$|/) {
location ~* [^/]\.php(?:$|/) {
fastcgi_split_path_info ^(.*\.php)(/.*)$;
try_files $fastcgi_script_name =404;
fastcgi_pass unix:/run/php{{ forward_port }}.sock;
@@ -116,6 +118,4 @@ location {{ location_type }}{{ path }} {
proxy_set_header Authorization $authentik_auth;
{% endif %}
{% endif %}
{{ advanced_config }}
}

1
backend/templates/default.conf
View File

@@ -56,6 +56,7 @@ server {
#ssl_stapling on;
#ssl_stapling_verify on;
#ssl_stapling_file ;
#ssl_certificate_compression off;
if ($scheme = "http") {
return 301 https://$host$is_request_port$request_port$request_uri;
}

7
backend/templates/proxy_host.conf
View File

@@ -71,7 +71,7 @@
{% if npmplus_fancyindex == true %}fancyindex on;{% endif %}
{% if forward_path != null %}
location ~* \.php(?:$|/) {
location ~* [^/]\.php(?:$|/) {
fastcgi_split_path_info ^(.*\.php)(/.*)$;
try_files $fastcgi_script_name =404;
fastcgi_pass unix:/run/php{{ forward_port }}.sock;
@@ -153,6 +153,11 @@
proxy_pass_request_body off;
proxy_set_header Content-Length "";
}
{% if env.AUTH_REQUEST_ANUBIS_USE_CUSTOM_IMAGES == "true" %}
location /.within.website/x/cmd/anubis/static/img {
alias /data/anubis/;
}
{% endif %}
{% endif %}
{% if npmplus_auth_request == "tinyauth" or create_tinyauth_locations %}

2
backend/templates/stream.conf
View File

@@ -22,6 +22,7 @@
ssl_stapling on;
ssl_stapling_verify on;
ssl_stapling_file /data/tls/certbot/live/npm-{{ certificate_id }}.der;
ssl_certificate_compression off;
{% endif %}
{% else %}
# Custom TLS
@@ -31,6 +32,7 @@
ssl_stapling on;
ssl_stapling_verify on;
ssl_stapling_file /data/tls/custom/npm-{{ certificate_id }}.der;
ssl_certificate_compression off;
{% endif %}
{% endif %}
{% endif %}

2
caddy/Dockerfile
View File

@@ -1,6 +1,6 @@
FROM alpine:3.23.3
RUN apk add --no-cache tzdata
COPY --from=caddy:2.10.2 /usr/bin/caddy /usr/bin/caddy
COPY --from=caddy:2.11.1 /usr/bin/caddy /usr/bin/caddy
COPY Caddyfile /etc/caddy/Caddyfile
CMD ["caddy", "run", "--config", "/etc/caddy/Caddyfile", "--adapter", "caddyfile"]

7
compose.yaml
View File

@@ -35,10 +35,10 @@ services:
# - "ACME_EAB_HMAC_KEY=123456789abcdef" # HMAC key for External Account Binding for the acme server, not supported by letsencrypt, optional for zerossl (Login on their site => Developer), but required for google public ca: https://cloud.google.com/certificate-manager/docs/public-ca-tutorial?hl=de#request-key-hmac
# - "ACME_PROFILE=shortlived" # sets the profile to be used from the acme server, when using letsencrypt shortlived is used by default else it defaults to "none" (the default ca profile), supported by letsencrypt (https://letsencrypt.org/docs/profiles) - clients incorrectly requiring a Certificate Common Name in a cert break when using certs from the shortlived/tlsserver profile
# - "ACME_MUST_STAPLE=true" # enables must-staple, default false (default is true when using zerossl), I recommend enabling this if your CA supports it, supported by zerossl, google public ca ignores this, unsupported by letsencrypt (will fail), overrides ACME_OCSP_STAPLING to true
# - "ACME_OCSP_STAPLING=true" # enables ocsp stapling, default false (default is true when using google public ca or zerossl), I recommend enabling this if your CA supports it, supported by zerossl and google public ca
# - "ACME_OCSP_STAPLING=true" # enables ocsp stapling, default false (default is true when using google public ca or zerossl), I recommend enabling this if your CA supports it, supported by zerossl and google public ca, this will disable tls certificate compression
# - "ACME_KEY_TYPE=rsa" # which key type to use ecdsa or rsa, default and recommended: ecdsa
# - "ACME_SERVER_TLS_VERIFY=false" # enables checking if ACME_SERVER has a valid TLS cert, default and recommended true
# - "CUSTOM_OCSP_STAPLING=true" # enables ocsp stapling for custom certs, default false, I recommend enabling this if your custom certs support it
# - "CUSTOM_OCSP_STAPLING=true" # enables ocsp stapling for custom certs, default false, I recommend enabling this if your custom certs support it, this will disable tls certificate compression
# - "PUID=1000" # set user id, needs to be a number greater or equal to 99, or equal to 0, default 0 (root), if network mode host is used and PUID changed, you may need to set sysctl net.ipv4.ip_unprivileged_port_start=0 to bind ports like 80 or 443, please note that this will allow all non-root services to bind ports below 1024
# - "PGID=1000" # set group id, needs to be a number greater or equal to 99, or equal to 0, default 0 (root), requires non-zero PUID
# - "NPM_PORT=82" # Port the NPM UI should be bound to, default 81, change this if you want to run multiple npm instances in network mode host
@@ -64,7 +64,7 @@ services:
# - "NGINX_WORKER_CONNECTIONS=1024" # value of worker_connections, default: 512
# - "NGINX_FORCE_X25519MLKEM768=true" # forces usage of X25519MLKEM768 by disabling everything else (including TLS1.2), default false (overrides NGINX_DISABLE_TLS12 to true and NGINX_TRUST_SECPR1 to false), please note that browsers most browsers support it, but other application may not support this
# - "NGINX_DISABLE_TLS12=true" # disabled TLS1.2, default false, TLS1.2 can still be assumed to be secure with the settings NPMplus uses, but if you know all your clients support TLS1.3 this allows you to disable it
# - "NGINX_TRUST_SECPR1=true" # enables secp521r1:secp384r1:secp256r1, default false, only enable if your clients don't support X25519MLKEM768:x25519 (like element x on ios... (https://github.com/element-hq/element-x-ios/issues/3655, classic element on ios works))
# - "NGINX_TRUST_SECPR1=false" # enables secp521r1:secp384r1:secp256r1, default true, disable if all your clients support X25519MLKEM768 or x25519
# - "DISABLE_NGINX_BEAUTIFIER=true" # disables nginxbeautifier, useful when it fails parsing non-standard custom/advanced configs, default false
# - "LOGROTATE=true" # Enables writing http access logs to /opt/npmplus/nginx/logs/access.log, stream access logs to /opt/npmplus/nginx/logs/stream.log and enables daily logrotation, default false
# - "LOGROTATIONS=7" # Set how often the access.log should be rotated until it is deleted, default 3
@@ -98,6 +98,7 @@ services:
# - "OIDC_REQUIRE_VERIFIED_EMAIL=false" # requires the email sent by the OIDC Provider to be marked as verified, default true
# - "OIDC_DISABLE_PASSWORD=true" # disables plain email/password login, default false
# - "AUTH_REQUEST_ANUBIS_UPSTREAM=http://127.0.0.1:8923" # scheme + ip/hostname/domain (+ port) to internal anubis, without path, this is unrelated to OIDC
# - "AUTH_REQUEST_ANUBIS_USE_CUSTOM_IMAGES=true" # set to true if you want to replace the default "allow", "checking" and "blocked" image, default false, if enabled you need to put your custom images as happy.webp, pensive.webp and reject.webp to /opt/npmplus/anubis
# - "AUTH_REQUEST_TINYAUTH_UPSTREAM=http://127.0.0.1:3000" # scheme + ip/hostname/domain (+ port) to internal tinyauth, without path, this is unrelated to OIDC
# - "AUTH_REQUEST_TINYAUTH_DOMAIN=tinyauth.example.org" # domain/ip (+ port) to public tinyauth, without scheme and without path, this is unrelated to OIDC
# - "AUTH_REQUEST_AUTHELIA_UPSTREAM=http://127.0.0.1:9091" # scheme + ip/hostname/domain (+ port) to internal authelia, without path, this is unrelated to OIDC

2
frontend/biome.json
View File

@@ -1,5 +1,5 @@
{
"$schema": "https://biomejs.dev/schemas/2.4.2/schema.json",
"$schema": "https://biomejs.dev/schemas/2.4.5/schema.json",
"vcs": {
"enabled": true,
"clientKind": "git",

1
frontend/check-locales.cjs
View File

@@ -12,6 +12,7 @@ const allLocales = [
["cs", "cs-CZ"],
["de", "de-DE"],
["es", "es-ES"],
["et", "et-EE"],
["fr", "fr-FR"],
["ga", "ga-IE"],
["hu", "hu-HU"],

