Rebase from origin repo (#1)

* Fix typo in `Welcome Message` section (getfider#1111) * fix: make linter happy again * chore: update playwright to fix build * more subdomain restrictions * feature: send welcome email on signup * fix: unencrypted smtp login * send welcome email * skip email on self hosted * update readme * typo * fix: postgres encoding error doing searches * fix: use hostname for powered by link * update to go 1.19 and node 18.x (getfider#1118) * fix: disallow external url during oauth login * fix: use non-breaking spaces for assertions * dont write to body when method is head * Scrollbars would always be visible in the `VotesModal` component (getfider#1134) * enhancement: add overflow-auto utility class * fix: auto remove scrollbars if there not necessary Before with overflow-scroll there where always two scrollbars, now it will change depending on the content of the container * fix error on cname lookup * use jwt to prevent redirect_uri changes * npm ci --maxsockets 1 * better validation for redirect * Update go to 1.22 * Node 18 -> 22 * Fix build script. * csrf middleware * Added migration to create missing posts.user_id index * Show email on the member listing * Only include email when listing the members. * lint fix. * fix: added an empty view query params checker and setting it to 'all' * Update golint-ci * More time for lint-server * feat: migrated form/Select class component to functional component (based this off of the form/Input component), changed the version in go.mod to 1.22 * Update FUNDING.yml Changed funding options * fix: added back 1.22.0 to go.mod * feat: add Arabic locales * Also publish on tag pushes. * chore(deps): bump ws Bumps and [ws](https://github.com/websockets/ws). These dependencies needed to be updated together. Updates `ws` from 8.4.2 to 8.18.0 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.4.2...8.18.0) Updates `ws` from 7.5.7 to 8.18.0 - [Release notes](https://github.com/websockets/ws/releases) - [Commits](websockets/ws@8.4.2...8.18.0) --- updated-dependencies: - dependency-name: ws dependency-type: indirect - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * chore(deps-dev): bump @babel/traverse from 7.17.10 to 7.25.4 Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.17.10 to 7.25.4. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.25.4/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * Another way to trigger on tag/releases. * Wasn't picking up the tag name properly * Trigger a build when we push to stable too. * chore(deps-dev): bump webpack from 5.72.0 to 5.94.0 Bumps [webpack](https://github.com/webpack/webpack) from 5.72.0 to 5.94.0. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](webpack/webpack@v5.72.0...v5.94.0) --- updated-dependencies: - dependency-name: webpack dependency-type: direct:development ... Signed-off-by: dependabot[bot] <[email protected]> * Userlist integration added - new signup will create company and user in userlist.com * Updating a user feeds into userlist * Updating the billing status in userlist. * Add test for the changes to billing lock function * Integration with user actions. * Lint and test fixes * Moved the action struct to a dto. * Updated the version of upload artifact * Updated the download-artifact too. * Tag the docker image correctly. * Go mod tidy * Ignorne pem files * chore(deps): bump golang.org/x/image Bumps [golang.org/x/image](https://github.com/golang/image) from 0.0.0-20211028202545-6944b10bf410 to 0.18.0. - [Commits](https://github.com/golang/image/commits/v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/image dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * chore(deps): bump json5 Bumps and [json5](https://github.com/json5/json5). These dependencies needed to be updated together. Updates `json5` from 2.2.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.1...v2.2.3) Updates `json5` from 1.0.1 to 2.2.3 - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](json5/json5@v2.2.1...v2.2.3) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * refactor: Update Contributing doc * refactor: Update broken link in Makefile * feature: add ability to copy comment link * fix(migration): Looks for pending migrations * refactor: Rewrite versions string * refactor: Get pending versions using slices * refactor: Copy versions slice to local variable * fix: Use pq.Array as SQL query param * fix: Close connection using defer statement * fix: Handle errors during version scan * test: Ensure migration will be executed even with past timestamp * lint: Fix typo in sql request in tests * test: Check error while fetching versions * lint: Light refactor * feat: Copy versions array to local var Co-authored-by: Matt Roberts <[email protected]> * Fixes getfider#1156 * Fix: No webhook message when post deleted with no comment. * Fixed tests, added one for no-comment-delete of post. * First set of proposed UI tweaks. * Fixing tests * Added missing description * Fixed tests for google font * Settings tweaks * My settings UI tweaks * More webhooks tweaks * No duplicate emails on the "show votes" * Fixed lint issue * WIP notifications modal. * Remove the paddle webhooks from CSRF checks. * Revert "Merge pull request getfider#1203 from Quentinchampenois/fix/pending_migrations" This reverts commit 42c9a98, reversing changes made to a9c05c5. * Fix: Can't access tenant from context in paddle webhook logic (but don't need to anyway) * Billing status should be forced to string * No need to log this * Changing to use matrix strategy for parallel builds * Notifications dropdown * Username component shouldn't show email unless explicitly requested * Formatting. * Revert "Changing to use matrix strategy for parallel builds" This reverts commit 55dfbc9. * Missing route * Margin bottom fixes * Some minor changes to the styles * Localised notifications modal * Locale files updated * Moved the userlist logic so it runs for social signups too. * Fixed previous userlist change. * Changed the email details for welcome emails. * No notifications improvements. * Console.logs removed * Formatting * More notification spacing tweaks * More styling, plus "mark all as read" * Borders in the notifications modal * Show posts mobile view. * Small tweaks to the powered by link * Changed how google fonts are included. * Order notifications by date desc * Messing about with reactions * Working reactions UI and backend * Lint checks * Viewing reactions for anonymous users * Sort the reactions by count * Make comments stand out more Techincally this is part of the UI stuff, but it stands out when you have the reactions in there so adding it here. * More tests * Validate that the reaction is one of the allowed emoji responses. * Update Dockerfile to Debian Bookworm and NodeJS 22 * Update gomarkdown/markdown dependency * Changed some bits on the main readme. --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: Matthew Yarmolinsky <[email protected]> Co-authored-by: goenning <[email protected]> Co-authored-by: Ik <[email protected]> Co-authored-by: Matt Roberts <[email protected]> Co-authored-by: mway-niels <[email protected]> Co-authored-by: Brian Pham <[email protected]> Co-authored-by: Dinh Nguyen Pham <[email protected]> Co-authored-by: Maher El Gamil <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: quentinchampenois <[email protected]> Co-authored-by: indyteo <[email protected]> Co-authored-by: Kim Tiago Baptista <[email protected]>
Tehem · Nov 12, 2024 · 32d7bd7 · 32d7bd7
1 parent 89c4f73
commit 32d7bd7
Show file tree

