Merge branch 'main' into e5/search-infinite

MbinOrg · Nov 8, 2024 · a3ffdfd · a3ffdfd
2 parents cc2f07e + 944fa5f
commit a3ffdfd
Show file tree

Hide file tree

Showing 767 changed files with 26,428 additions and 13,578 deletions.
diff --git a/.env.example b/.env.example
@@ -32,6 +32,21 @@ KBIN_HEADER_LOGO=false
 KBIN_FEDERATION_PAGE_ENABLED=true
 MBIN_DEFAULT_THEME=default
 
+# If you are running Mbin behind a reverse proxy, uncomment the line below and adjust the proxy address/range below
+# to your server's IP address if it does not already fall within the private IP spaces specified.
+#TRUSTED_PROXIES=::1,127.0.0.1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
+TRUSTED_PROXIES=
+
+# Max image filesize (in bytes)
+# This should be set to <= `upload_max_filesize` and `post_max_size` in the server's php.ini file
+MAX_IMAGE_BYTES=6000000
+
+# possible values:
+# 'enabled' => default mode downvotes are enabled
+# 'hidden' => downvotes are counted and users can downvote, but the number is hidden
+# 'disabled' => downvotes are ignored and the downvote button is hidden. They also do not count in the sorting
+MBIN_DOWNVOTES_MODE=enabled
+
 # Captcha (also enable in admin panel/settings)
 KBIN_CAPTCHA_ENABLED=false
 ###> meteo-concept/hcaptcha-bundle ###
@@ -68,16 +83,25 @@ OAUTH_FACEBOOK_ID=
 OAUTH_FACEBOOK_SECRET=
 OAUTH_GOOGLE_ID=
 OAUTH_GOOGLE_SECRET=
+OAUTH_DISCORD_ID=
+OAUTH_DISCORD_SECRET=
 OAUTH_GITHUB_ID=
 OAUTH_GITHUB_SECRET=
+OAUTH_PRIVACYPORTAL_ID=
+OAUTH_PRIVACYPORTAL_SECRET=
 OAUTH_KEYCLOAK_ID=
 OAUTH_KEYCLOAK_SECRET=
 OAUTH_KEYCLOAK_URI=
 OAUTH_KEYCLOAK_REALM=
 OAUTH_KEYCLOAK_VERSION=
+OAUTH_SIMPLELOGIN_ID=
+OAUTH_SIMPLELOGIN_SECRET=
 OAUTH_ZITADEL_ID=
 OAUTH_ZITADEL_SECRET=
 OAUTH_ZITADEL_BASE_URL=
+OAUTH_AUTHENTIK_ID=
+OAUTH_AUTHENTIK_SECRET=
+OAUTH_AUTHENTIK_BASE_URL=
 # If true, sign ins and sign ups will only be possible through the OAuth providers configured above
 SSO_ONLY_MODE=
 

diff --git a/.env.example_docker b/.env.example_docker
@@ -32,6 +32,21 @@ KBIN_HEADER_LOGO=false
 KBIN_FEDERATION_PAGE_ENABLED=true
 MBIN_DEFAULT_THEME=default
 
+# If you are running Mbin behind a reverse proxy, uncomment the line below and adjust the proxy address/range below
+# to your server's IP address if it does not already fall within the private IP spaces specified.
+TRUSTED_PROXIES=::1,127.0.0.1,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
+#TRUSTED_PROXIES=
+
+# Max image filesize (in bytes)
+# This should be set to <= `upload_max_filesize` and `post_max_size` in the server's php.ini file
+MAX_IMAGE_BYTES=6000000
+
+# possible values:
+# 'enabled' => default mode downvotes are enabled
+# 'hidden' => downvotes are counted and users can downvote, but the number is hidden
+# 'disabled' => downvotes are ignored and the downvote button is hidden. They also do not count in the sorting
+MBIN_DOWNVOTES_MODE=enabled
+
 # Captcha (also enable in admin panel/settings)
 KBIN_CAPTCHA_ENABLED=false
 