12
frontend/package.json
View File

@@ -7,12 +7,12 @@
"type": "module",
"dependencies": {
"@tabler/core": "1.4.0",
"@tabler/icons-react": "3.36.1",
"@tabler/icons-react": "3.38.0",
"@tanstack/react-query": "5.90.21",
"@tanstack/react-table": "8.21.3",
"@uiw/react-textarea-code-editor": "3.1.1",
"classnames": "2.5.1",
"country-flag-icons": "1.6.13",
"country-flag-icons": "1.6.15",
"date-fns": "4.1.0",
"ez-modal-react": "1.0.5",
"formik": "2.4.9",
@@ -25,13 +25,13 @@
"react-dom": "19.2.4",
"react-intl": "8.1.3",
"react-markdown": "10.1.0",
"react-router-dom": "7.13.0",
"react-router-dom": "7.13.1",
"react-select": "5.10.2",
"react-toastify": "11.0.5",
"rooks": "9.5.0"
},
"devDependencies": {
"@biomejs/biome": "2.4.2",
"@biomejs/biome": "2.4.5",
"@formatjs/cli": "6.13.0",
"@tanstack/react-query-devtools": "5.91.3",
"@testing-library/dom": "10.4.1",
@@ -39,12 +39,12 @@
"@testing-library/react": "16.3.2",
"@types/country-flag-icons": "1.2.2",
"@types/humps": "2.0.6",
"@types/node": "25.3.0",
"@types/node": "25.3.3",
"@types/react": "19.2.14",
"@types/react-dom": "19.2.3",
"@types/react-table": "7.7.20",
"@vitejs/plugin-react": "5.1.4",
"happy-dom": "20.6.3",
"happy-dom": "20.7.0",
"postcss": "8.5.6",
"postcss-simple-vars": "7.0.1",
"sass": "1.97.3",

