vbrandl/fotochallenge
Archived
1
0
Fork 0
Code Issues 4 Pull Requests 3 Actions Packages Projects Releases Activity

Compare commits

base: vbrandl:v0.0.2
Branches Tags
vbrandl:main vbrandl:renovate/sveltejs-vite-plugin-svelte-4.x vbrandl:renovate/svelte-5.x vbrandl:renovate/lock-file-maintenance
vbrandl:v0.0.8 vbrandl:v0.0.7 vbrandl:v0.0.6 vbrandl:v0.0.5 vbrandl:v0.0.4 vbrandl:v0.0.3 vbrandl:v0.0.2 vbrandl:v0.0.1
...
compare: vbrandl:v0.0.6
Branches Tags
vbrandl:main vbrandl:renovate/sveltejs-vite-plugin-svelte-4.x vbrandl:renovate/svelte-5.x vbrandl:renovate/lock-file-maintenance
vbrandl:v0.0.8 vbrandl:v0.0.7 vbrandl:v0.0.6 vbrandl:v0.0.5 vbrandl:v0.0.4 vbrandl:v0.0.3 vbrandl:v0.0.2 vbrandl:v0.0.1

77 Commits
v0.0.2 ... v0.0.6

Author SHA1 Message Date
Valentin Brandl
37d6cd848d 0.0.6
All checks were successful
/ Misc Linters (push) Successful in 25s
Details
Publish / lints (push) Successful in 25s
Details
/ Build App (push) Successful in 1m1s
Details
Publish / tests (push) Successful in 52s
Details
Publish / Publishing (push) Successful in 1m30s
Details
2024-08-17 16:43:34 +02:00
Valentin Brandl
1aff6554b5 Copy node_modules over to runtime image
All checks were successful
/ Misc Linters (push) Successful in 20s
Details
/ Build App (push) Successful in 52s
Details
2024-08-17 16:37:29 +02:00
Valentin Brandl
a6359d9516 Build using node 22 2024-08-17 16:37:13 +02:00
Valentin Brandl
6ab52c1830 Fix lints
All checks were successful
/ Misc Linters (push) Successful in 23s
Details
/ Build App (push) Successful in 52s
Details
2024-08-17 15:54:33 +02:00
Valentin Brandl
cfb5564830 Formatting with trailing comma 2024-08-17 15:45:52 +02:00
Valentin Brandl
48948a180a Logging
Some checks failed
/ Misc Linters (push) Successful in 21s
Details
/ Build App (push) Failing after 21s
Details
2024-08-17 15:39:43 +02:00
Valentin Brandl
1557d2cca9 More test cases 2024-08-17 15:38:23 +02:00
Valentin Brandl
019d1d2e62 Log requests 2024-08-17 15:38:12 +02:00
Valentin Brandl
1b4bb1d2e2 Measure execution time 2024-08-17 15:06:28 +02:00
Valentin Brandl
824852fe7a Initialize and use bunyan logger 2024-08-17 15:06:12 +02:00
Valentin Brandl
4e2b1b74a4 Add requestId to request context 2024-08-17 15:04:43 +02:00
Valentin Brandl
0aa7a18f05 Add bunyan logger 2024-08-17 15:04:14 +02:00
Valentin Brandl
10d6be5f82 Platform independent path validation
All checks were successful
/ Misc Linters (push) Successful in 21s
Details
/ Build App (push) Successful in 51s
Details
2024-08-17 15:00:54 +02:00
Valentin Brandl
6615e2788a Platform independent path validation
All checks were successful
/ Misc Linters (push) Successful in 27s
Details
/ Misc Linters (pull_request) Successful in 20s
Details
/ Build App (pull_request) Successful in 58s
Details
/ Build App (push) Successful in 47s
Details
2024-08-17 14:59:55 +02:00
vbrandl
1f846bd5fe Merge pull request 'chore(deps): update dependency @types/node to v20.15.0' (#49) from renovate/node-20.x-lockfile into main
All checks were successful
/ Misc Linters (push) Successful in 34s
Details
/ Build App (push) Successful in 1m1s
Details 
Reviewed-on: #49
 2024-08-17 03:59:55 +02:00
Renovate Bot
da7b056095 chore(deps): update dependency @types/node to v20.15.0
All checks were successful
/ Misc Linters (pull_request) Successful in 19s
Details
/ Build App (pull_request) Successful in 55s
Details
2024-08-16 19:01:36 +00:00
Valentin Brandl
4b8ecc65c3 0.0.5
All checks were successful
Publish / lints (push) Successful in 25s
Details
Publish / tests (push) Successful in 51s
Details
Publish / Publishing (push) Successful in 1m9s
Details
/ Misc Linters (push) Successful in 26s
Details
/ Build App (push) Successful in 1m1s
Details
2024-08-16 18:18:02 +02:00
Valentin Brandl
3696bcade2 Change parameter order 2024-08-16 18:17:44 +02:00
Valentin Brandl
dea401fec0 Add title
All checks were successful
/ Misc Linters (push) Successful in 22s
Details
/ Build App (push) Successful in 50s
Details
2024-08-16 18:08:49 +02:00
Valentin Brandl
66494c6760 Fix tests
All checks were successful
Publish / lints (push) Successful in 25s
Details
/ Misc Linters (push) Successful in 28s
Details
/ Build App (push) Successful in 1m3s
Details
Publish / tests (push) Successful in 50s
Details
Publish / Publishing (push) Successful in 1m7s
Details
2024-08-16 16:39:44 +02:00
Valentin Brandl
05320916b2 0.0.4
Some checks failed
/ Misc Linters (push) Successful in 24s
Details
/ Build App (push) Failing after 29s
Details
Publish / lints (push) Successful in 22s
Details
Publish / tests (push) Failing after 27s
Details
Publish / Publishing (push) Has been skipped
Details
2024-08-16 16:37:24 +02:00
Valentin Brandl
e6857f5b5d 0.0.2 2024-08-16 16:36:51 +02:00
Valentin Brandl
5dba5471d1 Reject illegal names 2024-08-16 16:34:43 +02:00
Valentin Brandl
f1ff9f1c38 Update flake.lock 2024-08-16 16:34:26 +02:00
Valentin Brandl
7386a29ec5 flake.lock: Update
Some checks failed
/ Misc Linters (push) Successful in 25s
Details
/ Build App (push) Failing after 24s
Details 
Flake lock file updates:

