Mouthful is a self-hosted alternative to Disqus.

Build Status Go Report Card codecov Documentation

Mouthful is a self-hosted alternative to Disqus.

Mouthful is a lightweight commenting server written in GO and Preact. It's a self hosted alternative to disqus that's ad free.

There's a demo hosted at mouthful.dizzy.zone. Check it out!

Features

  • Multiple database support(sqlite, mysql, postgres, dynamodb)
  • Moderation with an administration panel
  • Server side caching to prevent excessive database calls
  • Rate limiting
  • Honeypot feature, to prevent bots from posting comments
  • Migrations from existing commenting engines(isso, disqus)
  • Configuration - most of the features can be turned on or off, as well as customized to your preferences.
  • Admin login through third parties such as facebook and twitter, and 35 more.
  • Notifications about new comments via webhook
  • Dumping comments out, and importing an old dump.

Installation

The easy way

Backend

Head over to release page and download an archive for your OS. Extract, change the config.json you find in the archive according to your preferences. For more info on configuration, head to the configuration section.

Run the binary and that's it! You now have the backend running.

Client

Now, all that's left to do is include the following html in your blog/website on the pages you want mouthful to work on:

Once that is set up, you should be able to start using mouthful.

Building mouthful yourself

To start using mouthful, you'll need:

  • A working GO environment
  • Dep
  • Node with npm
  • A server to put mouthful on

If you do not have these tools set up, please refer to the installing dependencies section.

If you have all the dependencies, clone the mouthful repository. In the root of this repository run build.sh. Give it some time, this will install all the dependencies for both go and node and create a directory inside the root of this repository called /dist. Inside, you'll find all you need to run mouthful. That is:

  • A config file
  • A binary to start the mouthful backend
  • A static directory, containing all the javascript and html needed to serve both the client and the admin panel(if enabled)

To configure your mouthful instance to your hearts content, please refer to the configuration section.

Once you've done with the configuration, just copy over the /dist contents to your server and run the /dist/mouthful binary. Take note that the mouthful binary will look for a config.json file its directory.

Installing dependencies

  1. To install Go, please refer to the GO documentation found here
  2. To install node and npm, please refer to the Node documentation found here
  3. To install Dep, please refer to Dep documentation found here
  4. Once you have all the tools installed, follow the Installation guide

Mouthful on Docker

Build the image

  1. Clone the project
git clone https://github.com/vkuznecovas/mouthful.git
  1. Get in the project folder then build the image
docker build -t mouthful .

The Dockerfile is going to build on the master branch by default, you can specify a version

docker build --build-args "MOUTHFUL_VER=1.0.3" -t mouthful .

Run the image

Once image is built, simply run

docker run -d \
    --name mouthful \
    -v $(pwd)/data:/app/data
    -p 8080:8080
    mouthful

Alternatively you can use the official image vkuznecovas/mouthful

docker run -d \
    --name mouthful \
    -v $(pwd)/data:/app/data
    -p 8080:8080
    vkuznecovas/mouthful

Note: /app/data needs to contain a valid config.json file, read the note in moderation. You can extract the config file from the docker image, see getting config file from docker.

Configuring mouthful

Nearly all the features of mouthful can be customized and turned on or off. All within the config.json file.

Here's a short overview:

Moderation

Mouthful comes with moderation support out of the box. If moderation is enabled, it does not show the comments users post instantly, those will have to be approved first through the mouthful admin panel. This also allows for comment modification or deletion.

You can choose if you want to use a password based authentication or use OAUTH and login through github, facebook or the other 35 providers mouthful supports. Click here for more on OAUTH.

Note: You need to change the default password in config.json, else mouthful will fail to start.

Caching

Mouthful can cache end results(full sets of comments for threads) for a given period of time. This allows for quicker responses, lower number of database queries at the cost of extra memory for the running mouthful binary.

Rate limiting

Mouthful can limit the amount of posts a person can post within the same hour.

Notification

Mouthful can send notifications about new comments via webhook.

Styling

Mouthful comes with a default style out of the box, but you can override it in a couple of ways:

  1. Disable the default styling in config and add the required css to your webpage.
  2. Fork the repo and change the style in client/src/components/client/style.scss.

Paging of comments

Mouthful can either display all the comments on page load, or page them. The page size can be specified in config.

Cross-Origin Resource Sharing

Mouthful can either allow all origins to access its backend from browser or limit that to a given list of domains.

Data sources

Mouthful supports different data stores for different needs. Currently supported data store list is as follows:

  • sqlite
  • postgres
  • mysql
  • aws dynamodb

For a list of configuration options and config file examples, head over to configuration documentation and examples

Multiple domains

A single instance of Mouthful supports multiple domains. To distinguish between multiple domains you'll need to change the client side to reflect the domain it's coming from. You need to add a data-domain tag to your client side html, like so:

// Page 1 would look like this
// Page 2 would look like this
// Page 3 would look like this

With this, all the requests going to the back end will now prefix the domain name to the path, therefore if you want to add multiple websites to a single instance of mouthful you can now achieve it! Omitting the data-domain will rely on the path with no domain, so you can have multiple domains showing the same comments if needed.

Config file from Docker

You can get the default config.json by running

docker run --rm vkuznecovas/mouthful cat /app/data/config.json > config.json

This will create a file named config.json in your host machine, you can edit it as you please. Make sure it is present in the data folder before runnig the docker image, read the note in run the image.

Nginx config

In most cases, you'll want to run mouthful under nginx, or apache, or something else. In that case, this is the config I'm using for the demo:

location /mouthful-demo/ {
            proxy_pass http://172.17.0.1:1224/;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $host;
            proxy_set_header X-Forwarded-Proto $scheme;
	    add_header Cache-Control 'no-cache' always;
}

Take note, that if you're running mouthful with moderation on and run it under a path that's not / you'll need to do one of two things:

  • Build mouthful yourself, and when building the admin panel, which is running the npm run build inside the admin folder, specify an env variable called HOMEPAGE. For the example above it would be like so: HOMEPAGE=/mouthful-demo/ npm run build.
  • Specify the path variable in config inside the moderation section. "path":"/mouthful-demo/" for for the example above.

This is caused by mouthful using static assets and not serving any HTML itself. I would strongly suggest using the first option.

Periodic cleanup

Mouthful allows for periodic cleanup of non-confirmed and soft-deleted comments. It's fully configurable under the moderation section of the config. For more on that, head to the config documentation.

Spoon

Mouthful comes with a helper cli tool, called spoon. Spoon allows for data export and import, as well as migrations between databases and even different comment providers. Head over to spoon documentation for examples.

Migrations

Spoon supports migrating existing data from the following commenting engines:

  • Isso
  • Disqus

Head over to spoon documentation for examples.

Backups and import

Spoon allows for easy comment dumping and import of existing dumps. Head over to spoon documentation for examples.

Contributing

Contributions are more than welcome. If you've found a bug, raise an issue. If you've got a feature request, open up an issue as well. I'll try and keep the api stable, as well as tag each release with a semantic version.