441
frontend/pnpm-lock.yaml generated
View File

@@ -12,8 +12,8 @@ importers:
specifier: 1.4.0
version: 1.4.0
'@tabler/icons-react':
specifier: 3.36.1
version: 3.36.1(react@19.2.4)
specifier: 3.38.0
version: 3.38.0(react@19.2.4)
'@tanstack/react-query':
specifier: 5.90.21
version: 5.90.21(react@19.2.4)
@@ -27,8 +27,8 @@ importers:
specifier: 2.5.1
version: 2.5.1
country-flag-icons:
specifier: 1.6.13
version: 1.6.13
specifier: 1.6.15
version: 1.6.15
date-fns:
specifier: 4.1.0
version: 4.1.0
@@ -66,8 +66,8 @@ importers:
specifier: 10.1.0
version: 10.1.0(@types/react@19.2.14)(react@19.2.4)
react-router-dom:
specifier: 7.13.0
version: 7.13.0(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
specifier: 7.13.1
version: 7.13.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
react-select:
specifier: 5.10.2
version: 5.10.2(@types/react@19.2.14)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
@@ -79,8 +79,8 @@ importers:
version: 9.5.0(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
devDependencies:
'@biomejs/biome':
specifier: 2.4.2
version: 2.4.2
specifier: 2.4.5
version: 2.4.5
'@formatjs/cli':
specifier: 6.13.0
version: 6.13.0
@@ -103,8 +103,8 @@ importers:
specifier: 2.0.6
version: 2.0.6
'@types/node':
specifier: 25.3.0
version: 25.3.0
specifier: 25.3.3
version: 25.3.3
'@types/react':
specifier: 19.2.14
version: 19.2.14
@@ -116,10 +116,10 @@ importers:
version: 7.7.20
'@vitejs/plugin-react':
specifier: 5.1.4
version: 5.1.4(vite@7.3.1(@types/node@25.3.0)(sass@1.97.3))
version: 5.1.4(vite@7.3.1(@types/node@25.3.3)(sass@1.97.3))
happy-dom:
specifier: 20.6.3
version: 20.6.3
specifier: 20.7.0
version: 20.7.0
postcss:
specifier: 8.5.6
version: 8.5.6
@@ -137,16 +137,16 @@ importers:
version: 5.9.3
vite:
specifier: 7.3.1
version: 7.3.1(@types/node@25.3.0)(sass@1.97.3)
version: 7.3.1(@types/node@25.3.3)(sass@1.97.3)
vite-plugin-checker:
specifier: 0.12.0
version: 0.12.0(@biomejs/biome@2.4.2)(typescript@5.9.3)(vite@7.3.1(@types/node@25.3.0)(sass@1.97.3))
version: 0.12.0(@biomejs/biome@2.4.5)(typescript@5.9.3)(vite@7.3.1(@types/node@25.3.3)(sass@1.97.3))
vite-tsconfig-paths:
specifier: 6.1.1
version: 6.1.1(typescript@5.9.3)(vite@7.3.1(@types/node@25.3.0)(sass@1.97.3))
version: 6.1.1(typescript@5.9.3)(vite@7.3.1(@types/node@25.3.3)(sass@1.97.3))
vitest:
specifier: 4.0.18
version: 4.0.18(@types/node@25.3.0)(happy-dom@20.6.3)(sass@1.97.3)
version: 4.0.18(@types/node@25.3.3)(happy-dom@20.7.0)(sass@1.97.3)
packages:
@@ -240,59 +240,59 @@ packages:
resolution: {integrity: sha512-LwdZHpScM4Qz8Xw2iKSzS+cfglZzJGvofQICy7W7v4caru4EaAmyUuO6BGrbyQ2mYV11W0U8j5mBhd14dd3B0A==}
engines: {node: '>=6.9.0'}
'@biomejs/biome@2.4.2':
resolution: {integrity: sha512-vVE/FqLxNLbvYnFDYg3Xfrh1UdFhmPT5i+yPT9GE2nTUgI4rkqo5krw5wK19YHBd7aE7J6r91RRmb8RWwkjy6w==}
'@biomejs/biome@2.4.5':
resolution: {integrity: sha512-OWNCyMS0Q011R6YifXNOg6qsOg64IVc7XX6SqGsrGszPbkVCoaO7Sr/lISFnXZ9hjQhDewwZ40789QmrG0GYgQ==}
engines: {node: '>=14.21.3'}
hasBin: true
'@biomejs/cli-darwin-arm64@2.4.2':
resolution: {integrity: sha512-3pEcKCP/1POKyaZZhXcxFl3+d9njmeAihZ17k8lL/1vk+6e0Cbf0yPzKItFiT+5Yh6TQA4uKvnlqe0oVZwRxCA==}
'@biomejs/cli-darwin-arm64@2.4.5':
resolution: {integrity: sha512-lGS4Nd5O3KQJ6TeWv10mElnx1phERhBxqGP/IKq0SvZl78kcWDFMaTtVK+w3v3lusRFxJY78n07PbKplirsU5g==}
engines: {node: '>=14.21.3'}
cpu: [arm64]
os: [darwin]
'@biomejs/cli-darwin-x64@2.4.2':
resolution: {integrity: sha512-P7hK1jLVny+0R9UwyGcECxO6sjETxfPyBm/1dmFjnDOHgdDPjPqozByunrwh4xPKld8sxOr5eAsSqal5uKgeBg==}
'@biomejs/cli-darwin-x64@2.4.5':
resolution: {integrity: sha512-6MoH4tyISIBNkZ2Q5T1R7dLd5BsITb2yhhhrU9jHZxnNSNMWl+s2Mxu7NBF8Y3a7JJcqq9nsk8i637z4gqkJxQ==}
engines: {node: '>=14.21.3'}
cpu: [x64]
os: [darwin]
'@biomejs/cli-linux-arm64-musl@2.4.2':
resolution: {integrity: sha512-/x04YK9+7erw6tYEcJv9WXoBHcULI/wMOvNdAyE9S3JStZZ9yJyV67sWAI+90UHuDo/BDhq0d96LDqGlSVv7WA==}
'@biomejs/cli-linux-arm64-musl@2.4.5':
resolution: {integrity: sha512-iqLDgpzobG7gpBF0fwEVS/LT8kmN7+S0E2YKFDtqliJfzNLnAiV2Nnyb+ehCDCJgAZBASkYHR2o60VQWikpqIg==}
engines: {node: '>=14.21.3'}
cpu: [arm64]
os: [linux]
libc: [musl]
'@biomejs/cli-linux-arm64@2.4.2':
resolution: {integrity: sha512-DI3Mi7GT2zYNgUTDEbSjl3e1KhoP76OjQdm8JpvZYZWtVDRyLd3w8llSr2TWk1z+U3P44kUBWY3X7H9MD1/DGQ==}
'@biomejs/cli-linux-arm64@2.4.5':
resolution: {integrity: sha512-U1GAG6FTjhAO04MyH4xn23wRNBkT6H7NentHh+8UxD6ShXKBm5SY4RedKJzkUThANxb9rUKIPc7B8ew9Xo/cWg==}
engines: {node: '>=14.21.3'}
cpu: [arm64]
os: [linux]
libc: [glibc]
'@biomejs/cli-linux-x64-musl@2.4.2':
resolution: {integrity: sha512-wbBmTkeAoAYbOQ33f6sfKG7pcRSydQiF+dTYOBjJsnXO2mWEOQHllKlC2YVnedqZFERp2WZhFUoO7TNRwnwEHQ==}
'@biomejs/cli-linux-x64-musl@2.4.5':
resolution: {integrity: sha512-NlKa7GpbQmNhZf9kakQeddqZyT7itN7jjWdakELeXyTU3pg/83fTysRRDPJD0akTfKDl6vZYNT9Zqn4MYZVBOA==}
engines: {node: '>=14.21.3'}
cpu: [x64]
os: [linux]
libc: [musl]
'@biomejs/cli-linux-x64@2.4.2':
resolution: {integrity: sha512-GK2ErnrKpWFigYP68cXiCHK4RTL4IUWhK92AFS3U28X/nuAL5+hTuy6hyobc8JZRSt+upXt1nXChK+tuHHx4mA==}
'@biomejs/cli-linux-x64@2.4.5':
resolution: {integrity: sha512-NdODlSugMzTlENPTa4z0xB82dTUlCpsrOxc43///aNkTLblIYH4XpYflBbf5ySlQuP8AA4AZd1qXhV07IdrHdQ==}
engines: {node: '>=14.21.3'}
cpu: [x64]
os: [linux]
libc: [glibc]
'@biomejs/cli-win32-arm64@2.4.2':
resolution: {integrity: sha512-k2uqwLYrNNxnaoiW3RJxoMGnbKda8FuCmtYG3cOtVljs3CzWxaTR+AoXwKGHscC9thax9R4kOrtWqWN0+KdPTw==}
'@biomejs/cli-win32-arm64@2.4.5':
resolution: {integrity: sha512-EBfrTqRIWOFSd7CQb/0ttjHMR88zm3hGravnDwUA9wHAaCAYsULKDebWcN5RmrEo1KBtl/gDVJMrFjNR0pdGUw==}
engines: {node: '>=14.21.3'}
cpu: [arm64]
os: [win32]
'@biomejs/cli-win32-x64@2.4.2':
resolution: {integrity: sha512-9ma7C4g8Sq3cBlRJD2yrsHXB1mnnEBdpy7PhvFrylQWQb4PoyCmPucdX7frvsSBQuFtIiKCrolPl/8tCZrKvgQ==}
'@biomejs/cli-win32-x64@2.4.5':
resolution: {integrity: sha512-Pmhv9zT95YzECfjEHNl3mN9Vhusw9VA5KHY0ZvlGsxsjwS5cb7vpRnHzJIv0vG7jB0JI7xEaMH9ddfZm/RozBw==}
engines: {node: '>=14.21.3'}
cpu: [x64]
os: [win32]
@@ -686,161 +686,161 @@ packages:
'@rolldown/pluginutils@1.0.0-rc.3':
resolution: {integrity: sha512-eybk3TjzzzV97Dlj5c+XrBFW57eTNhzod66y9HrBlzJ6NsCrWCp/2kaPS3K9wJmurBC0Tdw4yPjXKZqlznim3Q==}
'@rollup/rollup-android-arm-eabi@4.57.1':
resolution: {integrity: sha512-A6ehUVSiSaaliTxai040ZpZ2zTevHYbvu/lDoeAteHI8QnaosIzm4qwtezfRg1jOYaUmnzLX1AOD6Z+UJjtifg==}
'@rollup/rollup-android-arm-eabi@4.59.0':
resolution: {integrity: sha512-upnNBkA6ZH2VKGcBj9Fyl9IGNPULcjXRlg0LLeaioQWueH30p6IXtJEbKAgvyv+mJaMxSm1l6xwDXYjpEMiLMg==}
cpu: [arm]
os: [android]
'@rollup/rollup-android-arm64@4.57.1':
resolution: {integrity: sha512-dQaAddCY9YgkFHZcFNS/606Exo8vcLHwArFZ7vxXq4rigo2bb494/xKMMwRRQW6ug7Js6yXmBZhSBRuBvCCQ3w==}
'@rollup/rollup-android-arm64@4.59.0':
resolution: {integrity: sha512-hZ+Zxj3SySm4A/DylsDKZAeVg0mvi++0PYVceVyX7hemkw7OreKdCvW2oQ3T1FMZvCaQXqOTHb8qmBShoqk69Q==}
cpu: [arm64]
os: [android]
'@rollup/rollup-darwin-arm64@4.57.1':
resolution: {integrity: sha512-crNPrwJOrRxagUYeMn/DZwqN88SDmwaJ8Cvi/TN1HnWBU7GwknckyosC2gd0IqYRsHDEnXf328o9/HC6OkPgOg==}
'@rollup/rollup-darwin-arm64@4.59.0':