• Updated input 'nixpkgs':
    'github:nixos/nixpkgs/693bc46d169f5af9c992095736e82c3488bf7dbb' (2024-07-14)
  → 'github:nixos/nixpkgs/c3aa7b8938b17aebd2deecf7be0636000d62a2b9' (2024-08-14)
 2024-08-16 15:53:10 +02:00
Valentin Brandl
88b158b7b4 Lint before publish
All checks were successful
/ Misc Linters (push) Successful in 27s
Details
/ Build App (push) Successful in 59s
Details
2024-08-16 15:10:18 +02:00
Valentin Brandl
a2e78e2e36 Fallback for missing environment variable
All checks were successful
/ Misc Linters (push) Successful in 20s
Details
/ Build App (push) Successful in 50s
Details
Publish / tests (push) Successful in 51s
Details
Publish / Publishing (push) Successful in 1m57s
Details
2024-08-16 15:06:41 +02:00
Valentin Brandl
b2bab79562 Run shellcheck and hadolint in CI
Some checks failed
/ Build App (push) Failing after 28s
Details
/ Misc Linters (push) Successful in 35s
Details
2024-08-16 14:45:13 +02:00
Valentin Brandl
0b8bddb1f6 Run shellcheck in CI
Some checks failed
/ Check scripts (push) Failing after 22s
Details
/ Build App (push) Failing after 41s
Details
2024-08-16 14:41:51 +02:00
Valentin Brandl
cbd03de6a3 Load upload dir from ENV 2024-08-16 14:41:33 +02:00
vbrandl
0842c107e6 Merge pull request 'chore(deps): update dependency vite to v5.4.1' (#47) from renovate/vite-5.x-lockfile into main
All checks were successful
/ Build App (push) Successful in 1m15s
Details 
Reviewed-on: #47
 2024-08-15 19:46:33 +02:00
Renovate Bot
a59f8688d0 chore(deps): update dependency vite to v5.4.1
All checks were successful
/ Build App (pull_request) Successful in 3m43s
Details
2024-08-15 16:02:40 +00:00
vbrandl
91bba73796 Merge pull request 'chore(deps): lock file maintenance' (#46) from renovate/lock-file-maintenance into main
All checks were successful
/ Build App (push) Successful in 1m1s
Details 
Reviewed-on: #46
 2024-08-13 14:57:39 +02:00
Renovate Bot
85e1874188 chore(deps): lock file maintenance
All checks were successful
/ Build App (pull_request) Successful in 1m0s
Details
2024-08-13 14:56:31 +02:00
vbrandl
6ab6560009 Merge pull request 'chore(deps): update dependency @sveltejs/adapter-auto to v3.2.4' (#42) from renovate/sveltejs-adapter-auto-3.x-lockfile into main
All checks were successful
/ Build App (push) Successful in 57s
Details 
Reviewed-on: #42
 2024-08-13 14:56:21 +02:00
Renovate Bot
16bbb29f32 chore(deps): update dependency @sveltejs/adapter-auto to v3.2.4
All checks were successful
/ Build App (pull_request) Successful in 54s
Details
2024-08-13 14:49:58 +02:00
vbrandl
c0c35b8e0f Merge pull request 'chore(deps): update dependency @sveltejs/adapter-node to v5.2.2' (#43) from renovate/sveltejs-adapter-node-5.x-lockfile into main
All checks were successful
/ Build App (push) Successful in 55s
Details 
Reviewed-on: #43
 2024-08-13 14:49:48 +02:00
Renovate Bot
626982fe3e chore(deps): update dependency @sveltejs/adapter-node to v5.2.2
All checks were successful
/ Build App (pull_request) Successful in 53s
Details
2024-08-13 10:44:54 +02:00
vbrandl
79e079f115 Merge pull request 'chore(deps): update dependency @sveltejs/kit to v2.5.22' (#44) from renovate/sveltejs-kit-2.x-lockfile into main
All checks were successful
/ Build App (push) Successful in 55s
Details 
Reviewed-on: #44
 2024-08-13 10:44:45 +02:00
Renovate Bot
cd933b77cb chore(deps): update dependency @sveltejs/kit to v2.5.22
All checks were successful
/ Build App (pull_request) Successful in 54s
Details
2024-08-13 10:41:55 +02:00
vbrandl
ef4ddf872f Merge pull request 'chore(deps): update dependency typescript-eslint to v8.1.0' (#45) from renovate/typescript-eslint-monorepo into main
All checks were successful
/ Build App (push) Successful in 1m18s
Details 
Reviewed-on: #45
 2024-08-13 10:41:44 +02:00
Renovate Bot
ca3178e42a chore(deps): update dependency typescript-eslint to v8.1.0
All checks were successful