Wish list

I'm a keen backender and not too sharp on the frontend part. If you're willing to contribute, front end(both client and admin) are not in the best of shapes, especially the admin panel. Frontend might require a refactor. Any addition of tests would be great as well. Migrations from other commenting engines would be encouraged as well.

Get in touch

If you'd like to get in touch with me, you can drop me a message on my twitter.

Who uses mouthful?

Feel free to do a PR and include yourself if you end up using mouthful.

Comments
  • Using with Docker

    Using with Docker

    I want to get Mouthful working in Docker, but have a couple of questions.

    So far I've created a file in my web root and added the below code:

     <div id="mouthful-comments" data-url="http://10.0.0.0:8080"></div>
     <script src="http://10.0.0.0:8080/client.js"></script>
    

    Then I cloned the repo into the default repo download directory of Centos 7. Then I built the Docker image with docker build -t mouthful .

    And that's as far as I've got because I don't quite understand the next Run the image part.

    Do I just need to run the below code from anywhere or do I need to be in the web root dir e.g /var/www/html/ docker run -d \ --name mouthful \ -v $(pwd)/data:/app/data -p 8080:8080 vkuznecovas/mouthful

    Also the cofig.json file docker run --rm vkuznecovas/mouthful cat /app/data/config.json > config.json This will create a file named config.json in your host machine, you can edit it as you please. Make sure it is present in the data folder before running the docker image, read the note in run the image.

    I don't understand the part 'make sure it's present in the data folder'. Where will I find the data folder at this point. I haven't run the image yet so I'm a little confused. Does the data folder need to be in my web root at some point?

    Sorry for these noob questions. I'm brand new to Docker and only installed it for Mouthful.

    Thanks :)

  • CORS blocks confirming comments in admin panel

    CORS blocks confirming comments in admin panel

    I'd like to enable CORS, but when I do it's blocking me from confirming comments in the admin panel. Everything else seems to work fine.

    Error in dev tools: Failed to load resource: the server responded with a status of 403 (Forbidden) :8080/v1/admin/comments:1

    I'm working on localhost with Vagrant. My virtual host is dev.example.com, which uses the IP address 10.0.0.0

    I've tried "allowedOrigins": ["http://dev.example.com"] and "allowedOrigins": ["http://10.0.0.0"]`.

    Is this a bug?

  • Problems when building the binary

    Problems when building the binary

    I'm building a Docker image for mouthful, everything went well until it attempts to build the binary

    Dockerfile

    FROM golang:1.10-alpine
    ARG MOUTHFUL_VER
    ENV CGO_ENABLED=${CGO_ENABLED:-0} \
        GOOS=${GOOS:-linux} \
        MOUTHFUL_VER=${MOUTHFUL_VER:-1.0.1}
    RUN set -ex; \
        apk add --no-cache bash curl file git && \
        echo "http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
        echo "http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories && \
        apk add --no-cache upx nodejs nodejs-npm && \
        go get -d github.com/vkuznecovas/mouthful && \
        curl -sSL https://github.com/golang/dep/releases/download/v0.4.1/dep-linux-amd64 -o /usr/bin/dep && \
        chmod +x /usr/bin/dep
    WORKDIR /go/src/github.com/vkuznecovas/mouthful
    RUN git checkout $MOUTHFUL_VER && \
        chmod +x build.sh && \
        ./build.sh && \
        cd dist/ && \
        file mouthful && \
        upx --best mouthful
    
    FROM scratch
    COPY --from=0 /go/src/github.com/vkuznecovas/mouthful/dist/ /
    EXPOSE 8080
    CMD ["/mouthful"]
    

    Output

    $ docker build -t mouthful .
    Sending build context to Docker daemon  4.096kB
    Step 1/10 : FROM golang:1.10-alpine
     ---> 52d894fca6d4
    Step 2/12 : ARG MOUTHFUL_VER
     ---> Using cache
     ---> 31098fa6a859
    Step 3/10 : ENV CGO_ENABLED=${CGO_ENABLED:-0}     GOOS=${GOOS:-linux}     MOUTHFUL_VER=${MOUTHFUL_VER:-1.0.1}
     ---> Using cache
     ---> 804edb0c5837
    Step 4/10 : RUN set -ex;     apk add --no-cache bash curl file git &&     echo "http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories &&     echo "http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories &&     apk add --no-cache upxnodejs nodejs-npm &&     go get -d github.com/vkuznecovas/mouthful &&     curl -sSL https://github.com/golang/dep/releases/download/v0.4.1/dep-linux-amd64 -o /usr/bin/dep &&     chmod +x /usr/bin/dep
     ---> Using cache
     ---> 4e97532d309b
    Step 5/10 : WORKDIR /go/src/github.com/vkuznecovas/mouthful
     ---> Using cache
     ---> edf4092b2449
    Step 6/10 : RUN git checkout $MOUTHFUL_VER &&     chmod +x build.sh &&     ./build.sh &&     cd dist/ &&     file mouthful &&     upx --best mouthful
     ---> Running in 59089bfa4c72
    Note: checking out '1.0.1'.
    
    You are in 'detached HEAD' state. You can look around, make experimental
    changes and commit them, and you can discard any commits you make in this
    state without impacting any branches by performing another checkout.
    
    If you want to create a new branch to retain commits you create, you may
    do so (now or later) by using -b with the checkout command again. Example:
    
      git checkout -b <new-branch-name>
    
    HEAD is now at 93bb036... travis changes
    
    > [email protected] install /go/src/github.com/vkuznecovas/mouthful/client/node_modules/node-sass
    > node scripts/install.js
    
    Downloading binary from https://github.com/sass/node-sass/releases/download/v4.5.3/linux_musl-x64-57_binding.node
    Download complete
    Binary saved to /go/src/github.com/vkuznecovas/mouthful/client/node_modules/node-sass/vendor/linux_musl-x64-57/binding.node
    Caching binary to /root/.npm/node-sass/4.5.3/linux_musl-x64-57_binding.node
    
    > [email protected] postinstall /go/src/github.com/vkuznecovas/mouthful/client/node_modules/preact
    > node -e "console.log('\u001b[35m\u001b[1mLove Preact? You can now donate to our open collective:\u001b[22m\u001b[39m\n > \u001b[34mhttps://opencollective.com/preact/donate\u001b[0m')"
    
    Love Preact? You can now donate to our open collective:
     > https://opencollective.com/preact/donate
    
    > [email protected] postinstall /go/src/github.com/vkuznecovas/mouthful/client/node_modules/uglifyjs-webpack-plugin
    > node lib/post_install.js
    
    
    > [email protected] postinstall /go/src/github.com/vkuznecovas/mouthful/client/node_modules/simplehttp2server
    > node lib/install.js
    
    
    > [email protected] postinstall /go/src/github.com/vkuznecovas/mouthful/client/node_modules/node-sass
    > node scripts/build.js
    
    Binary found at /go/src/github.com/vkuznecovas/mouthful/client/node_modules/node-sass/vendor/linux_musl-x64-57/binding.node
    Testing binary
    Binary is fine
    
    > [email protected] postinstall /go/src/github.com/vkuznecovas/mouthful/client/node_modules/preact-cli
    > node -p 'require("./check.js")()'
    
    true
    npm WARN [email protected] No description
    npm WARN [email protected] No repository field.
    npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/fsevents):
    npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
    
    added 1592 packages in 35.768s
    
    > [email protected] build /go/src/github.com/vkuznecovas/mouthful/client
    > preact build --no-prerender --clean --template src/index.ejs --service-worker false
    
    (node:90) DeprecationWarning: Chunk.modules is deprecated. Use Chunk.getNumberOfModules/mapModules/forEachModule/containsModule instead.
    