@@ -65,16 +80,25 @@ OAUTH_FACEBOOK_ID=
 OAUTH_FACEBOOK_SECRET=
 OAUTH_GOOGLE_ID=
 OAUTH_GOOGLE_SECRET=
+OAUTH_DISCORD_ID=
+OAUTH_DISCORD_SECRET=
 OAUTH_GITHUB_ID=
 OAUTH_GITHUB_SECRET=
 OAUTH_KEYCLOAK_ID=
 OAUTH_KEYCLOAK_SECRET=
 OAUTH_KEYCLOAK_URI=
 OAUTH_KEYCLOAK_REALM=
 OAUTH_KEYCLOAK_VERSION=
+OAUTH_SIMPLELOGIN_ID=
+OAUTH_SIMPLELOGIN_SECRET=
 OAUTH_ZITADEL_ID=
 OAUTH_ZITADEL_SECRET=
 OAUTH_ZITADEL_BASE_URL=
+OAUTH_AUTHENTIK_ID=
+OAUTH_AUTHENTIK_SECRET=
+OAUTH_AUTHENTIK_BASE_URL=
+OAUTH_PRIVACYPORTAL_ID=
+OAUTH_PRIVACYPORTAL_SECRET=
 
 # If true, sign ins and sign ups will only be possible through the OAuth providers configured above
 SSO_ONLY_MODE=

diff --git a/.eslintrc.json b/.eslintrc.json
@@ -23,13 +23,16 @@
         "@stylistic/arrow-parens": ["error", "always"],
         "@stylistic/brace-style": ["error", "1tbs"],
         "@stylistic/comma-dangle": ["error", "always-multiline"],
+        "@stylistic/comma-spacing": ["error"],
+        "@stylistic/keyword-spacing": ["error"],
         "@stylistic/no-multiple-empty-lines": ["error", {"max": 2, "maxEOF": 0, "maxBOF": 0}],
         "@stylistic/no-trailing-spaces": ["error"],
         "@stylistic/no-multi-spaces": ["error"],
         "@stylistic/object-curly-spacing": ["error", "always"],
         "@stylistic/quotes": ["error", "single", {"avoidEscape": true}],
         "@stylistic/semi": ["error", "always"],
         "@stylistic/space-before-blocks": ["error"],
+        "@stylistic/space-in-parens": ["error", "never"],
         "camelcase": ["error", {"ignoreImports": true}],
         "curly": ["error", "all"],
         "eqeqeq": ["error", "always"],

diff --git a/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md b/.github/PULL_REQUEST_TEMPLATE/pull_request_template.md
@@ -0,0 +1,56 @@
+<!-- This is a comment. You can remove it and other comments while filling out the template -->
+
+# Summary
+
+<!-- 
+Please provide a **short** summary in a few sentences of what the PR does.
+Try to keep it to as few full sentences as possible.
+-->
+
+## Checklist
+
+<!--
+Points that don't don't apply can simply be checked off.
+Feel free to add **N/A** for clarity.
+
+Example:
+
+  - [x] Added tests (for code changes) **N/A**
+-->
+
+ - [ ] Marked as draft PR while still working on PR
+ - [ ] Marked as "ready for review" once not in progress
+ - [ ] Added tests (for code changes)
+ - [ ] Provided screenshots (for visual changes)
+
+
+# Additional information
+
+<!--
+In this section you can describe more in depth:
+
+ - **why** you made it
+ - **how** it achieves its goals
+
+====================Screenshots=====================
+If your PR is visual **provide screenshots**!
+It makes it much easier for reviewers to evaluate your work
+
+Copy this table out of the comment:
+
+|     Before   |    After    |
+| ------------ | ----------- |
+| image_before | image_after |
+-->
+
+# Related issues
+
+<!-- 
+If your PR resolves and existing issue, please link to it in this section.
+
+Example:
+
+  Resolves #1234
+
+Should it not be related to any issue just with "N/A" or "Not applicable"
+-->
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,35 @@
+# Inspired by: https://github.com/dependabot/dependabot-core/blob/main/.github/dependabot.yml
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  - package-ecosystem: "npm"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "saturday"
+      time: "14:00"
+    groups:
+      dev-symfony-and-webpack-dependencies:
+        dependency-type: "development"
+        patterns:
+          - "@symfony/*"
+          - "webpack*"
+      dev-dependencies:
+        dependency-type: "development"
+        update-types:
+          - "minor"
+          - "patch"
+  - package-ecosystem: "composer"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "saturday"
+      time: "14:00"
+    groups:
+      php:
+        applies-to: security-updates
+        update-types:
+          - "minor"
+          - "patch"
diff --git a/.github/workflows/action.yaml b/.github/workflows/action.yaml
@@ -4,17 +4,19 @@ on:
     branches:
       - main
       - develop
+      - dev/new_features
   push:
     branches:
       - main
+      - dev/new_features
     tags:
       - 'v*'
 
 jobs:
   build:
     runs-on: ubuntu-latest
     container:
-      image: danger89/mbin-pipeline:1.0.0
+      image: danger89/mbin-pipeline:1.2.0
     steps:
       - uses: actions/checkout@v4
 
