Release 2.6.0

.devcontainer/Dockerfile

@@ -1,5 +1,5 @@
 # [Choice] Node.js version: 16, 14
-ARG VARIANT=14-buster
+ARG VARIANT=14-bullseye
 FROM mcr.microsoft.com/vscode/devcontainers/javascript-node:0-${VARIANT}
 
 # [Optional] Uncomment this section to install additional OS packages.

.devcontainer/docker-compose.yml

@@ -6,7 +6,7 @@ services:
       context: ..
       dockerfile: .devcontainer/Dockerfile
       args:
-        VARIANT: 14-buster
+        VARIANT: 14-bullseye
     environment:
       - CMD_DB_URL=postgres://codimd:codimd@localhost/codimd
       - CMD_USECDN=false

.github/workflows/build.yml

@@ -10,25 +10,25 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [14.x, 16.x]
+        node-version: [16.x]
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
 
     # from https://stackoverflow.com/a/69649733
     - name: Reconfigure git to use HTTP authentication
       run: >
         git config --global url."https://github.com/".insteadOf
         ssh://git@github.com/
 
-    - uses: actions/cache@v2
+    - uses: actions/cache@v4
       with:
         path: ~/.npm
         key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
         restore-keys: |
           ${{ runner.os }}-node-
 
-    - uses: actions/setup-node@v2
+    - uses: actions/setup-node@v4
       name: Use Node.js ${{ matrix.node-version }}
       with:
         node-version: ${{ matrix.node-version }}
@@ -43,8 +43,8 @@ jobs:
     if: github.ref == 'refs/heads/master' || github.event.pull_request
 
     steps:
-    - uses: actions/checkout@v2
-    - uses: actions/setup-node@v2
+    - uses: actions/checkout@v4
+    - uses: actions/setup-node@v4
       name: Use Node.js 14
       with:
         node-version: 14

.github/workflows/check-release.yml

@@ -13,7 +13,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 

FUNDING.json

@@ -0,0 +1,7 @@
+{
+  "drips": {
+    "ethereum": {
+      "ownedBy": "0xEd37B84FD84A834886aC07693aF6A9cd35040002"
+    }
+  }
+}

deployments/docker-compose.yml

@@ -12,9 +12,14 @@ services:
   codimd:
     # you can use image or custom build below,
     image: nabo.codimd.dev/hackmdio/hackmd:2.5.3
+    # Using the following command to trigger the build
+    # docker-compose -f deployments/docker-compose.yml up --build
     # build:
     #   context: ..
     #   dockerfile: ./deployments/Dockerfile
+    #   args:
+    #     RUNTIME: hackmdio/runtime:16.20.2-35fe7e39
+    #     BUILDPACK: hackmdio/buildpack:16.20.2-35fe7e39
     environment:
       - CMD_DB_URL=postgres://codimd:change_password@database/codimd
       - CMD_USECDN=false

lib/auth/bitbucket/index.js

@@ -11,7 +11,8 @@ const bitbucketAuth = module.exports = Router()
 passport.use(new BitbucketStrategy({
   clientID: config.bitbucket.clientID,
   clientSecret: config.bitbucket.clientSecret,
-  callbackURL: config.serverURL + '/auth/bitbucket/callback'
+  callbackURL: config.serverURL + '/auth/bitbucket/callback',
+  state: true
 }, passportGeneralCallback))
 
 bitbucketAuth.get('/auth/bitbucket', function (req, res, next) {

lib/auth/dropbox/index.js

@@ -12,7 +12,8 @@ passport.use(new DropboxStrategy({
   apiVersion: '2',
   clientID: config.dropbox.clientID,
   clientSecret: config.dropbox.clientSecret,
-  callbackURL: config.serverURL + '/auth/dropbox/callback'
+  callbackURL: config.serverURL + '/auth/dropbox/callback',
+  state: true
 }, passportGeneralCallback))
 
 dropboxAuth.get('/auth/dropbox', function (req, res, next) {

lib/auth/email/index.js

@@ -2,6 +2,7 @@
 
 const Router = require('express').Router
 const passport = require('passport')
+const sequelize = require('sequelize')
 const validator = require('validator')
 const LocalStrategy = require('passport-local').Strategy
 const config = require('../../config')
@@ -21,7 +22,10 @@ passport.use(new LocalStrategy({
   try {
     const user = await models.User.findOne({
       where: {
-        email: email
+        email: sequelize.where(
+          sequelize.fn('LOWER', sequelize.col('email')),
+          email.toLowerCase()
+        )
       }
     })
 