      Total precache size is about 110 kB for 5 resources.
    npm WARN deprecated [email protected]: gulp-util is deprecated - replace it, following the guidelines at https://medium.com/gulpjs/gulp-util-ca3b1f9f9ac5
    
    > [email protected] postinstall /go/src/github.com/vkuznecovas/mouthful/admin/node_modules/preact
    > node -e "console.log('\u001b[35m\u001b[1mLove Preact? You can now donate to our open collective:\u001b[22m\u001b[39m\n > \u001b[34mhttps://opencollective.com/preact/donate\u001b[0m')"
    
    Love Preact? You can now donate to our open collective:
     > https://opencollective.com/preact/donate
    
    > [email protected] postinstall /go/src/github.com/vkuznecovas/mouthful/admin/node_modules/uglifyjs-webpack-plugin
    > node lib/post_install.js
    
    
    > [email protected] postinstall /go/src/github.com/vkuznecovas/mouthful/admin/node_modules/simplehttp2server
    > node lib/install.js
    
    
    > [email protected] postinstall /go/src/github.com/vkuznecovas/mouthful/admin/node_modules/preact-cli
    > node -p 'require("./check.js")()'
    
    true
    npm notice created a lockfile as package-lock.json. You should commit this file.
    npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules/fsevents):
    npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})
    
    added 1787 packages in 47.606s
    
    > [email protected] build /go/src/github.com/vkuznecovas/mouthful/admin
    > preact build
    
    
      Total precache size is about 51.3 kB for 6 resources.
    # github.com/vkuznecovas/mouthful/vendor/github.com/mattn/go-sqlite3
    vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go:18:10: undefined: SQLiteConn
    chmod: dist/mouthful: No such file or directory
    mouthful: cannot open `mouthful' (No such file or directory)
                           Ultimate Packer for eXecutables
                              Copyright (C) 1996 - 2017
    UPX 3.94        Markus Oberhumer, Laszlo Molnar & John Reiser   May 12th 2017
    
            File size         Ratio      Format      Name
       --------------------   ------   -----------   -----------
    
    Packed 0 files.
    upx: mouthful: FileNotFoundException: mouthful: No such file or directory
    The command '/bin/sh -c git checkout $MOUTHFUL_VER &&     chmod +x build.sh &&     ./build.sh &&     cd dist/ &&     file mouthful && upx --best mouthful' returned a non-zero code: 1
    

    It all seems the problem is at vendor/github.com/mattn/go-sqlite3/sqlite3_go18.go:18:10: undefined: SQLiteConn.

  • Admin page redirection

    Admin page redirection

    Hi again,

    While using mouthful behind nginx (with local binding), there seems to be no way to reach to the admin panel. I redirected to /comment-engine/ URL with proxy_pass just like the example. While embedding/displaying/commenting has no problems, I can't see the admin panel correctly.

    I assume I need to see it directly at http://my.server.ip.address:bindport but this is not possible while you bind the service on localhost. If I try to go /comment-engine/ url, I see a half-page, giving some info without authentication but that is all.

    You can see it here

    Here is my nginx config:

            location /comment-engine/ {
                proxy_pass http://127.0.0.1:9898/;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-Proto $scheme;
                add_header Cache-Control 'no-cache' always;
                expires off;
            }
    

    Thanks.

  • Improve Dockerfile to actually properly build a working image

    Improve Dockerfile to actually properly build a working image

    Actually the way this builds now is not ideal :/

    prologic@Jamess-MacBook
    Mon Apr 23 23:52:43
    ~/tmp/mouthful
     (master) 0
    $ docker build -t r.mills.io/vkuznecovas/mouthful .
    Sending build context to Docker daemon  3.072kB
    Step 1/3 : FROM centos:latest
    latest: Pulling from library/centos
    469cfcc7a4b3: Pull complete
    Digest: sha256:989b936d56b1ace20ddf855a301741e52abca38286382cba7f44443210e96d16
    Status: Downloaded newer image for centos:latest
     ---> e934aafc2206
    Step 2/3 : ADD dist/ /
    ADD failed: stat /mnt/sda1/var/lib/docker/tmp/docker-builder995248579/dist: no such file or directory
    

    Let's improve the Dockerfile so you don't have to "build" out-of-band.

    See #53

  • 403 forbidden issue. The comments are temporarily unavailable

    403 forbidden issue. The comments are temporarily unavailable

    Running Vagrant/Virtual box provider. Centos 7 OS Nginx server

    I'm getting 403 Forbidden messages for a couple of files. Steps I've taken so far.

    1. I've extracted the archive into my root dir
    2. Run the mouthful binary
    3. added code to webpage e.g <div id="mouthful-comments" data-url="http://10.0.0.0:8080"></div> <script src="http://10.0.0.0:8080/client.js"></script> (10.0.0.0 is my privare IP address in Vagrant)

    When I reload the page I get the message: "The comments are temporarily unavailable". In dev tools it show a 200 response code for client.js and a url blob:http://10.0.0.0/f052827d-fa98-421c-bf3c-ba46881a7779, but for http://10.0.0.0:8080/v1/client/config and http://10.0.0.0:8080/v1/comments?uri=%2Fcomments-testing.php it says 403 Forbidden.

    I already have selinux switched off and I've also tried switching off my firewall to no avail.

    Maybe this is a problem with nginx?? I added (tried each location):

        # location /mouthful {    
        # location /static {    
        # location /data {    
        proxy_pass http://172.17.0.1:1224/;    
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;    
         proxy_set_header Host $host;    
         proxy_set_header X-Forwarded-Proto $scheme;    
        add_header Cache-Control 'no-cache' always;    
         }
    

    I'm all out of ideas now, so any help is greatly appreciated. Thanks

  • Add domain name to the thread name in DB

    Add domain name to the thread name in DB

    Hi again,

    After a quick check, I couldn't find where we create a thread in DB in the first place. If the domain name is included in the beginning, we could support multiple domains in single db.

    So instead of:

    /category/post
    

    It can be presented as:

    domain.com/category/post (or something like domain_com if dots are not globally allowed)
    

    So we'd eliminate the possibility of conflicting threads between domains.

  • Unable to build docker image

    Unable to build docker image

    Hello! When I'm receiving the following error message when trying to build the docker image locally.