@@ -57,13 +59,14 @@ jobs:
         run: npm ci --include=dev
         env:
           NODE_ENV: production
+
       - name: Build frontend (production)
         run: npm run build
 
   unit-test:
     runs-on: ubuntu-latest
     container:
-      image: danger89/mbin-pipeline:1.0.0
+      image: danger89/mbin-pipeline:1.2.0
     steps:
       - uses: actions/checkout@v4
 
@@ -93,20 +96,46 @@ jobs:
           SYMFONY_DEPRECATIONS_HELPER: disabled
         run: php bin/phpunit tests/Unit
 
-  security-check:
+  audit-check:
     runs-on: ubuntu-latest
     container:
-      image: danger89/mbin-pipeline:1.0.0
+      image: danger89/mbin-pipeline:1.2.0
+    continue-on-error: true
     steps:
       - uses: actions/checkout@v4
 
-      - name: Run security checker
-        run: local-php-security-checker
+      - name: Get Composer Cache Directory
+        id: composer-cache
+        run: |
+          echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
+
+      - name: Calculate composer.lock hash
+        id: composer-lock-hash
+        run: |
+          echo "hash=$(md5sum composer.lock)" >> $GITHUB_OUTPUT
+
+      - uses: actions/cache@v4
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ steps.composer-lock-hash.outputs.hash }}
+          restore-keys: ${{ runner.os }}-composer-
+
+      - run: cp .env.example .env
+      - name: Composer install
+        run: composer install --no-scripts --no-progress
+
+      - name: Run Npm audit
+        run: npm audit --omit=dev
+
+      - name: Run Composer audit
+        env:
+          COMPOSER_AUDIT_ABANDONED: ignore
+        run: composer audit
 
   fixer-dry-run:
     runs-on: ubuntu-latest
     container:
-      image: danger89/mbin-pipeline:1.0.0
+      image: danger89/mbin-pipeline:1.2.0
     steps:
       - uses: actions/checkout@v4
 

diff --git a/.github/workflows/contrib.yaml b/.github/workflows/contrib.yaml
@@ -8,8 +8,11 @@ jobs:
   contrib-readme:
     runs-on: ubuntu-latest
     name: Update contrib in README
+    permissions:
+          contents: write
+          pull-requests: write
     steps:
       - name: Contribute List
-        uses: akhilmhdh/[email protected].9
+        uses: akhilmhdh/[email protected].10
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
@@ -12,11 +12,11 @@ jobs:
     steps:
       - uses: actions/stale@v9
         with:
-          stale-issue-message: "This issue is stale because it has been open 50 days with no activity. Remove stale label or comment or this will be closed in 6 days."
+          stale-issue-message: "This issue is stale because it has been open a year with no activity."
           stale-pr-message: "This PR is stale because it has been open 40 days with no activity."
           close-issue-message: "This issue was closed because it has been stalled for 6 days with no activity."
           exempt-issue-labels: "high priority"
-          days-before-issue-stale: 50
+          days-before-issue-stale: 365
           days-before-pr-stale: 40
-          days-before-issue-close: 6
+          days-before-issue-close: -1
           days-before-pr-close: -1
diff --git a/.php-cs-fixer.dist.php b/.php-cs-fixer.dist.php
@@ -4,7 +4,12 @@
 
 $finder = (new PhpCsFixer\Finder())
     ->in(__DIR__)
-    ->exclude('var')
+    ->exclude([
+        'var',
+        'node_modules',
+        'vendor',
+        'docker',
+    ])
 ;
 
 return (new PhpCsFixer\Config())

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -85,7 +85,10 @@ SYMFONY_DEPRECATIONS_HELPER=disabled ./bin/phpunit tests/Unit
 ### Fixtures
 
 You might want to load random data to database instead of manually adding magazines, users, posts, comments etc.
-To do so, execute: `bin/console doctrine:fixtures:load --append --no-debug`
+To do so, execute: `php bin/console doctrine:fixtures:load --append --no-debug`
+You should stop the messenger processes, as they are not able to access the data while it is being created, but try to do so.
+- Docker: `docker compose stop messenger`
+- Bare Metal: `supervisorctl stop messenger:*`
 
 If you want to do the same but with the Docker setup, execute: `docker compose exec php bin/console doctrine:fixtures:load --append --no-debug` (from the `docker` directory)