resolution: {integrity: sha512-W2Psnbh1J8ZJw0xKAd8zdNgF9HRLkdWwwdWqubSVk0pUuQkoHnv7rx4GiF9rT4t5DIZGAsConRE3AxCdJ4m8rg==}
cpu: [arm64]
os: [darwin]
'@rollup/rollup-darwin-x64@4.57.1':
resolution: {integrity: sha512-Ji8g8ChVbKrhFtig5QBV7iMaJrGtpHelkB3lsaKzadFBe58gmjfGXAOfI5FV0lYMH8wiqsxKQ1C9B0YTRXVy4w==}
'@rollup/rollup-darwin-x64@4.59.0':
resolution: {integrity: sha512-ZW2KkwlS4lwTv7ZVsYDiARfFCnSGhzYPdiOU4IM2fDbL+QGlyAbjgSFuqNRbSthybLbIJ915UtZBtmuLrQAT/w==}
cpu: [x64]
os: [darwin]
'@rollup/rollup-freebsd-arm64@4.57.1':
resolution: {integrity: sha512-R+/WwhsjmwodAcz65guCGFRkMb4gKWTcIeLy60JJQbXrJ97BOXHxnkPFrP+YwFlaS0m+uWJTstrUA9o+UchFug==}
'@rollup/rollup-freebsd-arm64@4.59.0':
resolution: {integrity: sha512-EsKaJ5ytAu9jI3lonzn3BgG8iRBjV4LxZexygcQbpiU0wU0ATxhNVEpXKfUa0pS05gTcSDMKpn3Sx+QB9RlTTA==}
cpu: [arm64]
os: [freebsd]
'@rollup/rollup-freebsd-x64@4.57.1':
resolution: {integrity: sha512-IEQTCHeiTOnAUC3IDQdzRAGj3jOAYNr9kBguI7MQAAZK3caezRrg0GxAb6Hchg4lxdZEI5Oq3iov/w/hnFWY9Q==}
'@rollup/rollup-freebsd-x64@4.59.0':
resolution: {integrity: sha512-d3DuZi2KzTMjImrxoHIAODUZYoUUMsuUiY4SRRcJy6NJoZ6iIqWnJu9IScV9jXysyGMVuW+KNzZvBLOcpdl3Vg==}
cpu: [x64]
os: [freebsd]
'@rollup/rollup-linux-arm-gnueabihf@4.57.1':
resolution: {integrity: sha512-F8sWbhZ7tyuEfsmOxwc2giKDQzN3+kuBLPwwZGyVkLlKGdV1nvnNwYD0fKQ8+XS6hp9nY7B+ZeK01EBUE7aHaw==}
'@rollup/rollup-linux-arm-gnueabihf@4.59.0':
resolution: {integrity: sha512-t4ONHboXi/3E0rT6OZl1pKbl2Vgxf9vJfWgmUoCEVQVxhW6Cw/c8I6hbbu7DAvgp82RKiH7TpLwxnJeKv2pbsw==}
cpu: [arm]
os: [linux]
libc: [glibc]
'@rollup/rollup-linux-arm-musleabihf@4.57.1':
resolution: {integrity: sha512-rGfNUfn0GIeXtBP1wL5MnzSj98+PZe/AXaGBCRmT0ts80lU5CATYGxXukeTX39XBKsxzFpEeK+Mrp9faXOlmrw==}
'@rollup/rollup-linux-arm-musleabihf@4.59.0':
resolution: {integrity: sha512-CikFT7aYPA2ufMD086cVORBYGHffBo4K8MQ4uPS/ZnY54GKj36i196u8U+aDVT2LX4eSMbyHtyOh7D7Zvk2VvA==}
cpu: [arm]
os: [linux]
libc: [musl]
'@rollup/rollup-linux-arm64-gnu@4.57.1':
resolution: {integrity: sha512-MMtej3YHWeg/0klK2Qodf3yrNzz6CGjo2UntLvk2RSPlhzgLvYEB3frRvbEF2wRKh1Z2fDIg9KRPe1fawv7C+g==}
'@rollup/rollup-linux-arm64-gnu@4.59.0':
resolution: {integrity: sha512-jYgUGk5aLd1nUb1CtQ8E+t5JhLc9x5WdBKew9ZgAXg7DBk0ZHErLHdXM24rfX+bKrFe+Xp5YuJo54I5HFjGDAA==}
cpu: [arm64]
os: [linux]
libc: [glibc]
'@rollup/rollup-linux-arm64-musl@4.57.1':
resolution: {integrity: sha512-1a/qhaaOXhqXGpMFMET9VqwZakkljWHLmZOX48R0I/YLbhdxr1m4gtG1Hq7++VhVUmf+L3sTAf9op4JlhQ5u1Q==}
'@rollup/rollup-linux-arm64-musl@4.59.0':
resolution: {integrity: sha512-peZRVEdnFWZ5Bh2KeumKG9ty7aCXzzEsHShOZEFiCQlDEepP1dpUl/SrUNXNg13UmZl+gzVDPsiCwnV1uI0RUA==}
cpu: [arm64]
os: [linux]
libc: [musl]
'@rollup/rollup-linux-loong64-gnu@4.57.1':
resolution: {integrity: sha512-QWO6RQTZ/cqYtJMtxhkRkidoNGXc7ERPbZN7dVW5SdURuLeVU7lwKMpo18XdcmpWYd0qsP1bwKPf7DNSUinhvA==}
'@rollup/rollup-linux-loong64-gnu@4.59.0':
resolution: {integrity: sha512-gbUSW/97f7+r4gHy3Jlup8zDG190AuodsWnNiXErp9mT90iCy9NKKU0Xwx5k8VlRAIV2uU9CsMnEFg/xXaOfXg==}
cpu: [loong64]
os: [linux]
libc: [glibc]
'@rollup/rollup-linux-loong64-musl@4.57.1':
resolution: {integrity: sha512-xpObYIf+8gprgWaPP32xiN5RVTi/s5FCR+XMXSKmhfoJjrpRAjCuuqQXyxUa/eJTdAE6eJ+KDKaoEqjZQxh3Gw==}
'@rollup/rollup-linux-loong64-musl@4.59.0':
resolution: {integrity: sha512-yTRONe79E+o0FWFijasoTjtzG9EBedFXJMl888NBEDCDV9I2wGbFFfJQQe63OijbFCUZqxpHz1GzpbtSFikJ4Q==}
cpu: [loong64]
os: [linux]
libc: [musl]
'@rollup/rollup-linux-ppc64-gnu@4.57.1':
resolution: {integrity: sha512-4BrCgrpZo4hvzMDKRqEaW1zeecScDCR+2nZ86ATLhAoJ5FQ+lbHVD3ttKe74/c7tNT9c6F2viwB3ufwp01Oh2w==}
'@rollup/rollup-linux-ppc64-gnu@4.59.0':
resolution: {integrity: sha512-sw1o3tfyk12k3OEpRddF68a1unZ5VCN7zoTNtSn2KndUE+ea3m3ROOKRCZxEpmT9nsGnogpFP9x6mnLTCaoLkA==}
cpu: [ppc64]
os: [linux]
libc: [glibc]
'@rollup/rollup-linux-ppc64-musl@4.57.1':
resolution: {integrity: sha512-NOlUuzesGauESAyEYFSe3QTUguL+lvrN1HtwEEsU2rOwdUDeTMJdO5dUYl/2hKf9jWydJrO9OL/XSSf65R5+Xw==}
'@rollup/rollup-linux-ppc64-musl@4.59.0':
resolution: {integrity: sha512-+2kLtQ4xT3AiIxkzFVFXfsmlZiG5FXYW7ZyIIvGA7Bdeuh9Z0aN4hVyXS/G1E9bTP/vqszNIN/pUKCk/BTHsKA==}
cpu: [ppc64]
os: [linux]
libc: [musl]
'@rollup/rollup-linux-riscv64-gnu@4.57.1':
resolution: {integrity: sha512-ptA88htVp0AwUUqhVghwDIKlvJMD/fmL/wrQj99PRHFRAG6Z5nbWoWG4o81Nt9FT+IuqUQi+L31ZKAFeJ5Is+A==}
'@rollup/rollup-linux-riscv64-gnu@4.59.0':
resolution: {integrity: sha512-NDYMpsXYJJaj+I7UdwIuHHNxXZ/b/N2hR15NyH3m2qAtb/hHPA4g4SuuvrdxetTdndfj9b1WOmy73kcPRoERUg==}
cpu: [riscv64]
os: [linux]
libc: [glibc]
'@rollup/rollup-linux-riscv64-musl@4.57.1':
resolution: {integrity: sha512-S51t7aMMTNdmAMPpBg7OOsTdn4tySRQvklmL3RpDRyknk87+Sp3xaumlatU+ppQ+5raY7sSTcC2beGgvhENfuw==}
'@rollup/rollup-linux-riscv64-musl@4.59.0':
resolution: {integrity: sha512-nLckB8WOqHIf1bhymk+oHxvM9D3tyPndZH8i8+35p/1YiVoVswPid2yLzgX7ZJP0KQvnkhM4H6QZ5m0LzbyIAg==}
cpu: [riscv64]
os: [linux]
libc: [musl]
'@rollup/rollup-linux-s390x-gnu@4.57.1':
resolution: {integrity: sha512-Bl00OFnVFkL82FHbEqy3k5CUCKH6OEJL54KCyx2oqsmZnFTR8IoNqBF+mjQVcRCT5sB6yOvK8A37LNm/kPJiZg==}
'@rollup/rollup-linux-s390x-gnu@4.59.0':
resolution: {integrity: sha512-oF87Ie3uAIvORFBpwnCvUzdeYUqi2wY6jRFWJAy1qus/udHFYIkplYRW+wo+GRUP4sKzYdmE1Y3+rY5Gc4ZO+w==}
cpu: [s390x]
os: [linux]
libc: [glibc]
'@rollup/rollup-linux-x64-gnu@4.57.1':
resolution: {integrity: sha512-ABca4ceT4N+Tv/GtotnWAeXZUZuM/9AQyCyKYyKnpk4yoA7QIAuBt6Hkgpw8kActYlew2mvckXkvx0FfoInnLg==}
'@rollup/rollup-linux-x64-gnu@4.59.0':
resolution: {integrity: sha512-3AHmtQq/ppNuUspKAlvA8HtLybkDflkMuLK4DPo77DfthRb71V84/c4MlWJXixZz4uruIH4uaa07IqoAkG64fg==}
cpu: [x64]
os: [linux]
libc: [glibc]
'@rollup/rollup-linux-x64-musl@4.57.1':
resolution: {integrity: sha512-HFps0JeGtuOR2convgRRkHCekD7j+gdAuXM+/i6kGzQtFhlCtQkpwtNzkNj6QhCDp7DRJ7+qC/1Vg2jt5iSOFw==}
'@rollup/rollup-linux-x64-musl@4.59.0':
resolution: {integrity: sha512-2UdiwS/9cTAx7qIUZB/fWtToJwvt0Vbo0zmnYt7ED35KPg13Q0ym1g442THLC7VyI6JfYTP4PiSOWyoMdV2/xg==}
cpu: [x64]
os: [linux]
libc: [musl]
'@rollup/rollup-openbsd-x64@4.57.1':
resolution: {integrity: sha512-H+hXEv9gdVQuDTgnqD+SQffoWoc0Of59AStSzTEj/feWTBAnSfSD3+Dql1ZruJQxmykT/JVY0dE8Ka7z0DH1hw==}
'@rollup/rollup-openbsd-x64@4.59.0':
resolution: {integrity: sha512-M3bLRAVk6GOwFlPTIxVBSYKUaqfLrn8l0psKinkCFxl4lQvOSz8ZrKDz2gxcBwHFpci0B6rttydI4IpS4IS/jQ==}
cpu: [x64]
os: [openbsd]
'@rollup/rollup-openharmony-arm64@4.57.1':
resolution: {integrity: sha512-4wYoDpNg6o/oPximyc/NG+mYUejZrCU2q+2w6YZqrAs2UcNUChIZXjtafAiiZSUc7On8v5NyNj34Kzj/Ltk6dQ==}
'@rollup/rollup-openharmony-arm64@4.59.0':
resolution: {integrity: sha512-tt9KBJqaqp5i5HUZzoafHZX8b5Q2Fe7UjYERADll83O4fGqJ49O1FsL6LpdzVFQcpwvnyd0i+K/VSwu/o/nWlA==}
cpu: [arm64]
os: [openharmony]
'@rollup/rollup-win32-arm64-msvc@4.57.1':
resolution: {integrity: sha512-O54mtsV/6LW3P8qdTcamQmuC990HDfR71lo44oZMZlXU4tzLrbvTii87Ni9opq60ds0YzuAlEr/GNwuNluZyMQ==}
'@rollup/rollup-win32-arm64-msvc@4.59.0':
resolution: {integrity: sha512-V5B6mG7OrGTwnxaNUzZTDTjDS7F75PO1ae6MJYdiMu60sq0CqN5CVeVsbhPxalupvTX8gXVSU9gq+Rx1/hvu6A==}
cpu: [arm64]
os: [win32]
