From e642d4068dee73d21f9bb264cbd059eb3b6bb6ba Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Thu, 21 Mar 2024 10:25:58 +0200 Subject: [PATCH 01/10] Fix expression injection in head_branch --- .github/workflows/sonar.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index 71d74a3d..7068f253 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -39,11 +39,13 @@ jobs: fetch-depth: 0 - name: Checkout base branch if: github.event.workflow_run.event == 'pull_request' + env: + HEAD_BRANCH: ${{ github.event.workflow_run.head_branch }} run: | git remote add upstream ${{ github.event.repository.clone_url }} git fetch upstream git checkout -B ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} upstream/${{ fromJson(steps.get_pr_data.outputs.data).base.ref }} - git checkout ${{ github.event.workflow_run.head_branch }} + git checkout $HEAD_BRANCH git clean -ffdx && git reset --hard HEAD - name: SonarCloud Scan on PR if: github.event.workflow_run.event == 'pull_request' From b901e38b15f23af2c81b6bb73e50a507efc00ce7 Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Tue, 26 Mar 2024 16:57:21 +0200 Subject: [PATCH 02/10] Test 0584e287 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 55333af0..4bc7cc09 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,7 +27,7 @@ RUN /usr/bin/yarn --cwd website \ && /usr/bin/yarn --cwd website build # Main image derived from openvsx-server -FROM ghcr.io/eclipse/openvsx-server:v0.14.5 +FROM docker.io/amvanbaren/openvsx-server:0584e287 COPY --from=builder --chown=openvsx:openvsx /workdir/website/static/ BOOT-INF/classes/static/ COPY --from=builder --chown=openvsx:openvsx /workdir/configuration/ config/ From 12f4234fc988dd8051223b4f9f38cb0a6d02a083 Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Tue, 26 Mar 2024 17:22:13 +0200 Subject: [PATCH 03/10] Make run-server script executable --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 4bc7cc09..b0303333 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,7 +27,7 @@ RUN /usr/bin/yarn --cwd website \ && /usr/bin/yarn --cwd website build # Main image derived from openvsx-server -FROM docker.io/amvanbaren/openvsx-server:0584e287 +FROM docker.io/amvanbaren/openvsx-server:0584e287-1 COPY --from=builder --chown=openvsx:openvsx /workdir/website/static/ BOOT-INF/classes/static/ COPY --from=builder --chown=openvsx:openvsx /workdir/configuration/ config/ From b603774653052670ce4526d77b61a627c9e4419a Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Tue, 26 Mar 2024 23:08:20 +0200 Subject: [PATCH 04/10] Test 42e673bc --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b0303333..3b322966 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,7 +27,7 @@ RUN /usr/bin/yarn --cwd website \ && /usr/bin/yarn --cwd website build # Main image derived from openvsx-server -FROM docker.io/amvanbaren/openvsx-server:0584e287-1 +FROM docker.io/amvanbaren/openvsx-server:42e673bc COPY --from=builder --chown=openvsx:openvsx /workdir/website/static/ BOOT-INF/classes/static/ COPY --from=builder --chown=openvsx:openvsx /workdir/configuration/ config/ From bb829d68a9f5efc32f9bc6cbe3fa177b55416280 Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Wed, 27 Mar 2024 00:28:57 +0200 Subject: [PATCH 05/10] retry deploy --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3b322966..20eebf77 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,7 +26,7 @@ RUN /usr/bin/yarn --cwd website \ && /usr/bin/yarn --cwd website compile \ && /usr/bin/yarn --cwd website build -# Main image derived from openvsx-server +# Main test image derived from openvsx-server FROM docker.io/amvanbaren/openvsx-server:42e673bc COPY --from=builder --chown=openvsx:openvsx /workdir/website/static/ BOOT-INF/classes/static/ From 302105086b6c4fa16b90f416dc4713067c621cd9 Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Wed, 27 Mar 2024 10:28:44 +0200 Subject: [PATCH 06/10] Test e03c8c50 --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 20eebf77..8c0e61b4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,8 +26,8 @@ RUN /usr/bin/yarn --cwd website \ && /usr/bin/yarn --cwd website compile \ && /usr/bin/yarn --cwd website build -# Main test image derived from openvsx-server -FROM docker.io/amvanbaren/openvsx-server:42e673bc +# Main image derived from openvsx-server +FROM docker.io/amvanbaren/openvsx-server:e03c8c50 COPY --from=builder --chown=openvsx:openvsx /workdir/website/static/ BOOT-INF/classes/static/ COPY --from=builder --chown=openvsx:openvsx /workdir/configuration/ config/ From 70d8643a3428e430b95bcd056718f45e179e3473 Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Wed, 27 Mar 2024 10:42:10 +0200 Subject: [PATCH 07/10] Retry deploy --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 8c0e61b4..bc7faf83 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,7 +26,7 @@ RUN /usr/bin/yarn --cwd website \ && /usr/bin/yarn --cwd website compile \ && /usr/bin/yarn --cwd website