Changing security.txt to use github security advisories page. (#2334)

* Changing security.txt to use github security advisories page.

- Fixes #2332

* Adding an expires date, one year from build date.

* Add a year to the build date in code.

* Fix dev.dockerfile build date.

---------

Co-authored-by: SleeplessOne1917 <28871516+SleeplessOne1917@users.noreply.github.com>
This commit is contained in:
Dessalines 2024-02-16 10:17:15 -05:00 committed by GitHub
parent 7cfe9a1a40
commit 1ff4acc049
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 14 additions and 8 deletions

View file

@ -30,6 +30,7 @@ COPY .git .git
# Set UI version
RUN echo "export const VERSION = '$(git describe --tag)';" > "src/shared/version.ts"
RUN echo "export const BUILD_DATE_ISO8601 = '$(date -u +"%Y-%m-%dT%H:%M:%SZ")';" > "src/shared/build-date.ts"
RUN pnpm i
RUN pnpm prebuild:prod

View file

@ -25,6 +25,7 @@ COPY .git .git
# Set UI version
RUN echo "export const VERSION = 'dev';" > "src/shared/version.ts"
RUN echo "export const BUILD_DATE_ISO8601 = '$(date -u +"%Y-%m-%dT%H:%M:%SZ")';" > "src/shared/build-date.ts"
RUN pnpm i --prefer-offline
RUN pnpm build:dev

View file

@ -1,17 +1,20 @@
import type { Response } from "express";
import { BUILD_DATE_ISO8601 } from "../../shared/build-date";
import { parseISO } from "date-fns";
export default async ({ res }: { res: Response }) => {
const buildDatePlusYear = parseISO(BUILD_DATE_ISO8601);
// Add a year to the build date
buildDatePlusYear.setFullYear(new Date().getFullYear() + 1);
const yearFromNow = buildDatePlusYear.toISOString();
res.setHeader("content-type", "text/plain; charset=utf-8");
res.send(
`Contact: mailto:security@lemmy.ml
Contact: mailto:admin@` +
process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST +
`
Contact: mailto:security@` +
process.env.LEMMY_UI_LEMMY_EXTERNAL_HOST +
`
Expires: 2024-01-01T04:59:00.000Z
`Contact: https://github.com/LemmyNet/lemmy-ui/security/advisories/new
Expires: ${yearFromNow}
`,
);
};

1
src/shared/build-date.ts Normal file
View file

@ -0,0 +1 @@
export const BUILD_DATE_ISO8601 = "2024-01-22T13:58:48Z";