/ Build App (pull_request) Successful in 1m31s
Details
2024-08-12 22:03:35 +00:00
vbrandl
338d3ccdbb Merge pull request 'chore(deps): lock file maintenance' (#35) from renovate/lock-file-maintenance into main
All checks were successful
/ Build App (push) Successful in 1m6s
Details 
Reviewed-on: #35
 2024-08-10 11:52:41 +02:00
Renovate Bot
83eb10aadd chore(deps): lock file maintenance
All checks were successful
/ Build App (pull_request) Successful in 2m2s
Details
2024-08-10 09:50:31 +00:00
vbrandl
2858c8c375 Merge pull request 'chore(deps): update dependency typescript-eslint to v8.0.1' (#34) from renovate/typescript-eslint-monorepo into main
All checks were successful
/ Build App (push) Successful in 55s
Details 
Reviewed-on: #34
 2024-08-10 11:33:03 +02:00
Renovate Bot
0c09a354b8 chore(deps): update dependency typescript-eslint to v8.0.1
All checks were successful
/ Build App (pull_request) Successful in 59s
Details
2024-08-10 11:28:38 +02:00
vbrandl
52ada9d040 Merge pull request 'chore(deps): update dependency vite to v5.4.0' (#36) from renovate/vite-5.x-lockfile into main
Some checks are pending
/ Build App (push) Waiting to run
Details 
Reviewed-on: #36
 2024-08-10 11:28:14 +02:00
Renovate Bot
6cf7361905 chore(deps): update dependency vite to v5.4.0
Some checks failed
/ Build App (pull_request) Has been cancelled
Details
2024-08-10 11:28:09 +02:00
vbrandl
335f341839 Merge pull request 'chore(deps): update dependency @sveltejs/adapter-auto to v3.2.3' (#37) from renovate/sveltejs-adapter-auto-3.x-lockfile into main
Some checks are pending
/ Build App (push) Waiting to run
Details 
Reviewed-on: #37
 2024-08-10 11:27:49 +02:00
Renovate Bot
f4d5ccd4c3 chore(deps): update dependency @sveltejs/adapter-auto to v3.2.3
Some checks failed
/ Build App (pull_request) Has been cancelled
Details
2024-08-10 11:27:35 +02:00
vbrandl
abd6a8a3be Merge pull request 'chore(deps): update dependency @sveltejs/adapter-node to v5.2.1' (#38) from renovate/sveltejs-adapter-node-5.x-lockfile into main
Some checks are pending
/ Build App (push) Waiting to run
Details 
Reviewed-on: #38
 2024-08-10 11:27:22 +02:00
Renovate Bot
990e0e131f chore(deps): update dependency @sveltejs/adapter-node to v5.2.1
All checks were successful
/ Build App (pull_request) Successful in 1m5s
Details
2024-08-10 11:24:27 +02:00
vbrandl
d6c24702d6 Merge pull request 'chore(deps): update dependency @sveltejs/kit to v2.5.21' (#39) from renovate/sveltejs-kit-2.x-lockfile into main
All checks were successful
/ Build App (push) Successful in 1m31s
Details 
Reviewed-on: #39
 2024-08-10 11:24:19 +02:00
Renovate Bot
13467c1c8f chore(deps): update dependency @sveltejs/kit to v2.5.21
All checks were successful
/ Build App (pull_request) Successful in 59s
Details
2024-08-10 11:22:57 +02:00
vbrandl
3b338ea854 Merge pull request 'chore(deps): update dependency @types/node to v20.14.15' (#40) from renovate/node-20.x-lockfile into main
All checks were successful
/ Build App (push) Successful in 58s
Details 
Reviewed-on: #40
 2024-08-10 11:22:49 +02:00
Renovate Bot
7a85f1aae3 chore(deps): update dependency @types/node to v20.14.15
All checks were successful
/ Build App (pull_request) Successful in 53s
Details
2024-08-10 11:21:37 +02:00
vbrandl
1e90cf7fc5 Merge pull request 'chore(deps): update dependency eslint to v9.9.0' (#41) from renovate/eslint-monorepo into main
All checks were successful
/ Build App (push) Successful in 56s
Details 
Reviewed-on: #41
 2024-08-10 11:21:29 +02:00
Renovate Bot
1b36f81b85 chore(deps): update dependency eslint to v9.9.0
All checks were successful
/ Build App (pull_request) Successful in 51s
Details
2024-08-10 01:02:12 +00:00
vbrandl
fba4548df4 Merge pull request 'chore(deps): lock file maintenance' (#32) from renovate/lock-file-maintenance into main
All checks were successful
/ Build App (push) Successful in 55s