    Am I doing anything wrong or is there an updated Dockerfile that I should use? (had to set GO111MODULE=on for the build to go get successfully)

    $ docker build --no-cache -t mouthful .
    Sending build context to Docker daemon  3.584kB
    Step 1/13 : FROM golang:1.15.2-alpine
     ---> b3bc898ad092
    Step 2/13 : ARG MOUTHFUL_VER
     ---> Running in 1832c08454bb
    Removing intermediate container 1832c08454bb
     ---> 7ebb9de2f09f
    Step 3/13 : ENV CGO_ENABLED=${CGO_ENABLED:-1}     GOOS=${GOOS:-linux}     MOUTHFUL_VER=${MOUTHFUL_VER:-master}     GO111MODULE=on
     ---> Running in b87d03d6ff92
    Removing intermediate container b87d03d6ff92
     ---> 58addced5b56
    Step 4/13 : RUN set -ex;     apk add --no-cache bash build-base curl git &&     echo "http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories &&     echo "http://dl-cdn.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories &&     apk add --no-cache upx nodejs nodejs-npm &&     go get -d github.com/vkuznecovas/mouthful
     ---> Running in a6330672e4c6
    + apk add --no-cache bash build-base curl git
    fetch http://dl-cdn.alpinelinux.org/alpine/v3.12/main/x86_64/APKINDEX.tar.gz
    fetch http://dl-cdn.alpinelinux.org/alpine/v3.12/community/x86_64/APKINDEX.tar.gz
    (1/31) Upgrading musl (1.1.24-r9 -> 1.1.24-r10)
    (2/31) Installing ncurses-terminfo-base (6.2_p20200523-r0)
    (3/31) Installing ncurses-libs (6.2_p20200523-r0)
    (4/31) Installing readline (8.0.4-r0)
    (5/31) Installing bash (5.0.17-r0)
    Executing bash-5.0.17-r0.post-install
    (6/31) Installing libgcc (9.3.0-r2)
    (7/31) Installing libstdc++ (9.3.0-r2)
    (8/31) Installing binutils (2.34-r1)
    (9/31) Installing libmagic (5.38-r0)
    (10/31) Installing file (5.38-r0)
    (11/31) Installing gmp (6.2.0-r0)
    (12/31) Installing isl (0.18-r0)
    (13/31) Installing libgomp (9.3.0-r2)
    (14/31) Installing libatomic (9.3.0-r2)
    (15/31) Installing libgphobos (9.3.0-r2)
    (16/31) Installing mpfr4 (4.0.2-r4)
    (17/31) Installing mpc1 (1.1.0-r1)
    (18/31) Installing gcc (9.3.0-r2)
    (19/31) Installing musl-dev (1.1.24-r10)
    (20/31) Installing libc-dev (0.7.2-r3)
    (21/31) Installing g++ (9.3.0-r2)
    (22/31) Installing make (4.3-r0)
    (23/31) Installing fortify-headers (1.1-r0)
    (24/31) Installing patch (2.7.6-r6)
    (25/31) Installing build-base (0.5-r2)
    (26/31) Installing nghttp2-libs (1.41.0-r0)
    (27/31) Installing libcurl (7.69.1-r3)
    (28/31) Installing curl (7.69.1-r3)
    (29/31) Installing expat (2.2.9-r1)
    (30/31) Installing pcre2 (10.35-r0)
    (31/31) Installing git (2.26.2-r0)
    Executing busybox-1.31.1-r16.trigger
    OK: 225 MiB in 45 packages
    + echo http://dl-cdn.alpinelinux.org/alpine/edge/community
    + echo http://dl-cdn.alpinelinux.org/alpine/edge/main
    + apk add --no-cache upx nodejs nodejs-npm
    fetch http://dl-cdn.alpinelinux.org/alpine/v3.12/main/x86_64/APKINDEX.tar.gz
    fetch http://dl-cdn.alpinelinux.org/alpine/v3.12/community/x86_64/APKINDEX.tar.gz
    fetch http://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
    fetch http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
    (1/6) Installing brotli-libs (1.0.9-r3)
    (2/6) Installing c-ares (1.17.1-r1)
    (3/6) Installing nodejs (14.15.5-r0)
    (4/6) Installing npm (14.15.5-r0)
    (5/6) Installing ucl (1.03-r1)
    (6/6) Installing upx (3.96-r0)
    Executing busybox-1.31.1-r16.trigger
    OK: 289 MiB in 51 packages
    + go get -d github.com/vkuznecovas/mouthful
    go: downloading github.com/vkuznecovas/mouthful v0.0.0-20210217191011-1abb7572f8a5
    go: github.com/vkuznecovas/mouthful upgrade => v0.0.0-20210217191011-1abb7572f8a5
    go: downloading github.com/markbates/goth v1.64.2
    go: downloading github.com/fatih/color v1.9.0
    go: downloading github.com/patrickmn/go-cache v2.1.0+incompatible
    go: downloading github.com/gin-contrib/cors v1.3.1
    go: downloading github.com/gin-gonic/gin v1.6.3
    go: downloading github.com/ulule/limiter v2.2.2+incompatible
    go: downloading github.com/jmoiron/sqlx v1.2.0
    go: downloading github.com/mattn/go-isatty v0.0.12
    go: downloading github.com/gofrs/uuid v3.3.0+incompatible
    go: downloading github.com/aws/aws-sdk-go v1.34.31
    go: downloading github.com/spf13/afero v1.4.0
    go: downloading golang.org/x/sys v0.0.0-20200116001909-b77594299b42
    go: downloading github.com/golang/protobuf v1.3.3
    go: downloading github.com/guregu/dynamo v1.9.1
    go: downloading github.com/gin-contrib/sessions v0.0.3
    go: downloading github.com/microcosm-cc/bluemonday v1.0.4
    go: downloading github.com/markbates/going v1.0.0
    go: downloading github.com/russross/blackfriday/v2 v2.1.0
    go: downloading github.com/mattn/go-colorable v0.1.4
    go: downloading github.com/gin-contrib/static v0.0.0-20200916080430-d45d9a37d28e
    go: downloading github.com/pkg/errors v0.9.1
    go: downloading github.com/json-iterator/go v1.1.9
    go: downloading golang.org/x/text v0.3.3
    go: downloading github.com/gorilla/context v1.1.1
    go: downloading gopkg.in/yaml.v2 v2.2.8
    go: downloading github.com/gorilla/sessions v1.1.3
    go: downloading github.com/gorilla/mux v1.6.2
    go: downloading github.com/gin-contrib/sse v0.1.0
    go: downloading github.com/lib/pq v1.8.0
    go: downloading github.com/stretchr/testify v1.6.1
    go: downloading github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742
    go: downloading golang.org/x/oauth2 v0.0.0-20180620175406-ef147856a6dd
    go: downloading golang.org/x/net v0.0.0-20200202094626-16171245cfb2
    go: downloading github.com/chris-ramon/douceur v0.2.0
    go: downloading github.com/davecgh/go-spew v1.1.1
    go: downloading github.com/cenkalti/backoff v2.1.1+incompatible
    go: downloading github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421
    go: downloading github.com/ugorji/go v1.1.7
    go: downloading github.com/mattn/go-sqlite3 v1.14.3
    go: downloading github.com/go-sql-driver/mysql v1.5.0
    go: downloading github.com/ugorji/go/codec v1.1.7
    go: downloading github.com/aymerick/douceur v0.2.0
    go: downloading github.com/pmezard/go-difflib v1.0.0
    go: downloading github.com/mrjones/oauth v0.0.0-20180629183705-f4e24b6d100c
    go: downloading gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c
    go: downloading github.com/go-playground/validator/v10 v10.2.0
    go: downloading github.com/gorilla/securecookie v1.1.1
    go: downloading github.com/gorilla/css v1.0.0
    go: downloading google.golang.org/appengine v1.6.6
    go: downloading github.com/go-playground/universal-translator v0.17.0
    go: downloading github.com/leodido/go-urn v1.2.0
    go: downloading github.com/go-playground/locales v0.13.0
    go: downloading github.com/jmespath/go-jmespath v0.4.0
    Removing intermediate container a6330672e4c6
     ---> 0c1f5aaf9995
    Step 5/13 : WORKDIR /go/src/github.com/vkuznecovas/mouthful
     ---> Running in b86c327aa510
    Removing intermediate container b86c327aa510
     ---> a4530713d9ed
    Step 6/13 : RUN git checkout $MOUTHFUL_VER &&     ./build.sh &&     cd dist/ &&     upx --best mouthful
     ---> Running in 25378c0e07c8
    fatal: not a git repository (or any of the parent directories): .git
    The command '/bin/sh -c git checkout $MOUTHFUL_VER &&     ./build.sh &&     cd dist/ &&     upx --best mouthful' returned a non-zero code: 128
    