Hide file tree

Showing 164 changed files with 4,232 additions and 2,652 deletions.
diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml
@@ -1,6 +1,6 @@
 # These are supported funding model platforms
 
-github: [goenning]
+github:
 patreon: # Replace with a single Patreon username
 open_collective: fider
 ko_fi: # Replace with a single Ko-fi username

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -1,9 +1,12 @@
 name: build
 
 on:
+  release:
+    types: [created]
   push:
     branches:
       - main
+      - stable 
   pull_request:
     branches:
       - main
@@ -14,10 +17,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v2
-      - name: Use Node.js 16.x
+      - name: Use Node.js 22.x
         uses: actions/setup-node@v1
         with:
-          node-version: 16.x
+          node-version: 22.x
       - run: npm ci
       - run: make lint-ui
       - run: make test-ui
@@ -49,17 +52,17 @@ jobs:
 
     steps:
       - uses: actions/checkout@v2
-      - name: Use Go 1.18
+      - name: Use Go 1.22
         uses: actions/setup-go@v2
         with:
-          go-version: 1.18
-      - name: Use Node.js 16.x
+          go-version: 1.22
+      - name: Use Node.js 22.x
         uses: actions/setup-node@v1
         with:
-          node-version: 16.x
+          node-version: 22.x
       - run: npm ci # required for esbuild
       - name: install golangci-lint
-        run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.45.0
+        run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.59.1
       - name: install godotenv
         run: go install github.com/joho/godotenv/cmd/godotenv
       - run: make lint-server
@@ -84,6 +87,8 @@ jobs:
           echo sha7=${GITHUB_SHA::7}
         id: vars
 
+
+
       - run: docker build -t fider-image .
 