'@rollup/rollup-win32-ia32-msvc@4.57.1':
resolution: {integrity: sha512-P3dLS+IerxCT/7D2q2FYcRdWRl22dNbrbBEtxdWhXrfIMPP9lQhb5h4Du04mdl5Woq05jVCDPCMF7Ub0NAjIew==}
'@rollup/rollup-win32-ia32-msvc@4.59.0':
resolution: {integrity: sha512-UKFMHPuM9R0iBegwzKF4y0C4J9u8C6MEJgFuXTBerMk7EJ92GFVFYBfOZaSGLu6COf7FxpQNqhNS4c4icUPqxA==}
cpu: [ia32]
os: [win32]
'@rollup/rollup-win32-x64-gnu@4.57.1':
resolution: {integrity: sha512-VMBH2eOOaKGtIJYleXsi2B8CPVADrh+TyNxJ4mWPnKfLB/DBUmzW+5m1xUrcwWoMfSLagIRpjUFeW5CO5hyciQ==}
'@rollup/rollup-win32-x64-gnu@4.59.0':
resolution: {integrity: sha512-laBkYlSS1n2L8fSo1thDNGrCTQMmxjYY5G0WFWjFFYZkKPjsMBsgJfGf4TLxXrF6RyhI60L8TMOjBMvXiTcxeA==}
cpu: [x64]
os: [win32]
'@rollup/rollup-win32-x64-msvc@4.57.1':
resolution: {integrity: sha512-mxRFDdHIWRxg3UfIIAwCm6NzvxG0jDX/wBN6KsQFTvKFqqg9vTrWUE68qEjHt19A5wwx5X5aUi2zuZT7YR0jrA==}
'@rollup/rollup-win32-x64-msvc@4.59.0':
resolution: {integrity: sha512-2HRCml6OztYXyJXAvdDXPKcawukWY2GpR5/nxKp4iBgiO3wcoEGkAaqctIbZcNB6KlUQBIqt8VYkNSj2397EfA==}
cpu: [x64]
os: [win32]
'@standard-schema/spec@1.1.0':
resolution: {integrity: sha512-l2aFy5jALhniG5HgqrD6jXLi/rUWrKvqN/qJx6yoJsgKhblVd+iqqU4RCXavm/jPityDo5TCvKMnpjKnOriy0w==}
'@swc/helpers@0.5.18':
resolution: {integrity: sha512-TXTnIcNJQEKwThMMqBXsZ4VGAza6bvN4pa41Rkqoio6QBKMvo+5lexeTMScGCIxtzgQJzElcvIltani+adC5PQ==}
'@swc/helpers@0.5.19':
resolution: {integrity: sha512-QamiFeIK3txNjgUTNppE6MiG3p7TdninpZu0E0PbqVh1a9FNLT2FRhisaa4NcaX52XVhA5l7Pk58Ft7Sqi/2sA==}
'@tabler/core@1.4.0':
resolution: {integrity: sha512-5BigzOlbOH9N0Is4u0rYNRCiwtnUXWO57K9zwuscygcicAa8UV9MGaS4zTgQsZEtZ9tsNANhN/YD8gCBGKYCiw==}
engines: {node: '>=20'}
'@tabler/icons-react@3.36.1':
resolution: {integrity: sha512-/8nOXeNeMoze9xY/QyEKG65wuvRhkT3q9aytaur6Gj8bYU2A98YVJyLc9MRmc5nVvpy+bRlrrwK/Ykr8WGyUWg==}
'@tabler/icons-react@3.38.0':
resolution: {integrity: sha512-kR5wv+m4+GgmnSszg3rQd6SrTFAQ/XnQC/yTwIfuRJSfqB12KoIC7fPbIijFgOHTFlBN5DARnN0IVrR7KYG6/A==}
peerDependencies:
react: '>= 16'
'@tabler/icons@3.36.1':
resolution: {integrity: sha512-f4Jg3Fof/Vru5ioix/UO4GX+sdDsF9wQo47FbtvG+utIYYVQ/QVAC0QYgcBbAjQGfbdOh2CCf0BgiFOF9Ixtjw==}
'@tabler/icons@3.38.0':
resolution: {integrity: sha512-FdETQSpQ3lN7BEjEUzjKhsfTDCamrvMDops4HEMphTm3DmkIFpThoODn8XXZ8Q9MhjshIvphIYVHHB7zpq167w==}
'@tanstack/query-core@5.90.20':
resolution: {integrity: sha512-OMD2HLpNouXEfZJWcKeVKUgQ5n+n3A2JFmBaScpNDUqSrQSjiveC7dKMe53uJUg1nDG16ttFPz2xfilz6i2uVg==}
@@ -946,8 +946,8 @@ packages:
'@types/ms@2.1.0':
resolution: {integrity: sha512-GsCCIZDE/p3i96vtEqx+7dBUGXrc7zeSK3wwPHIaRThS+9OhWIXRqzs4d6k1SVU8g91DrNRWxWUGhp5KXQb2VA==}
'@types/node@25.3.0':
resolution: {integrity: sha512-4K3bqJpXpqfg2XKGK9bpDTc6xO/xoUP/RBWS7AtRMug6zZFaRekiLzjVtAoZMquxoAbzBvy5nxQ7veS5eYzf8A==}
'@types/node@25.3.3':
resolution: {integrity: sha512-DpzbrH7wIcBaJibpKo9nnSQL0MTRdnWttGyE5haGwK86xgMOkFLp7vEyfQPGLOJh5wNYiJ3V9PmUMDhV9u8kkQ==}
'@types/parse-json@4.0.2':
resolution: {integrity: sha512-dISoDXWWQwUquiKsyZ4Ng+HX2KsPL7LyHKHQwgGFEA3IaKac4Obd+h2a/a6waisAoepJlBcx9paWqjA8/HVjCw==}
@@ -1063,8 +1063,9 @@ packages:
base64-js@1.5.1:
resolution: {integrity: sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==}
baseline-browser-mapping@2.9.19:
resolution: {integrity: sha512-ipDqC8FrAl/76p2SSWKSI+H9tFwm7vYqXQrItCuiVPt26Km0jS+NzSsBWAaBusvSbQcfJG+JitdMm+wZAgTYqg==}
baseline-browser-mapping@2.10.0:
resolution: {integrity: sha512-lIyg0szRfYbiy67j9KN8IyeD7q7hcmqnJ1ddWmNt19ItGpNN64mnllmxUNFIOdOm6by97jlL6wfpTTJrmnjWAA==}
engines: {node: '>=6.0.0'}
hasBin: true
bootstrap@5.3.7:
@@ -1084,8 +1085,8 @@ packages:
resolution: {integrity: sha512-P8BjAsXvZS+VIDUI11hHCQEv74YT67YUi5JJFNWIqL235sBmjX4+qx9Muvls5ivyNENctx46xQLQ3aTuE7ssaQ==}
engines: {node: '>=6'}
caniuse-lite@1.0.30001770:
resolution: {integrity: sha512-x/2CLQ1jHENRbHg5PSId2sXq1CIO1CISvwWAj027ltMVG2UNgW+w9oH2+HzgEIRFembL8bUlXtfbBHR1fCg2xw==}
caniuse-lite@1.0.30001775:
resolution: {integrity: sha512-s3Qv7Lht9zbVKE9XoTyRG6wVDCKdtOFIjBGg3+Yhn6JaytuNKPIjBMTMIY1AnOH3seL5mvF+x33oGAyK3hVt3A==}
ccount@2.0.1:
resolution: {integrity: sha512-eyrF0jiFpY+3drT6383f1qhkbGsLSifNAjA61IUjZjmLCWjItY6LB9ft9YhoDgwfmclB2zhu51Lc7+95b8NRAg==}
@@ -1134,8 +1135,8 @@ packages:
resolution: {integrity: sha512-AdmX6xUzdNASswsFtmwSt7Vj8po9IuqXm0UXz7QKPuEUmPB4XyjGfaAr2PSuELMwkRMVH1EpIkX5bTZGRB3eCA==}
engines: {node: '>=10'}
country-flag-icons@1.6.13:
resolution: {integrity: sha512-mR9GoTXtj3zAXoZXBkb3J4QvyDllFEPtEfZvHb9U23TAHYXfkJyP03pRtZiR0spxo6Ibja3R/hn6a68T4LHBuA==}
country-flag-icons@1.6.15:
resolution: {integrity: sha512-92HoA8l6DluEidku8tKBftjuFRj4Rv3zDW1lXxCuNnqAxhUSkvso9gM/Afj4F5BnK+wneHIe3ydI+s+4NA29/Q==}
css.escape@1.5.1:
resolution: {integrity: sha512-YUifsXXuknHlUsmlgyY0PKzgPOr7/FjCePfHNt0jxm83wHZi44VDMQ7/fGNkjY3/jV1MC+1CmZbaHzugyeRtpg==}
@@ -1189,8 +1190,8 @@ packages:
dom-helpers@5.2.1:
resolution: {integrity: sha512-nRCa7CK3VTrM2NmGkIy4cbK7IZlgBE/PYMn55rrXefr5xXDP0LdtfPnblFDoVdcAfslJ7or6iqAUnx0CCGIWQA==}
electron-to-chromium@1.5.286:
resolution: {integrity: sha512-9tfDXhJ4RKFNerfjdCcZfufu49vg620741MNs26a9+bhLThdB+plgMeou98CAaHu/WATj2iHOOHTp1hWtABj2A==}
electron-to-chromium@1.5.302:
resolution: {integrity: sha512-sM6HAN2LyK82IyPBpznDRqlTQAtuSaO+ShzFiWTvoMJLHyZ+Y39r8VMfHzwbU8MVBzQ4Wdn85+wlZl2TLGIlwg==}
entities@6.0.1:
resolution: {integrity: sha512-aN97NXWF6AWBTahfVOIrB/NShkzi5H7F9r1s9mD3cDj4Ko5f2qhhVoYMibXF7GlLveb/D2ioWay8lxI97Ven3g==}
@@ -1281,8 +1282,8 @@ packages:
globrex@0.1.2:
resolution: {integrity: sha512-uHJgbwAMwNFf5mLst7IWLNg14x1CkeqglJb/K3doi4dw6q2IvAAmM/Y81kevy83wP+Sst+nutFTYOGg3d1lsxg==}
happy-dom@20.6.3:
resolution: {integrity: sha512-QAMY7d228dHs8gb9NG4SJ3OxQo4r+NGN8pOXGZ3SGfQf/XYuuYubrtZ25QVY2WoUQdskhRXSXb4R4mcRk+hV1w==}
happy-dom@20.7.0:
resolution: {integrity: sha512-hR/uLYQdngTyEfxnOoa+e6KTcfBFyc1hgFj/Cc144A5JJUuHFYqIEBDcD4FeGqUeKLRZqJ9eN9u7/GDjYEgS1g==}
engines: {node: '>=20.0.0'}
hasown@2.0.2:
@@ -1430,8 +1431,8 @@ packages:
magic-string@0.30.21:
resolution: {integrity: sha512-vd2F4YUyEXKGcLHoq+TEyCjxueSeHnFxyyjNp80yg0XV4vUhnDer/lvvlqM/arB5bXQN5K2/3oinyCRyx8T2CQ==}
mdast-util-from-markdown@2.0.2:
resolution: {integrity: sha512-uZhTV/8NBuw0WHkPTrCqDOl0zVe1BIng5ZtHoDk49ME1qqcjYmmLmOf0gELgcRMxN4w2iuIeVso5/6QymSrgmA==}
mdast-util-from-markdown@2.0.3:
resolution: {integrity: sha512-W4mAWTvSlKvf8L6J+VN9yLSqQ9AOAAvHuoDAmPkz4dHf553m5gVj2ejadHJhoJmcmxEnOv6Pa8XJhpxE93kb8Q==}
mdast-util-mdx-expression@2.0.1:
resolution: {integrity: sha512-J6f+9hUp+ldTZqKRSg7Vw5V6MqjATc+3E4gf3CFNcuZNWD8XdyI6zQ8GqH7f8169MM6P7hMBRDVGnn7oHB9kXQ==}
@@ -1680,15 +1681,15 @@ packages:
resolution: {integrity: sha512-QgT5//D3jfjJb6Gsjxv0Slpj23ip+HtOpnNgnb2S5zU3CB26G/IDPGoy4RJB42wzFE46DRsstbW6tKHoKbhAxw==}
engines: {node: '>=0.10.0'}
react-router-dom@7.13.0:
resolution: {integrity: sha512-5CO/l5Yahi2SKC6rGZ+HDEjpjkGaG/ncEP7eWFTvFxbHP8yeeI0PxTDjimtpXYlR3b3i9/WIL4VJttPrESIf2g==}
react-router-dom@7.13.1:
resolution: {integrity: sha512-UJnV3Rxc5TgUPJt2KJpo1Jpy0OKQr0AjgbZzBFjaPJcFOb2Y8jA5H3LT8HUJAiRLlWrEXWHbF1Z4SCZaQjWDHw==}
engines: {node: '>=20.0.0'}
peerDependencies:
react: '>=18'
react-dom: '>=18'