  • Panic: default addr for network 'localhost:5432' unknown

    Panic: default addr for network 'localhost:5432' unknown

    Since I wasn't able to figure out Panic: runtime error: invalid memory address or nil pointer dereference (#111), I went ahead and secured a VPS running Nginx and ProstgreSQL, and decided to try my luck there. No dice so far.

    I am now encountering panic: default addr for network 'localhost:5432' unknown.

    Here is my config file:

    {
        "honeypot": true,
        "moderation": {
            "enabled": false,
            "adminPassword": "xxxxxxxxxx",
            "sessionDurationSeconds": 21600,
            "maxCommentLength": 10000,
            "maxAuthorLength": 35
        },
        "database": {
            "dialect": "postgres",
            "database": "mouthful",
            "host": "localhost",
            "username": "postgres",
            "password": "xxxxxxxxxxx",
            "port": "5432",
            "sslEnabled": false
        },
        "api": {
            "port": 8080,
            "logging": true,
            "debug": false,
            "cache": {
                "enabled": true,
                "intervalInSeconds": 10,
                "expiryInSeconds": 300
            },
            "rateLimiting": {
                "enabled": true,
                "postsHour": 100
            },
            "cors": {
                "enabled": true,
                "allowedOrigins": ["https://mydomain.com"]
            }
        },
        "client": {
            "useDefaultStyle": true,
            "pageSize": 10
        }
    }
    

    I've tried toggling sslEnabled, as the server block is configured to redirect to https anyway, but that didn't work, either.

    I am still unsure of what the "Nginx config example" is for, where is goes, or what this quote means:

    "In most cases, you'll want to run mouthful under nginx, or apache, or something else. In that case, this is the config I'm using for the demo:

    location /mouthful-demo/ {
                proxy_pass http://172.17.0.1:1224/;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-Proto $scheme;
    	    add_header Cache-Control 'no-cache' always;
    }
    

    I noticed that Vik hasn't been active in over a year here, on his blog, or on Twitter, but if anyone else can help point me in the right direction, I'll be incredibly grateful!

  • Docker image + docs in the readme

    Docker image + docs in the readme

    Improve docker image

    • Dockerfile builds mouthful from source using a multi-stage Dockerfile
      • Builds on master branch
      • Builds a static binary and compress it with upx
      • Version can be specified on build time with --build-arg MOUTHFUL_VER=[VERSION]
      • Uses golang:1.10-alpine since it is a multi-arch image, that means the project can be cloned and the image can be built on ARM devices for instance.
      • Persist data volume (containing the config file and db). As a side note i think you should remove the default password error, so it can work out of the box.
      • Resulting image based on FROM alpine:3.7
      • Resulting image is about 12.8MB.
    • Modify main.go to update with the new config file location
    • Add image usage to the readme

    I didn't know if you have a docker repo for this image, yet i added to the readme that this repo has an official image at vkuznecovas/mouthful ready to be pulled, feel free to change with the actual image, if that's not the case.

    It'd be nice that you create a new release if these changes get merged.

  • Refactor admin panel (IN PROGRESS)

    Refactor admin panel (IN PROGRESS)

    I wanted to refactor entire admin panel before Hacktoberfest ends. Time has almost run out and I'm nowhere near finish line.

    At the beginning I started writing new components (because old admin panel had 4 iirc). I couldn't test my new code, because I used async and project didn't build. I didn't care about it and I kept rewriting. In the meantime I noticed old code wasn't following ESLint rules so I also updated them a bit to make code more readable. When new components were made I fixed issue with building project.

    Things which has to be done before merging to master:

    • [ ] Main issue: because project uses SSR there's issues with URL links to API when project is built.
    • [ ] New components has no styling
    • [ ] Probably there's a lot more ...

    I don't have any good solution to fix first issue.

    I encourage you to help me and make this project much better.

  • Bump json5, jest, preact-cli and sass-loader in /client

    Bump json5, jest, preact-cli and sass-loader in /client

    Bumps json5 to 2.2.2 and updates ancestor dependencies json5, jest, preact-cli and sass-loader. These dependencies need to be updated together.

    Updates json5 from 0.5.1 to 2.2.2

    Release notes

    Sourced from json5's releases.

    v2.2.2

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

    v2.1.2

    • Fix: Bump minimist to v1.2.5. (#222)

    v2.1.1

    • New: package.json and package.json5 include a module property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)
    • Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
    • Fix: Spelling mistakes have been fixed. (#196)

    v2.1.0

    • New: The index.mjs and index.min.mjs browser builds in the dist directory support ES6 modules. (#187)

    v2.0.1

    • Fix: The browser builds in the dist directory support ES5. (#182)

    v2.0.0

    • Major: JSON5 officially supports Node.js v6 and later. Support for Node.js v4 has been dropped. Since Node.js v6 supports ES5 features, the code has been rewritten in native ES5, and the dependence on Babel has been eliminated.

    • New: Support for Unicode 10 has been added.

    • New: The test framework has been migrated from Mocha to Tap.

    • New: The browser build at dist/index.js is no longer minified by default. A minified version is available at dist/index.min.js. (#181)

    • Fix: The warning has been made clearer when line and paragraph separators are used in strings.