lib/auth/facebook/index.js

@@ -12,7 +12,8 @@ const facebookAuth = module.exports = Router()
 passport.use(new FacebookStrategy({
   clientID: config.facebook.clientID,
   clientSecret: config.facebook.clientSecret,
-  callbackURL: config.serverURL + '/auth/facebook/callback'
+  callbackURL: config.serverURL + '/auth/facebook/callback',
+  state: true
 }, passportGeneralCallback))
 
 facebookAuth.get('/auth/facebook', function (req, res, next) {

lib/auth/github/index.js

@@ -26,7 +26,8 @@ passport.use(new GithubStrategy({
   callbackURL: config.serverURL + '/auth/github/callback',
   authorizationURL: githubUrl('login/oauth/authorize'),
   tokenURL: githubUrl('login/oauth/access_token'),
-  userProfileURL: githubUrl('api/v3/user')
+  userProfileURL: githubUrl('api/v3/user'),
+  state: true
 }, async (accessToken, refreshToken, profile, done) => {
   if (!config.github.organizations) {
     return passportGeneralCallback(accessToken, refreshToken, profile, done)

lib/auth/gitlab/index.js

@@ -15,7 +15,8 @@ const gitlabAuthStrategy = new GitlabStrategy({
   clientID: config.gitlab.clientID,
   clientSecret: config.gitlab.clientSecret,
   scope: config.gitlab.scope,
-  callbackURL: config.serverURL + '/auth/gitlab/callback'
+  callbackURL: config.serverURL + '/auth/gitlab/callback',
+  state: true
 }, passportGeneralCallback)
 
 if (process.env.https_proxy) {

lib/auth/google/index.js

@@ -12,7 +12,8 @@ passport.use(new GoogleStrategy({
   clientID: config.google.clientID,
   clientSecret: config.google.clientSecret,
   callbackURL: config.serverURL + '/auth/google/callback',
-  userProfileURL: 'https://www.googleapis.com/oauth2/v3/userinfo'
+  userProfileURL: 'https://www.googleapis.com/oauth2/v3/userinfo',
+  state: true
 }, passportGeneralCallback))
 
 googleAuth.get('/auth/google', function (req, res, next) {

lib/auth/twitter/index.js

@@ -12,7 +12,8 @@ const twitterAuth = module.exports = Router()
 passport.use(new TwitterStrategy({
   consumerKey: config.twitter.consumerKey,
   consumerSecret: config.twitter.consumerSecret,
-  callbackURL: config.serverURL + '/auth/twitter/callback'
+  callbackURL: config.serverURL + '/auth/twitter/callback',
+  state: true
 }, passportGeneralCallback))
 
 twitterAuth.get('/auth/twitter', function (req, res, next) {

lib/config/default.js

@@ -74,7 +74,8 @@ module.exports = {
     accessKeyId: undefined,
     secretAccessKey: undefined,
     region: undefined,
-    endpoint: undefined
+    endpoint: undefined,
+    baseURL: undefined
   },
   minio: {
     accessKey: undefined,

lib/config/environment.js

@@ -44,7 +44,8 @@ module.exports = {
     accessKeyId: process.env.CMD_S3_ACCESS_KEY_ID,
     secretAccessKey: process.env.CMD_S3_SECRET_ACCESS_KEY,
     region: process.env.CMD_S3_REGION,
-    endpoint: process.env.CMD_S3_ENDPOINT
+    endpoint: process.env.CMD_S3_ENDPOINT,
+    baseURL: process.env.CMD_S3_BASEURL
   },
   minio: {
     accessKey: process.env.CMD_MINIO_ACCESS_KEY,

lib/imageRouter/s3.js

@@ -51,13 +51,17 @@ exports.uploadImage = function (imagePath, callback) {
       // default scheme settings to https
       let s3Endpoint = 'https://s3.amazonaws.com'
       if (config.s3.region && config.s3.region !== 'us-east-1') {
-        s3Endpoint = `s3-${config.s3.region}.amazonaws.com`
+        s3Endpoint = `https://s3-${config.s3.region}.amazonaws.com`
       }
       // rewrite endpoint from config
       if (config.s3.endpoint) {
         s3Endpoint = config.s3.endpoint
       }
-      callback(null, `${s3Endpoint}/${config.s3bucket}/${params.Key}`)
+      if (config.s3.baseURL) {
+        callback(null, `${config.s3.baseURL}/${params.Key}`)
+      } else {
+        callback(null, `${s3Endpoint}/${config.s3bucket}/${params.Key}`)
+      }
     }).catch(err => {
       if (err) {
         callback(new Error(err), null)