From f0a4dc5f8fdfe9012f753f24076b510301f33bd8 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Tue, 9 Nov 2021 18:04:05 +0100 Subject: [PATCH 01/52] Add a malware-scanner service. --- .../items/key-updates/malware-scanner.md | 1 + dc | 7 +- docker-compose.malware-scanner.yml | 55 ++ docker/clamav/clamd.conf | 794 ++++++++++++++++++ docker/malware-scanner/Dockerfile | 22 + 5 files changed, 878 insertions(+), 1 deletion(-) create mode 100644 changelog/items/key-updates/malware-scanner.md create mode 100644 docker-compose.malware-scanner.yml create mode 100644 docker/clamav/clamd.conf create mode 100644 docker/malware-scanner/Dockerfile diff --git a/changelog/items/key-updates/malware-scanner.md b/changelog/items/key-updates/malware-scanner.md new file mode 100644 index 00000000..2559b033 --- /dev/null +++ b/changelog/items/key-updates/malware-scanner.md @@ -0,0 +1 @@ +- Add malware scanner service, activated by adding `s` to `PORTAL_MODULES` diff --git a/dc b/dc index 60418cb8..50fd27e4 100755 --- a/dc +++ b/dc @@ -18,7 +18,12 @@ for i in $(seq 1 ${#PORTAL_MODULES}); do COMPOSE_FILES+=" -f docker-compose.jaeger.yml" fi - # mongodb module - alias "m". implied by "a" + # malware-scanner module - alias "s" + if [[ ${PORTAL_MODULES:i-1:1} == "s" ]]; then + COMPOSE_FILES+=" -f docker-compose.mongodb.yml -f docker-compose.malware-scanner.yml" + fi + + # mongodb module - alias "m". implied by "a" and "c" if [[ ${PORTAL_MODULES:i-1:1} == "m" ]]; then COMPOSE_FILES+=" -f docker-compose.mongodb.yml" fi diff --git a/docker-compose.malware-scanner.yml b/docker-compose.malware-scanner.yml new file mode 100644 index 00000000..405e6542 --- /dev/null +++ b/docker-compose.malware-scanner.yml @@ -0,0 +1,55 @@ +version: "3.7" + +x-logging: &default-logging + driver: json-file + options: + max-size: "10m" + max-file: "3" + +services: + + clamav: + image: clamav/clamav:stable_base + container_name: clamav + restart: on-failure + logging: *default-logging + volumes: + - ./docker/data/clamav/defs:/var/lib/clamav + - ./docker/clamav/clamd.conf:/etc/clamav/clamd.conf:ro + expose: + - 3310 # NEVER expose this outside of the local network! + deploy: + resources: + limits: + cpus: '0.50' + networks: + shared: + ipv4_address: 10.10.10.100 + + malware-scanner: + build: + context: ./docker/malware-scanner + dockerfile: Dockerfile + args: + branch: main + container_name: malware-scanner + restart: unless-stopped + logging: *default-logging + env_file: + - .env + environment: + - CLAMAV_IP=${CLAMAV_IP:-10.10.10.100} + - CLAMAV_PORT=${CLAMAV_PORT:-3310} + - MALWARE_SCANNER_PORT=${MALWARE_SCANNER_PORT:-4000} + - PORTAL_DOMAIN=${PORTAL_DOMAIN} + - SKYNET_DB_HOST=${SKYNET_DB_HOST} + - SKYNET_DB_PORT=${SKYNET_DB_PORT} + - SKYNET_DB_USER=${SKYNET_DB_USER} + - SKYNET_DB_PASS=${SKYNET_DB_PASS} + expose: + - 4000 + networks: + shared: + ipv4_address: 10.10.10.101 + depends_on: + - clamav diff --git a/docker/clamav/clamd.conf b/docker/clamav/clamd.conf new file mode 100644 index 00000000..6b61e57f --- /dev/null +++ b/docker/clamav/clamd.conf @@ -0,0 +1,794 @@ +## +## Example config file for the Clam AV daemon +## Please read the clamd.conf(5) manual before editing this file. +## + + +# Comment or remove the line below. +# Example + +# Uncomment this option to enable logging. +# LogFile must be writable for the user running daemon. +# A full path is required. +# Default: disabled +LogFile /var/log/clamav/clamd.log + +# By default the log file is locked for writing - the lock protects against +# running clamd multiple times (if want to run another clamd, please +# copy the configuration file, change the LogFile variable, and run +# the daemon with --config-file option). +# This option disables log file locking. +# Default: no +#LogFileUnlock yes + +# Maximum size of the log file. +# Value of 0 disables the limit. +# You may use 'M' or 'm' for megabytes (1M = 1m = 1048576 bytes) +# and 'K' or 'k' for kilobytes (1K = 1k = 1024 bytes). To specify the size +# in bytes just don't use modifiers. If LogFileMaxSize is enabled, log +# rotation (the LogRotate option) will always be enabled. +# Default: 1M +LogFileMaxSize 50M + +# Log time with each message. +# Default: no +LogTime yes + +# Also log clean files. Useful in debugging but drastically increases the +# log size. +# Default: no +#LogClean yes + +# Use system logger (can work together with LogFile). +# Default: no +#LogSyslog yes + +# Specify the type of syslog messages - please refer to 'man syslog' +# for facility names. +# Default: LOG_LOCAL6 +#LogFacility LOG_MAIL + +# Enable verbose logging. +# Default: no +#LogVerbose yes + +# Enable log rotation. Always enabled when LogFileMaxSize is enabled. +# Default: no +#LogRotate yes + +# Enable Prelude output. +# Default: no +#PreludeEnable yes +# +# Set the name of the analyzer used by prelude-admin. +# Default: ClamAV +#PreludeAnalyzerName ClamAV + +# Log additional information about the infected file, such as its +# size and hash, together with the virus name. +#ExtendedDetectionInfo yes + +# This option allows you to save a process identifier of the listening +# daemon (main thread). +# This file will be owned by root, as long as clamd was started by root. +# It is recommended that the directory where this file is stored is +# also owned by root to keep other users from tampering with it. +# Default: disabled +PidFile /run/lock/clamd.pid + +# Optional path to the global temporary directory. +# Default: system specific (usually /tmp or /var/tmp). +#TemporaryDirectory /var/tmp + +# Path to the database directory. +# Default: hardcoded (depends on installation options) +#DatabaseDirectory /var/lib/clamav + +# Only load the official signatures published by the ClamAV project. +# Default: no +#OfficialDatabaseOnly no + +# The daemon can work in local mode, network mode or both. +# Due to security reasons we recommend the local mode. + +# Path to a local socket file the daemon will listen on. +# Default: disabled (must be specified by a user) +LocalSocket /run/clamav/clamd.sock + +# Sets the group ownership on the unix socket. +# Default: disabled (the primary group of the user running clamd) +#LocalSocketGroup virusgroup + +# Sets the permissions on the unix socket to the specified mode. +# Default: disabled (socket is world accessible) +#LocalSocketMode 660 + +# Remove stale socket after unclean shutdown. +# Default: yes +#FixStaleSocket yes + +# TCP port address. +# Default: no +TCPSocket 3310 + +# TCP address. +# By default we bind to INADDR_ANY, probably not wise. +# Enable the following to provide some degree of protection +# from the outside world. This option can be specified multiple +# times if you want to listen on multiple IPs. IPv6 is now supported. +# Default: no +TCPAddr 0.0.0.0 + +# Maximum length the queue of pending connections may grow to. +# Default: 200 +#MaxConnectionQueueLength 30 + +# Clamd uses FTP-like protocol to receive data from remote clients. +# If you are using clamav-milter to balance load between remote clamd daemons +# on firewall servers you may need to tune the options below. + +# Close the connection when the data size limit is exceeded. +# The value should match your MTA's limit for a maximum attachment size. +# Default: 25M +StreamMaxLength 1024M + +# Limit port range. +# Default: 1024 +#StreamMinPort 30000 +# Default: 2048 +#StreamMaxPort 32000 + +# Maximum number of threads running at the same time. +# Default: 10 +#MaxThreads 20 + +# Waiting for data from a client socket will timeout after this time (seconds). +# Default: 120 +#ReadTimeout 300 + +# This option specifies the time (in seconds) after which clamd should +# timeout if a client doesn't provide any initial command after connecting. +# Default: 30 +#CommandReadTimeout 30 + +# This option specifies how long to wait (in milliseconds) if the send buffer +# is full. +# Keep this value low to prevent clamd hanging. +# +# Default: 500 +#SendBufTimeout 200 + +# Maximum number of queued items (including those being processed by +# MaxThreads threads). +# It is recommended to have this value at least twice MaxThreads if possible. +# WARNING: you shouldn't increase this too much to avoid running out of file +# descriptors, the following condition should hold: +# MaxThreads*MaxRecursion + (MaxQueue - MaxThreads) + 6< RLIMIT_NOFILE (usual +# max is 1024). +# +# Default: 100 +#MaxQueue 200 + +# Waiting for a new job will timeout after this time (seconds). +# Default: 30 +#IdleTimeout 60 + +# Don't scan files and directories matching regex +# This directive can be used multiple times +# Default: scan all +#ExcludePath ^/proc/ +#ExcludePath ^/sys/ + +# Maximum depth directories are scanned at. +# Default: 15 +#MaxDirectoryRecursion 20 + +# Follow directory symlinks. +# Default: no +#FollowDirectorySymlinks yes + +# Follow regular file symlinks. +# Default: no +#FollowFileSymlinks yes + +# Scan files and directories on other filesystems. +# Default: yes +#CrossFilesystems yes + +# Perform a database check. +# Default: 600 (10 min) +#SelfCheck 600 + +# Enable non-blocking (multi-threaded/concurrent) database reloads. +# This feature will temporarily load a second scanning engine while scanning +# continues using the first engine. Once loaded, the new engine takes over. +# The old engine is removed as soon as all scans using the old engine have +# completed. +# This feature requires more RAM, so this option is provided in case users are +# willing to block scans during reload in exchange for lower RAM requirements. +# Default: yes +ConcurrentDatabaseReload no + +# Execute a command when virus is found. In the command string %v will +# be replaced with the virus name and %f will be replaced with the file name. +# Additionally, two environment variables will be defined: $CLAM_VIRUSEVENT_FILENAME +# and $CLAM_VIRUSEVENT_VIRUSNAME. +# Default: no +#VirusEvent /usr/local/bin/send_sms 123456789 "VIRUS ALERT: %v in %f" + +# Run as another user (clamd must be started by root for this option to work) +# Default: don't drop privileges +User clamav + +# Stop daemon when libclamav reports out of memory condition. +#ExitOnOOM yes + +# Don't fork into background. +# Default: no +#Foreground yes + +# Enable debug messages in libclamav. +# Default: no +#Debug yes + +# Do not remove temporary files (for debug purposes). +# Default: no +#LeaveTemporaryFiles yes + +# Permit use of the ALLMATCHSCAN command. If set to no, clamd will reject +# any ALLMATCHSCAN command as invalid. +# Default: yes +#AllowAllMatchScan no + +# Detect Possibly Unwanted Applications. +# Default: no +#DetectPUA yes + +# Exclude a specific PUA category. This directive can be used multiple times. +# See https://github.com/vrtadmin/clamav-faq/blob/master/faq/faq-pua.md for +# the complete list of PUA categories. +# Default: Load all categories (if DetectPUA is activated) +#ExcludePUA NetTool +#ExcludePUA PWTool + +# Only include a specific PUA category. This directive can be used multiple +# times. +# Default: Load all categories (if DetectPUA is activated) +#IncludePUA Spy +#IncludePUA Scanner +#IncludePUA RAT + +# This option causes memory or nested map scans to dump the content to disk. +# If you turn on this option, more data is written to disk and is available +# when the LeaveTemporaryFiles option is enabled. +#ForceToDisk yes + +# This option allows you to disable the caching feature of the engine. By +# default, the engine will store an MD5 in a cache of any files that are +# not flagged as virus or that hit limits checks. Disabling the cache will +# have a negative performance impact on large scans. +# Default: no +#DisableCache yes + +# In some cases (eg. complex malware, exploits in graphic files, and others), +# ClamAV uses special algorithms to detect abnormal patterns and behaviors that +# may be malicious. This option enables alerting on such heuristically +# detected potential threats. +# Default: yes +#HeuristicAlerts yes + +# Allow heuristic alerts to take precedence. +# When enabled, if a heuristic scan (such as phishingScan) detects +# a possible virus/phish it will stop scan immediately. Recommended, saves CPU +# scan-time. +# When disabled, virus/phish detected by heuristic scans will be reported only +# at the end of a scan. If an archive contains both a heuristically detected +# virus/phish, and a real malware, the real malware will be reported +# +# Keep this disabled if you intend to handle "Heuristics.