Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
73 commits
Select commit Hold shift + click to select a range
b81a8da
Add core BBS routes and utilities, update docs
PythonSmall-Q Dec 6, 2025
76d9d04
Refactor loops and clean up unused variables in server code
PythonSmall-Q Dec 6, 2025
97b5182
Remove unused Data property from auth middleware
PythonSmall-Q Dec 6, 2025
e213145
Update server/routes/GetAnalytics.ts
PythonSmall-Q Dec 7, 2025
f29515d
Refactor API result handling and error messages
PythonSmall-Q Dec 7, 2025
a8a0557
Add rate limiting, pagination, and refactor DB utils
PythonSmall-Q Dec 8, 2025
f23ead1
Optimize post fetching and improve auth/session logic
PythonSmall-Q Dec 8, 2025
9a1ca19
Improve CI workflow and update dependencies
PythonSmall-Q Dec 8, 2025
4af61da
Add HTML sanitization for user content
PythonSmall-Q Dec 8, 2025
44fbbe2
Improve input validation and session handling
PythonSmall-Q Dec 8, 2025
04058a7
Refactor param checking and improve image upload validation
PythonSmall-Q Dec 8, 2025
3f7df15
Fix authentication in UploadImage route
github-actions[bot] Dec 9, 2025
33cd426
Fix SQL injection risk in GetPosts.ts
github-actions[bot] Dec 10, 2025
5a2b3b2
Add dependencies
PythonSmall-Q Dec 10, 2025
ffb5146
Fix security and code quality issues (#2, #3, #4, #6)
github-actions[bot] Dec 10, 2025
e6285bf
Refactor for stricter TypeScript and improved typings
PythonSmall-Q Dec 10, 2025
b362b0c
Add Vitest config and improve test compatibility
PythonSmall-Q Dec 10, 2025
8451031
Remove unused variables and improve typings
PythonSmall-Q Dec 10, 2025
4265537
Add unit tests for server route handlers
PythonSmall-Q Dec 10, 2025
948d1b1
Add minimal DOM-like globals for test compatibility
PythonSmall-Q Dec 10, 2025
e88b8a3
Refactor test mocks and improve IP extraction in auth middleware
PythonSmall-Q Dec 10, 2025
6dceba4
Update 1.auth.ts
PythonSmall-Q Dec 10, 2025
611448b
Enhance OpenAPI spec and improve auth middleware
PythonSmall-Q Dec 10, 2025
38d5533
Add explicit type checks for event.node access
PythonSmall-Q Dec 10, 2025
26948e0
Refactor admin and silenced checks to async, add XSS sanitization
PythonSmall-Q Dec 13, 2025
6ceabbc
Refactor admin and silenced checks to async, add XSS sanitization
PythonSmall-Q Dec 13, 2025
773a25d
Refactor rich text sanitization and update imports
PythonSmall-Q Dec 13, 2025
2c07f58
Fix typo in import path for CheckParams utility
PythonSmall-Q Dec 13, 2025
afb8af8
Update Cheerio import syntax in auth utils
PythonSmall-Q Dec 13, 2025
4df58de
Typecast analytics response to Record<string, any>
PythonSmall-Q Dec 13, 2025
9d5a11d
Update Cheerio import for compatibility
PythonSmall-Q Dec 13, 2025
4256a23
Dynamically import cheerio to fix test environment issues
PythonSmall-Q Dec 13, 2025
1c712e3
Initial plan
Copilot Dec 13, 2025
711d5f7
Code review completed: Security and quality analysis
Copilot Dec 13, 2025
1a98912
Merge pull request #6 from XMOJ-Script-dev/copilot/sub-pr-4
PythonSmall-Q Dec 13, 2025
249c7c0
Initial plan
Copilot Dec 13, 2025
c822af0
Fix nitro config: Add compatibilityDate to resolve build warning
Copilot Dec 13, 2025
cac5d5f
Fix ESLint warning: Mark MAX_CACHE_ENTRIES as intentionally unused
Copilot Dec 13, 2025
fb1fbb6
Merge pull request #7 from XMOJ-Script-dev/copilot/sub-pr-4
PythonSmall-Q Dec 13, 2025
5a73fd4
Initial plan
Copilot Dec 13, 2025
1e595f6
Fix review comments: database tables, typo, analytics, AI check, rate…
Copilot Dec 13, 2025
8aa17f7
Change error message for ProblemID check
PythonSmall-Q Dec 13, 2025
c9ec771
Merge pull request #8 from XMOJ-Script-dev/copilot/sub-pr-4
PythonSmall-Q Dec 13, 2025
2c38616
Improve error handling and validation across routes
PythonSmall-Q Dec 27, 2025
4e16dc1
Enhance security and validation in post and reply routes
PythonSmall-Q Dec 27, 2025
cf3da61
Add PowerShell test runner and improve test mocks
PythonSmall-Q Dec 27, 2025
62c863b
Refactor rich text sanitization to use sanitize-html
PythonSmall-Q Dec 27, 2025
d77d1dc
Add new database columns and enhance link sanitization in rich text
PythonSmall-Q Dec 27, 2025
dc6b0e8
Add TypeScript type annotations for transformTags in sanitizeRichText
PythonSmall-Q Dec 27, 2025
76c5af8
Add copyright headers and improve input validation in various routes …
PythonSmall-Q Dec 27, 2025
7218aa8
Refactor rate limiting and authentication middleware; enhance CAPTCHA…
PythonSmall-Q Dec 27, 2025
f623927
Update .gitignore to include xmoj-script and add migration guide for …
PythonSmall-Q Dec 27, 2025
5f9b983
Add client-side migration guide for xmoj-script; document breaking ch…
PythonSmall-Q Dec 27, 2025
bdc630f
Remove obsolete client-side migration guide and enhance session token…
PythonSmall-Q Feb 24, 2026
25b884d
Refactor sanitizeRichText function to enhance XSS protection; remove …
PythonSmall-Q Feb 24, 2026
cb7c7fc
Enhance security and performance across multiple routes; implement SQ…
PythonSmall-Q Feb 24, 2026
3923b2c
Fix error handling in DenyEditAsync and improve CheckToken regex fall…
PythonSmall-Q Feb 24, 2026
26452f3
Fix SQL query result handling in GetBBSMentionList and update test mo…
PythonSmall-Q Feb 24, 2026
769924a
Enhance input validation for session ID and username formats; validat…
PythonSmall-Q Feb 24, 2026
1e38846
Refactor captcha handling across multiple routes; replace CaptchaSecr…
PythonSmall-Q Feb 24, 2026
e7416d7
Add polyfill for File API in Node.js test environment; improve fetch …
PythonSmall-Q Feb 24, 2026
fa840c2
Refactor rate limiting to throw errors for invalid requests; update a…
PythonSmall-Q Feb 24, 2026
709a191
Refactor GetAnalytics to use context for Cloudflare environment varia…
PythonSmall-Q Feb 24, 2026
6ac157f
Refactor GetAnalytics tests to provide Cloudflare environment variabl…
PythonSmall-Q Feb 24, 2026
a75195f
Enhance UploadStd to trigger fallback for empty StdCode or no std fou…
PythonSmall-Q Feb 24, 2026
7f5f6ff
Implement notification system with Durable Objects; enhance mentions …
PythonSmall-Q Feb 24, 2026
d137173
Refactor mail mention handling: update database fields and implement …
PythonSmall-Q Feb 24, 2026
653f1ab
Implement NotificationManager Durable Object and WebSocket notificati…
PythonSmall-Q Feb 24, 2026
110faf8
Refactor export process for Durable Objects: use esbuild for TypeScri…
PythonSmall-Q Feb 24, 2026
816f115
Add authentication checks to event handlers in post and reply routes
PythonSmall-Q Feb 24, 2026
5433239
Fix PR bugs: copyright headers, scheduled.ts promise, add SetUserSett…
Copilot Mar 29, 2026
fe85996
Merge pull request #14 from XMOJ-Script-dev/copilot/fix-bugs-and-add-…
PythonSmall-Q Mar 29, 2026
23fa463
Merge branch 'main' into rewrite
PythonSmall-Q Mar 29, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions .eslintrc.cjs
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
module.exports = {
root: true,
env: { node: true, es2022: true },
parser: '@typescript-eslint/parser',
parserOptions: { sourceType: 'module' },
plugins: ['@typescript-eslint'],
extends: [
'eslint:recommended',
'plugin:@typescript-eslint/recommended',
],
ignorePatterns: ['.output/**', 'node_modules/**'],
rules: {
'@typescript-eslint/no-explicit-any': 'off',
},
};
84 changes: 84 additions & 0 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,84 @@
name: CI