    • Fix: package.json5 has been restored, and it is automatically generated and

    ... (truncated)

    Changelog

    Sourced from json5's changelog.

    v2.2.2 [code, diff]

    • Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

    v2.2.1 [code, diff]

    • Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

    v2.2.0 [code, diff]

    • New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

    v2.1.3 [code, diff]

    • Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

    v2.1.2 [code, diff]

    • Fix: Bump minimist to v1.2.5. (#222)

    v2.1.1 [code, diff]

    • New: package.json and package.json5 include a module property so bundlers like webpack, rollup and parcel can take advantage of the ES Module build. (#208)
    • Fix: stringify outputs \0 as \\x00 when followed by a digit. (#210)
    • Fix: Spelling mistakes have been fixed. (#196)

    ... (truncated)

    Commits
    • 14f8cb1 2.2.2
    • 10cc7ca docs: update CHANGELOG for v2.2.2
    • 7774c10 fix: add proto to objects and arrays
    • edde30a Readme: slight tweak to intro
    • 97286f8 Improve example in readme
    • d720b4f Improve readme (e.g. explain JSON5 better!) (#291)
    • 910ce25 docs: fix spelling of Aseem
    • 2aab4dd test: require tap as t in cli tests
    • 6d42686 test: remove mocha syntax from tests
    • 4798b9d docs: update installation and usage for modules
    • Additional commits viewable in compare view

    Updates jest from 21.2.1 to 29.3.1

    Release notes

    Sourced from jest's releases.

    v29.3.1

    Fixes

    • [jest-config] Do not warn about preset in ProjectConfig #13583

    Performance

    • [jest-transform] Defer creation of cache directory #13420

    v29.3.0

    Features

    • [jest-runtime] Support WebAssembly (Wasm) imports in ESM modules (#13505)

    Fixes

    • [jest-config] Add config validation for projects option (#13565)
    • [jest-mock] Treat cjs modules as objects so they can be mocked (#13513)
    • [jest-worker] Throw an error instead of hanging when jest workers terminate unexpectedly (#13566)

    Chore & Maintenance

    • [@jest/transform] Update convert-source-map (#13509)
    • [docs] Mention toStrictEqual in UsingMatchers docs. (#13560)

    New Contributors

    Full Changelog: https://github.com/facebook/jest/compare/v29.2.2...v29.3.0

    v29.2.2

    Fixes

    • [@jest/test-sequencer] Make sure sharding does not produce empty groups (#13476)
    • [jest-circus] Test marked as todo are shown as todo when inside a focussed describe (#13504)
    • [jest-mock] Ensure mock resolved and rejected values are promises from correct realm (#13503)
    • [jest-snapshot] Don't highlight passing asymmetric property matchers in snapshot diff (#13480)

    Chore & Maintenance

    • [docs] Update link to Jest 28 upgrade guide in error message (#13483)
    • [jest-runner, jest-watcher] Update emittery (#13490)

    New Contributors

    ... (truncated)

    Changelog

    Sourced from jest's changelog.

    29.3.1

    Fixes

    • [jest-config] Do not warn about preset in ProjectConfig (#13583)

    Performance

    • [jest-transform] Defer creation of cache directory (#13420)

    29.3.0

    Features

    • [jest-runtime] Support WebAssembly (Wasm) imports in ESM modules (#13505)

    Fixes

    • [jest-config] Add config validation for projects option (#13565)
    • [jest-mock] Treat cjs modules as objects so they can be mocked (#13513)
    • [jest-worker] Throw an error instead of hanging when jest workers terminate unexpectedly (#13566)

    Chore & Maintenance

    • [@jest/transform] Update convert-source-map (#13509)
    • [docs] Mention toStrictEqual in UsingMatchers docs. (#13560)

    29.2.2

    Fixes

    • [@jest/test-sequencer] Make sure sharding does not produce empty groups (#13476)
    • [jest-circus] Test marked as todo are shown as todo when inside a focussed describe (#13504)
    • [jest-mock] Ensure mock resolved and rejected values are promises from correct realm (#13503)
    • [jest-snapshot] Don't highlight passing asymmetric property matchers in snapshot diff (#13480)

    Chore & Maintenance

    • [docs] Update link to Jest 28 upgrade guide in error message (#13483)
    • [jest-runner, jest-watcher] Update emittery (#13490)

    29.2.1

    Features

    • [@jest/globals, jest-mock] Add jest.Spied* utility types (#13440)

    Fixes

    • [jest-environment-node] make globalThis.performance writable for Node 19 and fake timers (#13467)

    ... (truncated)

    Commits
    Maintainer changes

    This version was pushed to npm by simenb, a new releaser for jest since your current version.


    Updates preact-cli from 2.2.1 to 3.4.3

    Release notes

    Sourced from preact-cli's releases.

    [email protected]

    Patch Changes

    • #1756 a41d498 Thanks @​rschristian! - Improves prerender error message's output and positioning

    • #1760 a789c9d Thanks @​rschristian!

      • Fixed bug in which --esm was not enabled by default for production builds on v3.4.2
      • Fixed bug in which --brotli would overwrite existing assets

    [email protected]

    Patch Changes

    [email protected]

    Patch Changes

    • #1711 5eb5d00 Thanks @​rschristian! - Fix ensures that the load-manifest is only attempted to be built in prod. It serves no use in dev (as preloading is limited to prod) and can create a race condition when used alongside HMR.

    [email protected]

    Minor Changes

    • #1674 0346549 Thanks @​rschristian! - Supports consuming "proxy" from package.json to proxy API requests in watch mode

    • #1671 8d3bd42 Thanks @​rschristian! - Any environment variables prefixed with 'PREACT_APP_' will automatically be available for reference and use in your application without having to configure DefinePlugin any more. Furthermore, if a .env file exists in the root of your application, any variables it defines will automatically be available for use.

      Huge shout out to robinvdvleuten who provided this functionality through the preact-cli-plugin-env-vars package in the past.

    Patch Changes

    ... (truncated)

    Changelog

    Sourced from preact-cli's changelog.

    3.4.3

    Patch Changes

    • #1760 a789c9d Thanks @​rschristian! - Fixed bug in which --esm was not enabled by default for production builds on v3.4.2

      Fix for --brotli overwriting assets

    3.4.2

    Patch Changes

    3.4.1

    Patch Changes

    • #1711 5eb5d00 Thanks @​rschristian! - Fix ensures that the load-manifest is only attempted to be built in prod. It serves no use in dev (as preloading is limited to prod) and can create a race condition when used alongside HMR.

    3.4.0

    Minor Changes

    • #1671 8d3bd42 Thanks @​rschristian! - Any environment variables prefixed with 'PREACTAPP' will automatically be available for reference and use in your application without having to configure DefinePlugin any more. Furthermore, if a .env file exists in the root of your application, any variables it defines will automatically be available for use.

      Huge shout out to robinvdvleuten who provided this functionality through the preact-cli-plugin-env-vars package in the past.

    Patch Changes

    • #1670 7afd8bb Thanks @​rschristian! - Corrects 'build --json' ouput location and 'apple-touch-icon' will respect the publicPath automatically

    ... (truncated)

    Commits
    Maintainer changes

    This version was pushed to npm by preactjs, a new releaser for preact-cli since your current version.