*" viruses +# differently from "real" malware. +# If a non-heuristically-detected virus (signature-based) is found first, +# the scan is interrupted immediately, regardless of this config option. +# +# Default: no +#HeuristicScanPrecedence yes + + +## +## Heuristic Alerts +## + +# With this option clamav will try to detect broken executables (both PE and +# ELF) and alert on them with the Broken.Executable heuristic signature. +# Default: no +#AlertBrokenExecutables yes + +# With this option clamav will try to detect broken media file (JPEG, +# TIFF, PNG, GIF) and alert on them with a Broken.Media heuristic signature. +# Default: no +#AlertBrokenMedia yes + +# Alert on encrypted archives _and_ documents with heuristic signature +# (encrypted .zip, .7zip, .rar, .pdf). +# Default: no +#AlertEncrypted yes + +# Alert on encrypted archives with heuristic signature (encrypted .zip, .7zip, +# .rar). +# Default: no +#AlertEncryptedArchive yes + +# Alert on encrypted archives with heuristic signature (encrypted .pdf). +# Default: no +#AlertEncryptedDoc yes + +# With this option enabled OLE2 files containing VBA macros, which were not +# detected by signatures will be marked as "Heuristics.OLE2.ContainsMacros". +# Default: no +#AlertOLE2Macros yes + +# Alert on SSL mismatches in URLs, even if the URL isn't in the database. +# This can lead to false positives. +# Default: no +#AlertPhishingSSLMismatch yes + +# Alert on cloaked URLs, even if URL isn't in database. +# This can lead to false positives. +# Default: no +#AlertPhishingCloak yes + +# Alert on raw DMG image files containing partition intersections +# Default: no +#AlertPartitionIntersection yes + + +## +## Executable files +## + +# PE stands for Portable Executable - it's an executable file format used +# in all 32 and 64-bit versions of Windows operating systems. This option +# allows ClamAV to perform a deeper analysis of executable files and it's also +# required for decompression of popular executable packers such as UPX, FSG, +# and Petite. If you turn off this option, the original files will still be +# scanned, but without additional processing. +# Default: yes +#ScanPE yes + +# Certain PE files contain an authenticode signature. By default, we check +# the signature chain in the PE file against a database of trusted and +# revoked certificates if the file being scanned is marked as a virus. +# If any certificate in the chain validates against any trusted root, but +# does not match any revoked certificate, the file is marked as trusted. +# If the file does match a revoked certificate, the file is marked as virus. +# The following setting completely turns off authenticode verification. +# Default: no +#DisableCertCheck yes + +# Executable and Linking Format is a standard format for UN*X executables. +# This option allows you to control the scanning of ELF files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +#ScanELF yes + + +## +## Documents +## + +# This option enables scanning of OLE2 files, such as Microsoft Office +# documents and .msi files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +#ScanOLE2 yes + +# This option enables scanning within PDF files. +# If you turn off this option, the original files will still be scanned, but +# without decoding and additional processing. +# Default: yes +#ScanPDF yes + +# This option enables scanning within SWF files. +# If you turn off this option, the original files will still be scanned, but +# without decoding and additional processing. +# Default: yes +#ScanSWF yes + +# This option enables scanning xml-based document files supported by libclamav. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +#ScanXMLDOCS yes + +# This option enables scanning of HWP3 files. +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +# Default: yes +#ScanHWP3 yes + + +## +## Mail files +## + +# Enable internal e-mail scanner. +# If you turn off this option, the original files will still be scanned, but +# without parsing individual messages/attachments. +# Default: yes +#ScanMail yes + +# Scan RFC1341 messages split over many emails. +# You will need to periodically clean up $TemporaryDirectory/clamav-partial +# directory. +# WARNING: This option may open your system to a DoS attack. +# Never use it on loaded servers. +# Default: no +#ScanPartialMessages yes + +# With this option enabled ClamAV will try to detect phishing attempts by using +# HTML.Phishing and Email.Phishing NDB signatures. +# Default: yes +#PhishingSignatures no + +# With this option enabled ClamAV will try to detect phishing attempts by +# analyzing URLs found in emails using WDB and PDB signature databases. +# Default: yes +#PhishingScanURLs no + + +## +## Data Loss Prevention (DLP) +## + +# Enable the DLP module +# Default: No +#StructuredDataDetection yes + +# This option sets the lowest number of Credit Card numbers found in a file +# to generate a detect. +# Default: 3 +#StructuredMinCreditCardCount 5 + +# With this option enabled the DLP module will search for valid Credit Card +# numbers only. Debit and Private Label cards will not be searched. +# Default: no +#StructuredCCOnly yes + +# This option sets the lowest number of Social Security Numbers found +# in a file to generate a detect. +# Default: 3 +#StructuredMinSSNCount 5 + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxx-yy-zzzz +# Default: yes +#StructuredSSNFormatNormal yes + +# With this option enabled the DLP module will search for valid +# SSNs formatted as xxxyyzzzz +# Default: no +#StructuredSSNFormatStripped yes + + +## +## HTML +## + +# Perform HTML normalisation and decryption of MS Script Encoder code. +# Default: yes +# If you turn off this option, the original files will still be scanned, but +# without additional processing. +#ScanHTML yes + + +## +## Archives +## + +# ClamAV can scan within archives and compressed files. +# If you turn off this option, the original files will still be scanned, but +# without unpacking and additional processing. +# Default: yes +#ScanArchive yes + + +## +## Limits +## + +# The options below protect your system against Denial of Service attacks +# using archive bombs. + +# This option sets the maximum amount of time to a scan may take. +# In this version, this field only affects the scan time of ZIP archives. +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result allow scanning +# of certain files to lock up the scanning process/threads resulting in a +# Denial of Service. +# Time is in milliseconds. +# Default: 120000 +MaxScanTime 300000 + +# This option sets the maximum amount of data to be scanned for each input +# file. Archives and other containers are recursively extracted and scanned +# up to this value. +# Value of 0 disables the limit +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 100M +MaxScanSize 1024M + +# Files larger than this limit won't be scanned. Affects the input file itself +# as well as files contained inside it (when the input file is an archive, a +# document or some other kind of container). +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Technical design limitations prevent ClamAV from scanning files greater than +# 2 GB at this time. +# Default: 25M +MaxFileSize 1024M + +# Nested archives are scanned recursively, e.g. if a Zip archive contains a RAR +# file, all files within it will also be scanned. This options specifies how +# deeply the process should be continued. +# Note: setting this limit too high may result in severe damage to the system. +# Default: 17 +#MaxRecursion 10 + +# Number of files to be scanned within an archive, a document, or any other +# container file. +# Value of 0 disables the limit. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 10000 +#MaxFiles 15000 + +# Maximum size of a file to check for embedded PE. Files larger than this value +# will skip the additional analysis step. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 10M +#MaxEmbeddedPE 10M + +# Maximum size of a HTML file to normalize. HTML files larger than this value +# will not be normalized or scanned. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 10M +#MaxHTMLNormalize 10M + +# Maximum size of a normalized HTML file to scan. HTML files larger than this +# value after normalization will not be scanned. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 2M +#MaxHTMLNoTags 2M + +# Maximum size of a script file to normalize. Script content larger than this +# value will not be normalized or scanned. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 5M +#MaxScriptNormalize 5M + +# Maximum size of a ZIP file to reanalyze type recognition. ZIP files larger +# than this value will skip the step to potentially reanalyze as PE. +# Note: disabling this limit or setting it too high may result in severe damage +# to the system. +# Default: 1M +#MaxZipTypeRcg 1M + +# This option sets the maximum number of partitions of a raw disk image to be +# scanned. +# Raw disk images with more partitions than this value will have up to +# the value number partitions scanned. Negative values are not allowed. +# Note: setting this limit too high may result in severe damage or impact +# performance. +# Default: 50 +#MaxPartitions 128 + +# This option sets the maximum number of icons within a PE to be scanned. +# PE files with more icons than this value will have up to the value number +# icons scanned. +# Negative values are not allowed. +# WARNING: setting this limit too high may result in severe damage or impact +# performance. +# Default: 100 +#MaxIconsPE 200 + +# This option sets the maximum recursive calls for HWP3 parsing during +# scanning. HWP3 files using more than this limit will be terminated and +# alert the user. +# Scans will be unable to scan any HWP3 attachments if the recursive limit +# is reached. +# Negative values are not allowed. +# WARNING: setting this limit too high may result in severe damage or impact +# performance. +# Default: 16 +#MaxRecHWP3 16 + +# This option sets the maximum calls to the PCRE match function during +# an instance of regex matching. +# Instances using more than this limit will be terminated and alert the user +# but the scan will continue. +# For more information on match_limit, see the PCRE documentation. +# Negative values are not allowed. +# WARNING: setting this limit too high may severely impact performance. +# Default: 100000 +#PCREMatchLimit 20000 + +# This option sets the maximum recursive calls to the PCRE match function +# during an instance of regex matching. +# Instances using more than this limit will be terminated and alert the user +# but the scan will continue. +# For more information on match_limit_recursion, see the PCRE documentation. +# Negative values are not allowed and values > PCREMatchLimit are superfluous. +# WARNING: setting this limit too high may severely impact performance. +# Default: 2000 +#PCRERecMatchLimit 10000 + +# This option sets the maximum filesize for which PCRE subsigs will be +# executed. Files exceeding this limit will not have PCRE subsigs executed +# unless a subsig is encompassed to a smaller buffer. +# Negative values are not allowed. +# Setting this value to zero disables the limit. +# WARNING: setting this limit too high or disabling it may severely impact +# performance. +# Default: 25M +#PCREMaxFileSize 100M + +# When AlertExceedsMax is set, files exceeding the MaxFileSize, MaxScanSize, or +# MaxRecursion limit will be flagged with the virus name starting with +# "Heuristics.Limits.Exceeded". +# Default: no +#AlertExceedsMax yes + +## +## On-access Scan Settings +## + +# Don't scan files larger than OnAccessMaxFileSize +# Value of 0 disables the limit. +# Default: 5M +#OnAccessMaxFileSize 10M + +# Max number of scanning threads to allocate to the OnAccess thread pool at +# startup. These threads are the ones responsible for creating a connection +# with the daemon and kicking off scanning after an event has been processed. +# To prevent clamonacc from consuming all clamd's resources keep this lower +# than clamd's max threads. +# Default: 5 +#OnAccessMaxThreads 10 + +# Max amount of time (in milliseconds) that the OnAccess client should spend +# for every connect, send, and recieve attempt when communicating with clamd +# via curl. +# Default: 5000 (5 seconds) +# OnAccessCurlTimeout 10000 + +# Toggles dynamic directory determination. Allows for recursively watching +# include paths. +# Default: no +#OnAccessDisableDDD yes + +# Set the include paths (all files inside them will be scanned). You can have +# multiple OnAccessIncludePath directives but each directory must be added +# in a separate line. +# Default: disabled +#OnAccessIncludePath /home +#OnAccessIncludePath /students + +# Set the exclude paths. All subdirectories are also excluded. +# Default: disabled +#OnAccessExcludePath /home/user + +# Modifies fanotify blocking behaviour when handling permission events. +# If off, fanotify will only notify if the file scanned is a virus, +# and not perform any blocking. +# Default: no +#OnAccessPrevention yes + +# When using prevention, if this option is turned on, any errors that occur +# during scanning will result in the event attempt being denied. This could +# potentially lead to unwanted system behaviour with certain configurations, +# so the client defaults this to off and prefers allowing access events in +# case of scan or connection error. +# Default: no +#OnAccessDenyOnError yes + +# Toggles extra scanning and notifications when a file or directory is +# created or moved. +# Requires the DDD system to kick-off extra scans. +# Default: no +#OnAccessExtraScanning yes + +# Set the mount point to be scanned. The mount point specified, or the mount +# point containing the specified directory will be watched. If any directories +# are specified, this option will preempt (disable and ignore all options +# related to) the DDD system. This option will result in verdicts only. +# Note that prevention is explicitly disallowed to prevent common, fatal +# misconfigurations. (e.g. watching "/" with prevention on and no exclusions +# made on vital system directories) +# It can be used multiple times. +# Default: disabled +#OnAccessMountPath / +#OnAccessMountPath /home/user + +# With this option you can exclude the root UID (0). Processes run under +# root with be able to access all files without triggering scans or +# permission denied events. +# Note that if clamd cannot check the uid of the process that generated an +# on-access scan event (e.g., because OnAccessPrevention was not enabled, and +# the process already exited), clamd will perform a scan. Thus, setting +# OnAccessExcludeRootUID is not *guaranteed* to prevent every access by the +# root user from triggering a scan (unless