on:
push:
branches: [ main ]
pull_request:
branches: [ main ]

jobs:
build-and-test:
runs-on: ubuntu-latest
strategy:
matrix:
node: [18, 20, 22]
Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: ${{ matrix.node }}
cache: 'npm'

- name: Install dependencies (strict)
run: npm ci
- name: Fallback install on lock mismatch
if: failure()
run: |
echo "npm ci failed; attempting fallback npm install to refresh lockfile"
npm install
- name: Upload refreshed lockfile artifact
if: failure()
uses: actions/upload-artifact@v4
with:
name: refreshed-lockfile-${{ matrix.node }}
path: package-lock.json

- name: Audit dependencies
run: npm audit --production --audit-level=moderate
continue-on-error: true

- name: TypeScript compile check
run: |
npx tsc --noEmit

- name: Prepare Nitro (generate types)
run: npm run prepare

- name: Build
run: npm run build

- name: Run tests
run: npm run test -- --run

- name: Lint
run: npx eslint . --ext .ts

lint:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Setup Node.js
uses: actions/setup-node@v4
with:
node-version: '20'
cache: 'npm'
- name: Install dependencies (strict)
run: npm ci
- name: Fallback install on lock mismatch
if: failure()
run: |
echo "npm ci failed; attempting fallback npm install to refresh lockfile"
npm install
- name: Upload refreshed lockfile artifact
if: failure()
uses: actions/upload-artifact@v4
with:
name: refreshed-lockfile-lint
path: package-lock.json
- name: OpenAPI validation (Redocly)
run: |
npx @redocly/cli@latest lint openapi.yaml --max-problems=0
35 changes: 35 additions & 0 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
name: CodeQL

on:
push:
branches: [ rewrite, main ]
pull_request:
branches: [ main ]
schedule:
- cron: '0 3 * * 1'

jobs:
analyze:
name: Analyze (JavaScript/TypeScript)
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'javascript' ]
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: ${{ matrix.language }}
- name: Autobuild
uses: github/codeql-action/autobuild@v3
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
with:
category: '/language:${{ matrix.language }}'
19 changes: 19 additions & 0 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
name: Dependency Review

on:
pull_request:
branches: [ main ]

jobs:
review:
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: read
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Dependency Review
uses: actions/dependency-review-action@v4
with:
fail-on-severity: moderate
4 changes: 4 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,7 @@ dist
*/.output
*/node_modules
*/.nitro
old
old/
xmoj-script
xmoj-script/
Loading
Loading