db is now initiated via utilsController, and gets re-used by main
lolisafe.js script and the other controllers
this should now make sure we only have 1 active db connection pool ever
this is a pretty big refactor due to how we used to reference db,
but it should functionally be identical
every now and then i got curious of what people add to their forks,
and sometimes i'd be like, "hey, that makes sense!"
i remember that back in the days, i switched to nunjucks because of
someone's fork too
we used to use handlebars, which i've had some misgivings with for
awhile back then
either way all i'm saying is that it's the case this time around with
this commit
thanks for reading
49d12004e8
this should properly dispose of unfinished write & hasher streams on
any errors if they have been initiated
also do content-length header check a bit more early
first layer is via sending HEAD request to the url to determine its size
via content-length header
however not all hosts properly set the header, so we ignore it if
it isn't a valid number
next via size option in fetch(), which supposedly limits response body
size during the request itself (?)
lastly via checking actual bytes written to physical file as reported by
fs.createWriteStream()
this supersedes the old temporaryUploadAges, while maintaining full
backwards-compatibility.
please consult config.sample.js if you want to start using this
this required expanding our custom error classes with support for
arbitrary internal api error codes
however it'll only be used for invalid token errors for now (10001)
no plan to assign codes to other existing api errors
at that point it's probably better to redo the whole api infrastructure
change logic to list physical files instead, since the zipGeneratedAt
attribute may still exist despite site owners having already done
physical clean-ups
only usergroup and file extension bypass
real file size can't be determined before passthrough scan,
so there's no bypass by max file size
please read the comments in sample config file
refactored utils.clamscan into utils.scan
GIFs are known to not work without custom globally-installed libvips
with ImageMagick or GraphicsMagick support.
https://sharp.pixelplumbing.com/api-output#gifhttps://sharp.pixelplumbing.com/install#custom-libvips
It's highly recommended to update your config following the changes to
the sample config file.
This also addressed a bug where images would still get recorded to DB
despite them not existing physically due to strip tags errors.
Made the codes for stats generation a bit more readable.
Usage percentage for file systems will now properly reflect "non-root"
usage percentage in ext2/3/4 file systems.
Also Object.freeze() permissions object in permissionController.
I don't think it's much to be worried about, as no "set" will be done to
it during the service's operation, but oh well, might as well.
Bobby
Bobby Wibowo