OnAccessPrevention is enabled). +# Default: no +#OnAccessExcludeRootUID no + +# With this option you can exclude specific UIDs. Processes with these UIDs +# will be able to access all files without triggering scans or permission +# denied events. +# This option can be used multiple times (one per line). +# Using a value of 0 on any line will disable this option entirely. +# To exclude the root UID (0) please enable the OnAccessExcludeRootUID +# option. +# Also note that if clamd cannot check the uid of the process that generated an +# on-access scan event (e.g., because OnAccessPrevention was not enabled, and +# the process already exited), clamd will perform a scan. Thus, setting +# OnAccessExcludeUID is not *guaranteed* to prevent every access by the +# specified uid from triggering a scan (unless OnAccessPrevention is enabled). +# Default: disabled +#OnAccessExcludeUID -1 + +# This option allows exclusions via user names when using the on-access +# scanning client. It can be used multiple times. +# It has the same potential race condition limitations of the +# OnAccessExcludeUID option. +# Default: disabled +#OnAccessExcludeUname clamav + +# Number of times the OnAccess client will retry a failed scan due to +# connection problems (or other issues). +# Default: 0 +#OnAccessRetryAttempts 3 + +## +## Bytecode +## + +# With this option enabled ClamAV will load bytecode from the database. +# It is highly recommended you keep this option on, otherwise you'll miss +# detections for many new viruses. +# Default: yes +#Bytecode yes + +# Set bytecode security level. +# Possible values: +# None - No security at all, meant for debugging. +# DO NOT USE THIS ON PRODUCTION SYSTEMS. +# This value is only available if clamav was built +# with --enable-debug! +# TrustSigned - Trust bytecode loaded from signed .c[lv]d files, insert +# runtime safety checks for bytecode loaded from other sources. +# Paranoid - Don't trust any bytecode, insert runtime checks for all. +# Recommended: TrustSigned, because bytecode in .cvd files already has these +# checks. +# Note that by default only signed bytecode is loaded, currently you can only +# load unsigned bytecode in --enable-debug mode. +# +# Default: TrustSigned +#BytecodeSecurity TrustSigned + +# Allow loading bytecode from outside digitally signed .c[lv]d files. +# **Caution**: You should NEVER run bytecode signatures from untrusted sources. +# Doing so may result in arbitrary code execution. +# Default: no +#BytecodeUnsigned yes + +# Set bytecode timeout in milliseconds. +# +# Default: 5000 +# BytecodeTimeout 1000 diff --git a/docker/malware-scanner/Dockerfile b/docker/malware-scanner/Dockerfile new file mode 100644 index 00000000..fa389ddb --- /dev/null +++ b/docker/malware-scanner/Dockerfile @@ -0,0 +1,22 @@ +FROM golang:1.17 +LABEL maintainer="SkynetLabs " + +ENV GOOS linux +ENV GOARCH amd64 + +ARG branch=main + +WORKDIR /root + +RUN git clone --single-branch --branch ${branch} https://github.com/SkynetLabs/malware-scanner.git && \ + cd malware-scanner && \ + go mod download && \ + make release + +ENV SKYNET_DB_HOST="localhost" +ENV SKYNET_DB_PORT="27017" +ENV SKYNET_DB_USER="username" +ENV SKYNET_DB_PASS="password" +ENV MALWARE_SCANNER_PORT=4000 + +ENTRYPOINT ["malware-scanner"] From 50b2c8f85cc8953e863d5f8f8952d9f9771e7162 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Wed, 10 Nov 2021 21:09:16 +0100 Subject: [PATCH 02/52] Add ClamAV config and continue the setup. --- docker-compose.malware-scanner.yml | 10 +++------- docker/malware-scanner/Dockerfile | 10 +++++----- docker/{clamav => malware-scanner}/clamd.conf | 0 3 files changed, 8 insertions(+), 12 deletions(-) rename docker/{clamav => malware-scanner}/clamd.conf (100%) diff --git a/docker-compose.malware-scanner.yml b/docker-compose.malware-scanner.yml index 405e6542..09b595c2 100644 --- a/docker-compose.malware-scanner.yml +++ b/docker-compose.malware-scanner.yml @@ -31,25 +31,21 @@ services: context: ./docker/malware-scanner dockerfile: Dockerfile args: - branch: main + branch: tmp container_name: malware-scanner restart: unless-stopped logging: *default-logging env_file: - .env environment: + - SKYNET_DB_HOST=${SKYNET_DB_HOST} - CLAMAV_IP=${CLAMAV_IP:-10.10.10.100} - CLAMAV_PORT=${CLAMAV_PORT:-3310} - - MALWARE_SCANNER_PORT=${MALWARE_SCANNER_PORT:-4000} - - PORTAL_DOMAIN=${PORTAL_DOMAIN} - - SKYNET_DB_HOST=${SKYNET_DB_HOST} - - SKYNET_DB_PORT=${SKYNET_DB_PORT} - - SKYNET_DB_USER=${SKYNET_DB_USER} - - SKYNET_DB_PASS=${SKYNET_DB_PASS} expose: - 4000 networks: shared: ipv4_address: 10.10.10.101 depends_on: + - mongo - clamav diff --git a/docker/malware-scanner/Dockerfile b/docker/malware-scanner/Dockerfile index fa389ddb..c1f45d33 100644 --- a/docker/malware-scanner/Dockerfile +++ b/docker/malware-scanner/Dockerfile @@ -13,10 +13,10 @@ RUN git clone --single-branch --branch ${branch} https://github.com/SkynetLabs/m go mod download && \ make release -ENV SKYNET_DB_HOST="localhost" -ENV SKYNET_DB_PORT="27017" -ENV SKYNET_DB_USER="username" -ENV SKYNET_DB_PASS="password" -ENV MALWARE_SCANNER_PORT=4000 +ARG SKYNET_DB_HOST=localhost +ARG SKYNET_DB_PORT=27017 +ARG SKYNET_DB_USER=username +ARG SKYNET_DB_PASS=password +ARG MALWARE_SCANNER_PORT=4000 ENTRYPOINT ["malware-scanner"] diff --git a/docker/clamav/clamd.conf b/docker/malware-scanner/clamd.conf similarity index 100% rename from docker/clamav/clamd.conf rename to docker/malware-scanner/clamd.conf From f92ff89d713187cdf6fa41687f2330c815de757a Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 11 Nov 2021 10:34:50 +0100 Subject: [PATCH 03/52] Use the `malware-scanner` data dir. --- docker-compose.malware-scanner.yml | 5 ++--- docker/accounts/Dockerfile | 2 +- docker/malware-scanner/Dockerfile | 12 +++++++----- 3 files changed, 10 insertions(+), 9 deletions(-) diff --git a/docker-compose.malware-scanner.yml b/docker-compose.malware-scanner.yml index 09b595c2..ec1eca9f 100644 --- a/docker-compose.malware-scanner.yml +++ b/docker-compose.malware-scanner.yml @@ -14,8 +14,8 @@ services: restart: on-failure logging: *default-logging volumes: - - ./docker/data/clamav/defs:/var/lib/clamav - - ./docker/clamav/clamd.conf:/etc/clamav/clamd.conf:ro + - ./docker/data/malware-scanner/clamav/defs:/var/lib/clamav + - ./docker/malware-scanner/clamd.conf:/etc/clamav/clamd.conf:ro expose: - 3310 # NEVER expose this outside of the local network! deploy: @@ -38,7 +38,6 @@ services: env_file: - .env environment: - - SKYNET_DB_HOST=${SKYNET_DB_HOST} - CLAMAV_IP=${CLAMAV_IP:-10.10.10.100} - CLAMAV_PORT=${CLAMAV_PORT:-3310} expose: diff --git a/docker/accounts/Dockerfile b/docker/accounts/Dockerfile index f1670bf4..5cbf359a 100644 --- a/docker/accounts/Dockerfile +++ b/docker/accounts/Dockerfile @@ -1,5 +1,5 @@ FROM golang:1.16.7 -LABEL maintainer="NebulousLabs " +LABEL maintainer="SkynetLabs " ENV GOOS linux ENV GOARCH amd64 diff --git a/docker/malware-scanner/Dockerfile b/docker/malware-scanner/Dockerfile index c1f45d33..c7362ef1 100644 --- a/docker/malware-scanner/Dockerfile +++ b/docker/malware-scanner/Dockerfile @@ -13,10 +13,12 @@ RUN git clone --single-branch --branch ${branch} https://github.com/SkynetLabs/m go mod download && \ make release -ARG SKYNET_DB_HOST=localhost -ARG SKYNET_DB_PORT=27017 -ARG SKYNET_DB_USER=username -ARG SKYNET_DB_PASS=password -ARG MALWARE_SCANNER_PORT=4000 +ENV SKYNET_DB_HOST="localhost" +ENV SKYNET_DB_PORT="27017" +ENV SKYNET_DB_USER="username" +ENV SKYNET_DB_PASS="password" +ENV MALWARE_SCANNER_PORT=4000 +ENV CLAMAV_IP=127.0.0.1 +ENV CLAMAV_PORT=3310 ENTRYPOINT ["malware-scanner"] From 2cd8650aad1c55a40d50c5d7343de8faeb115bd2 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 11 Nov 2021 12:30:30 +0100 Subject: [PATCH 04/52] Change branch --- docker-compose.malware-scanner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.malware-scanner.yml b/docker-compose.malware-scanner.yml index ec1eca9f..755ded71 100644 --- a/docker-compose.malware-scanner.yml +++ b/docker-compose.malware-scanner.yml @@ -31,7 +31,7 @@ services: context: ./docker/malware-scanner dockerfile: Dockerfile args: - branch: tmp + branch: ivo/impl container_name: malware-scanner restart: unless-stopped logging: *default-logging From 5e12b2b1cb3b9dccb451b651e0ff72f6685037f8 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 11 Nov 2021 13:33:44 +0100 Subject: [PATCH 05/52] Update docker-compose.malware-scanner.yml MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Karol Wypchło --- docker-compose.malware-scanner.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docker-compose.malware-scanner.yml b/docker-compose.malware-scanner.yml index 755ded71..14a0f5ee 100644 --- a/docker-compose.malware-scanner.yml +++ b/docker-compose.malware-scanner.yml @@ -14,8 +14,8 @@ services: restart: on-failure logging: *default-logging volumes: - - ./docker/data/malware-scanner/clamav/defs:/var/lib/clamav - - ./docker/malware-scanner/clamd.conf:/etc/clamav/clamd.conf:ro + - ./docker/data/clamav/clamav/defs:/var/lib/clamav + - ./docker/clamav/clamd.conf:/etc/clamav/clamd.conf:ro expose: - 3310 # NEVER expose this outside of the local network! deploy: From b34d2132745e9a4a09f0f1248cc84b05e07dc486 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 11 Nov 2021 13:33:52 +0100 Subject: [PATCH 06/52] Update docker/malware-scanner/Dockerfile MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Karol Wypchło --- docker/malware-scanner/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/malware-scanner/Dockerfile b/docker/malware-scanner/Dockerfile index c7362ef1..980a1aa9 100644 --- a/docker/malware-scanner/Dockerfile +++ b/docker/malware-scanner/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.17 +FROM golang:1.17.3 LABEL maintainer="SkynetLabs " ENV GOOS linux From a0789be7a49837f86c310ddd67c4a430462e62de Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Fri, 12 Nov 2021 18:04:26 +0100 Subject: [PATCH 07/52] Move the clamd.conf where it should be. --- docker/{malware-scanner => clamav}/clamd.conf | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename docker/{malware-scanner => clamav}/clamd.conf (100%) diff --git a/docker/malware-scanner/clamd.conf b/docker/clamav/clamd.conf similarity index 100% rename from docker/malware-scanner/clamd.conf rename to docker/clamav/clamd.conf From 1b1c159e9fc7162f77b24174a9849df6488a261a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Nov 2021 12:14:06 +0000 Subject: [PATCH 08/52] Bump react-syntax-highlighter from 15.4.4 to 15.4.5 in /packages/website Bumps [react-syntax-highlighter](https://github.com/react-syntax-highlighter/react-syntax-highlighter) from 15.4.4 to 15.4.5. - [Release notes](https://github.com/react-syntax-highlighter/react-syntax-highlighter/releases) - [Changelog](https://github.com/react-syntax-highlighter/react-syntax-highlighter/blob/master/CHANGELOG.MD) - [Commits](https://github.com/react-syntax-highlighter/react-syntax-highlighter/commits/v15.4.5) --- updated-dependencies: - dependency-name: react-syntax-highlighter dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- packages/website/package.json | 2 +- packages/website/yarn.lock | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/packages/website/package.json b/packages/website/package.json index fe6cd49d..9a4b14e7 100644 --- a/packages/website/package.json +++ b/packages/website/package.json @@ -57,7 +57,7 @@ "react-helmet": "^6.1.0", "react-share": "^4.4.0", "react-svg-loader": "^3.0.3", - "react-syntax-highlighter": "^15.4.4", + "react-syntax-highlighter": "^15.4.5", "react-use": "^17.3.1", "skynet-js": "^4.0.19-beta", "stream-browserify": "^3.0.0", diff --git a/packages/website/yarn.lock b/packages/website/yarn.lock index ae0038f0..b8d375f0 100644 --- a/packages/website/yarn.lock +++ b/packages/website/yarn.lock @@ -10747,7 +10747,7 @@ pretty-hrtime@^1.0.3: resolved "https://registry.yarnpkg.com/pretty-hrtime/-/pretty-hrtime-1.0.3.tgz#b7e3ea42435a4c9b2759d99e0f201eb195802ee1" integrity sha1-t+PqQkNaTJsnWdmeDyAesZWALuE= -prismjs@^1.22.0: +prismjs@^1.25.0: version "1.25.0" resolved "https://registry.yarnpkg.com/prismjs/-/prismjs-1.25.0.tgz#6f822df1bdad965734b310b315a23315cf999756" integrity sha512-WCjJHl1KEWbnkQom1+SzftbtXMKQoezOCYs5rECqMN+jP+apI7ftoflyqigqzopSO3hMhTEb0mFClA8lkolgEg== @@ -11147,15 +11147,15 @@ react-svg-loader@^3.0.3: loader-utils "^1.2.3" react-svg-core "^3.0.3" -react-syntax-highlighter@^15.4.4: - version "15.4.4" - resolved "https://registry.yarnpkg.com/react-syntax-highlighter/-/react-syntax-highlighter-15.4.4.tgz#dc9043f19e7bd063ff3ea78986d22a6eaa943b2a" - integrity sha512-PsOFHNTzkb3OroXdoR897eKN5EZ6grht1iM+f1lJSq7/L0YVnkJaNVwC3wEUYPOAmeyl5xyer1DjL6MrumO6Zw== +react-syntax-highlighter@^15.4.5: + version "15.4.5" + resolved "https://registry.yarnpkg.com/react-syntax-highlighter/-/react-syntax-highlighter-15.4.5.tgz#db900d411d32a65c8e90c39cd64555bf463e712e" + integrity sha512-RC90KQTxZ/b7+9iE6s9nmiFLFjWswUcfULi4GwVzdFVKVMQySkJWBuOmJFfjwjMVCo0IUUuJrWebNKyviKpwLQ== dependencies: "@babel/runtime" "^7.3.1" highlight.js "^10.4.1" lowlight "^1.17.0" - prismjs "^1.22.0" + prismjs "^1.25.0" refractor "^3.2.0" react-universal-interface@^0.6.2: From 6f20d223b1d5ffe221e4d047c75b451f79d83565 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Tue, 16 Nov 2021 09:19:47 +0100 Subject: [PATCH 09/52] No custom port for malware-scanner. --- docker/malware-scanner/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/docker/malware-scanner/Dockerfile b/docker/malware-scanner/Dockerfile index 980a1aa9..2466e48b 100644 --- a/docker/malware-scanner/Dockerfile +++ b/docker/malware-scanner/Dockerfile @@ -17,7 +17,6 @@ ENV SKYNET_DB_HOST="localhost" ENV SKYNET_DB_PORT="27017" ENV SKYNET_DB_USER="username" ENV SKYNET_DB_PASS="password" -ENV MALWARE_SCANNER_PORT=4000 ENV CLAMAV_IP=127.0.0.1 ENV CLAMAV_PORT=3310 From 588e622c962cfdca6186a7f85df5450f1b937431 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Tue, 16 Nov 2021 13:58:54 +0100 Subject: [PATCH 10/52] Make the CPU limit on ClamAV configurable via an env var. --- docker-compose.malware-scanner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.malware-scanner.yml b/docker-compose.malware-scanner.yml index 14a0f5ee..7dd0dd0c 100644 --- a/docker-compose.malware-scanner.yml +++ b/docker-compose.malware-scanner.yml @@ -21,7 +21,7 @@ services: deploy: resources: limits: - cpus: '0.50' + cpus: '${CLAMAV_CPU:-0.50}' networks: shared: ipv4_address: 10.10.10.100 From 57c15cd83356814311f460017894e35c2a375472 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Tue, 16 Nov 2021 14:13:49 +0100 Subject: [PATCH 11/52] Scan a maximum of 100MB of each stream. --- docker/clamav/clamd.