    Updates sass-loader from 6.0.6 to 13.2.0

    Release notes

    Sourced from sass-loader's releases.

    v13.2.0

    13.2.0 (2022-11-09)

    Features

    v13.1.0

    13.1.0 (2022-10-06)

    Features

    v13.0.2

    13.0.2 (2022-06-27)

    Bug Fixes

    v13.0.1

    13.0.1 (2022-06-24)

    Bug Fixes

    v13.0.0

    13.0.0 (2022-05-18)

    ⚠ BREAKING CHANGES

    • minimum supported Node.js version is 14.15.0 (#1048)
    • emit @warn at-rules as webpack warnings by default, if you want to revert behavior please use the warnRuleAsWarning option (#1054) (58ffb68)

    Bug Fixes

    • do not crash on importers for modern API (#1052) (095814e)
    • do not store original sass error in webpack error(#1053) (06d7533)

    v12.6.0

    12.6.0 (2022-02-15)

    ... (truncated)

    Changelog

    Sourced from sass-loader's changelog.

    13.2.0 (2022-11-09)

    Features

    13.1.0 (2022-10-06)

    Features

    13.0.2 (2022-06-27)

    Bug Fixes

    13.0.1 (2022-06-24)

    Bug Fixes

    13.0.0 (2022-05-18)

    ⚠ BREAKING CHANGES

    • minimum supported Node.js version is 14.15.0 (#1048)
    • emit @warn at-rules as webpack warnings by default, if you want to revert behavior please use the warnRuleAsWarning option (#1054) (58ffb68)

    Bug Fixes

    • do not crash on importers for modern API (#1052) (095814e)
    • do not store original sass error in webpack error(#1053) (06d7533)

    12.6.0 (2022-02-15)

    Features

    • added support for automatic loading of sass-embedded (#1025) (c8dae87)

    12.5.0 (2022-02-14)

    ... (truncated)

    Commits
    Maintainer changes

    This version was pushed to npm by evilebottnawi, a new releaser for sass-loader since your current version.


    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump qs and express in /client

    Bump qs and express in /client

    Bumps qs and express. These dependencies needed to be updated together. Updates qs from 6.5.2 to 6.5.3

    Changelog

    Sourced from qs's changelog.

    6.5.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] utils.merge: avoid a crash with a null target and a truthy non-array source
    • [Fix] correctly parse nested arrays
    • [Fix] stringify: fix a crash with strictNullHandling and a custom filter/serializeDate (#279)
    • [Fix] utils: merge: fix crash when source is a truthy primitive & no options are provided
    • [Fix] when parseArrays is false, properly handle keys ending in []
    • [Fix] fix for an impossible situation: when the formatter is called with a non-string value
    • [Fix] utils.merge: avoid a crash with a null target and an array source
    • [Refactor] utils: reduce observable [[Get]]s
    • [Refactor] use cached Array.isArray
    • [Refactor] stringify: Avoid arr = arr.concat(...), push to the existing instance (#269)
    • [Refactor] parse: only need to reassign the var once
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] Clean up license text so it’s properly detected as BSD-3-Clause
    • [Docs] Clarify the need for "arrayLimit" option
    • [meta] fix README.md (#399)
    • [meta] add FUNDING.yml
    • [actions] backport actions from main
    • [Tests] always use String(x) over x.toString()
    • [Tests] remove nonexistent tape option
    • [Dev Deps] backport from main
    Commits
    • 298bfa5 v6.5.3
    • ed0f5dc [Fix] parse: ignore __proto__ keys (#428)
    • 691e739 [Robustness] stringify: avoid relying on a global undefined (#427)
    • 1072d57 [readme] remove travis badge; add github actions/codecov badges; update URLs
    • 12ac1c4 [meta] fix README.md (#399)
    • 0338716 [actions] backport actions from main
    • 5639c20 Clean up license text so it’s properly detected as BSD-3-Clause
    • 51b8a0b add FUNDING.yml
    • 45f6759 [Fix] fix for an impossible situation: when the formatter is called with a no...
    • f814a7f [Dev Deps] backport from main
    • Additional commits viewable in compare view

    Updates express from 4.16.3 to 4.18.2

    Release notes

    Sourced from express's releases.

    4.18.2

    4.18.1

    • Fix hanging on large stack of sync routes

    4.18.0

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.18.2 / 2022-10-08

    4.18.1 / 2022-04-29

    • Fix hanging on large stack of sync routes

    4.18.0 / 2022-04-25

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump express from 4.16.3 to 4.18.2 in /client

    Bump express from 4.16.3 to 4.18.2 in /client

    Bumps express from 4.16.3 to 4.18.2.

    Release notes

    Sourced from express's releases.

    4.18.2

    4.18.1

    • Fix hanging on large stack of sync routes

    4.18.0

    ... (truncated)

    Changelog

    Sourced from express's changelog.

    4.18.2 / 2022-10-08

    4.18.1 / 2022-04-29

    • Fix hanging on large stack of sync routes

    4.18.0 / 2022-04-25

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump decode-uri-component from 0.2.0 to 0.2.2 in /client

    Bump decode-uri-component from 0.2.0 to 0.2.2 in /client

    Bumps decode-uri-component from 0.2.0 to 0.2.2.

    Release notes

    Sourced from decode-uri-component's releases.

    v0.2.2

    • Prevent overwriting previously decoded tokens 980e0bf

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

    v0.2.1

    • Switch to GitHub workflows 76abc93
    • Fix issue where decode throws - fixes #6 746ca5d
    • Update license (#1) 486d7e2
    • Tidelift tasks a650457
    • Meta tweaks 66e1c28

    https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump loader-utils and preact-cli in /client

    Bump loader-utils and preact-cli in /client

    Bumps loader-utils to 1.4.2 and updates ancestor dependency preact-cli. These dependencies need to be updated together.

    Updates loader-utils from 1.1.0 to 1.4.2

    Release notes

    Sourced from loader-utils's releases.

    v1.4.2

    1.4.2 (2022-11-11)

    Bug Fixes

    v1.4.1

    1.4.1 (2022-11-07)

    Bug Fixes

    v1.4.0

    1.4.0 (2020-02-19)

    Features

    • the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

    v1.3.0

    1.3.0 (2020-02-19)

    Features

    • support the [query] template for the interpolatedName method (#162) (469eeba)

    v1.2.3

    1.2.3 (2018-12-27)

    Bug Fixes

    • interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

    v1.2.2

    1.2.2 (2018-12-27)

    Bug Fixes

    ... (truncated)

    Changelog

    Sourced from loader-utils's changelog.

    1.4.2 (2022-11-11)

    Bug Fixes

    1.4.1 (2022-11-07)

    Bug Fixes

    1.4.0 (2020-02-19)

    Features

    • the resourceQuery is passed to the interpolateName method (#163) (cd0e428)

    1.3.0 (2020-02-19)

    Features

    • support the [query] template for the interpolatedName method (#162) (469eeba)

    1.2.3 (2018-12-27)

    Bug Fixes

    • interpolateName: don't interpolated hashType without hash or contenthash (#140) (3528fd9)

    1.2.2 (2018-12-27)

    Bug Fixes

    ... (truncated)

    Commits
    Maintainer changes

    This version was pushed to npm by evilebottnawi, a new releaser for loader-utils since your current version.


    Updates preact-cli from 2.2.1 to 3.4.1

    Release notes

    Sourced from preact-cli's releases.

    [email protected]

    Patch Changes

    • #1711 5eb5d00 Thanks @​rschristian! - Fix ensures that the load-manifest is only attempted to be built in prod. It serves no use in dev (as preloading is limited to prod) and can create a race condition when used alongside HMR.

