jschan/package.json

{
  "name": "jschan",
  "version": "0.1.3",
  "migrateVersion": "0.1.3",
  "description": "",
  "main": "server.js",
  "dependencies": {
    "@fatchan/gulp-pug": "^4.0.1",
    "bcrypt": "^5.0.1",
    "bull": "^3.22.0",
    "cache-pug-templates": "^2.0.3",
    "connect-redis": "^5.1.0",
    "cookie-parser": "^1.4.5",
    "csurf": "^1.11.0",
    "del": "^6.0.0",
    "dnsbl": "^3.2.0",
    "express": "^4.17.1",
    "express-fileupload": "git+https://gitgud.io/fatchan/express-fileupload.git#b2c0d9c0868fed3b4bbd5c0318cb162ee81146b4",
    "express-session": "^1.17.0",
    "file-type": "^15.0.1",
    "fluent-ffmpeg": "^2.1.2",
    "fs": "0.0.1-security",
    "fs-extra": "^9.1.0",
    "gm": "git+https://gitgud.io/fatchan/gm.git",
    "gulp": "^4.0.2",
    "gulp-clean-css": "^4.3.0",
    "gulp-concat": "^2.6.1",
    "gulp-less": "^4.0.1",
    "gulp-replace": "^1.0.0",
    "gulp-uglify-es": "^2.0.0",
    "highlight.js": "^10.7.2",
    "i18n-iso-countries": "^6.6.0",
    "iconv-lite": "^0.6.2",
    "imghash": "0.0.8",
    "ioredis": "^4.25.0",
    "ip6addr": "^0.2.3",
    "mongodb": "^3.6.5",
    "node-fetch": "^2.6.1",
    "node-image-hash": "^1.0.7",
    "path": "^0.12.7",
    "pm2": "^4.5.6",
    "pug": "^3.0.2",
    "redlock": "^4.1.0",
    "sanitize-html": "^2.3.3",
    "saslprep": "^1.0.3",
    "semver": "^7.3.5",
    "socket.io": "^4.0.1",
    "socket.io-redis": "^6.1.0",
    "socks-proxy-agent": "^5.0.0",
    "unix-crypt-td-js": "^1.1.4"
  },
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1",
    "setup": "npm i -g pm2 gulp && gulp",
    "start": "pm2 start ecosystem.config.js --env production",
    "start-dev": "pm2 start ecosystem.config.js --env development"
  },
  "author": "fatchan",
  "license": "AGPL-3.0-only"
}
First commit 5 years ago			`{`
remove bcrypt and change name 5 years ago			`"name": "jschan",`
id script optimizations based on some js profiling and code cleanup, page load speed improvement 3 years ago			`"version": "0.1.3",`
close #348 3 years ago			`"migrateVersion": "0.1.3",`
First commit 5 years ago			`"description": "",`
			`"main": "server.js",`
			`"dependencies": {`
start on adding custom banners models and controllers arent done, things wont work yet. added a migration and updated the template.js with some new needed values, changed "banners" in manage to "assets" since it will hold both now refactor the banners file form into a mixin since its basically repeated for flags, and make it a tad more customisable 3 years ago			`"@fatchan/gulp-pug": "^4.0.1",`
publish scoped gulp-pug package to use gulp 3, 3.0.2 to fix vuln that this POS outdated package wont update 3 years ago			`"bcrypt": "^5.0.1",`
npm update && npm audit fix 3 years ago			`"bull": "^3.22.0",`
update deps 4 years ago			`"cache-pug-templates": "^2.0.3",`
update package.json 3 years ago			`"connect-redis": "^5.1.0",`
update deps 4 years ago			`"cookie-parser": "^1.4.5",`
update dependencies 4 years ago			`"csurf": "^1.11.0",`
update some deps 4 years ago			`"del": "^6.0.0",`
dnsbl 4 years ago			`"dnsbl": "^3.2.0",`
update deps 5 years ago			`"express": "^4.17.1",`
i hate life 3 years ago			`"express-fileupload": "git+https://gitgud.io/fatchan/express-fileupload.git#b2c0d9c0868fed3b4bbd5c0318cb162ee81146b4",`
try use referrer after actions to go back to correct page 5 years ago			`"express-session": "^1.17.0",`
update deps 4 years ago			`"file-type": "^15.0.1",`
early video support with thumbnailing 5 years ago			`"fluent-ffmpeg": "^2.1.2",`
First commit 5 years ago			`"fs": "0.0.1-security",`
npm update 3 years ago			`"fs-extra": "^9.1.0",`
switch to getting packages from gitgud.io 4 years ago			`"gm": "git+https://gitgud.io/fatchan/gm.git",`
pm2 and gulp to regular deps 5 years ago			`"gulp": "^4.0.2",`
update deps 4 years ago			`"gulp-clean-css": "^4.3.0",`
pm2 and gulp to regular deps 5 years ago			`"gulp-concat": "^2.6.1",`
			`"gulp-less": "^4.0.1",`
dont duplicate codethemes, improve gulpfile and theme helper now only css files are listed as themes, othe extensions are copied to /file and gulp-replace is used to prepend /file/ to all the url( paths in the codethemes 3 years ago			`"gulp-replace": "^1.0.0",`