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker/clamav/clamd.conf b/docker/clamav/clamd.conf index 6b61e57f..ab005366 100644 --- a/docker/clamav/clamd.conf +++ b/docker/clamav/clamd.conf @@ -130,7 +130,7 @@ TCPAddr 0.0.0.0 # Close the connection when the data size limit is exceeded. # The value should match your MTA's limit for a maximum attachment size. # Default: 25M -StreamMaxLength 1024M +StreamMaxLength 100M # Limit port range. # Default: 1024 From 576d813996c2d253c972f76658a43a5f7d69637f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Dec 2021 12:07:23 +0000 Subject: [PATCH 12/52] Bump yargs from 17.2.1 to 17.3.0 in /packages/health-check Bumps [yargs](https://github.com/yargs/yargs) from 17.2.1 to 17.3.0. - [Release notes](https://github.com/yargs/yargs/releases) - [Changelog](https://github.com/yargs/yargs/blob/main/CHANGELOG.md) - [Commits](https://github.com/yargs/yargs/compare/v17.2.1...v17.3.0) --- updated-dependencies: - dependency-name: yargs dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- packages/health-check/package.json | 2 +- packages/health-check/yarn.lock | 22 +++++++++++----------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/packages/health-check/package.json b/packages/health-check/package.json index 77a21543..4b748417 100644 --- a/packages/health-check/package.json +++ b/packages/health-check/package.json @@ -15,7 +15,7 @@ "lowdb": "^1.0.0", "skynet-js": "^4.0.19-beta", "write-file-atomic": "^3.0.3", - "yargs": "^17.2.1" + "yargs": "^17.3.0" }, "devDependencies": { "prettier": "^2.4.1" diff --git a/packages/health-check/yarn.lock b/packages/health-check/yarn.lock index d19d2be0..df5bf41d 100644 --- a/packages/health-check/yarn.lock +++ b/packages/health-check/yarn.lock @@ -904,7 +904,7 @@ steno@^0.4.1: dependencies: graceful-fs "^4.1.3" -string-width@^4.1.0, string-width@^4.2.0: +string-width@^4.1.0, string-width@^4.2.0, string-width@^4.2.3: version "4.2.3" resolved "https://registry.yarnpkg.com/string-width/-/string-width-4.2.3.tgz#269c7117d27b05ad2e536830a8ec895ef9c6d010" integrity sha512-wKyQRQpjJ0sIp62ErSZdGsjMJWsap5oRNihHhu6G7JVO/9jIB6UyevL+tXuOqrng8j/cxKTWyWUwvSTriiZz/g== @@ -1025,20 +1025,20 @@ y18n@^5.0.5: resolved "https://registry.yarnpkg.com/y18n/-/y18n-5.0.8.tgz#7f4934d0f7ca8c56f95314939ddcd2dd91ce1d55" integrity sha512-0pfFzegeDWJHJIAmTLRP2DwHjdF5s7jo9tuztdQxAhINCdvS+3nGINqPd00AphqJR/0LhANUS6/+7SCb98YOfA== -yargs-parser@^20.2.2: - version "20.2.9" - resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-20.2.9.tgz#2eb7dc3b0289718fc295f362753845c41a0c94ee" - integrity sha512-y11nGElTIV+CT3Zv9t7VKl+Q3hTQoT9a1Qzezhhl6Rp21gJ/IVTW7Z3y9EWXhuUBC2Shnf+DX0antecpAwSP8w== +yargs-parser@^21.0.0: + version "21.0.0" + resolved "https://registry.yarnpkg.com/yargs-parser/-/yargs-parser-21.0.0.tgz#a485d3966be4317426dd56bdb6a30131b281dc55" + integrity sha512-z9kApYUOCwoeZ78rfRYYWdiU/iNL6mwwYlkkZfJoyMR1xps+NEBX5X7XmRpxkZHhXJ6+Ey00IwKxBBSW9FIjyA== -yargs@^17.2.1: - version "17.2.1" - resolved "https://registry.yarnpkg.com/yargs/-/yargs-17.2.1.tgz#e2c95b9796a0e1f7f3bf4427863b42e0418191ea" - integrity sha512-XfR8du6ua4K6uLGm5S6fA+FIJom/MdJcFNVY8geLlp2v8GYbOXD4EB1tPNZsRn4vBzKGMgb5DRZMeWuFc2GO8Q== +yargs@^17.3.0: + version "17.3.0" + resolved "https://registry.yarnpkg.com/yargs/-/yargs-17.3.0.tgz#295c4ffd0eef148ef3e48f7a2e0f58d0e4f26b1c" + integrity sha512-GQl1pWyDoGptFPJx9b9L6kmR33TGusZvXIZUT+BOz9f7X2L94oeAskFYLEg/FkhV06zZPBYLvLZRWeYId29lew== dependencies: cliui "^7.0.2" escalade "^3.1.1" get-caller-file "^2.0.5" require-directory "^2.1.1" - string-width "^4.2.0" + string-width "^4.2.3" y18n "^5.0.5" - yargs-parser "^20.2.2" + yargs-parser "^21.0.0" From 402ed0d29cf972db43782e6bdb9cdcb51a0b15fd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Dec 2021 12:09:35 +0000 Subject: [PATCH 13/52] Bump is-valid-domain from 0.1.4 to 0.1.5 in /packages/dnslink-api Bumps [is-valid-domain](https://github.com/miguelmota/is-valid-domain) from 0.1.4 to 0.1.5. - [Release notes](https://github.com/miguelmota/is-valid-domain/releases) - [Commits](https://github.com/miguelmota/is-valid-domain/commits) --- updated-dependencies: - dependency-name: is-valid-domain dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- packages/dnslink-api/package.json | 2 +- packages/dnslink-api/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/dnslink-api/package.json b/packages/dnslink-api/package.json index 5415c4c0..b532379f 100644 --- a/packages/dnslink-api/package.json +++ b/packages/dnslink-api/package.json @@ -5,7 +5,7 @@ "license": "SEE LICENSE IN LICENSE.md", "dependencies": { "express": "^4.17.1", - "is-valid-domain": "^0.1.4" + "is-valid-domain": "^0.1.5" }, "devDependencies": { "prettier": "^2.4.1" diff --git a/packages/dnslink-api/yarn.lock b/packages/dnslink-api/yarn.lock index 4adefd45..4a64c566 100644 --- a/packages/dnslink-api/yarn.lock +++ b/packages/dnslink-api/yarn.lock @@ -198,10 +198,10 @@ ipaddr.js@1.9.1: resolved "https://registry.yarnpkg.com/ipaddr.js/-/ipaddr.js-1.9.1.tgz#bff38543eeb8984825079ff3a2a8e6cbd46781b3" integrity sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g== -is-valid-domain@^0.1.4: - version "0.1.4" - resolved "https://registry.yarnpkg.com/is-valid-domain/-/is-valid-domain-0.1.4.tgz#5d5d811e1627cac9d39f504b645c57e76d946629" - integrity sha512-Caa6rwGze6pihA29wy3T1yNXzd53caGHvL0OfJ8RLtv0tVVzVZGlxFcQ0W8kls/uG0QUrv2B3J9xi/YB5/cfUQ== +is-valid-domain@^0.1.5: + version "0.1.5" + resolved "https://registry.yarnpkg.com/is-valid-domain/-/is-valid-domain-0.1.5.tgz#38b00f8fb70778b650c71356915a184321d22609" + integrity sha512-ilzfGo1kXzoVpSLplJWOexoiuAc6mRK+vPlNAeEPVJ29RagETpCz0izg6CZfY72DCuA+PCrEAEJeaecRLMNq5Q== dependencies: punycode "^2.1.1" From 01b68e8e26a5f43f8cc9dfe70a9d9cb629fa68c1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Dec 2021 12:09:41 +0000 Subject: [PATCH 14/52] Bump cypress from 8.7.0 to 9.1.1 in /packages/website Bumps [cypress](https://github.com/cypress-io/cypress) from 8.7.0 to 9.1.1. - [Release notes](https://github.com/cypress-io/cypress/releases) - [Changelog](https://github.com/cypress-io/cypress/blob/develop/.releaserc.base.js) - [Commits](https://github.com/cypress-io/cypress/compare/v8.7.0...v9.1.1) --- updated-dependencies: - dependency-name: cypress dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- packages/website/package.json | 2 +- packages/website/yarn.lock | 78 +++++++++++++---------------------- 2 files changed, 30 insertions(+), 50 deletions(-) diff --git a/packages/website/package.json b/packages/website/package.json index fe6cd49d..3a9b55ac 100644 --- a/packages/website/package.json +++ b/packages/website/package.json @@ -66,7 +66,7 @@ }, "devDependencies": { "cross-env": "^7.0.3", - "cypress": "^8.7.0", + "cypress": "^9.1.1", "cypress-file-upload": "^5.0.8", "prettier": "^2.4.1" }, diff --git a/packages/website/yarn.lock b/packages/website/yarn.lock index ae0038f0..d930371f 100644 --- a/packages/website/yarn.lock +++ b/packages/website/yarn.lock @@ -1050,10 +1050,10 @@ "@babel/helper-validator-identifier" "^7.14.9" to-fast-properties "^2.0.0" -"@cypress/request@^2.88.6": - version "2.88.6" - resolved "https://registry.yarnpkg.com/@cypress/request/-/request-2.88.6.tgz#a970dd675befc6bdf8a8921576c01f51cc5798e9" - integrity sha512-z0UxBE/+qaESAHY9p9sM2h8Y4XqtsbDCt0/DPOrqA/RZgKi4PkxdpXyK4wCCnSk1xHqWHZZAE+gV6aDAR6+caQ== +"@cypress/request@^2.88.10": + version "2.88.10" + resolved "https://registry.yarnpkg.com/@cypress/request/-/request-2.88.10.tgz#b66d76b07f860d3a4b8d7a0604d020c662752cce" + integrity sha512-Zp7F+R93N0yZyG34GutyTNr+okam7s/Fzc1+i3kcqOP8vk6OuajuE9qZJ6Rs+10/1JFtXFYMdyarnU1rZuJesg== dependencies: aws-sign2 "~0.7.0" aws4 "^1.8.0" @@ -1062,8 +1062,7 @@ extend "~3.0.2" forever-agent "~0.6.1" form-data "~2.3.2" - har-validator "~5.1.3" - http-signature "~1.2.0" + http-signature "~1.3.6" is-typedarray "~1.0.0" isstream "~0.1.2" json-stringify-safe "~5.0.1" @@ -2504,7 +2503,7 @@ ajv-keywords@^3.5.2: resolved "https://registry.yarnpkg.com/ajv-keywords/-/ajv-keywords-3.5.2.tgz#31f29da5ab6e00d1c2d329acf7b5929614d5014d" integrity sha512-5p6WTN0DdTGVQk6VjcEju19IgaHudalcfabD7yhDGeA6bcQnmL+CpveLJq/3hvfwd1aof6L386Ougkx6RfyMIQ== -ajv@^6.10.0, ajv@^6.12.3, ajv@^6.12.4, ajv@^6.12.5: +ajv@^6.10.0, ajv@^6.12.4, ajv@^6.12.5: version "6.12.6" resolved "https://registry.yarnpkg.com/ajv/-/ajv-6.12.6.tgz#baf5a62e802b07d977034586f8c3baf5adf26df4" integrity sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g== @@ -3118,7 +3117,7 @@ blob-util@^2.0.2: resolved "https://registry.yarnpkg.com/blob-util/-/blob-util-2.0.2.tgz#3b4e3c281111bb7f11128518006cdc60b403a1eb" integrity sha512-T7JQa+zsXXEa6/8ZhHcQEW1UFfVM49Ts65uBkFL6fz2QmrElqmbajIDJvuA0tEhRe5eIjpV9ZF+0RfZR9voJFQ== -bluebird@^3.7.2: +bluebird@3.7.2, bluebird@^3.7.2: version "3.7.2" resolved "https://registry.yarnpkg.com/bluebird/-/bluebird-3.7.2.tgz#9f229c15be272454ffa973ace0dbee79a1b0c36f" integrity sha512-XpNj6GDQzdfW+r2Wnn7xiSAd7TM3jzkxGXBGTtWKuSXv1xUV+azxAm8jdWZN06QTQk+2N2XB9jRDkvbmQmcRtg== @@ -4365,19 +4364,19 @@ cypress-file-upload@^5.0.8: resolved "https://registry.yarnpkg.com/cypress-file-upload/-/cypress-file-upload-5.0.8.tgz#d8824cbeaab798e44be8009769f9a6c9daa1b4a1" integrity sha512-+8VzNabRk3zG6x8f8BWArF/xA/W0VK4IZNx3MV0jFWrJS/qKn8eHfa5nU73P9fOQAgwHFJx7zjg4lwOnljMO8g== -cypress@^8.7.0: - version "8.7.0" - resolved "https://registry.yarnpkg.com/cypress/-/cypress-8.7.0.tgz#2ee371f383d8f233d3425b6cc26ddeec2668b6da" - integrity sha512-b1bMC3VQydC6sXzBMFnSqcvwc9dTZMgcaOzT0vpSD+Gq1yFc+72JDWi55sfUK5eIeNLAtWOGy1NNb6UlhMvB+Q== +cypress@^9.1.1: + version "9.1.1" + resolved "https://registry.yarnpkg.com/cypress/-/cypress-9.1.1.tgz#26720ca5a22077cd85f49745616b7a08152a298f" + integrity sha512-yWcYD8SEQ8F3okFbRPqSDj5V0xhrZBT5QRIH+P1J2vYvtEmZ4KGciHE7LCcZZLILOrs7pg4WNCqkj/XRvReQlQ== dependencies: - "@cypress/request" "^2.88.6" + "@cypress/request" "^2.88.10" "@cypress/xvfb" "^1.2.4" "@types/node" "^14.14.31" "@types/sinonjs__fake-timers" "^6.0.2" "@types/sizzle" "^2.3.2" arch "^2.2.0" blob-util "^2.0.2" - bluebird "^3.7.2" + bluebird "3.7.2" cachedir "^2.3.0" chalk "^4.1.0" check-more-types "^2.24.0" @@ -4405,7 +4404,6 @@ cypress@^8.7.0: ospath "^1.2.2" pretty-bytes "^5.6.0" proxy-from-env "1.0.0" - ramda "~0.27.1" request-progress "^3.0.0" supports-color "^8.1.1" tmp "~0.2.1" @@ -7044,19 +7042,6 @@ gzip-size@5.1.1: duplexer "^0.1.1" pify "^4.0.1" -har-schema@^2.0.0: - version "2.0.0" - resolved "https://registry.yarnpkg.com/har-schema/-/har-schema-2.0.0.tgz#a94c2224ebcac04782a0d9035521f24735b7ec92" - integrity sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI= - -har-validator@~5.1.3: - version "5.1.5" - resolved "https://registry.yarnpkg.com/har-validator/-/har-validator-5.1.5.tgz#1f0803b9f8cb20c0fa13822df1ecddb36bde1efd" - integrity sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w== - dependencies: - ajv "^6.12.3" - har-schema "^2.0.0" - hard-rejection@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/hard-rejection/-/hard-rejection-2.1.0.tgz#1c6eda5c1685c63942766d79bb40ae773cecd883" @@ -7413,14 +7398,14 @@ http-proxy@^1.18.1: follow-redirects "^1.0.0" requires-port "^1.0.0" -http-signature@~1.2.0: - version "1.2.0" - resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.2.0.tgz#9aecd925114772f3d95b65a60abb8f7c18fbace1" - integrity sha1-muzZJRFHcvPZW2WmCruPfBj7rOE= +http-signature@~1.3.6: + version "1.3.6" + resolved "https://registry.yarnpkg.com/http-signature/-/http-signature-1.3.6.tgz#cb6fbfdf86d1c974f343be94e87f7fc128662cf9" + integrity sha512-3adrsD6zqo4GsTqtO7FyrejHNv+NgiIfAfv68+jVlFmSr9OGy7zrxONceFRLKvnnZA5jbxQBX1u9PpB6Wi32Gw== dependencies: assert-plus "^1.0.0" - jsprim "^1.2.2" - sshpk "^1.7.0" + jsprim "^2.0.2" + sshpk "^1.14.1" http-status-codes@^2.1.4: version "2.1.4" @@ -8245,10 +8230,10 @@ json-schema-traverse@^1.0.0: resolved "https://registry.yarnpkg.com/json-schema-traverse/-/json-schema-traverse-1.0.0.tgz#ae7bcb3656ab77a73ba5c49bf654f38e6b6860e2" integrity sha512-NM8/P9n3XjXhIZn1lLhkFaACTOURQXjWhV4BA/RnOv8xvgqtqpAX9IO4mRQxSx1Rlo4tqzeqb0sOlruaOy3dug== -json-schema@0.2.3: - version "0.2.3" - resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.2.3.tgz#b480c892e59a2f05954ce727bd3f2a4e882f9e13" - integrity sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM= +json-schema@0.4.0: + version "0.4.0" + resolved "https://registry.yarnpkg.com/json-schema/-/json-schema-0.4.0.tgz#f7de4cf6efab838ebaeb3236474cbba5a1930ab5" + integrity sha512-es94M3nTIfsEPisRafak+HDLfHXnKBhV3vU5eqPcS3flIWqcxJWgXHXiey3YrpaNsanY5ei1VoYEbOzijuq9BA== json-stable-stringify-without-jsonify@^1.0.1: version "1.0.1" @@ -8297,14 +8282,14 @@ jsonp@^0.2.1: dependencies: debug "^2.1.3" -jsprim@^1.2.2: - version "1.4.1" - resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-1.4.1.tgz#313e66bc1e5cc06e438bc1b7499c2e5c56acb6a2" - integrity sha1-MT5mvB5cwG5Di8G3SZwuXFastqI= +jsprim@^2.0.2: + version "2.0.2" + resolved "https://registry.yarnpkg.com/jsprim/-/jsprim-2.0.2.tgz#77ca23dbcd4135cd364800d22ff82c2185803d4d" + integrity sha512-gqXddjPqQ6G40VdnI6T6yObEC+pDNvyP95wdQhkWkg7crHH3km5qP1FsOXEkzEQwnz6gz5qGTn1c2Y52wP3OyQ== dependencies: assert-plus "1.0.0" extsprintf "1.3.0" - json-schema "0.2.3" + json-schema "0.4.0" verror "1.10.0" "jsx-ast-utils@^2.4.1 || ^3.0.0", jsx-ast-utils@^3.1.0: @@ -10967,11 +10952,6 @@ quick-lru@^5.1.1: resolved "https://registry.yarnpkg.com/quick-lru/-/quick-lru-5.1.1.tgz#366493e6b3e42a3a6885e2e99d18f80fb7a8c932" integrity sha512-WuyALRjWPDGtt/wzJiadO5AXY+8hZ80hVpe6MyivgraREW751X3SbhRvG3eLKOYN+8VEvqLcf3wdnt44Z4S4SA== -ramda@~0.27.1: - version "0.27.1" - resolved "https://registry.yarnpkg.com/ramda/-/ramda-0.27.1.tgz#66fc2df3ef873874ffc2da6aa8984658abacf5c9" - integrity sha512-PgIdVpn5y5Yns8vqb8FzBUEYn98V3xcPgawAkkgj0YJ0qDsnHCiNmZYfOGMgOvoB0eWFLpYbhxUR3mxfDIMvpw== - randombytes@^2.0.0, randombytes@^2.0.1, randombytes@^2.0.5, randombytes@^2.1.0: version "2.1.0" resolved "https://registry.yarnpkg.com/randombytes/-/randombytes-2.1.0.tgz#df6f84372f0270dc65cdf6291349ab7a473d4f2a" @@ -12314,7 +12294,7 @@ sprintf-js@~1.0.2: resolved "https://registry.yarnpkg.com/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" integrity sha1-BOaSb2YolTVPPdAVIDYzuFcpfiw= -sshpk@^1.7.0: +sshpk@^1.14.1: version "1.16.1" resolved "https://registry.yarnpkg.com/sshpk/-/sshpk-1.16.1.tgz#fb661c0bef29b39db40769ee39fa70093d6f6877" integrity sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg== From a6e9220bb06c84213deb30a65d3452a5d862e3de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Dec 2021 12:11:31 +0000 Subject: [PATCH 15/52] Bump node from 16.13.0-alpine to 16.13.1-alpine in /packages/website Bumps node from 16.13.0-alpine to 16.13.1-alpine. --- updated-dependencies: - dependency-name: node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- packages/website/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/website/Dockerfile b/packages/website/Dockerfile index d05e716d..d8ae4529 100644 --- a/packages/website/Dockerfile +++ b/packages/website/Dockerfile @@ -1,4 +1,4 @@ -FROM node:16.13.0-alpine +FROM node:16.13.1-alpine RUN apk update && apk add autoconf automake build-base libtool nasm pkgconfig From 71de32a7bbb7f378d088dfb373aff397ebe71e6f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Dec 2021 12:11:34 +0000 Subject: [PATCH 16/52] Bump node from 16.13.0-alpine to 16.13.1-alpine in /packages/dnslink-api Bumps node from 16.13.0-alpine to 16.13.1-alpine. --- updated-dependencies: - dependency-name: node dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- packages/dnslink-api/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/dnslink-api/Dockerfile b/packages/dnslink-api/Dockerfile index 0d6e0994..29eaae92 100644 --- a/packages/dnslink-api/Dockerfile +++ b/packages/dnslink-api/Dockerfile @@ -1,4 +1,4 @@ -FROM node:16.13.0-alpine +FROM node:16.13.1-alpine WORKDIR /usr/app From 2be2dd44170ff2ab24396f6f780bbf386fa5a1b4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Dec 2021 12:15:34 +0000 Subject: [PATCH 17/52] Bump gatsby-plugin-sharp from 4.1.0 to 4.3.0 in /packages/website Bumps [gatsby-plugin-sharp](https://github.com/gatsbyjs/gatsby/tree/HEAD/packages/gatsby-plugin-sharp) from 4.1.0 to 4.3.0. - [Release notes](https://github.com/gatsbyjs/gatsby/releases) - [Changelog](https://github.com/gatsbyjs/gatsby/blob/master/packages/gatsby-plugin-sharp/CHANGELOG.md) - [Commits](https://github.com/gatsbyjs/gatsby/commits/gatsby-plugin-sharp@4.3.0/packages/gatsby-plugin-sharp) --- updated-dependencies: - dependency-name: gatsby-plugin-sharp dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- packages/website/package.json | 2 +- packages/website/yarn.lock | 126 +++++++++++++++------------------- 2 files changed, 58 insertions(+), 70 deletions(-) diff --git a/packages/website/package.json b/packages/website/package.json index fe6cd49d..11091fec 100644 --- a/packages/website/package.json +++ b/packages/website/package.json @@ -26,7 +26,7 @@ "gatsby-plugin-purgecss": "^6.1.0", "gatsby-plugin-react-helmet": "^4.14.0", "gatsby-plugin-robots-txt": "^1.6.14", - "gatsby-plugin-sharp": "^4.1.0", + "gatsby-plugin-sharp": "^4.3.0", "gatsby-plugin-svgr": "^3.0.0-beta.0", "gatsby-remark-classes": "^1.0.2", "gatsby-remark-copy-linked-files": "^4.11.0", diff --git a/packages/website/yarn.lock b/packages/website/yarn.lock index ae0038f0..03380322 100644 --- a/packages/website/yarn.lock +++ b/packages/website/yarn.lock @@ -2792,10 +2792,10 @@ async@1.5.2: resolved "https://registry.yarnpkg.com/async/-/async-1.5.2.tgz#ec6a61ae56480c0c3cb241c95618e20892f9672a" integrity sha1-7GphrlZIDAw8skHJVhjiCJL5Zyo= -async@^3.2.0, async@^3.2.1: - version "3.2.1" - resolved "https://registry.yarnpkg.com/async/-/async-3.2.1.tgz#d3274ec66d107a47476a4c49136aacdb00665fc8" - integrity sha512-XdD5lRO/87udXCMC9meWdYiR+Nq6ZjUfXidViUZGu2F1MO4T3XwZ1et0hb2++BgLfhyJwy44BGB/yx80ABx8hg== +async@^3.2.0, async@^3.2.2: + version "3.2.2" + resolved "https://registry.yarnpkg.com/async/-/async-3.2.2.tgz#2eb7671034bb2194d45d30e31e24ec7e7f9670cd" + integrity sha512-H0E+qZaDEfx/FY4t7iLRv1W2fFI6+pyCeTw1uN20AQPiwqwM6ojPxHxdLv4z8hi2DtnW9BOckSspLucW7pIE5g== asynckit@^0.4.0: version "0.4.0" @@ -4494,13 +4494,6 @@ decompress-response@^3.3.0: dependencies: mimic-response "^1.0.0" -decompress-response@^4.2.0: - version "4.2.1" - resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-4.2.1.tgz#414023cc7a302da25ce2ec82d0d5238ccafd8986" - integrity sha512-jOSne2qbyE+/r8G1VU+G/82LBs2Fs4LAsTiLSHOCOMZQl2OKZ6i8i4IyHemTe+/yIXOtTcRQMzPcgyhoFlqPkw== - dependencies: - mimic-response "^2.0.0" - decompress-response@^6.0.0: version "6.0.0" resolved "https://registry.yarnpkg.com/decompress-response/-/decompress-response-6.0.0.tgz#ca387612ddb7e104bd16d85aab00d5ecf09c66fc" @@ -6027,10 +6020,10 @@ gatsby-core-utils@^2.14.0: tmp "^0.2.1" xdg-basedir "^4.0.0" -gatsby-core-utils@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/gatsby-core-utils/-/gatsby-core-utils-3.1.0.tgz#bf01ebd78046606ac812591319b450516f75b448" - integrity sha512-ErgJr5xgjUoorhCVeyMyNfnZhxBTA33KRB/aFtFWNeTXFsUNlDZBqheSp2XAaD3+gvAmDqbz2m+jKF1sI8vLAg== +gatsby-core-utils@^3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/gatsby-core-utils/-/gatsby-core-utils-3.3.0.tgz#a8fb10e2341fd0e98a50ee3dd2b707bcca65fdee" + integrity sha512-Mr90+2T5mUie2fCkQS3dM6oHzTyt1vLbpJ2nU2OsdF95LHnLBt0kDgK+qEIuz7Ypr91gFN8y2HoP08vuokq7ZQ== dependencies: "@babel/runtime" "^7.15.4" ci-info "2.0.0" @@ -6038,7 +6031,7 @@ gatsby-core-utils@^3.1.0: file-type "^16.5.3" fs-extra "^10.0.0" got "^11.8.2" - node-object-hash "^2.3.9" + node-object-hash "^2.3.10" proper-lockfile "^4.1.2" tmp "^0.2.1" xdg-basedir "^4.0.0" @@ -6188,27 +6181,27 @@ gatsby-plugin-robots-txt@^1.6.14: "@babel/runtime" "^7.15.4" generate-robotstxt "^8.0.3" -gatsby-plugin-sharp@^4.1.0: - version "4.1.0" - resolved "https://registry.yarnpkg.com/gatsby-plugin-sharp/-/gatsby-plugin-sharp-4.1.0.tgz#1757c6de4561345d4d5a9ff42ba9b130be399d86" - integrity sha512-tft2KEf/4cFRmdpEgIgSJIHQw9yEX7Ns80eiMACGj6rI3POABXhk4+MrRvSpD89JIVzhqu+Muzu+W7JPcqc7ig== +gatsby-plugin-sharp@^4.3.0: + version "4.3.0" + resolved "https://registry.yarnpkg.com/gatsby-plugin-sharp/-/gatsby-plugin-sharp-4.3.0.tgz#8ae610886fd8e34de4c30f6deece6ff2e0d3be3c" + integrity sha512-XCHpIQmXa3iH36vxSbedTboImbngEaom+T2UEovURIh/W/4gJN5UwhMtKbXvnNtI1eQ9/ndMJALwzltzHeFyPg== dependencies: "@babel/runtime" "^7.15.4" - async "^3.2.1" + async "^3.2.2" bluebird "^3.7.2" filenamify "^4.3.0" fs-extra "^10.0.0" - gatsby-core-utils "^3.1.0" - gatsby-plugin-utils "^2.1.0" - gatsby-telemetry "^3.1.0" + gatsby-core-utils "^3.3.0" + gatsby-plugin-utils "^2.3.0" + gatsby-telemetry "^3.3.0" got "^11.8.2" lodash "^4.17.21" - mini-svg-data-uri "^1.3.3" + mini-svg-data-uri "^1.4.3" potrace "^2.1.8" probe-image-size "^6.0.0" progress "^2.0.3" semver "^7.3.5" - sharp "^0.29.1" + sharp "^0.29.2" svgo "1.3.2" uuid "3.4.0" @@ -6238,10 +6231,10 @@ gatsby-plugin-utils@^1.14.0: "@babel/runtime" "^7.15.4" joi "^17.4.2" -gatsby-plugin-utils@^2.1.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/gatsby-plugin-utils/-/gatsby-plugin-utils-2.1.0.tgz#90aaf61fa60d5d4c1730c7b204eb3fbc645da0c0" - integrity sha512-sJZWsiLhYOuBN56LCX2Qy2ZDoQvqlY1TntXH8ns+zZHzglvVR28xI/iQEP7bVhzmkMX47i+E87o1/EET0RuK4A== +gatsby-plugin-utils@^2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/gatsby-plugin-utils/-/gatsby-plugin-utils-2.3.0.tgz#62ebca0be9ecb42760d0622ab8d3db9c799dece1" + integrity sha512-p4ysTzMBrHshCGqgPZB4i2hpsmFGgMX4xVylmQ5cObnK9WsckV8iFBhU61S8TpnX8c6Ac00GgNmPiwmWzZMvpA== dependencies: "@babel/runtime" "^7.15.4" joi "^17.4.2" @@ -6425,10 +6418,10 @@ gatsby-telemetry@^2.14.0: node-fetch "^2.6.1" uuid "3.4.0" -gatsby-telemetry@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/gatsby-telemetry/-/gatsby-telemetry-3.1.0.tgz#326792d985619204ec2988ce61de1aa27351e81b" - integrity sha512-XoKh80BROhmtqbFXDhKxr66vYqxt23PfANqUhyFugHFfW+ETx33kTOS8t9IY23icrsqoo780vcx0nVFRjidWEg== +gatsby-telemetry@^3.3.0: + version "3.3.0" + resolved "https://registry.yarnpkg.com/gatsby-telemetry/-/gatsby-telemetry-3.3.0.tgz#7658093996a50055218443374c3f570ba134f2ba" + integrity sha512-O/9YDrxzvNDEnkpGykGq9VrUqipt8+IshDJs4TEBVZS5OaIy9KwtoOzyEeHZE+SsmhBodiUZMG1qRh1hKmp/Hw== dependencies: "@babel/code-frame" "^7.14.0" "@babel/runtime" "^7.15.4" @@ -6438,11 +6431,11 @@ gatsby-telemetry@^3.1.0: boxen "^4.2.0" configstore "^5.0.1" fs-extra "^10.0.0" - gatsby-core-utils "^3.1.0" + gatsby-core-utils "^3.3.0" git-up "^4.0.5" is-docker "^2.2.1" lodash "^4.17.21" - node-fetch "^2.6.5" + node-fetch "^2.6.6" gatsby-transformer-json@^3.14.0: version "3.14.0" @@ -9288,11 +9281,6 @@ mimic-response@^1.0.0, mimic-response@^1.0.1: resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-1.0.1.tgz#4923538878eef42063cb8a3e3b0798781487ab1b" integrity sha512-j5EctnkH7amfV/q5Hgmoal1g2QHFJRraOtmx0JpIqkxhBhI/lJSl1nMpQ45hVarwNETOoWEimndZ4QK0RHxuxQ== -mimic-response@^2.0.0: - version "2.1.0" - resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-2.1.0.tgz#d13763d35f613d09ec37ebb30bac0469c0ee8f43" - integrity sha512-wXqjST+SLt7R009ySCglWBCFpjUygmCIfD790/kVbiGmUgfYGuB14PiTd5DwVxSV4NcYHjzMkoj5LjQZwTQLEA== - mimic-response@^3.1.0: version "3.1.0" resolved "https://registry.yarnpkg.com/mimic-response/-/mimic-response-3.1.0.tgz#2d1d59af9c1b129815accc2c46a022a5ce1fa3c9" @@ -9319,10 +9307,10 @@ mini-css-extract-plugin@1.6.2: schema-utils "^3.0.0" webpack-sources "^1.1.0" -mini-svg-data-uri@^1.3.3: - version "1.3.3" - resolved "https://registry.yarnpkg.com/mini-svg-data-uri/-/mini-svg-data-uri-1.3.3.tgz#91d2c09f45e056e5e1043340b8b37ba7b50f4fac" - integrity sha512-+fA2oRcR1dJI/7ITmeQJDrYWks0wodlOz0pAEhKYJ2IVc1z0AnwJUsKY2fzFmPAM3Jo9J0rBx8JAA9QQSJ5PuA== +mini-svg-data-uri@^1.4.3: + version "1.4.3" + resolved "https://registry.yarnpkg.com/mini-svg-data-uri/-/mini-svg-data-uri-1.4.3.tgz#43177b2e93766ba338931a3e2a84a3dfd3a222b8" + integrity sha512-gSfqpMRC8IxghvMcxzzmMnWpXAChSA+vy4cia33RgerMS8Fex95akUyQZPbxJJmeBGiGmK7n/1OpUX8ksRjIdA== minimalistic-assert@^1.0.0, minimalistic-assert@^1.0.1: version "1.0.1" @@ -9539,12 +9527,12 @@ no-case@^3.0.4: lower-case "^2.0.2" tslib "^2.0.3" -node-abi@^2.21.0: - version "2.30.1" - resolved "https://registry.yarnpkg.com/node-abi/-/node-abi-2.30.1.tgz#c437d4b1fe0e285aaf290d45b45d4d7afedac4cf" - integrity sha512-/2D0wOQPgaUWzVSVgRMx+trKJRC2UG4SUc4oCJoXx9Uxjtp0Vy3/kt7zcbxHF8+Z/pK3UloLWzBISg72brfy1w== +node-abi@^3.3.0: + version "3.5.0" + resolved "https://registry.yarnpkg.com/node-abi/-/node-abi-3.5.0.tgz#26e8b7b251c3260a5ac5ba5aef3b4345a0229248" + integrity sha512-LtHvNIBgOy5mO8mPEUtkCW/YCRWYEKshIvqhe1GHHyXEHEB5mgICyYnAcl4qan3uFeRROErKGzatFHPf6kDxWw== dependencies: - semver "^5.4.1" + semver "^7.3.5" node-addon-api@^4.2.0: version "4.2.0" @@ -9575,14 +9563,14 @@ node-fetch@^2.5.0, node-fetch@^2.6.1: dependencies: whatwg-url "^5.0.0" -node-fetch@^2.6.5: +node-fetch@^2.6.6: version "2.6.6" resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.6.tgz#1751a7c01834e8e1697758732e9efb6eeadfaf89" integrity sha512-Z8/6vRlTUChSdIgMa51jxQ4lrw/Jy5SOW10ObaA47/RElsAN2c5Pn8bTgFGWn/ibwzXTE8qwr1Yzx28vsecXEA== dependencies: whatwg-url "^5.0.0" -node-object-hash@^2.3.9: +node-object-hash@^2.3.10, node-object-hash@^2.3.9: version "2.3.10" resolved "https://registry.yarnpkg.com/node-object-hash/-/node-object-hash-2.3.10.tgz#4b0c1a3a8239e955f0db71f8e00b38b5c0b33992" integrity sha512-jY5dPJzw6NHd/KPSfPKJ+IHoFS81/tJ43r34ZeNMXGzCOM8jwQDCD12HYayKIB6MuznrnqIYy2e891NA2g0ibA== @@ -10685,10 +10673,10 @@ preact-svg-loader@^0.2.1: htmlparser "^1.7.7" loader-utils "^1.1.0" -prebuild-install@^6.1.4: - version "6.1.4" - resolved "https://registry.yarnpkg.com/prebuild-install/-/prebuild-install-6.1.4.tgz#ae3c0142ad611d58570b89af4986088a4937e00f" - integrity sha512-Z4vpywnK1lBg+zdPCVCsKq0xO66eEV9rWo2zrROGGiRS4JtueBOdlB1FnY8lcy7JsUud/Q3ijUxyWN26Ika0vQ== +prebuild-install@^7.0.0: + version "7.0.0" + resolved "https://registry.yarnpkg.com/prebuild-install/-/prebuild-install-7.0.0.tgz#3c5ce3902f1cb9d6de5ae94ca53575e4af0c1574" + integrity sha512-IvSenf33K7JcgddNz2D5w521EgO+4aMMjFt73Uk9FRzQ7P+QZPKrp7qPsDydsSwjGt3T5xRNnM1bj1zMTD5fTA== dependencies: detect-libc "^1.0.3" expand-template "^2.0.3" @@ -10696,11 +10684,11 @@ prebuild-install@^6.1.4: minimist "^1.2.3" mkdirp-classic "^0.5.3" napi-build-utils "^1.0.1" - node-abi "^2.21.0" + node-abi "^3.3.0" npmlog "^4.0.1" pump "^3.0.0" rc "^1.2.7" - simple-get "^3.0.3" + simple-get "^4.0.0" tar-fs "^2.0.0" tunnel-agent "^0.6.0" @@ -11963,17 +11951,17 @@ shallow-compare@^1.2.2: resolved "https://registry.yarnpkg.com/shallow-compare/-/shallow-compare-1.2.2.tgz#fa4794627bf455a47c4f56881d8a6132d581ffdb" integrity sha512-LUMFi+RppPlrHzbqmFnINTrazo0lPNwhcgzuAXVVcfy/mqPDrQmHAyz5bvV0gDAuRFrk804V0HpQ6u9sZ0tBeg== -sharp@^0.29.0, sharp@^0.29.1: - version "0.29.2" - resolved "https://registry.yarnpkg.com/sharp/-/sharp-0.29.2.tgz#e8c003cd9cb321585b32dbda6eed3baa7d6f2308" - integrity sha512-XWRdiYLIJ3tDUejRyG24KERnJzMfIoyiJBntd2S6/uj3NEeNgRFRLgiBlvPxMa8aml14dKKD98yHinSNKp1xzQ== +sharp@^0.29.0, sharp@^0.29.2: + version "0.29.3" + resolved "https://registry.yarnpkg.com/sharp/-/sharp-0.29.3.tgz#0da183d626094c974516a48fab9b3e4ba92eb5c2" + integrity sha512-fKWUuOw77E4nhpyzCCJR1ayrttHoFHBT2U/kR/qEMRhvPEcluG4BKj324+SCO1e84+knXHwhJ1HHJGnUt4ElGA== dependencies: color "^4.0.1" detect-libc "^1.0.3" node-addon-api "^4.2.0" - prebuild-install "^6.1.4" + prebuild-install "^7.0.0" semver "^7.3.5" - simple-get "^3.1.0" + simple-get "^4.0.0" tar-fs "^2.1.1" tunnel-agent "^0.6.0" @@ -12033,12 +12021,12 @@ simple-concat@^1.0.0: resolved "https://registry.yarnpkg.com/simple-concat/-/simple-concat-1.0.1.tgz#f46976082ba35c2263f1c8ab5edfe26c41c9552f" integrity sha512-cSFtAPtRhljv69IK0hTVZQ+OfE9nePi/rtJmw5UjHeVyVroEqJXP1sFztKUy1qU+xvz3u/sfYJLa947b7nAN2Q== -simple-get@^3.0.3, simple-get@^3.1.0: - version "3.1.0" - resolved "https://registry.yarnpkg.com/simple-get/-/simple-get-3.1.0.tgz#b45be062435e50d159540b576202ceec40b9c6b3" - integrity sha512-bCR6cP+aTdScaQCnQKbPKtJOKDp/hj9EDLJo3Nw4y1QksqaovlW/bnptB6/c1e+qmNIDHRK+oXFDdEqBT8WzUA== +simple-get@^4.0.0: + version "4.0.0" + resolved "https://registry.yarnpkg.com/simple-get/-/simple-get-4.0.0.tgz#73fa628278d21de83dadd5512d2cc1f4872bd675" + integrity sha512-ZalZGexYr3TA0SwySsr5HlgOOinS4Jsa8YB2GJ6lUNAazyAu4KG/VmzMTwAt2YVXzzVj8QmefmAonZIK2BSGcQ== dependencies: - decompress-response "^4.2.0" + decompress-response "^6.0.0" once "^1.3.1" simple-concat "^1.0.0" From 0f8384436ba6ff31148ea3c8a294facec0ed14d2 Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 8 Dec 2021 09:59:46 +0100 Subject: [PATCH 18/52] Add root dir sizes to dump on health checker disable --- setup-scripts/disk-usage-dump.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/setup-scripts/disk-usage-dump.sh b/setup-scripts/disk-usage-dump.sh index 9326d459..5cd3f1d0 100755 --- a/setup-scripts/disk-usage-dump.sh +++ b/setup-scripts/disk-usage-dump.sh @@ -23,6 +23,11 @@ dump () { echo df -h /home/user + # Root dirs + echo + echo "Root dirs:" + docker run -v /:/host-root alpine:3.15.0 sh -c 'du -hs /host-root/*' + # Home dirs echo echo "Home dirs:" From 0b1ea2b598bad0d4493b9a559b4e498402f2128d Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 8 Dec 2021 11:29:31 +0100 Subject: [PATCH 19/52] Add skynet-webportal dir sizes to dump on health checker disable --- setup-scripts/disk-usage-dump.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/setup-scripts/disk-usage-dump.sh b/setup-scripts/disk-usage-dump.sh index 5cd3f1d0..673852aa 100755 --- a/setup-scripts/disk-usage-dump.sh +++ b/setup-scripts/disk-usage-dump.sh @@ -33,6 +33,11 @@ dump () { echo "Home dirs:" docker run -v /home/user:/home/user alpine:3.15.0 du -hs /home/user/* + # Skynet webportal dirs + echo + echo "skynet-webportal dirs:" + docker run -v /home/user:/home/user alpine:3.15.0 du -hs /home/user/skynet-webportal/* + # Docker data dirs echo echo "Docker data dirs:" From 66e914e6496017927f85a8688df3aef254e844a1 Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Wed, 8 Dec 2021 12:20:57 +0100 Subject: [PATCH 20/52] Update root dir output --- setup-scripts/disk-usage-dump.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup-scripts/disk-usage-dump.sh b/setup-scripts/disk-usage-dump.sh index 673852aa..f56af47c 100755 --- a/setup-scripts/disk-usage-dump.sh +++ b/setup-scripts/disk-usage-dump.sh @@ -26,7 +26,7 @@ dump () { # Root dirs echo echo "Root dirs:" - docker run -v /:/host-root alpine:3.15.0 sh -c 'du -hs /host-root/*' + docker run -v /:/host-root alpine:3.15.0 sh -c 'du -hs /host-root/*' | sed 's#/host-root##' # Home dirs echo From c79f65061f013206c0025da61f4774d79296f975 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 9 Dec 2021 14:16:21 +0100 Subject: [PATCH 21/52] Switch to `main`. --- docker-compose.malware-scanner.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.malware-scanner.yml b/docker-compose.malware-scanner.yml index 7dd0dd0c..4863ff7c 100644 --- a/docker-compose.malware-scanner.yml +++ b/docker-compose.malware-scanner.yml @@ -31,7 +31,7 @@ services: context: ./docker/malware-scanner dockerfile: Dockerfile args: - branch: ivo/impl + branch: main container_name: malware-scanner restart: unless-stopped logging: *default-logging From b119bba8bc80fd9050e71ffdb8f255453ac75e1d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Dec 2021 13:31:35 +0000 Subject: [PATCH 22/52] Bump next from 12.0.3 to 12.0.5 in /packages/dashboard Bumps [next](https://github.com/vercel/next.js) from 12.0.3 to 12.0.5. - [Release notes](https://github.com/vercel/next.js/releases) - [Changelog](https://github.com/vercel/next.js/blob/canary/release.js) - [Commits](https://github.com/vercel/next.js/compare/v12.0.3...v12.0.5) --- updated-dependencies: - dependency-name: next dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- packages/dashboard/package.json | 2 +- packages/dashboard/yarn.lock | 172 ++++++++++++++++---------------- 2 files changed, 87 insertions(+), 87 deletions(-) diff --git a/packages/dashboard/package.json b/packages/dashboard/package.json index 14dcd063..ad810d1b 100644 --- a/packages/dashboard/package.json +++ b/packages/dashboard/package.json @@ -21,7 +21,7 @@ "formik": "2.2.9", "http-status-codes": "2.1.4", "ky": "0.28.7", - "next": "12.0.3", + "next": "12.0.5", "normalize.css": "8.0.1", "postcss": "8.3.11", "prettier": "2.4.1", diff --git a/packages/dashboard/yarn.lock b/packages/dashboard/yarn.lock index e4dd2bd8..f99c9742 100644 --- a/packages/dashboard/yarn.lock +++ b/packages/dashboard/yarn.lock @@ -50,14 +50,14 @@ core-js-pure "^3.19.0" regenerator-runtime "^0.13.4" -"@babel/runtime@7.15.4", "@babel/runtime@^7.11.2", "@babel/runtime@^7.15.4": +"@babel/runtime@7.15.4": version "7.15.4" resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.15.4.tgz#fd17d16bfdf878e6dd02d19753a39fa8a8d9c84a" integrity sha512-99catp6bHCaxr4sJ/DbTGgHS4+Rs2RVd2g7iOap6SLGPDknRK9ztKNsE/Fg6QhSeh1FGE5f6gHGQmvvn3I3xhw== dependencies: regenerator-runtime "^0.13.4" -"@babel/runtime@^7.10.2": +"@babel/runtime@^7.10.2", "@babel/runtime@^7.11.2", "@babel/runtime@^7.15.4": version "7.16.3" resolved "https://registry.yarnpkg.com/@babel/runtime/-/runtime-7.16.3.tgz#b86f0db02a04187a3c17caa77de69840165d42d5" integrity sha512-WBwekcqacdY2e9AF/Q7WLFUWmdJGJTkbjqTjoMDgXkVZ3ZRUvOPsLb5KdwISoQVsbP+DQzVZW4Zhci0DvpbNTQ== @@ -136,10 +136,10 @@ resolved "https://registry.yarnpkg.com/@napi-rs/triples/-/triples-1.0.3.tgz#76d6d0c3f4d16013c61e45dfca5ff1e6c31ae53c" integrity sha512-jDJTpta+P4p1NZTFVLHJ/TLFVYVcOqv6l8xwOeBKNPMgY/zDYH/YH7SJbvrr/h1RcS9GzbPcLKGzpuK9cV56UA== -"@next/env@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/env/-/env-12.0.3.tgz#e676b4d1454d8b6be433a348e99f2b8276ab6cd7" - integrity sha512-QcdlpcwIH9dYcVlNAU+gXaqHA/omskbRlb+R3vN7LlB2EgLt+9WQwbokcHOsNyt4pI7kDM67W4tr9l7dWnlGdQ== +"@next/env@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/env/-/env-12.0.5.tgz#8116b88348f7a06b6238e61a5170047a34c5d8e4" + integrity sha512-Q8Imt2zahveh369OKCpuXTQbpkUhXsI2HZ4VTkzA0ymkhA3WVAjM369eW/ceEE2cR7YFA6LzgQ35kfoX4fOd+Q== "@next/eslint-plugin-next@12.0.3": version "12.0.3" @@ -148,15 +148,15 @@ dependencies: glob "7.1.7" -"@next/polyfill-module@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/polyfill-module/-/polyfill-module-12.0.3.tgz#4217e5284762124bf9fe2505622c4de89998f7a2" - integrity sha512-fgjVjdCk0Jq627d/N33oQIJjWrcKtzw6Dfa2PfypoIJ35/xFIKgs6mPyvq8cg3Ao5b7dEn9+Rw45PGjlY5e7JA== +"@next/polyfill-module@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/polyfill-module/-/polyfill-module-12.0.5.tgz#fe5586f035c36fd1c20d3ade57831cb7686e6eb8" + integrity sha512-OknhYqdrIlAEopdUoybh76ewIvWfX4JnOdLwJoj1PO+oRkmxNJ8aeOapHBXSM8qeZuOQuDUfNbQn86Ra/qd3nQ== -"@next/react-dev-overlay@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/react-dev-overlay/-/react-dev-overlay-12.0.3.tgz#d85a609bf7d75eb190940d0fc64eff94c0e4a478" - integrity sha512-gHfDEVHFeTUpQMcyytzvkuOu+5DQXjXbCbQHuavFftYrlHqXfzYFsa+wERff+g4/0IzEvcYVp3F4gdmynWfUog== +"@next/react-dev-overlay@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/react-dev-overlay/-/react-dev-overlay-12.0.5.tgz#9f60d77927ba8c63a404da00bd9f2372c331c959" + integrity sha512-CAzJ0oaH4KQEmnsJKGKWbpoB/rYBE8vQ+rAkdH7+JN+yFHE4r8X/C19ZK1TSB5TfuLqjzKySAPDmr7vF/aE5xA== dependencies: "@babel/code-frame" "7.12.11" anser "1.4.9" @@ -170,65 +170,65 @@ stacktrace-parser "0.1.10" strip-ansi "6.0.1" -"@next/react-refresh-utils@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/react-refresh-utils/-/react-refresh-utils-12.0.3.tgz#1389b0370e258634432d6dd78f889c09a8328e10" - integrity sha512-YPtlfvkYh/4MvNNm5w3uwo+1KPMg67snzr5CuexbRewsu2ITaF7f0bh0Jcayi20wztk8SgWjNz1bmF8j9qbWIw== +"@next/react-refresh-utils@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/react-refresh-utils/-/react-refresh-utils-12.0.5.tgz#ecfe49dcfbc871212a36989366c1a8f076c9e855" + integrity sha512-pnVmX+DSC6BaJ2P+OdT/8+pyLaL1E3a60ivRcFf9rXtoNVo59ByXqXeQXfPJgSnJqF3vFLf8He2NjVDB1RdweQ== -"@next/swc-android-arm64@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-android-arm64/-/swc-android-arm64-12.0.3.tgz#8b99b3e7f13dda1f4c3c6dc83af73d8f40afecd5" - integrity sha512-40sOl9/50aamX0dEMrecqJQcUrRK47D7S9F66ulrZmz+5Ujp0lnP1rBOXngo0PZMecfU1tr7zbNubiAMDxfCxw== +"@next/swc-android-arm64@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-android-arm64/-/swc-android-arm64-12.0.5.tgz#2840ed782f045cba40d049d8ac487c3352c973df" + integrity sha512-UTwJFbhxiucxb1/ai9PjdOKgDfz2dj3wMmTXWbLVgDfZk1PH/J0BbfTXpgJ7zEmoCIPoMjj+J0nPC3YGVkMICQ== -"@next/swc-darwin-arm64@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-darwin-arm64/-/swc-darwin-arm64-12.0.3.tgz#a385e610fb4a20c47355520b82a79d08e0f6441e" - integrity sha512-iKSe2hCMB51Ft41cNAxZk6St1rBlqSRtBSl4oO0zJlGu7bCxXCGCJ058/OLvYxcNWgz7ODOApObm3Yjv8XEvxg== +"@next/swc-darwin-arm64@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-darwin-arm64/-/swc-darwin-arm64-12.0.5.tgz#22e20335000a2112561e22264db3e9b77a923a37" + integrity sha512-snOoobsQ6MyFZyjODglqcfvXbqlp2BC9fOlTVM4tViX+KWy8/MTdMCov1oezukai/0oqgJnHpZQAyFK4bqbJqQ== -"@next/swc-darwin-x64@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-darwin-x64/-/swc-darwin-x64-12.0.3.tgz#0405a3838a652b7bb44c5cd5d920c11240194385" - integrity sha512-/BcnfLyhIj4rgU3yVDfD8uXK2TcNYIdflYHKkjFxd3/J1GWOtBN31m0dB8fL0h5LdW11kzaXvVvab3f5ilkEww== +"@next/swc-darwin-x64@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-darwin-x64/-/swc-darwin-x64-12.0.5.tgz#a394e471ced02dcd1099908ba3286b578a36cb87" + integrity sha512-YbI95eUUh6HH2nh26UoyezZABWd5NbjeIs9GeQGZSznolVoS4JNUvzzl3yf2Ugew0yrXlxJgOpG86qoXvhGBZQ== -"@next/swc-linux-arm-gnueabihf@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-linux-arm-gnueabihf/-/swc-linux-arm-gnueabihf-12.0.3.tgz#f5d43be7314044526fd9f1eef34337bb95f02e01" - integrity sha512-2HNPhBJuN9L6JzqqqdYB4TKfFFmaKkpF0X3C1s83Xp61mR2sx8gOthHQtZqWDs4ZLnKZU0j2flGU1uuqpHPCpg== +"@next/swc-linux-arm-gnueabihf@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-linux-arm-gnueabihf/-/swc-linux-arm-gnueabihf-12.0.5.tgz#1a870e134ca971a35e15e2d3f1fb21d9f4b09bf0" + integrity sha512-4ZOzb8GoCX1f/SmCjNCDIpyLukhPElAulPPUgeMo4cfHX/rSkXMXmfZQmUk0MFabRl6Y1mX0GFN1Qflya3bxYw== -"@next/swc-linux-arm64-gnu@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-12.0.3.tgz#6f1cda1dadabcc4d4f13bd6f5ce23b9879bc6d73" - integrity sha512-NXTON1XK7zi2i+A+bY1PVLi1g5b8cSwgzbnuVR0vAgOtU+3at7FqAKOWfuFIXY7eBEK65uu0Fu5gADhMj0uanQ== +"@next/swc-linux-arm64-gnu@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-12.0.5.tgz#646ae3296d20b7e32221cf024484c630c82aaac9" + integrity sha512-fa4Cd0m64zln0hIUovDtbRef4PDJuxlEdywv0TnJqYqLBl6MV7wYJeC5vZjNtRjsnEBTWXAlMXN3mBXwfOQatA== -"@next/swc-linux-arm64-musl@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-12.0.3.tgz#1eedc1f1fcafc9862ef7e83205ada96bf320a694" - integrity sha512-8D0q22VavhcIl2ZQErEffgh5q6mChaG84uTluAoFfjwrgYtPDZX0M5StqkTZL6T5gA5RLHboNVoscIKGZWMojQ== +"@next/swc-linux-arm64-musl@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-12.0.5.tgz#b6940ae25539dfa8568bc2d544ca52d40009b8ad" + integrity sha512-keXca5WEa9poQ+3jJY6wVKFdOYYrfTx2exanV0DiZrz8ImJAMof6r9h5vHze+g7R+kDSZKM1UnM0I4lqcQqshQ== -"@next/swc-linux-x64-gnu@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-linux-x64-gnu/-/swc-linux-x64-gnu-12.0.3.tgz#eca85107b01a7571957ae25104d11042e9835a49" - integrity sha512-4mkimH9nMzbuQfLmZ152NYSHdrII9AeqrkrHszexL1Lup2TLMPuxlXj55eVnyyeKFXRLlnqbCu7aOIND68RbOA== +"@next/swc-linux-x64-gnu@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-linux-x64-gnu/-/swc-linux-x64-gnu-12.0.5.tgz#663553b4a97eb779c9c3903d52ab58723979d81b" + integrity sha512-E8lDTLuK+oyg0/WrkimFlLRnhsPuzIkFYgnB3WT9HwAW/2bcjbER3rVkOdXkg6UrfpU2aeJrHYmvzNcbp5rCKw== -"@next/swc-linux-x64-musl@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-linux-x64-musl/-/swc-linux-x64-musl-12.0.3.tgz#758656b8e36a520c03763d154c366bec889c56b3" - integrity