From 1ff4acc0492c52bc1279c79472cd732eb8d384f8 Mon Sep 17 00:00:00 2001 From: Dessalines Date: Fri, 16 Feb 2024 10:17:15 -0500 Subject: [PATCH] Changing security.txt to use github security advisories page. (#2334) * Changing security.txt to use github security advisories page. - Fixes #2332 * Adding an expires date, one year from build date. * Add a year to the build date in code. * Fix dev.dockerfile build date. --------- Co-authored-by: SleeplessOne1917 <28871516+SleeplessOne1917@users.noreply.github.com> --- Dockerfile | 1 + dev.dockerfile | 1 + src/server/handlers/security-handler.ts | 19 +++++++++++-------- src/shared/build-date.ts | 1 + 4 files changed, 14 insertions(+), 8 deletions(-) create mode 100644 src/shared/build-date.ts diff --git a/Dockerfile b/Dockerfile index bab44af3..ccf7c71d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -30,6 +30,7 @@ COPY .git .git # Set UI version RUN echo "export const VERSION = '$(git describe --tag)';" > "src/shared/version.ts" +RUN echo "export const BUILD_DATE_ISO8601 = '$(date -u +"%Y-%m-%dT%H:%M:%SZ")';" > "src/shared/build-date.ts" RUN pnpm i RUN pnpm prebuild:prod diff --git a/dev.dockerfile b/dev.dockerfile index 83da0639..674ed068 100644 --- a/dev.dockerfile +++ b/dev.dockerfile @@ -25,6 +25,7 @@ COPY .git .git # Set UI version RUN echo "export const VERSION = 'dev';" > "src/shared/version.ts" +RUN echo "export const BUILD_DATE_ISO8601 = '$(date -u +"%Y-%m-%dT%H:%M:%SZ")';" > "src/shared/build-date.ts" RUN pnpm i --prefer-offline RUN pnpm build:dev diff --git a/src/server/handlers/security-handler.ts b/src/server/handlers/security-handler.ts index af0ebc59..c1524ad1 100644 --- a/src/server/handlers/security-handler.ts +++ b/src/server/handlers/security-handler.ts @@ -1,17 +1,20 @@ import type { Response } from "express"; +import { BUILD_DATE_ISO8601 } from "../../shared/build-date"; +import { parseISO } from "date-fns"; export default async ({ res }: { res: Response }) => { + const buildDatePlusYear = parseISO(BUILD_DATE_ISO8601); + + // Add a year to the build date + buildDatePlusYear.setFullYear(new Date().getFullYear() + 1); + + const yearFromNow = buildDatePlusYear.toISOString(); + res.setHeader("content-type", "text/plain; charset=utf-8"); res.send( - `Contact: mailto:security@lemmy.ml - Contact: mailto:admin@` + - process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST + - ` - Contact: mailto:security@` + - process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST + - ` - Expires: 2024-01-01T04:59:00.000Z + `Contact: https://github.com/LemmyNet/lemmy-ui/security/advisories/new + Expires: ${yearFromNow} `, ); }; diff --git a/src/shared/build-date.ts b/src/shared/build-date.ts new file mode 100644 index 00000000..1cc3dc4e --- /dev/null +++ b/src/shared/build-date.ts @@ -0,0 +1 @@ +export const BUILD_DATE_ISO8601 = "2024-01-22T13:58:48Z";