Details 
Reviewed-on: #32
 2024-08-04 15:57:28 +02:00
Renovate Bot
8ca2e03e6b chore(deps): lock file maintenance
All checks were successful
/ Build App (pull_request) Successful in 1m1s
Details
2024-08-04 13:50:26 +00:00
vbrandl
ac6c82f2d8 Merge pull request 'chore(deps): update dependency @types/node to v20.14.14' (#33) from renovate/node-20.x-lockfile into main
All checks were successful
/ Build App (push) Successful in 57s
Details 
Reviewed-on: #33
 2024-08-04 15:37:17 +02:00
vbrandl
35dc5db5b9 Merge pull request 'chore(deps): update dependency globals to v15.9.0' (#31) from renovate/globals-15.x-lockfile into main
Some checks are pending
/ Build App (push) Waiting to run
Details 
Reviewed-on: #31
 2024-08-04 15:36:58 +02:00
vbrandl
186d6423d2 Merge pull request 'chore(deps): update dependency @sveltejs/kit to v2.5.20' (#30) from renovate/sveltejs-kit-2.x-lockfile into main
Some checks are pending
/ Build App (push) Waiting to run
Details 
Reviewed-on: #30
 2024-08-04 15:36:03 +02:00
Renovate Bot
9b7cd22d31 chore(deps): update dependency @sveltejs/kit to v2.5.20
All checks were successful
/ Build App (pull_request) Successful in 55s
Details
2024-08-02 19:01:42 +00:00
Renovate Bot
4e7c757e71 chore(deps): update dependency @types/node to v20.14.14
All checks were successful
/ Build App (pull_request) Successful in 1m4s
Details
2024-08-02 10:01:55 +00:00
Renovate Bot
c7ce50b334 chore(deps): update dependency globals to v15.9.0
All checks were successful
/ Build App (pull_request) Successful in 57s
Details
2024-08-01 13:01:42 +00:00
vbrandl
518041ce4e Merge pull request 'chore(deps): lock file maintenance' (#29) from renovate/lock-file-maintenance into main
All checks were successful
/ Build App (push) Successful in 1m3s
Details 
Reviewed-on: #29
 2024-08-01 11:13:50 +02:00
Renovate Bot
2ca056059d chore(deps): lock file maintenance
All checks were successful
/ Build App (pull_request) Successful in 55s
Details
2024-08-01 09:08:49 +00:00
vbrandl
66e2cce28d Merge pull request 'chore(deps): update dependency vitest to v2.0.5' (#27) from renovate/vitest-monorepo into main
All checks were successful
/ Build App (push) Successful in 48s
Details 
Reviewed-on: #27
 2024-08-01 11:07:11 +02:00
Renovate Bot
deb3382023 chore(deps): update dependency vitest to v2.0.5
All checks were successful
/ Build App (pull_request) Successful in 50s
Details
2024-08-01 11:06:07 +02:00
vbrandl
667eaabd58 Merge pull request 'chore(deps): update dependency typescript-eslint to v8.0.0' (#28) from renovate/typescript-eslint-monorepo into main
All checks were successful
/ Build App (push) Successful in 51s
Details 
Reviewed-on: #28
 2024-08-01 11:05:54 +02:00
Renovate Bot
13c958db03 chore(deps): update dependency typescript-eslint to v8.0.0
All checks were successful
/ Build App (pull_request) Successful in 57s
Details
2024-07-31 19:01:18 +00:00
vbrandl
36a297837d chore(deps): update dependency svelte-check to v3.8.5 (#25)
All checks were successful
/ Build App (push) Successful in 1m1s
Details
2024-07-31 00:05:07 +02:00
vbrandl
07fcf86fef chore(deps): update dependency typescript-eslint to v8.0.0-alpha.60 (#26)
Some checks are pending
/ Build App (push) Waiting to run
Details
2024-07-31 00:03:41 +02:00
Renovate Bot
ce25ef7ec1 chore(deps): update dependency typescript-eslint to v8.0.0-alpha.60
All checks were successful
/ Build App (pull_request) Successful in 1m52s
Details
2024-07-30 22:01:52 +00:00
Renovate Bot
84e8d3b2bd chore(deps): update dependency svelte-check to v3.8.5
All checks were successful
/ Build App (pull_request) Successful in 52s
Details
2024-07-30 19:01:06 +00:00
Valentin Brandl
9c8459c3e1 CI step naming
All checks were successful
/ Build App (push) Successful in 1m1s
Details
2024-07-30 19:24:58 +02:00
19 changed files with 595 additions and 257 deletions
Expand all files Collapse all files