sha512-MXvx+IDYoSsSM7KcwbQAVo9r+ZeklHeDQiUEmyRRzQE1Q4JvkWwMdPu/NfFdyxur+RfKjRoUoWFdPi5MBKTpkw== +"@next/swc-linux-x64-musl@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-linux-x64-musl/-/swc-linux-x64-musl-12.0.5.tgz#559d0154badb2c34ed83d3cb7633b803992e2aa2" + integrity sha512-x4FAVszuNYKU7K8e5cLs6giQBZIS9rhTmylA4C5CvOonI6cSsR6yGxZiuivdHZ07TxEKL3o70InrSnDnqCtvUQ== -"@next/swc-win32-arm64-msvc@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-12.0.3.tgz#3f8ab8fa3367d729e49b3072fb24f9d0f8af7c21" - integrity sha512-8GusumFZLp/mtVix+3JZVTGqzqntTsrTIFZ+GpcLMwyVjB3KkBwHiwJaa38WGleUinJSpJvgmhTWgppsiSKW3A== +"@next/swc-win32-arm64-msvc@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-12.0.5.tgz#a9dfb319f8c1eacbdda20a0d836bed61371a9544" + integrity sha512-jWA+cNtMpW7etgQ0R+8mAYzeraFI13SuxsEWaPBFXS8x60UAdYR3re3Kz9Y+vQdUkBV+a+l7zV1Ss+laKhOeug== -"@next/swc-win32-ia32-msvc@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-win32-ia32-msvc/-/swc-win32-ia32-msvc-12.0.3.tgz#e3df153a4e0c896a5871f1d26c7e176fa1ceec72" - integrity sha512-mF7bkxSZ++QiB+E0HFqay/etvPF+ZFcCuG27lSwFIM00J+TE0IRqMyMx66vJ8g1h6khpwXPI0o2hrwIip/r8cQ== +"@next/swc-win32-ia32-msvc@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-win32-ia32-msvc/-/swc-win32-ia32-msvc-12.0.5.tgz#86d7498f9a64c8a6af3fcf5d02fc4a1426b70399" + integrity sha512-7tJGeWIiQWg+FKpwcY8xZ7JsSn2HVD7bM62KPkC3nkArmI3v/oAP95rHStVnMEuul6cnbSPAcvLJvCfJCIj+Wg== -"@next/swc-win32-x64-msvc@12.0.3": - version "12.0.3" - resolved "https://registry.yarnpkg.com/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-12.0.3.tgz#c3e4af29cd74190b89461ccc26b932ae4c27f99d" - integrity sha512-eXFwyf46UFFggMQ3k2tJsOmB3SuKjWaSiZJH0tTDUsLw74lyqyzJqMCVA4yY0gWSlEnSjmX5nrCBknVZd3joaA== +"@next/swc-win32-x64-msvc@12.0.5": + version "12.0.5" + resolved "https://registry.yarnpkg.com/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-12.0.5.tgz#06e64f80aa905b479e547937608f976ea52a1680" + integrity sha512-6o9CJZy/qzlkMKvCHZsPNCUP4hzIgcOCpynOhJaCy3kqeyZsv/3lEg9SHKywoEhZjTkV06RgZO6hV3kmjeajYw== "@nodelib/fs.scandir@2.1.5": version "2.1.5" @@ -2600,18 +2600,18 @@ natural-compare@^1.4.0: resolved "https://registry.yarnpkg.com/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" integrity sha1-Sr6/7tdUHywnrPspvbvRXI1bpPc= -next@12.0.3: - version "12.0.3" - resolved "https://registry.yarnpkg.com/next/-/next-12.0.3.tgz#325732ceb4193306a9a31912815fc570d1a66641" - integrity sha512-GGdhTBcerdMZbitrO67IVetmB+AHa2X69xrkXKClUT8SRu8pEVto/2QMSnfI+uYc5czCUWPsVtVY3aMoMRMaCA== +next@12.0.5: + version "12.0.5" + resolved "https://registry.yarnpkg.com/next/-/next-12.0.5.tgz#a36db23f7dc77de0720ad36d32f818594f6754d9" + integrity sha512-Yuq01fmjnwmiZCOOP8nPJKp7/kFDTCUv1xX3qO9iMouWRl5rHPvp14U2J6VexttxesaIAaP+1CABP2yR2HLXTA== dependencies: "@babel/runtime" "7.15.4" "@hapi/accept" "5.0.2" "@napi-rs/triples" "1.0.3" - "@next/env" "12.0.3" - "@next/polyfill-module" "12.0.3" - "@next/react-dev-overlay" "12.0.3" - "@next/react-refresh-utils" "12.0.3" + "@next/env" "12.0.5" + "@next/polyfill-module" "12.0.5" + "@next/react-dev-overlay" "12.0.5" + "@next/react-refresh-utils" "12.0.5" acorn "8.5.0" assert "2.0.0" browserify-zlib "0.2.0" @@ -2653,19 +2653,19 @@ next@12.0.3: use-subscription "1.5.1" util "0.12.4" vm-browserify "1.1.2" - watchpack "2.1.1" + watchpack "2.3.0" optionalDependencies: - "@next/swc-android-arm64" "12.0.3" - "@next/swc-darwin-arm64" "12.0.3" - "@next/swc-darwin-x64" "12.0.3" - "@next/swc-linux-arm-gnueabihf" "12.0.3" - "@next/swc-linux-arm64-gnu" "12.0.3" - "@next/swc-linux-arm64-musl" "12.0.3" - "@next/swc-linux-x64-gnu" "12.0.3" - "@next/swc-linux-x64-musl" "12.0.3" - "@next/swc-win32-arm64-msvc" "12.0.3" - "@next/swc-win32-ia32-msvc" "12.0.3" - "@next/swc-win32-x64-msvc" "12.0.3" + "@next/swc-android-arm64" "12.0.5" + "@next/swc-darwin-arm64" "12.0.5" + "@next/swc-darwin-x64" "12.0.5" + "@next/swc-linux-arm-gnueabihf" "12.0.5" + "@next/swc-linux-arm64-gnu" "12.0.5" + "@next/swc-linux-arm64-musl" "12.0.5" + "@next/swc-linux-x64-gnu" "12.0.5" + "@next/swc-linux-x64-musl" "12.0.5" + "@next/swc-win32-arm64-msvc" "12.0.5" + "@next/swc-win32-ia32-msvc" "12.0.5" + "@next/swc-win32-x64-msvc" "12.0.5" node-emoji@^1.11.0: version "1.11.0" @@ -3890,10 +3890,10 @@ vm-browserify@1.1.2: resolved "https://registry.yarnpkg.com/vm-browserify/-/vm-browserify-1.1.2.tgz#78641c488b8e6ca91a75f511e7a3b32a86e5dda0" integrity sha512-2ham8XPWTONajOR0ohOKOHXkm3+gaBmGut3SRuu75xLd/RRaY6vqgh8NBYYk7+RW3u5AtzPQZG8F10LHkl0lAQ== -watchpack@2.1.1: - version "2.1.1" - resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-2.1.1.tgz#e99630550fca07df9f90a06056987baa40a689c7" - integrity sha512-Oo7LXCmc1eE1AjyuSBmtC3+Wy4HcV8PxWh2kP6fOl8yTlNS7r0K9l1ao2lrrUza7V39Y3D/BbJgY8VeSlc5JKw== +watchpack@2.3.0: + version "2.3.0" + resolved "https://registry.yarnpkg.com/watchpack/-/watchpack-2.3.0.tgz#a41bca3da6afaff31e92a433f4c856a0c25ea0c4" + integrity sha512-MnN0Q1OsvB/GGHETrFeZPQaOelWh/7O+EiFlj8sM9GPjtQkis7k01aAxrg/18kTfoIVcLL+haEVFlXDaSRwKRw== dependencies: glob-to-regexp "^0.4.1" graceful-fs "^4.1.2" From 8e116383160726517f4e438d194ed8d8ce0403eb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Dec 2021 13:32:26 +0000 Subject: [PATCH 23/52] Bump prettier from 2.4.1 to 2.5.1 in /packages/dashboard Bumps [prettier](https://github.com/prettier/prettier) from 2.4.1 to 2.5.1. - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](https://github.com/prettier/prettier/compare/2.4.1...2.5.1) --- updated-dependencies: - dependency-name: prettier dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- packages/dashboard/package.json | 2 +- packages/dashboard/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/dashboard/package.json b/packages/dashboard/package.json index 14dcd063..f33f7c49 100644 --- a/packages/dashboard/package.json +++ b/packages/dashboard/package.json @@ -24,7 +24,7 @@ "next": "12.0.3", "normalize.css": "8.0.1", "postcss": "8.3.11", - "prettier": "2.4.1", + "prettier": "2.5.1", "pretty-bytes": "5.6.0", "react": "17.0.2", "react-dom": "17.0.2", diff --git a/packages/dashboard/yarn.lock b/packages/dashboard/yarn.lock index e4dd2bd8..0b31f785 100644 --- a/packages/dashboard/yarn.lock +++ b/packages/dashboard/yarn.lock @@ -3026,10 +3026,10 @@ prelude-ls@^1.2.1: resolved "https://registry.yarnpkg.com/prelude-ls/-/prelude-ls-1.2.1.tgz#debc6489d7a6e6b0e7611888cec880337d316396" integrity sha512-vkcDPrRZo1QZLbn5RLGPpg/WmIQ65qoWWhcGKf/b5eplkkarX0m9z8ppCat4mlOqUsWpyNuYgO3VRyrYHSzX5g== -prettier@2.4.1: - version "2.4.1" - resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.4.1.tgz#671e11c89c14a4cfc876ce564106c4a6726c9f5c" - integrity sha512-9fbDAXSBcc6Bs1mZrDYb3XKzDLm4EXXL9sC1LqKP5rZkT6KRr/rf9amVUcODVXgguK/isJz0d0hP72WeaKWsvA== +prettier@2.5.1: + version "2.5.1" + resolved "https://registry.yarnpkg.com/prettier/-/prettier-2.5.1.tgz#fff75fa9d519c54cf0fce328c1017d94546bc56a" + integrity sha512-vBZcPRUR5MZJwoyi3ZoyQlc1rXeEck8KgeC9AwwOn+exuxLxq5toTRDTSaVrXHxelDMHy9zlicw8u66yxoSUFg== pretty-bytes@5.6.0: version "5.6.0" From 73b36452995fe60b8f2fba01c756039c56582706 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Dec 2021 13:34:42 +0000 Subject: [PATCH 24/52] Bump @fontsource/source-sans-pro in /packages/website Bumps [@fontsource/source-sans-pro](https://github.com/fontsource/fontsource/tree/HEAD/packages/source-sans-pro) from 4.5.0 to 4.5.1. - [Release notes](https://github.com/fontsource/fontsource/releases) - [Changelog](https://github.com/fontsource/fontsource/blob/main/CHANGELOG.md) - [Commits](https://github.com/fontsource/fontsource/commits/@fontsource/rasa@4.5.1/packages/source-sans-pro) --- updated-dependencies: - dependency-name: "@fontsource/source-sans-pro" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- packages/website/package.json | 2 +- packages/website/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/website/package.json b/packages/website/package.json index fe6cd49d..66edbf07 100644 --- a/packages/website/package.json +++ b/packages/website/package.json @@ -6,7 +6,7 @@ "author": "Skynet Labs.", "dependencies": { "@fontsource/sora": "^4.5.0", - "@fontsource/source-sans-pro": "^4.5.0", + "@fontsource/source-sans-pro": "^4.5.1", "@svgr/webpack": "^5.5.0", "@tailwindcss/typography": "^0.4.1", "autoprefixer": "^10.4.0", diff --git a/packages/website/yarn.lock b/packages/website/yarn.lock index ae0038f0..b01505fe 100644 --- a/packages/website/yarn.lock +++ b/packages/website/yarn.lock @@ -1125,10 +1125,10 @@ resolved "https://registry.yarnpkg.com/@fontsource/sora/-/sora-4.5.0.tgz#bfd505c063fbfd77b42b1a8a05025aac52d4ea5f" integrity sha512-bXr7HZPHh/dtfcp9UfEIrYhiMzmcsGvooz9kkmxi5iYwuqs4O1YWfkNbbPSMoRH/cucrMtlGUuC9eRbFx4Yn5Q== -"@fontsource/source-sans-pro@^4.5.0": - version "4.5.0" - resolved "https://registry.yarnpkg.com/@fontsource/source-sans-pro/-/source-sans-pro-4.5.0.tgz#19726a3c609f9450bfc53811b8497d4684ff2111" - integrity sha512-+ze+nO9dVN5pAVg9CdQmVgR6f8kDpq/elHMGcyx3qsW4+TN4mI7EuMdNzKP3E1xeZwTHSmHY5bezpfFHX7bQsg== +"@fontsource/source-sans-pro@^4.5.1": + version "4.5.1" + resolved "https://registry.yarnpkg.com/@fontsource/source-sans-pro/-/source-sans-pro-4.5.1.tgz#9c4f2b6061d38cd85e89fde21893e23b8a7f227c" + integrity sha512-JYEldSfnqxoDVUL6QgqT8Fiyjh0p7WlKcqKNevzDylpWabdejVRyFzPhTk2ZceKZd02KEOaL+K462U6u0/PQiA== "@gatsbyjs/reach-router@^1.3.6": version "1.3.6" From bf5aa247dd527ff21e96a3ce081b81699b81d1a2 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 9 Dec 2021 16:21:49 +0100 Subject: [PATCH 25/52] Add nginx triggers that would let malware-scanner know that it needs to scan a given skylink. --- docker/nginx/conf.d/include/track-download | 23 +++++++++++++++++++++- docker/nginx/conf.d/include/track-upload | 23 +++++++++++++++++++++- 2 files changed, 44 insertions(+), 2 deletions(-) diff --git a/docker/nginx/conf.d/include/track-download b/docker/nginx/conf.d/include/track-download index 9ed5eda9..f7bdb366 100644 --- a/docker/nginx/conf.d/include/track-download +++ b/docker/nginx/conf.d/include/track-download @@ -14,14 +14,35 @@ log_by_lua_block { method = "POST", headers = { ["Cookie"] = "skynet-jwt=" .. jwt }, }) - + if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then ngx.log(ngx.ERR, "Failed accounts service request /track/download/" .. skylink .. ": ", err or ("[HTTP " .. res.status .. "] " .. res.body)) end end + local function scan(premature, skylink, jwt) + if premature then return end + + local httpc = require("resty.http").new() + + -- 10.10.10.101 points to malware-scanner service (alias not available when using resty-http) + local res, err = httpc:request_uri("http://10.10.10.101:3000/scan/" .. skylink, { + method = "POST", + headers = { ["Cookie"] = "skynet-jwt=" .. jwt }, + }) + + if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then + ngx.log(ngx.ERR, "Failed malware-scanner request /scan/" .. skylink .. ": ", err or ("[HTTP " .. res.status .. "] " .. res.body)) + end + end + if ngx.header["Skynet-Skylink"] and ngx.var.skynet_jwt ~= "" and ngx.status >= ngx.HTTP_OK and ngx.status < ngx.HTTP_SPECIAL_RESPONSE then local ok, err = ngx.timer.at(0, track, ngx.header["Skynet-Skylink"], ngx.status, ngx.var.body_bytes_sent, ngx.var.skynet_jwt) if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end end + + -- Unlike accounts, malware-scanner wants to be pinged about each skylink, + -- not only the ones downloaded by registered accounts. + local scan_ok, scan_err = ngx.timer.at(0, scan, ngx.header["Skynet-Skylink"], ngx.var.skynet_jwt) + if scan_err then ngx.log(ngx.ERR, "Failed to create timer: ", scan_err) end } diff --git a/docker/nginx/conf.d/include/track-upload b/docker/nginx/conf.d/include/track-upload index b9c54ad1..503f5cbe 100644 --- a/docker/nginx/conf.d/include/track-upload +++ b/docker/nginx/conf.d/include/track-upload @@ -13,14 +13,35 @@ log_by_lua_block { method = "POST", headers = { ["Cookie"] = "skynet-jwt=" .. jwt }, }) - + if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then ngx.log(ngx.ERR, "Failed accounts service request /track/upload/" .. skylink .. ": ", err or ("[HTTP " .. res.status .. "] " .. res.body)) end end + local function scan(premature, skylink, jwt) + if premature then return end + + local httpc = require("resty.http").new() + + -- 10.10.10.101 points to malware-scanner service (alias not available when using resty-http) + local res, err = httpc:request_uri("http://10.10.10.101:3000/scan/" .. skylink, { + method = "POST", + headers = { ["Cookie"] = "skynet-jwt=" .. jwt }, + }) + + if err or (res and res.status ~= ngx.HTTP_NO_CONTENT) then + ngx.log(ngx.ERR, "Failed malware-scanner request /scan/" .. skylink .. ": ", err or ("[HTTP " .. res.status .. "] " .. res.body)) + end + end + if ngx.header["Skynet-Skylink"] and ngx.var.skynet_jwt ~= "" then local ok, err = ngx.timer.at(0, track, ngx.header["Skynet-Skylink"], ngx.var.skynet_jwt) if err then ngx.log(ngx.ERR, "Failed to create timer: ", err) end end + + -- Unlike accounts, malware-scanner wants to be pinged about each skylink, + -- not only the ones uploaded by registered accounts. + local scan_ok, scan_err = ngx.timer.at(0, scan, ngx.header["Skynet-Skylink"], ngx.var.skynet_jwt) + if scan_err then ngx.log(ngx.ERR, "Failed to create timer: ", scan_err) end } From dfdd981212ce62a426c27f9255c3cfb632372986 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Thu, 9 Dec 2021 17:51:40 +0100 Subject: [PATCH 26/52] Add a new volume that allows blocker to write to nginx's local disk. --- docker-compose.blocker.yml | 2 ++ docker-compose.yml | 1 + 2 files changed, 3 insertions(+) diff --git a/docker-compose.blocker.yml b/docker-compose.blocker.yml index b76d2e43..56d23646 100644 --- a/docker-compose.blocker.yml +++ b/docker-compose.blocker.yml @@ -16,6 +16,8 @@ services: logging: *default-logging env_file: - .env + volumes: + - ./docker/data/nginx/blocker:/data/nginx/blocker expose: - 4000 networks: diff --git a/docker-compose.yml b/docker-compose.yml index ca4dc51a..e88b2e22 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -67,6 +67,7 @@ services: volumes: - ./docker/nginx/nginx.conf:/usr/local/openresty/nginx/conf/nginx.conf:ro - ./docker/data/nginx/cache:/data/nginx/cache + - ./docker/data/nginx/blocker:/data/nginx/blocker - ./docker/data/nginx/logs:/usr/local/openresty/nginx/logs - ./docker/data/nginx/skynet:/data/nginx/skynet:ro - ./docker/data/sia/apipassword:/data/sia/apipassword:ro From ddf6fdd87510885f71ce6bbf9cb96736d77419b2 Mon Sep 17 00:00:00 2001 From: Ivaylo Novakov Date: Mon, 13 Dec 2021 11:36:47 +0200 Subject: [PATCH 27/52] Add a docstring explaining the `dc` command. --- dc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/dc b/dc index c041317a..5d21567a 100755 --- a/dc +++ b/dc @@ -1,5 +1,10 @@ #!