    [email protected]

    Minor Changes

    • #1674 0346549 Thanks @​rschristian! - Supports consuming "proxy" from package.json to proxy API requests in watch mode

    • #1671 8d3bd42 Thanks @​rschristian! - Any environment variables prefixed with 'PREACT_APP_' will automatically be available for reference and use in your application without having to configure DefinePlugin any more. Furthermore, if a .env file exists in the root of your application, any variables it defines will automatically be available for use.

      Huge shout out to robinvdvleuten who provided this functionality through the preact-cli-plugin-env-vars package in the past.

    Patch Changes

    [email protected]

    Patch Changes

    [email protected]

    Patch Changes

    ... (truncated)

    Commits
    Maintainer changes

    This version was pushed to npm by preactjs, a new releaser for preact-cli since your current version.


    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

  • Bump minimatch from 3.0.4 to 3.0.8 in /client

    Bump minimatch from 3.0.4 to 3.0.8 in /client

    Bumps minimatch from 3.0.4 to 3.0.8.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

GoatCounter is an open source web analytics platform available as a hosted service or self-hosted app

GoatCounter is an open source web analytics platform available as a hosted service (free for non-commercial use) or self-hosted app. It aims to offer easy to use and meaningful privacy-friendly web analytics as an alternative to Google Analytics or Matomo.

Dec 29, 2022
Remark42 is a self-hosted, lightweight, and simple comment engine
Remark42 is a self-hosted, lightweight, and simple comment engine

Remark42 is a self-hosted, lightweight, and simple (yet functional) comment engine, which doesn't spy on users. It can be embedded into blogs, articles or any other place where readers add comments.

Dec 28, 2022
Hammond is a self hosted vehicle management system to track fuel and other expenses related to all of your vehicles.
Hammond is a self hosted vehicle management system to track fuel and other expenses related to all of your vehicles.

Hammond is a self hosted vehicle management system to track fuel and other expenses related to all of your vehicles. It supports multiple users sharing multiple vehicles. It is the logical successor to Clarkson which has not been updated for quite some time now.

Jan 2, 2023
Self-hosted video-hosting website and video archival manager for Niconico, Bilibili, and Youtube
Self-hosted video-hosting website and video archival manager for Niconico, Bilibili, and Youtube

Self-hosted video-hosting website and video archival manager for Niconico, Bilibili, and Youtube

Jan 1, 2023
listmonk is a standalone high performance, self-hosted newsletter and mailing list manager with a modern dashboard. Single binary app.
listmonk is a standalone high performance, self-hosted newsletter and mailing list manager with a modern dashboard. Single binary app.

listmonk is a standalone, self-hosted, newsletter and mailing list manager. It is fast, feature-rich, and packed into a single binary. It uses a PostgreSQL database as its data store.

Jan 1, 2023
listmonk is a standalone, self-hosted, newsletter and mailing list manager
listmonk is a standalone, self-hosted, newsletter and mailing list manager

listmonk is a standalone, self-hosted, newsletter and mailing list manager. It is fast, feature-rich, and packed into a single binary. It uses a Postg

Aug 15, 2022
longurl is a self-hosted short url service.

longurl Introduction longurl is a self-hosted short url service. Try It Out curl -H "Content-Type:application/json" -X POST --data '{"url": "https://g

Oct 24, 2022
🖖🏻 A self-hosted Quora like web application written in Go
🖖🏻 A self-hosted Quora like web application written in Go

Guora ???? A self-hosted Quora like web application written in Go 基于 Golang 类似知乎的私有部署问答应用 包含问答、评论、点赞、管理后台等功能 Quick Start (Docker Deploy) $ docker-comp

Dec 27, 2022
A self-hosted golang application that listens for Terraform pull request events via webhooks.
A self-hosted golang application that listens for Terraform pull request events via webhooks.

Atlantis Terraform Pull Request Automation Resources What is Atlantis? What does it do? Why should you use it? Stargazers over time Resources How to g

Dec 9, 2021
This is my personal website, hosted on GitHub Pages

astrophena.name This is my personal website, hosted on GitHub Pages. Serving locally You need the latest Go and Node.js installed.

Nov 16, 2022
Okta Golang Gin & Okta-Hosted Login Page Example

Okta Golang Gin & Okta-Hosted Login Page Example This example shows you how to use the Okta JWT verifier library to login a user to a Golang Gin appli

Oct 31, 2022
GoTrue is a small open-source API written in Golang, that can act as a self-standing API service for handling user registration and authentication for Jamstack projects.
GoTrue is a small open-source API written in Golang, that can act as a self-standing API service for handling user registration and authentication for Jamstack projects.

GoTrue is a small open-source API written in Golang, that can act as a self-standing API service for handling user registration and authentication for Jamstack projects.

Dec 13, 2021
LinkPage is a FOSS self-hosted alternative to link listing websites such as LinkTree and Campsite.bio
LinkPage is a FOSS self-hosted alternative to link listing websites such as LinkTree and Campsite.bio

LinkPage LinkPage is a FOSS self-hosted alternative to link listing websites such as LinkTree and Campsite.bio Features Self hostable and open source

Dec 22, 2022
Focalboard is an open source, self-hosted alternative to Trello, Notion, and Asana.
Focalboard is an open source, self-hosted alternative to Trello, Notion, and Asana.

Focalboard Like what you see? ?? Give us a GitHub Star! ⭐ Focalboard is an open source, self-hosted alternative to Trello, Notion, and Asana. It helps

Jan 9, 2023
Gogrok is a self hosted, easy to use alternative to ngrok. It uses SSH as a base protocol, using channels and existing functionality to tunnel requests to an endpoint.

gogrok A simple, easy to use ngrok alternative (self hosted!) The server and client can also be easily embedded into your applications, see the 'serve

Dec 3, 2022
Underpass - Self-hosted ngrok alternative.

Underpass Self-hosted ngrok alternative. Installation (CLI) brew install

Dec 28, 2022
QuickClip - A self hosted, simple alternative to PasteBin

QuickClip A self hosted, simple alternative to PasteBin. Issues On Debian ./Quic

Jan 26, 2022
GoatCounter is an open source web analytics platform available as a hosted service or self-hosted app

GoatCounter is an open source web analytics platform available as a hosted service (free for non-commercial use) or self-hosted app. It aims to offer easy to use and meaningful privacy-friendly web analytics as an alternative to Google Analytics or Matomo.

Dec 29, 2022
Selenium Hub successor running browsers within containers. Scalable, immutable, self hosted Selenium-Grid on any platform with single binary.
Selenium Hub successor running browsers within containers. Scalable, immutable, self hosted Selenium-Grid on any platform with single binary.

Selenoid Selenoid is a powerful implementation of Selenium hub using Docker containers to launch browsers. Features One-command Installation Start bro

Jan 5, 2023
Git with a cup of tea, painless self-hosted git service
Git with a cup of tea, painless self-hosted git service

Gitea - Git with a cup of tea View the chinese version of this document Purpose The goal of this project is to make the easiest, fastest, and most pai

Jan 2, 2023