v0.4 #123
Merged
v0.4 #123
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Robert Goniszewski <[email protected]>
) * feat: create DB connection, draft schemas Signed-off-by: Robert Goniszewski <[email protected]> * feat: add initial local storage support, work on DB impl., minor changes Signed-off-by: Robert Goniszewski <[email protected]> * feat: rewrite entities fetching, improve DB schema Signed-off-by: Robert Goniszewski <[email protected]> * feat: integrate Lucia for auth, update DB schema, work on file server Signed-off-by: Robert Goniszewski <[email protected]> * feat: progressing auth flow, update types, DB schema Signed-off-by: Robert Goniszewski <[email protected]> * feat: update DB schema, rework DB types, further transition Signed-off-by: Robert Goniszewski <[email protected]> * feat: add support for file uploads, update DB schema, improve auth flow Signed-off-by: Robert Goniszewski <[email protected]> * chore: remove test PB data Signed-off-by: Robert Goniszewski <[email protected]> * feat: various updates of logic Signed-off-by: Robert Goniszewski <[email protected]> * feat: update DB schema, improve file upload handling Signed-off-by: Robert Goniszewski <[email protected]> * feat: add support for user profile pictures, update DB schema Signed-off-by: Robert Goniszewski <[email protected]> * feat: add support for user picture uploads, update DB schema Signed-off-by: Robert Goniszewski <[email protected]> * refactor(api): migrate category and tag endpoints to use database repositories Signed-off-by: Robert Goniszewski <[email protected]> * feat(database): update schema and add cascade delete for user relations Signed-off-by: Robert Goniszewski <[email protected]> * feat(deps): update dependencies and refactor database schema Signed-off-by: Robert Goniszewski <[email protected]> * feat(metadata): replace metascraper with url-metadata Signed-off-by: Robert Goniszewski <[email protected]> * feat: fix file uploads & resolving, types, switching theme etc Signed-off-by: Robert Goniszewski <[email protected]> * feat: better typing and serialization Signed-off-by: Robert Goniszewski <[email protected]> * feat: switch to unixepoch() for timestamp defaults; additional changes Signed-off-by: Robert Goniszewski <[email protected]> * feat(database): update schema and repositories for consistent timestamps Signed-off-by: Robert Goniszewski <[email protected]> * feat(bookmarks): improve tag handling and form data processing Signed-off-by: Robert Goniszewski <[email protected]> * feat(auth): implement API-based authentication and refactor auth flow Signed-off-by: Robert Goniszewski <[email protected]> * feat(bookmarks): improve bookmark creation and update processes; storing files Signed-off-by: Robert Goniszewski <[email protected]> * refactor: improve file handling; remove unused imports Signed-off-by: Robert Goniszewski <[email protected]> * fix(storage): improve file extension handling for icon and SVG types Signed-off-by: Robert Goniszewski <[email protected]> * feat: prevent users from signing up when disabled in config; update README Signed-off-by: Robert Goniszewski <[email protected]> * feat(ci): add develop branch and preview releases Signed-off-by: Robert Goniszewski <[email protected]> * refactor(bookmarks): remove unused import and add Storage import Signed-off-by: Robert Goniszewski <[email protected]> * refactor(docker): remove PocketBase and fix Docker build issues Signed-off-by: Robert Goniszewski <[email protected]> --------- Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
…tter*' packages Signed-off-by: Robert Goniszewski <[email protected]>
…'tree-sitter*' packages" This reverts commit 2a5e0f3.
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
…ation; update compose file Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
…update Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
…ose file Signed-off-by: Robert Goniszewski <[email protected]>
#120) * refactor(metadata): improve urlMetadataScraper function and error handling; fix error on missing Signed-off-by: Robert Goniszewski <[email protected]> * feat(metadata): improve icon URL validation and error handling Signed-off-by: Robert Goniszewski <[email protected]> * fix(auth): improve login error handling and messages Signed-off-by: Robert Goniszewski <[email protected]> --------- Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
* feat(data-migration): start working on PB data migration Signed-off-by: Robert Goniszewski <[email protected]> * feat(metadata): enhance performance logging and URL display Signed-off-by: Robert Goniszewski <[email protected]> * refactor(utils): enhance performance logging format Signed-off-by: Robert Goniszewski <[email protected]> * chore(deps): update development and production dependencies Signed-off-by: Robert Goniszewski <[email protected]> * feat(migration): implement data migration UI and functionality Signed-off-by: Robert Goniszewski <[email protected]> * feat(database): update foreign key constraints for cascading deletes Signed-off-by: Robert Goniszewski <[email protected]> * feat(bookmark): optimize image storage and improve first-time user experience Signed-off-by: Robert Goniszewski <[email protected]> * feat(various): finish migration tool preview, improve file handling Signed-off-by: Robert Goniszewski <[email protected]> * feat(setup): simplify installation process and update dependencies Signed-off-by: Robert Goniszewski <[email protected]> * chore: release v0.4.0-pre.4 --------- Signed-off-by: Robert Goniszewski <[email protected]>
Signed-off-by: Robert Goniszewski <[email protected]>
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| RUN apt-get update && apt-get install -y python3 python3-pip wget && rm -rf /var/lib/apt/lists/* | ||
| COPY . /app | ||
| FROM oven/bun AS base | ||
| RUN apt-get update && apt-get install -y python3 python3-pip wget build-essential && rm -rf /var/lib/apt/lists/* |
Check notice
Code scanning / SonarCloud
Arguments in long RUN instructions should be sorted Low
Comment on lines
+28
to
+32
| console.log('connectToPb', { | ||
| pbUrl, | ||
| email, | ||
| password | ||
| }); |
Check failure
Code scanning / CodeQL
Clear-text logging of sensitive information High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI about 2 months ago
To fix the problem, we need to ensure that sensitive information such as passwords and emails are not logged in clear text. Instead, we can log non-sensitive information or mask the sensitive parts of the data. Specifically, we should remove or mask the logging of password and email on line 28.
- Remove the logging of sensitive information.
- Ensure that the functionality remains unchanged by only modifying the logging statements.
- The changes will be made in the file
src/routes/migrate/+page.server.ts.
Suggested changeset
1
src/routes/migrate/+page.server.ts
| @@ -29,4 +29,4 @@ | ||
| pbUrl, | ||
| email, | ||
| password | ||
| email: email ? email.replace(/(.{2}).+(@.+)/, '$1***$2') : '', | ||
| password: password ? '***' : '' | ||
| }); |
Copilot is powered by AI and may make mistakes. Always verify output.
Signed-off-by: Robert Goniszewski <[email protected]>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.