build -# Main image derived from openvsx-server +# Main test image derived from openvsx-server FROM docker.io/amvanbaren/openvsx-server:e03c8c50 COPY --from=builder --chown=openvsx:openvsx /workdir/website/static/ BOOT-INF/classes/static/ From a951fde2291c81e6adee5c0c4810879b351efae7 Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Wed, 27 Mar 2024 13:12:30 +0200 Subject: [PATCH 08/10] Test current release --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index bc7faf83..eef8f315 100644 --- a/Dockerfile +++ b/Dockerfile @@ -27,7 +27,7 @@ RUN /usr/bin/yarn --cwd website \ && /usr/bin/yarn --cwd website build # Main test image derived from openvsx-server -FROM docker.io/amvanbaren/openvsx-server:e03c8c50 +FROM ghcr.io/eclipse/openvsx-server:v0.14.5 COPY --from=builder --chown=openvsx:openvsx /workdir/website/static/ BOOT-INF/classes/static/ COPY --from=builder --chown=openvsx:openvsx /workdir/configuration/ config/ From 173d6a6ea5c7fcf3dd5770d4e95667ba13d1b293 Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Thu, 28 Mar 2024 09:35:14 +0200 Subject: [PATCH 09/10] Test fcac1cf --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index eef8f315..fc4fd95f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,8 +26,8 @@ RUN /usr/bin/yarn --cwd website \ && /usr/bin/yarn --cwd website compile \ && /usr/bin/yarn --cwd website build -# Main test image derived from openvsx-server -FROM ghcr.io/eclipse/openvsx-server:v0.14.5 +# Main image derived from openvsx-server +FROM ghcr.io/eclipse/openvsx-server:fcac1cf COPY --from=builder --chown=openvsx:openvsx /workdir/website/static/ BOOT-INF/classes/static/ COPY --from=builder --chown=openvsx:openvsx /workdir/configuration/ config/ From c5d789952b4b7f956387afdb40e0bdcf9e97c72e Mon Sep 17 00:00:00 2001 From: amvanbaren Date: Thu, 28 Mar 2024 10:50:18 +0200 Subject: [PATCH 10/10] Release v0.14.6 --- Dockerfile | 4 ++-- website/package.json | 2 +- website/yarn.lock | 20 +++++++++++++++----- 3 files changed, 18 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index fc4fd95f..a66a4478 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,7 +19,7 @@ RUN corepack enable RUN corepack prepare yarn@stable --activate # bump to update website -ENV WEBSITE_VERSION 0.11.3 +ENV WEBSITE_VERSION 0.11.4 COPY . /workdir RUN /usr/bin/yarn --cwd website \ @@ -27,7 +27,7 @@ RUN /usr/bin/yarn --cwd website \ && /usr/bin/yarn --cwd website build # Main image derived from openvsx-server -FROM ghcr.io/eclipse/openvsx-server:fcac1cf +FROM ghcr.io/eclipse/openvsx-server:v0.14.6 COPY --from=builder --chown=openvsx:openvsx /workdir/website/static/ BOOT-INF/classes/static/ COPY --from=builder --chown=openvsx:openvsx /workdir/configuration/ config/ diff --git a/website/package.json b/website/package.json index f18e5f4c..8f33d965 100644 --- a/website/package.json +++ b/website/package.json @@ -6,7 +6,7 @@ "repository": "https://github.com/eclipse/open-vsx.org", "license": "EPL-2.0", "dependencies": { - "openvsx-webui": "0.11.3" + "openvsx-webui": "0.11.4" }, "peerDependencies": { "@babel/core": "^7.0.0" diff --git a/website/yarn.lock b/website/yarn.lock index 3b371b35..b8c2a456 100644 --- a/website/yarn.lock +++ b/website/yarn.lock @@ -1634,6 +1634,15 @@ __metadata: languageName: node linkType: hard +"express-rate-limit@npm:^7.2.0": + version: 7.2.0 + resolution: "express-rate-limit@npm:7.2.0" + peerDependencies: + express: 4 || 5 || ^5.0.0-beta.1 + checksum: 1cd33daeeeb3428f8990718512e8c803ca3406d1e99cbc38bcda12056a42ea51319a7bbc357bdc02d79b7f2b508c743895e8805118115cc637e180eb420e643f + languageName: node + linkType: hard + "express@npm:^4.18.2": version: 4.18.2 resolution: "express@npm:4.18.2" @@ -2281,7 +2290,7 @@ __metadata: "@types/react-router-dom": "npm:^5.3.3" css-loader: "npm:^6.8.1" express: "npm:^4.18.2" - openvsx-webui: "npm:0.11.3" + openvsx-webui: "npm:0.11.4" source-map-loader: "npm:^4.0.1" style-loader: "npm:^3.3.3" typescript: "npm:~5.1.6" @@ -2302,9 +2311,9 @@ __metadata: languageName: node linkType: hard -"openvsx-webui@npm:0.11.3": - version: 0.11.3 - resolution: "openvsx-webui@npm:0.11.3" +"openvsx-webui@npm:0.11.4": + version: 0.11.4 + resolution: "openvsx-webui@npm:0.11.4" dependencies: "@emotion/react": "npm:^11.11.1" "@emotion/styled": "npm:^11.11.0" @@ -2314,6 +2323,7 @@ __metadata: clipboard-copy: "npm:^4.0.1" clsx: "npm:^1.2.1" dompurify: "npm:^3.0.4" + express-rate-limit: "npm:^7.2.0" fetch-retry: "npm:^5.0.6" lodash: "npm:^4.17.21" markdown-it: "npm:^13.0.1" @@ -2330,7 +2340,7 @@ __metadata: react-router-dom: "npm:^6.14.1" peerDependencies: "@babel/core": ^7.0.0 - checksum: a9722040fbd8eea6063820e46424554def1680c0d4c0c2de2653ce09a110214b1ba5971d4e912070da0ae5a6c8b33c568fc4d4126f839309285410acedc0f73e + checksum: 8c93d9c162979c35fedc8fb9b7cec04fd4d6168d3456f10e83b1dbd741913032b0ffcf6b9098555e6f18dc3d9f710bd5c7128bfeee20ad1869f749794cd0025b languageName: node linkType: hard