24
.gitea/workflows/lints.yml Normal file
View File

@ -0,0 +1,24 @@
on:
workflow_call:
push:
branches:
- main
pull_request:
schedule:
- cron: '0 0 * * *'
jobs:
shellcheck:
name: Misc Linters
runs-on: ubuntu-latest
steps:
- name: Checkout sources
uses: https://gitea.com/actions/checkout@v4
- name: Lint shellscripts
uses: ludeeus/action-shellcheck@master
- name: Lint Dockerfile
uses: hadolint/hadolint-action@v3.1.0
with:
dockerfile: ./Containerfile

5
.gitea/workflows/publish.yml
View File

@ -6,6 +6,9 @@ on:
- 'v*' - 'v*'
jobs: jobs:
lints:
uses: ./.gitea/workflows/lints.yml
tests: tests:
uses: ./.gitea/workflows/node.yml uses: ./.gitea/workflows/node.yml
@ -21,7 +24,7 @@ jobs:
- name: Checkout sources - name: Checkout sources
uses: actions/checkout@v4 uses: actions/checkout@v4
- name: Login to DockerHub - name: Login to Container Registry
uses: docker/login-action@v3 uses: docker/login-action@v3
with: with:
registry: https://git.vbrandl.net registry: https://git.vbrandl.net

2
.prettierrc
View File

@ -1,7 +1,7 @@
{ {
"useTabs": true, "useTabs": true,
"singleQuote": true, "singleQuote": true,
"trailingComma": "none", "trailingComma": "es5",
"printWidth": 100, "printWidth": 100,
"plugins": ["prettier-plugin-svelte"], "plugins": ["prettier-plugin-svelte"],
"overrides": [{ "files": "*.svelte", "options": { "parser": "svelte" } }] "overrides": [{ "files": "*.svelte", "options": { "parser": "svelte" } }]

11
Containerfile
View File

@ -1,4 +1,4 @@
FROM node:21-alpine AS builder FROM node:22-alpine AS builder
WORKDIR /app WORKDIR /app
COPY package.json package-lock.json ./ COPY package.json package-lock.json ./
@ -7,9 +7,12 @@ RUN npm ci
COPY . . COPY . .
RUN npm run build RUN npm run build
FROM node:21-alpine FROM node:22-alpine
USER node:node
WORKDIR /app WORKDIR /app
RUN chown -R node:node /app
USER node:node
COPY ./container/entrypoint.sh /entrypoint.sh
COPY package.json . COPY package.json .
COPY --from=builder /app/node_modules ./node_modules
COPY --from=builder /app/build ./build COPY --from=builder /app/build ./build
CMD ["node", "./build/index.js"] ENTRYPOINT ["sh", "/entrypoint.sh"]