react-router@7.13.0:
resolution: {integrity: sha512-PZgus8ETambRT17BUm/LL8lX3Of+oiLaPuVTRH3l1eLvSPpKO3AvhAEb5N7ihAFZQrYDqkvvWfFh9p0z9VsjLw==}
react-router@7.13.1:
resolution: {integrity: sha512-td+xP4X2/6BJvZoX6xw++A2DdEi++YypA69bJUV5oVvqf6/9/9nNlD70YO1e9d3MyamJEBQFEzk6mbfDYbqrSA==}
engines: {node: '>=20.0.0'}
peerDependencies:
react: '>=18'
@@ -1757,8 +1758,8 @@ packages:
engines: {node: '>= 0.4'}
hasBin: true
rollup@4.57.1:
resolution: {integrity: sha512-oQL6lgK3e2QZeQ7gcgIkS2YZPg5slw37hYufJ3edKlfQSGGm8ICoxswK15ntSzF/a8+h7ekRy7k7oWc3BQ7y8A==}
rollup@4.59.0:
resolution: {integrity: sha512-2oMpl67a3zCH9H79LeMcbDhXW/UmWG/y2zuqnF2jQq5uq9TbM9TVyXvA4+t+ne2IIkBdrLpAaRQAvo7YI/Yyeg==}
engines: {node: '>=18.0.0', npm: '>=8.0.0'}
hasBin: true
@@ -2221,39 +2222,39 @@ snapshots:
'@babel/helper-string-parser': 7.27.1
'@babel/helper-validator-identifier': 7.28.5
'@biomejs/biome@2.4.2':
'@biomejs/biome@2.4.5':
optionalDependencies:
'@biomejs/cli-darwin-arm64': 2.4.2
'@biomejs/cli-darwin-x64': 2.4.2
'@biomejs/cli-linux-arm64': 2.4.2
'@biomejs/cli-linux-arm64-musl': 2.4.2
'@biomejs/cli-linux-x64': 2.4.2
'@biomejs/cli-linux-x64-musl': 2.4.2
'@biomejs/cli-win32-arm64': 2.4.2
'@biomejs/cli-win32-x64': 2.4.2
'@biomejs/cli-darwin-arm64': 2.4.5
'@biomejs/cli-darwin-x64': 2.4.5
'@biomejs/cli-linux-arm64': 2.4.5
'@biomejs/cli-linux-arm64-musl': 2.4.5
'@biomejs/cli-linux-x64': 2.4.5
'@biomejs/cli-linux-x64-musl': 2.4.5
'@biomejs/cli-win32-arm64': 2.4.5
'@biomejs/cli-win32-x64': 2.4.5
'@biomejs/cli-darwin-arm64@2.4.2':
'@biomejs/cli-darwin-arm64@2.4.5':
optional: true
'@biomejs/cli-darwin-x64@2.4.2':
'@biomejs/cli-darwin-x64@2.4.5':
optional: true
'@biomejs/cli-linux-arm64-musl@2.4.2':
'@biomejs/cli-linux-arm64-musl@2.4.5':
optional: true
'@biomejs/cli-linux-arm64@2.4.2':
'@biomejs/cli-linux-arm64@2.4.5':
optional: true
'@biomejs/cli-linux-x64-musl@2.4.2':
'@biomejs/cli-linux-x64-musl@2.4.5':
optional: true
'@biomejs/cli-linux-x64@2.4.2':
'@biomejs/cli-linux-x64@2.4.5':
optional: true
'@biomejs/cli-win32-arm64@2.4.2':
'@biomejs/cli-win32-arm64@2.4.5':
optional: true
'@biomejs/cli-win32-x64@2.4.2':
'@biomejs/cli-win32-x64@2.4.5':
optional: true
'@emotion/babel-plugin@11.13.5':
@@ -2532,7 +2533,7 @@ snapshots:
'@react-aria/ssr@3.9.10(react@19.2.4)':
dependencies:
'@swc/helpers': 0.5.18
'@swc/helpers': 0.5.19
react: 19.2.4
'@restart/hooks@0.4.16(react@19.2.4)':
@@ -2561,84 +2562,84 @@ snapshots:
'@rolldown/pluginutils@1.0.0-rc.3': {}
'@rollup/rollup-android-arm-eabi@4.57.1':
'@rollup/rollup-android-arm-eabi@4.59.0':
optional: true
'@rollup/rollup-android-arm64@4.57.1':
'@rollup/rollup-android-arm64@4.59.0':
optional: true
'@rollup/rollup-darwin-arm64@4.57.1':
'@rollup/rollup-darwin-arm64@4.59.0':
optional: true
'@rollup/rollup-darwin-x64@4.57.1':
'@rollup/rollup-darwin-x64@4.59.0':
optional: true
'@rollup/rollup-freebsd-arm64@4.57.1':
'@rollup/rollup-freebsd-arm64@4.59.0':
optional: true
'@rollup/rollup-freebsd-x64@4.57.1':
'@rollup/rollup-freebsd-x64@4.59.0':
optional: true
'@rollup/rollup-linux-arm-gnueabihf@4.57.1':
'@rollup/rollup-linux-arm-gnueabihf@4.59.0':
optional: true
'@rollup/rollup-linux-arm-musleabihf@4.57.1':
'@rollup/rollup-linux-arm-musleabihf@4.59.0':
optional: true
'@rollup/rollup-linux-arm64-gnu@4.57.1':
'@rollup/rollup-linux-arm64-gnu@4.59.0':
optional: true
'@rollup/rollup-linux-arm64-musl@4.57.1':
'@rollup/rollup-linux-arm64-musl@4.59.0':
optional: true
'@rollup/rollup-linux-loong64-gnu@4.57.1':
'@rollup/rollup-linux-loong64-gnu@4.59.0':
optional: true
'@rollup/rollup-linux-loong64-musl@4.57.1':
'@rollup/rollup-linux-loong64-musl@4.59.0':
optional: true
'@rollup/rollup-linux-ppc64-gnu@4.57.1':
'@rollup/rollup-linux-ppc64-gnu@4.59.0':
optional: true
'@rollup/rollup-linux-ppc64-musl@4.57.1':
'@rollup/rollup-linux-ppc64-musl@4.59.0':
optional: true
'@rollup/rollup-linux-riscv64-gnu@4.57.1':
'@rollup/rollup-linux-riscv64-gnu@4.59.0':
optional: true
'@rollup/rollup-linux-riscv64-musl@4.57.1':
'@rollup/rollup-linux-riscv64-musl@4.59.0':
optional: true
'@rollup/rollup-linux-s390x-gnu@4.57.1':
'@rollup/rollup-linux-s390x-gnu@4.59.0':
optional: true
'@rollup/rollup-linux-x64-gnu@4.57.1':
'@rollup/rollup-linux-x64-gnu@4.59.0':
optional: true
'@rollup/rollup-linux-x64-musl@4.57.1':
'@rollup/rollup-linux-x64-musl@4.59.0':
optional: true
'@rollup/rollup-openbsd-x64@4.57.1':
'@rollup/rollup-openbsd-x64@4.59.0':
optional: true
'@rollup/rollup-openharmony-arm64@4.57.1':
'@rollup/rollup-openharmony-arm64@4.59.0':
optional: true
'@rollup/rollup-win32-arm64-msvc@4.57.1':
'@rollup/rollup-win32-arm64-msvc@4.59.0':
optional: true
'@rollup/rollup-win32-ia32-msvc@4.57.1':
'@rollup/rollup-win32-ia32-msvc@4.59.0':
optional: true
'@rollup/rollup-win32-x64-gnu@4.57.1':
'@rollup/rollup-win32-x64-gnu@4.59.0':
optional: true
'@rollup/rollup-win32-x64-msvc@4.57.1':
'@rollup/rollup-win32-x64-msvc@4.59.0':
optional: true
'@standard-schema/spec@1.1.0': {}
'@swc/helpers@0.5.18':
'@swc/helpers@0.5.19':
dependencies:
tslib: 2.8.1
@@ -2647,12 +2648,12 @@ snapshots:
'@popperjs/core': 2.11.8
bootstrap: 5.3.7(@popperjs/core@2.11.8)
'@tabler/icons-react@3.36.1(react@19.2.4)':
'@tabler/icons-react@3.38.0(react@19.2.4)':
dependencies:
'@tabler/icons': 3.36.1
'@tabler/icons': 3.38.0
react: 19.2.4
'@tabler/icons@3.36.1': {}
'@tabler/icons@3.38.0': {}
'@tanstack/query-core@5.90.20': {}
@@ -2770,7 +2771,7 @@ snapshots:
'@types/ms@2.1.0': {}
'@types/node@25.3.0':
'@types/node@25.3.3':
dependencies:
undici-types: 7.18.2
@@ -2806,7 +2807,7 @@ snapshots:
'@types/ws@8.18.1':
dependencies:
'@types/node': 25.3.0
'@types/node': 25.3.3
'@uiw/react-textarea-code-editor@3.1.1(@babel/runtime@7.28.6)(react-dom@19.2.4(react@19.2.4))(react@19.2.4)':
dependencies:
@@ -2818,7 +2819,7 @@ snapshots:
'@ungap/structured-clone@1.3.0': {}
'@vitejs/plugin-react@5.1.4(vite@7.3.1(@types/node@25.3.0)(sass@1.97.3))':
'@vitejs/plugin-react@5.1.4(vite@7.3.1(@types/node@25.3.3)(sass@1.97.3))':
dependencies:
'@babel/core': 7.29.0
'@babel/plugin-transform-react-jsx-self': 7.27.1(@babel/core@7.29.0)
@@ -2826,7 +2827,7 @@ snapshots:
'@rolldown/pluginutils': 1.0.0-rc.3
'@types/babel__core': 7.20.5
react-refresh: 0.18.0
vite: 7.3.1(@types/node@25.3.0)(sass@1.97.3)
vite: 7.3.1(@types/node@25.3.3)(sass@1.97.3)
transitivePeerDependencies:
- supports-color
@@ -2839,13 +2840,13 @@ snapshots:
chai: 6.2.2
tinyrainbow: 3.0.3
'@vitest/mocker@4.0.18(vite@7.3.1(@types/node@25.3.0)(sass@1.97.3))':
'@vitest/mocker@4.0.18(vite@7.3.1(@types/node@25.3.3)(sass@1.97.3))':
dependencies:
'@vitest/spy': 4.0.18
estree-walker: 3.0.3
magic-string: 0.30.21
optionalDependencies:
vite: 7.3.1(@types/node@25.3.0)(sass@1.97.3)
vite: 7.3.1(@types/node@25.3.3)(sass@1.97.3)
'@vitest/pretty-format@4.0.18':
dependencies:
@@ -2891,7 +2892,7 @@ snapshots:
base64-js@1.5.1: {}
baseline-browser-mapping@2.9.19: {}
baseline-browser-mapping@2.10.0: {}
bootstrap@5.3.7(@popperjs/core@2.11.8):
dependencies:
@@ -2899,9 +2900,9 @@ snapshots:
browserslist@4.28.1:
dependencies:
baseline-browser-mapping: 2.9.19
