The core from mogland

Add RSS subscription for friends link

It can return article and url

Fix code scanning alert - Information exposure through a stack trace

Tracking issue for:

https://github.com/wibus-wee/GS-server/security/code-scanning/1

[Feature] Template Engine Render

问题

请求Profile接口时遇到不存在的用户时，返回的报错更像是程序运行错误的表现

示例

{
    "status": 500,
    "message": "Cannot destructure property 'password' of '_a' as it is undefined.",
    "error": "Cannot destructure property 'password' of '_a' as it is undefined.",
    "url": "/api/v1/profile?user=master1"
}

虽然Filter已将报错过滤，但是Status 500更多是发出服务器问题

[Performance] 模板引擎选择启动

根据参数的设置，选择是否启动模板引擎

防止带来不必要的启动，则是没有必要的，甚至加了性能损耗

[Feature] 后端支持 MongoDB

虽然 TypeORM 支持 MongoDB

但是还是要用 Mongoose & Typegoose，TypeORM 属实有点难用的

目前的导入配置demo

{
  "site": {
    "name": "Site Name",
    "keyword": [
      "keyword1",
      "keyword2"
    ],
    "description": "Site Description"
  },
  "master": {
    "name": "master name",
    "username": "master username",
    "mail": "master mail",
    "avatar": "master avatar",
    "url": "master url"
  },
  "categories": [
    {
      "name": "category1 name",
      "slug": "category1 slug"
    },
    {
      "name": "category2 name",
      "slug": "category2 slug"
    }
  ],
  "posts": [
    {
      "title": "post1 title",
      "slug": "post1 slug",
      "text": "post1 text",
      "summary": "post1 summary",
      "allowComment": true,
      "modified": "2015-01-01T00:00:00.000Z",
      "created": "2015-01-01T00:00:00.000Z",
      "copyright": true,
      "view": {
        "like": 0,
        "read": 0
      },
      "pin": "Date",
      "pinOrder": 0,
      "tags": [
        "tag1",
        "tag2"
      ],
      "category": "category1 slug"
    }
  ],
  "pages": [
    {
      "title": "page1 title",
      "subtitle": "page1 subtitle",
      "slug": "page1 slug",
      "text": "page1 text",
      "summary": "page1 summary",
      "order": 0,
      "allowComment": true,
      "modified": "2015-01-01T00:00:00.000Z",
      "created": "2015-01-01T00:00:00.000Z"
    }
  ],
  "comments": [
    {
      "ref_type": "Post",
      "ref": "post1 slug",
      "author": "comment author",
      "email": "comment email",
      "text": "comment text",
      "urls": "comment author urls",
      "status": 0,
      "ip": "comment ip",
      "agent": "comment agent",
      "key": "#1",
      "created": "2015-01-01T00:00:00.000Z",
      "children": [
        {
          "ref_type": "Post",
          "ref": "post1 slug",
          "author": "comment author",
          "email": "comment email",
          "text": "comment text",
          "urls": "comment author urls",
          "status": 0,
          "ip": "comment ip",
          "agent": "comment agent",
          "key": "#1",
          "created": "2015-01-01T00:00:00.000Z",
          "children": [
            {}
          ]
        }
      ]
    }
  ]
}

[Feature] Koishi Plugins for GoldenSpace

New Feat: Links Check

后端检测会有什么cors

如果使用后端来检测友链的话，非常完美地避开了CORS的干扰。因为不存在CORS的问题

Practical problem: The user database is missing initialization

In practice, the initial initialization module is missing. You need to add an init Module for initialization and provide a place for visual operations, such as gs-admin

Dependency Dashboard

This issue lists Renovate updates and detected dependencies. Read the Dependency Dashboard docs to learn more.

Rate-Limited

These updates are currently rate-limited. Click on a checkbox below to force their creation now.

Open

These updates have all been created already. Click a checkbox below to force a retry/rebase of any.