12
container/entrypoint.sh Executable file
View File

@ -0,0 +1,12 @@
#!/usr/bin/env sh
set -e
export STORAGE_PATH="${STORAGE_PATH:-./uploads}"
entrypoint() {
mkdir -p "${STORAGE_PATH}"
node ./build/index.js
}
entrypoint

16
eslint.config.js
View File

@ -15,19 +15,19 @@ export default [
languageOptions: { languageOptions: {
globals: { globals: {
...globals.browser, ...globals.browser,
...globals.node ...globals.node,
} },
} },
}, },
{ {
files: ['**/*.svelte'], files: ['**/*.svelte'],
languageOptions: { languageOptions: {
parserOptions: { parserOptions: {
parser: ts.parser parser: ts.parser,
} },
} },
}, },
{ {
ignores: ['build/', '.svelte-kit/', 'dist/'] ignores: ['build/', '.svelte-kit/', 'dist/'],
} },
]; ];

6
flake.lock generated
View File

@ -20,11 +20,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1720957393, "lastModified": 1723637854,
"narHash": "sha256-oedh2RwpjEa+TNxhg5Je9Ch6d3W1NKi7DbRO1ziHemA=", "narHash": "sha256-med8+5DSWa2UnOqtdICndjDAEjxr5D7zaIiK4pn0Q7c=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "693bc46d169f5af9c992095736e82c3488bf7dbb", "rev": "c3aa7b8938b17aebd2deecf7be0636000d62a2b9",
"type": "github" "type": "github"
}, },
"original": { "original": {

595
package-lock.json generated
View File

File diff suppressed because it is too large Load Diff

8
package.json
View File

@ -1,6 +1,6 @@
{ {
"name": "fotochallenge", "name": "fotochallenge",
"version": "0.0.1", "version": "0.0.6",
"private": true, "private": true,
"scripts": { "scripts": {
"dev": "vite dev", "dev": "vite dev",
@ -17,8 +17,10 @@
"@sveltejs/adapter-node": "^5.2.0", "@sveltejs/adapter-node": "^5.2.0",
"@sveltejs/kit": "^2.0.0", "@sveltejs/kit": "^2.0.0",
"@sveltejs/vite-plugin-svelte": "^3.0.0", "@sveltejs/vite-plugin-svelte": "^3.0.0",
"@types/bunyan": "^1.8.11",
"@types/eslint": "^9.0.0", "@types/eslint": "^9.0.0",
"@types/node": "^20.14.11", "@types/node": "^20.14.11",
"@types/uuid": "^10.0.0",
"bulma": "^1.0.1", "bulma": "^1.0.1",
"eslint": "^9.0.0", "eslint": "^9.0.0",
"eslint-config-prettier": "^9.1.0", "eslint-config-prettier": "^9.1.0",
@ -39,5 +41,9 @@
"type": "module", "type": "module",
"engines": { "engines": {
"node": ">20" "node": ">20"
},
"dependencies": {
"bunyan": "^1.8.15",
"uuid": "^10.0.0"
} }
} }

2
renovate.json5
View File

@ -1,4 +1,4 @@
{ {
$schema: 'https://docs.renovatebot.com/renovate-schema.json', $schema: 'https://docs.renovatebot.com/renovate-schema.json',
extends: ['local>renovate-bot/renovate-config'] extends: ['local>renovate-bot/renovate-config'],
} }

6
src/app.d.ts vendored
View File

@ -9,3 +9,9 @@ declare global {
// interface Platform {} // interface Platform {}
} }
} }
declare namespace App {
interface Locals {
requestId: string;
}
}

1
src/app.html
View File

@ -4,6 +4,7 @@
<meta charset="utf-8" /> <meta charset="utf-8" />
<link rel="icon" href="%sveltekit.assets%/favicon.png" /> <link rel="icon" href="%sveltekit.assets%/favicon.png" />
<meta name="viewport" content="width=device-width, initial-scale=1" /> <meta name="viewport" content="width=device-width, initial-scale=1" />
<title>Gabi und Hannes Fotochallenge</title>
%sveltekit.head% %sveltekit.head%
</head> </head>
<body data-sveltekit-preload-data="hover"> <body data-sveltekit-preload-data="hover">