caniuse-lite: 1.0.30001770
electron-to-chromium: 1.5.286
baseline-browser-mapping: 2.10.0
caniuse-lite: 1.0.30001775
electron-to-chromium: 1.5.302
node-releases: 2.0.27
update-browserslist-db: 1.2.3(browserslist@4.28.1)
@@ -2912,7 +2913,7 @@ snapshots:
callsites@3.1.0: {}
caniuse-lite@1.0.30001770: {}
caniuse-lite@1.0.30001775: {}
ccount@2.0.1: {}
@@ -2950,7 +2951,7 @@ snapshots:
path-type: 4.0.0
yaml: 1.10.2
country-flag-icons@1.6.13: {}
country-flag-icons@1.6.15: {}
css.escape@1.5.1: {}
@@ -2990,7 +2991,7 @@ snapshots:
'@babel/runtime': 7.28.6
csstype: 3.2.3
electron-to-chromium@1.5.286: {}
electron-to-chromium@1.5.302: {}
entities@6.0.1: {}
@@ -3089,9 +3090,9 @@ snapshots:
globrex@0.1.2: {}
happy-dom@20.6.3:
happy-dom@20.7.0:
dependencies:
'@types/node': 25.3.0
'@types/node': 25.3.3
'@types/whatwg-mimetype': 3.0.2
'@types/ws': 8.18.1
entities: 7.0.1
@@ -3284,7 +3285,7 @@ snapshots:
dependencies:
'@jridgewell/sourcemap-codec': 1.5.5
mdast-util-from-markdown@2.0.2:
mdast-util-from-markdown@2.0.3:
dependencies:
'@types/mdast': 4.0.4
'@types/unist': 3.0.3
@@ -3307,7 +3308,7 @@ snapshots:
'@types/hast': 3.0.4
'@types/mdast': 4.0.4
devlop: 1.1.0
mdast-util-from-markdown: 2.0.2
mdast-util-from-markdown: 2.0.3
mdast-util-to-markdown: 2.1.2
transitivePeerDependencies:
- supports-color
@@ -3320,7 +3321,7 @@ snapshots:
'@types/unist': 3.0.3
ccount: 2.0.1
devlop: 1.1.0
mdast-util-from-markdown: 2.0.2
mdast-util-from-markdown: 2.0.3
mdast-util-to-markdown: 2.1.2
parse-entities: 4.0.2
stringify-entities: 4.0.4
@@ -3335,7 +3336,7 @@ snapshots:
'@types/hast': 3.0.4
'@types/mdast': 4.0.4
devlop: 1.1.0
mdast-util-from-markdown: 2.0.2
mdast-util-from-markdown: 2.0.3
mdast-util-to-markdown: 2.1.2
transitivePeerDependencies:
- supports-color
@@ -3686,13 +3687,13 @@ snapshots:
react-refresh@0.18.0: {}
react-router-dom@7.13.0(react-dom@19.2.4(react@19.2.4))(react@19.2.4):
react-router-dom@7.13.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4):
dependencies:
react: 19.2.4
react-dom: 19.2.4(react@19.2.4)
react-router: 7.13.0(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
react-router: 7.13.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4)
react-router@7.13.0(react-dom@19.2.4(react@19.2.4))(react@19.2.4):
react-router@7.13.1(react-dom@19.2.4(react@19.2.4))(react@19.2.4):
dependencies:
cookie: 1.1.1
react: 19.2.4
@@ -3779,7 +3780,7 @@ snapshots:
remark-parse@11.0.0:
dependencies:
'@types/mdast': 4.0.4
mdast-util-from-markdown: 2.0.2
mdast-util-from-markdown: 2.0.3
micromark-util-types: 2.0.2
unified: 11.0.5
transitivePeerDependencies:
@@ -3801,35 +3802,35 @@ snapshots:
path-parse: 1.0.7
supports-preserve-symlinks-flag: 1.0.0
rollup@4.57.1:
rollup@4.59.0:
dependencies:
'@types/estree': 1.0.8
optionalDependencies:
'@rollup/rollup-android-arm-eabi': 4.57.1
'@rollup/rollup-android-arm64': 4.57.1
'@rollup/rollup-darwin-arm64': 4.57.1
'@rollup/rollup-darwin-x64': 4.57.1
'@rollup/rollup-freebsd-arm64': 4.57.1
'@rollup/rollup-freebsd-x64': 4.57.1
'@rollup/rollup-linux-arm-gnueabihf': 4.57.1
'@rollup/rollup-linux-arm-musleabihf': 4.57.1
'@rollup/rollup-linux-arm64-gnu': 4.57.1
'@rollup/rollup-linux-arm64-musl': 4.57.1
'@rollup/rollup-linux-loong64-gnu': 4.57.1
'@rollup/rollup-linux-loong64-musl': 4.57.1
'@rollup/rollup-linux-ppc64-gnu': 4.57.1
'@rollup/rollup-linux-ppc64-musl': 4.57.1
'@rollup/rollup-linux-riscv64-gnu': 4.57.1
'@rollup/rollup-linux-riscv64-musl': 4.57.1
'@rollup/rollup-linux-s390x-gnu': 4.57.1
'@rollup/rollup-linux-x64-gnu': 4.57.1
'@rollup/rollup-linux-x64-musl': 4.57.1
'@rollup/rollup-openbsd-x64': 4.57.1
'@rollup/rollup-openharmony-arm64': 4.57.1
'@rollup/rollup-win32-arm64-msvc': 4.57.1
'@rollup/rollup-win32-ia32-msvc': 4.57.1
'@rollup/rollup-win32-x64-gnu': 4.57.1
'@rollup/rollup-win32-x64-msvc': 4.57.1
'@rollup/rollup-android-arm-eabi': 4.59.0
'@rollup/rollup-android-arm64': 4.59.0
'@rollup/rollup-darwin-arm64': 4.59.0
'@rollup/rollup-darwin-x64': 4.59.0
'@rollup/rollup-freebsd-arm64': 4.59.0
'@rollup/rollup-freebsd-x64': 4.59.0
'@rollup/rollup-linux-arm-gnueabihf': 4.59.0
'@rollup/rollup-linux-arm-musleabihf': 4.59.0
'@rollup/rollup-linux-arm64-gnu': 4.59.0
'@rollup/rollup-linux-arm64-musl': 4.59.0
'@rollup/rollup-linux-loong64-gnu': 4.59.0
'@rollup/rollup-linux-loong64-musl': 4.59.0
'@rollup/rollup-linux-ppc64-gnu': 4.59.0
'@rollup/rollup-linux-ppc64-musl': 4.59.0
'@rollup/rollup-linux-riscv64-gnu': 4.59.0
'@rollup/rollup-linux-riscv64-musl': 4.59.0
'@rollup/rollup-linux-s390x-gnu': 4.59.0
'@rollup/rollup-linux-x64-gnu': 4.59.0
'@rollup/rollup-linux-x64-musl': 4.59.0
'@rollup/rollup-openbsd-x64': 4.59.0
'@rollup/rollup-openharmony-arm64': 4.59.0
'@rollup/rollup-win32-arm64-msvc': 4.59.0
'@rollup/rollup-win32-ia32-msvc': 4.59.0
'@rollup/rollup-win32-x64-gnu': 4.59.0
'@rollup/rollup-win32-x64-msvc': 4.59.0
fsevents: 2.3.3
rooks@9.5.0(react-dom@19.2.4(react@19.2.4))(react@19.2.4):
@@ -4007,7 +4008,7 @@ snapshots:
'@types/unist': 3.0.3
vfile-message: 4.0.3
vite-plugin-checker@0.12.0(@biomejs/biome@2.4.2)(typescript@5.9.3)(vite@7.3.1(@types/node@25.3.0)(sass@1.97.3)):
vite-plugin-checker@0.12.0(@biomejs/biome@2.4.5)(typescript@5.9.3)(vite@7.3.1(@types/node@25.3.3)(sass@1.97.3)):
dependencies:
'@babel/code-frame': 7.29.0
chokidar: 4.0.3
@@ -4016,39 +4017,39 @@ snapshots:
picomatch: 4.0.3
tiny-invariant: 1.3.3
tinyglobby: 0.2.15
vite: 7.3.1(@types/node@25.3.0)(sass@1.97.3)
vite: 7.3.1(@types/node@25.3.3)(sass@1.97.3)
vscode-uri: 3.1.0
optionalDependencies:
'@biomejs/biome': 2.4.2
'@biomejs/biome': 2.4.5
typescript: 5.9.3
vite-tsconfig-paths@6.1.1(typescript@5.9.3)(vite@7.3.1(@types/node@25.3.0)(sass@1.97.3)):
vite-tsconfig-paths@6.1.1(typescript@5.9.3)(vite@7.3.1(@types/node@25.3.3)(sass@1.97.3)):
dependencies:
debug: 4.4.3
globrex: 0.1.2
tsconfck: 3.1.6(typescript@5.9.3)
vite: 7.3.1(@types/node@25.3.0)(sass@1.97.3)
vite: 7.3.1(@types/node@25.3.3)(sass@1.97.3)
transitivePeerDependencies:
- supports-color
- typescript
vite@7.3.1(@types/node@25.3.0)(sass@1.97.3):
vite@7.3.1(@types/node@25.3.3)(sass@1.97.3):
dependencies:
esbuild: 0.27.3
fdir: 6.5.0(picomatch@4.0.3)
picomatch: 4.0.3
postcss: 8.5.6
rollup: 4.57.1
rollup: 4.59.0
tinyglobby: 0.2.15
optionalDependencies:
'@types/node': 25.3.0
'@types/node': 25.3.3
fsevents: 2.3.3
sass: 1.97.3
vitest@4.0.18(@types/node@25.3.0)(happy-dom@20.6.3)(sass@1.97.3):
vitest@4.0.18(@types/node@25.3.3)(happy-dom@20.7.0)(sass@1.97.3):
dependencies:
'@vitest/expect': 4.0.18
'@vitest/mocker': 4.0.18(vite@7.3.1(@types/node@25.3.0)(sass@1.97.3))
'@vitest/mocker': 4.0.18(vite@7.3.1(@types/node@25.3.3)(sass@1.97.3))
'@vitest/pretty-format': 4.0.18
'@vitest/runner': 4.0.18
'@vitest/snapshot': 4.0.18
@@ -4065,11 +4066,11 @@ snapshots:
tinyexec: 1.0.2
tinyglobby: 0.2.15
tinyrainbow: 3.0.3
vite: 7.3.1(@types/node@25.3.0)(sass@1.97.3)
vite: 7.3.1(@types/node@25.3.3)(sass@1.97.3)
why-is-node-running: 2.3.0
optionalDependencies:
'@types/node': 25.3.0
happy-dom: 20.6.3
'@types/node': 25.3.3
happy-dom: 20.7.0
transitivePeerDependencies:
- jiti
- less