Detected dependencies

docker-compose

docker-compose.yml

dockerfile

Dockerfile

node 20-alpine

node 20-alpine

github-actions

.github/workflows/build.yml

actions/checkout v3

actions/setup-node v3

actions/cache v3

pnpm/action-setup v2.4.0

actions/upload-artifact v3

actions/download-artifact v3

supercharge/mongodb-github-action v1.10.0

supercharge/redis-github-action 1.6.0

.github/workflows/codeql-analysis.yml

actions/checkout v3

github/codeql-action v2

github/codeql-action v2

github/codeql-action v2

.github/workflows/docker.yml

actions/checkout v3

docker/metadata-action v4

docker/setup-qemu-action v2

docker/setup-buildx-action v2

docker/login-action v2

docker/build-push-action v4

docker/build-push-action v4

.github/workflows/lint.yml

actions/checkout v3

pnpm/action-setup v2.4.0

actions/setup-node v3

.github/workflows/pull.yml

actions/checkout v3

actions/setup-node v3

actions/cache v3

pnpm/action-setup v2.4.0

supercharge/mongodb-github-action v1.10.0

supercharge/redis-github-action 1.6.0

actions/checkout v3

actions/setup-node v3

actions/cache v3

pnpm/action-setup v2.4.0

actions/upload-artifact v3

actions/download-artifact v3

supercharge/mongodb-github-action v1.10.0

supercharge/redis-github-action 1.6.0

.github/workflows/release.yml

actions/checkout v3

actions/setup-node v3

supercharge/mongodb-github-action v1.10.0

supercharge/redis-github-action 1.6.0

actions/cache v3

pnpm/action-setup v2.4.0

bruceadams/get-release v1.3.2

actions/upload-release-asset v1

actions/checkout v3

actions/cache v3

pnpm/action-setup v2.4.0

bruceadams/get-release v1.3.2

actions/upload-release-asset v1

npm

package.json

@fastify/multipart 7.7.3

@fastify/static 6.10.2

@nestjs/cache-manager 2.1.0

@nestjs/common 10.2.4

@nestjs/core 10.2.4

@nestjs/event-emitter 2.0.2

@nestjs/microservices 10.2.4

@nestjs/platform-fastify 10.2.4

@nestjs/schedule 3.0.3

@typegoose/typegoose 11.4.1

@vercel/ncc 0.36.1

adm-zip ^0.5.10

axios 1.5.0

axios-retry 3.7.0

bcrypt 5.1.1

cache-manager-ioredis 2.1.0

class-transformer 0.5.1

class-validator 0.14.0

commander ^11.0.0

cron 2.4.3

dayjs 1.11.9

ejs ^3.1.9

jsdom ^22.1.0

jsonwebtoken 9.0.2

lodash 4.17.21

mime ^3.0.0

mime-types ^2.1.35

moment ^2.29.4

mongoose 7.5.0

mongoose-aggregate-paginate-v2 1.0.6

mongoose-lean-id 0.5.0

mongoose-lean-virtuals 0.9.1

mongoose-paginate-v2 1.7.31

node-machine-id 1.1.12

reflect-metadata 0.1.13

rimraf 5.0.1

rxjs 7.8.1

slugify 1.6.6

snakecase-keys 5.4.6

uuid ^9.0.0

zx-cjs 7.0.7-0

@innei/eslint-config-ts 0.11.1

@nestjs/cli 10.1.17

@nestjs/schematics 10.0.2

@nestjs/swagger 7.1.10

@nestjs/testing 10.2.4

@types/adm-zip ^0.5.0

@types/bcrypt 5.0.0

@types/cache-manager-ioredis 2.0.3

@types/ejs ^3.1.2

@types/js-yaml 4.0.5

@types/jsdom ^21.1.2

@types/jsonwebtoken ^9.0.2

@types/lodash 4.14.197

@types/mime ^3.0.1

@types/mime-types ^2.1.1

@types/mongoose-aggregate-paginate-v2 1.0.9

@types/node 18.17.12

@types/supertest 2.0.12

@types/uuid ^9.0.3

@typescript-eslint/eslint-plugin 6.5.0

@typescript-eslint/parser 6.5.0

concurrently 8.2.1

cross-env 7.0.3

eslint 8.48.0

eslint-config-prettier 9.0.0

eslint-plugin-prettier 5.0.0

ioredis 5.3.2

pm2 ^5.3.0

prettier 3.0.3

typescript 5.2.2

vitest ^0.34.3

webpack 5.88.2

xml2js 0.6.2

typescript 5.2.2

Check this box to trigger a request for Renovate to run again on this repository

Security vulnerability: Password field isn't encrypted

Problems

password字段没有加密且暴露

Why problems

严重影响系统安全性，在生产环境中是不允许的

[Feature] RSS Spider

使用RSS Spider，定时抓取友链网站的RSS，在前端显示友链网站的最新文章

Demo：https://www.ohyee.cc/friends

有关代码：https://github.com/OhYee/blotter/tree/master/tools/spider

代码中使用的数据库为 MongoDB，其次，GS-server从MySQL到MongoDB也应提上日程

Swagger is not working

when i was loading /api-docs, it return me a 404 status

Logs

Nest return an error:

[Nest] 7877  - 2021/10/01 上午6:12:39   ERROR [ExceptionHandler] Cannot read property 'model' of undefined

Problems

providers.ts

i know the model is in the host.providers.ts, but it has been defined, i didnt know why nest will return an error

also, just now nest return another error:

Nest can't resolve dependencies of the CAT_MODEL (?). Please make sure that

Problems

when i was use jest for code testing, it return an error:

Cannot find module 'src/core/function/ObjectDefine' from 'host/host.controller.ts'
Require stack:
      host/host.controller.ts
      host/host.controller.spec.ts

      1 | import { Controller, Get, HttpCode } from '@nestjs/common';
    > 2 | import objAdd from 'src/core/function/ObjectDefine';
        | ^
      3 | import { Host } from 'src/core/schemas/host.schema';
      4 | import { HostService } from 'src/core/services/host.service';
      5 |

the source code is currect, like this:

Refactoring plan: Convert TypeORM to MikroORM

Due to MySQL's shortcomings, it does not support array data, and it is complicated to model data.

Using mongodb makes overall modeling easier and more efficient, and it is faster to pull data out than MySQL.

It is recommended to complete this refactoring plan prior to release if possible

Cors invalid: *

当 CORS_SERVER 不设置时，按照程序的意思是 * 的，但是由于其中使用了RegExp，导致出现 SyntaxError

Performance: isDev

有部分功能并没有使用到isDev方法，甚至有的地方出现了直接console.log的代码，在生产环境中并不应该使用直接输出到控制台的代码（吧）？

Bug: Swagger has a Bug

When I use 'pnpm start', I find that Swagger cannot debug the interface normally, and there is no text box to input authorize token, which will affect the developers or the trial-and-error link

The middleware filters the crawler PHP broiler scanning path, records the access history, and captures the anomalies in the request processing process. If any of the links throws exceptions, it will return errors, and verifies the request data, filters unknown data, and throws errors of illegal types

mogland / core Goto Github PK

core's People

Contributors

Stargazers

Watchers

Forkers

core's Issues

问题

示例

目前的导入配置demo

Rate-Limited

Open

Detected dependencies

Problems

Why problems

Logs

Problems

providers.ts

Problems

Recommend Projects

Recommend Topics

Recommend Org