/bin/bash +# The dc command is an alias to docker-compose which also scans the current portal configuration (as defined in .env) +# and selects the right docker-compose files to include in the operation. You can use the command in the same way you +# would use docker-compose with the only difference being that you don't need to specify compose files. For more +# information you can run `./dc` or `./dc help`. + if [ -f .env ]; then OLD_IFS=$IFS; IFS=$'\n'; for x in `grep -v '^#.*' .env`; do export $x; done; IFS=$OLD_IFS fi From 12fffc28e2ef3d5215a48612c194349ff45ca924 Mon Sep 17 00:00:00 2001 From: Filip Rysavy <29089732+firyx@users.noreply.github.com> Date: Mon, 13 Dec 2021 12:48:12 +0100 Subject: [PATCH 28/52] Hot reload nginx after pruning cache --- changelog/items/other/nginx-prune-hot-reload.md | 1 + scripts/nginx-prune.sh | 5 ++++- 2 files changed, 5 insertions(+), 1 deletion(-) create mode 100644 changelog/items/other/nginx-prune-hot-reload.md diff --git a/changelog/items/other/nginx-prune-hot-reload.md b/changelog/items/other/nginx-prune-hot-reload.md new file mode 100644 index 00000000..c0780778 --- /dev/null +++ b/changelog/items/other/nginx-prune-hot-reload.md @@ -0,0 +1 @@ +- Hot reload Nginx after pruning cache files. \ No newline at end of file diff --git a/scripts/nginx-prune.sh b/scripts/nginx-prune.sh index f67d29e7..ea5a1384 100755 --- a/scripts/nginx-prune.sh +++ b/scripts/nginx-prune.sh @@ -2,5 +2,8 @@ # We execute the nginx cache pruning subscript from docker container so that we # can run the pruning script in user crontab without sudo. - docker run --rm -v /home/user:/home/user bash /home/user/skynet-webportal/scripts/lib/nginx-prune-cache-subscript.sh + +# Some cache files are deleted, but are kept open, we hot reload nginx to get +# them closed and removed from filesystem. +docker exec nginx nginx -s reload From dbedc7467077f922cb997baf8d0392afdb6cf47b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Dec 2021 12:07:12 +0000 Subject: [PATCH 29/52] Bump @stripe/stripe-js from 1.21.1 to 1.22.0 in /packages/dashboard Bumps [@stripe/stripe-js](https://github.com/stripe/stripe-js) from 1.21.1 to 1.22.0. - [Release notes](https://github.com/stripe/stripe-js/releases) - [Commits](https://github.com/stripe/stripe-js/compare/v1.21.1...v1.22.0) --- updated-dependencies: - dependency-name: "@stripe/stripe-js" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- packages/dashboard/package.json | 2 +- packages/dashboard/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/dashboard/package.json b/packages/dashboard/package.json index 14dcd063..e0533f72 100644 --- a/packages/dashboard/package.json +++ b/packages/dashboard/package.json @@ -11,7 +11,7 @@ "@fontsource/sora": "4.5.0", "@fontsource/source-sans-pro": "4.5.0", "@stripe/react-stripe-js": "1.6.0", - "@stripe/stripe-js": "1.21.1", + "@stripe/stripe-js": "1.22.0", "autoprefixer": "10.4.0", "classnames": "2.3.1", "copy-text-to-clipboard": "^3.0.1", diff --git a/packages/dashboard/yarn.lock b/packages/dashboard/yarn.lock index e4dd2bd8..7bfe0ae4 100644 --- a/packages/dashboard/yarn.lock +++ b/packages/dashboard/yarn.lock @@ -263,10 +263,10 @@ dependencies: prop-types "^15.7.2" -"@stripe/stripe-js@1.21.1": - version "1.21.1" - resolved "https://registry.yarnpkg.com/@stripe/stripe-js/-/stripe-js-1.21.1.tgz#e56cd01f889dc06af4a68ebf61d2492a87e80da1" - integrity sha512-/HhRol0Bia/6L7JstXUOpg3m0U3nBW8c2tvaBE6QdonN+OMusYT9AIqCMR/PyzoF3ROifFJ2kbWT7xQjbKN3tw== +"@stripe/stripe-js@1.22.0": + version "1.22.0" + resolved "https://registry.yarnpkg.com/@stripe/stripe-js/-/stripe-js-1.22.0.tgz#9d3d2f0a1ce81f185ec477fd7cc67544b2b2a00c" + integrity sha512-fm8TR8r4LwbXgBIYdPmeMjJJkxxFC66tvoliNnmXOpUgZSgQKoNPW3ON0ZphZIiif1oqWNhAaSrr7tOvGu+AFg== "@tailwindcss/forms@0.3.4": version "0.3.4" From 50aae5c3baed7ae5010933883af332199f227abb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Dec 2021 12:07:21 +0000 Subject: [PATCH 30/52] Bump stripe from 8.188.0 to 8.193.0 in /packages/dashboard Bumps [stripe](https://github.com/stripe/stripe-node) from 8.188.0 to 8.193.0. - [Release notes](https://github.com/stripe/stripe-node/releases) - [Changelog](https://github.com/stripe/stripe-node/blob/master/CHANGELOG.md) - [Commits](https://github.com/stripe/stripe-node/compare/v8.188.0...v8.193.0) --- updated-dependencies: - dependency-name: stripe dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- packages/dashboard/package.json | 2 +- packages/dashboard/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/packages/dashboard/package.json b/packages/dashboard/package.json index 14dcd063..a755e5ca 100644 --- a/packages/dashboard/package.json +++ b/packages/dashboard/package.json @@ -30,7 +30,7 @@ "react-dom": "17.0.2", "react-toastify": "8.1.0", "skynet-js": "3.0.2", - "stripe": "8.188.0", + "stripe": "8.193.0", "superagent": "6.1.0", "swr": "1.0.1", "yup": "0.32.11" diff --git a/packages/dashboard/yarn.lock b/packages/dashboard/yarn.lock index e4dd2bd8..5922bc24 100644 --- a/packages/dashboard/yarn.lock +++ b/packages/dashboard/yarn.lock @@ -3583,10 +3583,10 @@ strip-json-comments@^3.1.0, strip-json-comments@^3.1.1: resolved "https://registry.yarnpkg.com/strip-json-comments/-/strip-json-comments-3.1.1.tgz#31f1281b3832630434831c310c01cccda8cbe006" integrity sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig== -stripe@8.188.0: - version "8.188.0" - resolved "https://registry.yarnpkg.com/stripe/-/stripe-8.188.0.tgz#1d892c2f9000847c627db06a374529e7fbd2b83e" - integrity sha512-AW5IOKq4y+ENfHddJPrLL/GSvGj1MnBvUe6QMI1z27x/4pMNrU7v0ZqzRSJCihWqP0tUuCmQibSYSbsV4XJ3zA== +stripe@8.193.0: + version "8.193.0" + resolved "https://registry.yarnpkg.com/stripe/-/stripe-8.193.0.tgz#875ef7e5c7ac7c57d40b73a495a1e6f50b7eb6c0" + integrity sha512-SkU97dWTIcBR3fXdiVZJQoUs1K62ADf4zc6DaCxDACJICPfYI78NIJoroDZBvOLI5vCSHBc4E3wYC+h8CISeBw== dependencies: "@types/node" ">=8.1.0" qs "^6.6.0" From 520351170792a4378d4ec257b7e851c803482155 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Dec 2021 12:11:46 +0000 Subject: [PATCH 31/52] Bump framer-motion from 5.2.1 to 5.4.5 in /packages/website Bumps [framer-motion](https://github.com/framer/motion) from 5.2.1 to 5.4.5. - [Release notes](https://github.com/framer/motion/releases) - [Changelog](https://github.com/framer/motion/blob/main/CHANGELOG.md) - [Commits](https://github.com/framer/motion/compare/v5.2.1...v5.4.5) --- updated-dependencies: - dependency-name: framer-motion dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- packages/website/package.json | 2 +- packages/website/yarn.lock | 41 +++++++++++++++++++++++++---------- 2 files changed, 31 insertions(+), 12 deletions(-) diff --git a/packages/website/package.json b/packages/website/package.json index fe6cd49d..61742a97 100644 --- a/packages/website/package.json +++ b/packages/website/package.json @@ -14,7 +14,7 @@ "classnames": "^2.3.1", "copy-text-to-clipboard": "^3.0.1", "crypto-browserify": "^3.12.0", - "framer-motion": "^5.2.1", + "framer-motion": "^5.4.5", "gatsby": "^3.14.5", "gatsby-background-image": "^1.5.3", "gatsby-image": "^3.11.0", diff --git a/packages/website/yarn.lock b/packages/website/yarn.lock index ae0038f0..d11ce797 100644 --- a/packages/website/yarn.lock +++ b/packages/website/yarn.lock @@ -4448,6 +4448,11 @@ dayjs@^1.10.4: resolved "https://registry.yarnpkg.com/dayjs/-/dayjs-1.10.7.tgz#2cf5f91add28116748440866a0a1d26f3a6ce468" integrity sha512-P6twpd70BcPK34K26uJ1KT3wlhpuOAPoMwJzpsIWUxHZ7wpmbdZL/hQqBDfz7hGurYSa5PhzdhDHtt319hL3ig== +debounce@^1.2.1: + version "1.2.1" + resolved "https://registry.yarnpkg.com/debounce/-/debounce-1.2.1.tgz#38881d8f4166a5c5848020c11827b834bcb3e0a5" + integrity sha512-XRRe6Glud4rd/ZGQfiV1ruXSfbvfJedlV9Y6zOlP+2K04vBYiJEte6stfFkCP03aMnY5tsipamumUjL14fofug== + debug@2, debug@2.6.9, debug@^2.1.3, debug@^2.2.0, debug@^2.3.3, debug@^2.6.0, debug@^2.6.9: version "2.6.9" resolved "https://registry.yarnpkg.com/debug/-/debug-2.6.9.tgz#5d128515df134ff327e90a4c93f4e077a536341f" @@ -5867,20 +5872,22 @@ fragment-cache@^0.2.1: dependencies: map-cache "^0.2.2" -framer-motion@^5.2.1: - version "5.2.1" - resolved "https://registry.yarnpkg.com/framer-motion/-/framer-motion-5.2.1.tgz#5cfa59984649d73e3741d7bf189918f34fd3635e" - integrity sha512-igeMZaa0FnaB4NkCE+/ENGSuSvhRhUVFJCwWg/FGQn+CwnLPI/XjO6Zim8m+pN+4wBNlaesBRpqOQbq/VH7mew== +framer-motion@^5.4.5: + version "5.4.5" + resolved "https://registry.yarnpkg.com/framer-motion/-/framer-motion-5.4.5.tgz#180047afe6d4e41b8b69eb76cfad13d7a0351073" + integrity sha512-OjKfSMO22a9bTedhQ4diwZWCcmwoZmfrkalv4adhHTH2/cXa2eoFAmmPzs6aNpENbMrn47YmlWGwZtYNycXFLg== dependencies: framesync "6.0.1" hey-listen "^1.0.8" - popmotion "11.0.0" + popmotion "11.0.3" + react-merge-refs "^1.1.0" + react-use-measure "^2.1.1" style-value-types "5.0.0" tslib "^2.1.0" optionalDependencies: "@emotion/is-prop-valid" "^0.8.2" -framesync@6.0.1, framesync@^6.0.1: +framesync@6.0.1: version "6.0.1" resolved "https://registry.yarnpkg.com/framesync/-/framesync-6.0.1.tgz#5e32fc01f1c42b39c654c35b16440e07a25d6f20" integrity sha512-fUY88kXvGiIItgNC7wcTOl0SNRCVXMKSWW2Yzfmn7EKNc+MpCzcz9DhdHcdjbrtN3c6R4H5dTY2jiCpPdysEjA== @@ -10330,12 +10337,12 @@ polished@^4.1.3: dependencies: "@babel/runtime" "^7.14.0" -popmotion@11.0.0, popmotion@^11.0.0: - version "11.0.0" - resolved "https://registry.yarnpkg.com/popmotion/-/popmotion-11.0.0.tgz#910e2e7077d9aeba520db8744d40bb5354992212" - integrity sha512-kJDyaG00TtcANP5JZ51od+DCqopxBm2a/Txh3Usu23L9qntjY5wumvcVf578N8qXEHR1a+jx9XCv8zOntdYalQ== +popmotion@11.0.3, popmotion@^11.0.0: + version "11.0.3" + resolved "https://registry.yarnpkg.com/popmotion/-/popmotion-11.0.3.tgz#565c5f6590bbcddab7a33a074bb2ba97e24b0cc9" + integrity sha512-Y55FLdj3UxkR7Vl3s7Qr4e9m0onSnP8W7d/xQLsoJM40vs6UKHFdygs6SWryasTZYqugMjm3BepCF4CWXDiHgA== dependencies: - framesync "^6.0.1" + framesync "6.0.1" hey-listen "^1.0.8" style-value-types "5.0.0" tslib "^2.1.0" @@ -11108,6 +11115,11 @@ react-lifecycles-compat@^3.0.4: resolved "https://registry.yarnpkg.com/react-lifecycles-compat/-/react-lifecycles-compat-3.0.4.tgz#4f1a273afdfc8f3488a8c516bfda78f872352362" integrity sha512-fBASbA6LnOU9dOU2eW7aQ8xmYBSXUIWr+UmF9b1efZBazGNO+rcXT/icdKnYm2pTwcRylVUYwW7H1PHfLekVzA== +react-merge-refs@^1.1.0: + version "1.1.0" + resolved "https://registry.yarnpkg.com/react-merge-refs/-/react-merge-refs-1.1.0.tgz#73d88b892c6c68cbb7a66e0800faa374f4c38b06" + integrity sha512-alTKsjEL0dKH/ru1Iyn7vliS2QRcBp9zZPGoWxUOvRGWPUYgjo+V01is7p04It6KhgrzhJGnIj9GgX8W4bZoCQ== + react-refresh@^0.9.0: version "0.9.0" resolved "https://registry.yarnpkg.com/react-refresh/-/react-refresh-0.9.0.tgz#71863337adc3e5c2f8a6bfddd12ae3bfe32aafbf" @@ -11163,6 +11175,13 @@ react-universal-interface@^0.6.2: resolved "https://registry.yarnpkg.com/react-universal-interface/-/react-universal-interface-0.6.2.tgz#5e8d438a01729a4dbbcbeeceb0b86be146fe2b3b" integrity sha512-dg8yXdcQmvgR13RIlZbTRQOoUrDciFVoSBZILwjE2LFISxZZ8loVJKAkuzswl5js8BHda79bIb2b84ehU8IjXw== +react-use-measure@^2.1.1: + version "2.1.1" + resolved "https://registry.yarnpkg.com/react-use-measure/-/react-use-measure-2.1.1.tgz#5824537f4ee01c9469c45d5f7a8446177c6cc4ba" + integrity sha512-nocZhN26cproIiIduswYpV5y5lQpSQS1y/4KuvUCjSKmw7ZWIS/+g3aFnX3WdBkyuGUtTLif3UTqnLLhbDoQig== + dependencies: + debounce "^1.2.1" + react-use@^17.3.1: version "17.3.1" resolved "https://registry.yarnpkg.com/react-use/-/react-use-17.3.1.tgz#12b248555775519aa2b900b22f1928d029bf99d1" From 68e3cfd8f62577184ed490c2a93f20b375a1998f Mon Sep 17 00:00:00 2001 From: kevin-carlson <58197406+kevin-carlson@users.noreply.github.com> Date: Mon, 13 Dec 2021 08:19:58 -0600 Subject: [PATCH 32/52] Check mark fixed (#1405) --- .../src/components/CommunitySection/CommunitySection.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/packages/website/src/components/CommunitySection/CommunitySection.js b/packages/website/src/components/CommunitySection/CommunitySection.js index b261817e..280ea311 100644 --- a/packages/website/src/components/CommunitySection/CommunitySection.js +++ b/packages/website/src/components/CommunitySection/CommunitySection.js @@ -12,7 +12,6 @@ import { } from "../../components/Icons"; import useSubscribe from "./useSubscribe"; import Link from "../Link"; - const social = [ { name: "Discord", Icon: DiscordSmall, href: "https://discord.gg/skynetlabs" }, { name: "Twitter", Icon: TwitterSmall, href: "https://twitter.com/SkynetLabs" }, @@ -73,7 +72,7 @@ const CommunitySection = () => { />