2
frontend/src/locale/IntlProvider.tsx
View File

@@ -4,6 +4,7 @@ import langBg from "./lang/bg.json";
import langCs from "./lang/cs.json";
import langDe from "./lang/de.json";
import langEs from "./lang/es.json";
import langEt from "./lang/et.json";
import langFr from "./lang/fr.json";
import langGa from "./lang/ga.json";
import langHu from "./lang/hu.json";
@@ -31,6 +32,7 @@ const localeOptions = [
["cs", "cs-CZ", langCs],
["de", "de-DE", langDe],
["es", "es-ES", langEs],
["et", "et-EE", langEt],
["fr", "fr-FR", langFr],
["ga", "ga-IE", langGa],
["hu", "hu-HU", langHu],

7
frontend/src/locale/src/HelpDoc/et/AccessLists.md Normal file
View File

@@ -0,0 +1,7 @@
## Mis on juurdepääsuloend?
Ligipääsuloendid pakuvad konkreetsete klientide IP-aadresside musta või valget nimekirja koos puhverserverite autentimisega põhilise HTTP-autentimise kaudu.
Saate ühe juurdepääsuloendi jaoks konfigureerida mitu kliendireeglit, kasutajanime ja parooli ning seejärel rakendada neid ühele või mitmele _puhverserverile_.
See on kõige kasulikum edastatud veebiteenuste puhul, millel pole sisseehitatud autentimismehhanisme või kui soovite kaitsta tundmatute klientide eest.

26
frontend/src/locale/src/HelpDoc/et/Certificates.md Normal file
View File

@@ -0,0 +1,26 @@
## Sertifikaatide abi
### HTTP-sertifikaat
HTTP-valideeritud sertifikaat tähendab, et Certbot serverid
proovivad teie domeenidega ühendust luua HTTP (mitte HTTPS!) kaudu ja kui see õnnestub,
väljastavad nad teile sertifikaadi.
Selle meetodi jaoks peate oma domeeni(de) jaoks looma _Proxy Host_, millele pääseb ligi HTTP kaudu ja mis osutab sellele Nginxi installile. Pärast sertifikaadi väljastamist saate muuta _Proxy Host_'i, et seda sertifikaati ka HTTPS
ühenduste jaoks kasutada. Sertifikaadi uuendamiseks tuleb aga _Proxy Host_ ikkagi HTTP-juurdepääsu jaoks konfigureerida.
See protsess _ei_ toeta metamärke kasutavaid domeene.
### DNS-sertifikaat
DNS-i poolt valideeritud sertifikaadi saamiseks peate kasutama DNS-pakkuja pistikprogrammi. Seda DNS-teenuse pakkujat kasutatakse teie domeenis ajutiste kirjete loomiseks ja seejärel pärib Certbot
nende kirjete kohta päringu, et veenduda, et olete omanik, ja kui see õnnestub, väljastavad nad teile sertifikaadi.
Selle tüüpi sertifikaadi taotlemiseks ei ole vaja luua _Proxy Host_'i. Samuti ei pea teie _Proxy Host_ olema HTTP-juurdepääsu jaoks konfigureeritud.
See protsess _toetab_ metamärke kasutavaid domeene.
### Kohandatud sertifikaat
Kasutage seda valikut oma TLS-sertifikaadi üleslaadimiseks, mille on esitanud teie enda sertifitseerimisasutus.

9
frontend/src/locale/src/HelpDoc/et/DeadHosts.md Normal file
View File

@@ -0,0 +1,9 @@
## Mis on 404 host?
404 host on lihtsalt hosti seadistus, mis kuvab 404 lehte.
See võib olla kasulik, kui teie domeen on otsingumootorites loetletud ja soovite
esitada kenama vealehe või konkreetselt otsingu indekseerijatele öelda, et
domeenilehed enam ei eksisteeri.
Selle hosti teine eelis on selle külastatavuste logide jälgimine ja suunajate vaatamine.

Some files were not shown because too many files have changed in this diff Show More