Bump gulp-uglify-es from 1.0.4 to 2.0.0 (#62) Bumps [gulp-uglify-es](https://gitlab.com/itayronen/gulp-uglify-es) from 1.0.4 to 2.0.0. - [Release notes](https://gitlab.com/itayronen/gulp-uglify-es/tags) - [Changelog](https://gitlab.com/itayronen/gulp-uglify-es/blob/master/CHANGELOG.md) - [Commits](https://gitlab.com/itayronen/gulp-uglify-es/commits/master) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> 5 years ago			`"gulp-uglify-es": "^2.0.0",`
npm update && npm audit fix 3 years ago			`"highlight.js": "^10.7.2",`
			`"i18n-iso-countries": "^6.6.0",`
Insecure tripcodes reference #282 4 years ago			`"iconv-lite": "^0.6.2",`
test only, blockhash option 4 years ago			`"imghash": "0.0.8",`
npm update && npm audit fix 3 years ago			`"ioredis": "^4.25.0",`
normalize IP addresses Currently jschan takes the IP address as a string from the `X-Real-Ip` header, which based on the frontend proxy configuration, OS settings, etc. can take various forms: IPv4 addresses can be given in normal IPv4 dotted notation (e.g. `1.2.3.4`) or as an IPv4-mapped IPv6 address (e.g. `::ffff:1.2.3.4`). The problem is, that in the latter case, node's `isIP` will report 6, so the code will try to split it along colons, breaking hrange and qrange. With IPv6 addresses, it's possible to elide runs of zeroes, so `::1` and `0:0:0:0:0:0:0:1` (and also `0000:0000:0000:0000:0000:0000:0000:0001`) represents the same address. Since it's pretty easy to get a /64 IPv6 block, a spammer can abuse it, by spamming from `a:b:c:d::1` (`qrange=a:b:c:d`, `hrange=a:b:c`), then from `a:b:c:d::1:1` (`qrange=a:b:c:d:`, `hrange=a:b:c`), `a:b:c:d::1:1:1` (`qrange=a:b:c:d::1`, `hrange=a:b:c:d`) and `a:b:c:d:1:1:1:1` (`qrange=a:b:c:d:1:1`, `hrange=a:b:c:d`). He practically got two hranges and qrange is pretty much pointless for IPv6 addresses. This change uses the `ip6addr` package to parse IP addresses and convert it to some canonical form. This means: * IPv4 and IPv4-mapped IPv6 addresses are converted to normal IPv4 notation. * Zero are not elided in IPv6 (so you'll never see `::`). * IPv6 addresses are not zero padded (so `..:1` instead of `..:0001`). * Even though it's not documented, it seems like `ip6addr` always generates lower-case letters. This will unfortunately mean that some IP hashes may change after the update. Normal IPv4 hashes will most probably remain the same though. 4 years ago			`"ip6addr": "^0.2.3",`
npm update && npm audit fix 3 years ago			`"mongodb": "^3.6.5",`
Update node-fetch dependency for security advisory https://npmjs.com/advisories/1556 4 years ago			`"node-fetch": "^2.6.1",`
test only, blockhash option 4 years ago			`"node-image-hash": "^1.0.7",`
First commit 5 years ago			`"path": "^0.12.7",`
npm audit fix again 3 years ago			`"pm2": "^4.5.6",`
publish scoped gulp-pug package to use gulp 3, 3.0.2 to fix vuln that this POS outdated package wont update 3 years ago			`"pug": "^3.0.2",`
try use referrer after actions to go back to correct page 5 years ago			`"redlock": "^4.1.0",`
npm update && npm audit fix 3 years ago			`"sanitize-html": "^2.3.3",`
socket.io to make posting _actually_ live instead of polling the api. way mroe efficient 5 years ago			`"saslprep": "^1.0.3",`
npm update && npm audit fix 3 years ago			`"semver": "^7.3.5",`
socket.io, redis adapter, client and gulpfile update 3 years ago			`"socket.io": "^4.0.1",`
			`"socket.io-redis": "^6.1.0",`
Insecure tripcodes reference #282 4 years ago			`"socks-proxy-agent": "^5.0.0",`
			`"unix-crypt-td-js": "^1.1.4"`
First commit 5 years ago			`},`
			`"scripts": {`
			`"test": "echo \"Error: no test specified\" && exit 1",`
no more lmx. since we have redis, use it for redlock and connect-redis for sessions instead of mongo 5 years ago			`"setup": "npm i -g pm2 gulp && gulp",`
some changes to make it at least _possible_ to run in dev without https 5 years ago			`"start": "pm2 start ecosystem.config.js --env production",`
			`"start-dev": "pm2 start ecosystem.config.js --env development"`
First commit 5 years ago			`},`
various minor changes and improve forms script for future use 5 years ago			`"author": "fatchan",`
in case of FSF autism: -or-later -> -only 3 years ago			`"license": "AGPL-3.0-only"`
First commit 5 years ago			`}`