45
src/hooks.server.ts Normal file
View File

@ -0,0 +1,45 @@
import { log, timedExecution } from '$lib';
import { validate, v7 as uuidv7 } from 'uuid';
const requestIdHeader = 'x-request-id';
/** @type {import('@sveltejs/kit').Handle} */
export async function handle({ event, resolve }) {
// use incomming requestId, if it is a valid uuid, else generate one
const reqIdFromRequest = event.request.headers.get(requestIdHeader);
const { requestId, fromRequest } =
reqIdFromRequest && validate(reqIdFromRequest)
? { requestId: reqIdFromRequest, fromRequest: true }
: { requestId: uuidv7(), fromRequest: false };
const context = {
requestId,
route: event.route.id,
method: event.request.method,
userAgent: event.request.headers.get('user-agent'),
clientIP: event.getClientAddress(),
};
if (fromRequest) {
log.trace(context, 'using incomming request-id');
}
// make requestId available to handlers
event.locals.requestId = requestId;
const { executionTime, result: response } = await timedExecution(async () => {
return await resolve(event);
});
response.headers.set(requestIdHeader, requestId);
log.info(
{
executionTime: `${executionTime}ms`,
status: response.status,
size: response.headers.get('content-length'),
...context,
},
'finished request'
);
return response;
}

28
src/index.test.ts
View File

@ -2,7 +2,31 @@ import safePath from '$lib';
import { describe, it, expect } from 'vitest'; import { describe, it, expect } from 'vitest';
describe('safe path', () => { describe('safe path', () => {
it('removes non alphanum from string', () => { it('reject names with ../', () => {
expect(safePath('../../!=-.,/abc123')).toBe('abc123'); expect(safePath('./uplodas', '../foobar')).toBe(false);
});
it('accept names with ./', () => {
expect(safePath('./uplodas', './foobar')).toBe(true);
});
it('reject names with /', () => {
expect(safePath('./uplodas', 'foo/bar')).toBe(false);
});
it('accept happy path', () => {
expect(safePath('./uplodas', 'foobar')).toBe(true);
});
it('accept names starting with `..`', () => {
expect(safePath('./uplodas', '..foobar')).toBe(true);
});
it('accept names ending with `..`', () => {
expect(safePath('./uplodas', 'foobar..')).toBe(true);
});
it('accept names starting and ending with `..`', () => {
expect(safePath('./uplodas', '..foobar..')).toBe(true);
}); });
}); });

40
src/lib/index.ts
View File

@ -1,6 +1,42 @@
// place files you want to import through the `$lib` alias in this folder. // place files you want to import through the `$lib` alias in this folder.
import path from 'path';
import bunyan from 'bunyan';
import type { MaybePromise } from '@sveltejs/kit';
const safePath = (input: string) => input.replace(/\W/g, ''); export const log = bunyan.createLogger({
export const storagePath: string = './uploads'; name: 'fotochallenge',
level: process.env.NODE_ENV === 'production' ? 'info' : 'debug',
src: true,
});
function safePath(basePath: string, name: string): boolean {
const fullPath = `${basePath}/${name}`;
const relative = path.relative(basePath, fullPath);
return (
!!relative &&
// does move out of `basePath`
!relative.startsWith(`..${path.sep}`) &&
// exactly one layer deep, e.g. no `./uplodas/foo/bar`
!relative.includes(path.sep) &&
// result is not an absolute path
!path.isAbsolute(relative)
);
}
const defaultPath: string = './uploads';
if (!('STORAGE_PATH' in process.env)) {
log.warn(`'STORAGE_PATH' environment variable is not set. Defaulting to ${defaultPath}`);
}
export const storagePath: string = process.env.STORAGE_PATH ?? defaultPath;
export default safePath; export default safePath;
export async function timedExecution<T>(
fn: () => MaybePromise<T>
): Promise<{ executionTime: number; result: T }> {
const start = process.hrtime();
const result = await fn();
const end = process.hrtime(start);
const executionTime = (end[0] * 1e6 + end[1]) / 1e6;
return { executionTime, result };
}

35
src/routes/+page.server.ts
View File

@ -1,7 +1,7 @@
import { writeFileSync, mkdirSync, existsSync } from 'fs'; import { writeFileSync, mkdirSync, existsSync } from 'fs';
import { fail } from '@sveltejs/kit'; import { fail } from '@sveltejs/kit';
import type { RequestEvent } from './$types'; import type { RequestEvent } from './$types';
import safePath, { storagePath } from '$lib'; import safePath, { storagePath, log } from '$lib';
import { hash } from 'crypto'; import { hash } from 'crypto';
import path from 'path'; import path from 'path';
@ -12,29 +12,44 @@ const mkdirIfNotExists = (path: string) => {
}; };
export const actions = { export const actions = {
default: async ({ request }: RequestEvent) => { default: async ({ request, locals }: RequestEvent) => {
let context: { [key: string]: string | string[] } = { requestId: locals.requestId };
const data = await request.formData(); const data = await request.formData();
const formFiles = data.getAll('files'); const formFiles = data.getAll('files');
if (!formFiles) { if (!formFiles) {
log.debug(context, 'missing files');
return fail(400, { field: 'files', files: formFiles, missing: true }); return fail(400, { field: 'files', files: formFiles, missing: true });
} else if (!(formFiles as File[])) { } else if (!(formFiles as File[])) {
log.debug(context, 'invalid files');
return fail(400, { field: 'files', files: formFiles, incorrect: true }); return fail(400, { field: 'files', files: formFiles, incorrect: true });
} }
const files = formFiles as File[]; const files = formFiles as File[];
console.log(files); const fileNames = files.map((file) => file.name);
context = { fileNames, ...context };
if (files.length === 0) { if (files.length === 0) {
log.debug(context, 'empty files');
return fail(400, { field: 'files', files: formFiles, empty: true }); return fail(400, { field: 'files', files: formFiles, empty: true });
} }
const formName = data.get('name'); const formName = data.get('name');
if (!formName) { if (!formName) {
log.debug(context, 'missing name');
return fail(400, { field: 'name', name: formName, missing: true }); return fail(400, { field: 'name', name: formName, missing: true });
} else if (!(formName as string)) { } else if (!(formName as string)) {
log.debug(context, 'invalid name');
return fail(400, { field: 'name', name: formName, incorrect: true }); return fail(400, { field: 'name', name: formName, incorrect: true });
} }
const name = safePath(formName as string); const name = formName as string;
context = { name, ...context };
if (!safePath(storagePath, name)) {
log.warn(context, 'Supplied name would cause dir traversal. Rejecting...');
return fail(400, { field: 'name', name: name, incorrect: true });
}
log.info(context, 'Uploading files');
files.forEach(async (file) => { files.forEach(async (file) => {
const outPath = `${storagePath}/${name}`; const outPath = `${storagePath}/${name}`;
@ -42,17 +57,19 @@ export const actions = {
const ext = path.extname(file.name); const ext = path.extname(file.name);
mkdirIfNotExists(outPath); mkdirIfNotExists(outPath);
const filename = hash('sha1', content); const filename = `${hash('sha1', content)}${ext}`;
const fullPath = `${outPath}/${filename}${ext}`; const fullPath = `${outPath}/${filename}`;
context = { file: fullPath, ...context };
if (existsSync(fullPath)) { if (existsSync(fullPath)) {
console.warn(`${fullPath} has already been uploaded. Skipping...`); log.debug(context, 'File has already been uploaded. Skipping...');
} else { } else {
log.debug(context, 'saving file');
writeFileSync(fullPath, Buffer.from(await file.arrayBuffer()), { flag: 'a+' }); writeFileSync(fullPath, Buffer.from(await file.arrayBuffer()), { flag: 'a+' });
} }
}); });
return { return {
success: true success: true,
}; };
} },
}; };

2
src/routes/+page.svelte
View File

@ -13,7 +13,7 @@
const siPrefixes = new Map([ const siPrefixes = new Map([
[1_000_000, 'M'], [1_000_000, 'M'],
[1_000, 'k'] [1_000, 'k'],
]); ]);
const fileSize = (files: FileList) => { const fileSize = (files: FileList) => {
const size = Array.from(files) const size = Array.from(files)

4
svelte.config.js
View File

@ -11,8 +11,8 @@ const config = {
// adapter-auto only supports some environments, see https://kit.svelte.dev/docs/adapter-auto for a list. // adapter-auto only supports some environments, see https://kit.svelte.dev/docs/adapter-auto for a list.
// If your environment is not supported, or you settled on a specific environment, switch out the adapter. // If your environment is not supported, or you settled on a specific environment, switch out the adapter.
// See https://kit.svelte.dev/docs/adapters for more information about adapters. // See https://kit.svelte.dev/docs/adapters for more information about adapters.
adapter: adapter() adapter: adapter(),
} },
}; };
export default config; export default config;

10
vite.config.ts
View File

@ -5,14 +5,14 @@ export default defineConfig({
plugins: [sveltekit()], plugins: [sveltekit()],
test: { test: {
include: ['src/**/*.{test,spec}.{js,ts}'] include: ['src/**/*.{test,spec}.{js,ts}'],
}, },
css: { css: {
preprocessorOptions: { preprocessorOptions: {
scss: { scss: {
additionalData: '@use "src/variables.scss" as *;' additionalData: '@use "src/variables.scss" as *;',
} },
} },
} },
}); });