       - run: mkdir -p ./out
@@ -95,7 +100,7 @@ jobs:
 
       - run: echo ${{ steps.vars.outputs.sha7 }} > ./out/sha7
 
-      - uses: actions/upload-artifact@v2
+      - uses: actions/upload-artifact@v4
         with:
           name: fider-image
           path: out/
@@ -124,11 +129,11 @@ jobs:
         browser: ["chromium", "webkit", "firefox"]
     steps:
       - uses: actions/checkout@v2
-      - name: Use Node.js 16.x
+      - name: Use Node.js 22.x
         uses: actions/setup-node@v1
         with:
-          node-version: 16.x
-      - uses: actions/download-artifact@v2
+          node-version: 22.x
+      - uses: actions/download-artifact@v4
         with:
           name: fider-image
           path: ./out
@@ -178,11 +183,11 @@ jobs:
         options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
     steps:
       - uses: actions/checkout@v2
-      - name: Use Node.js 16.x
+      - name: Use Node.js 22.x
         uses: actions/setup-node@v1
         with:
-          node-version: 16.x
-      - uses: actions/download-artifact@v2
+          node-version: 22.x
+      - uses: actions/download-artifact@v4
         with:
           name: fider-image
           path: ./out

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -45,14 +45,28 @@ jobs:
           cache-from: type=gha
           cache-to: type=gha,mode=max
 
-      - name: build and push docker image (push)
+      - name: build and push docker image (push branch)
         if: ${{ github.event.workflow_run.event == 'push' }}
         uses: docker/build-push-action@v3
         with:
           push: true
           context: .
           build-args: COMMITHASH=${{ github.event.workflow_run.head_sha }}
           platforms: linux/amd64,linux/arm64/v8
-          tags: getfider/fider:SHA_${{ github.event.workflow_run.head_sha }},getfider/fider:main
+          tags: |
+            getfider/fider:SHA_${{ github.event.workflow_run.head_sha }}
+            getfider/fider:${{ github.event.workflow_run.head_branch == 'main' && 'main' || 'stable' }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: build and push docker image (push tag)
+        if: ${{ github.event.workflow_run.event == 'release' }}
+        uses: docker/build-push-action@v3
+        with:
+          push: true
+          context: .
+          build-args: COMMITHASH=${{ github.event.workflow_run.head_sha }}
+          platforms: linux/amd64,linux/arm64/v8
+          tags: getfider/fider:${{ github.event.workflow_run.display_title }}
           cache-from: type=gha
           cache-to: type=gha,mode=max
diff --git a/.gitignore b/.gitignore
@@ -20,4 +20,5 @@ debug.test
 .DS_Store
 cover.out
 coverage.tmp
-tsconfig.tsbuildinfo
+tsconfig.tsbuildinfo
+etc/*.pem
diff --git a/.nvmrc b/.nvmrc
@@ -1 +1 @@
-v16.*
+v22.*
diff --git a/.test.env b/.test.env
@@ -34,4 +34,7 @@ EMAIL_SMTP_USERNAME=us3r
 EMAIL_SMTP_PASSWORD=p4ss
 
 EMAIL_MAILGUN_API=mys3cr3tk3y
-EMAIL_MAILGUN_DOMAIN=mydomain.com
+EMAIL_MAILGUN_DOMAIN=mydomain.com
+
+USER_LIST_ENABLED=true
+USER_LIST_APIKEY=abcdefg
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
@@ -21,8 +21,8 @@ If you know these technologies or would like to learn them, lucky you! This is t
 
 | Software    | How to install                                                 | What is it used for                                       |
 | ----------- | -------------------------------------------------------------- | --------------------------------------------------------- |
-| Go 1.18+    | https://golang.org/                                            | To compile server side code                               |
-| Node.js 16+ | https://nodejs.org/ or run `nvm use` if you have nvm installed | To compile TypeScript and bundle all the client side code |
+| Go 1.22+    | https://golang.org/                                            | To compile server side code                               |
+| Node.js 22+ | https://nodejs.org/ or run `nvm use` if you have nvm installed | To compile TypeScript and bundle all the client side code |
 | Docker      | https://www.docker.com/                                        | To start local PostgreSQL instances                       |
 
 #### 2. To setup your development workspace:
@@ -31,9 +31,9 @@ If you know these technologies or would like to learn them, lucky you! This is t
 2. navigate into the cloned repository.
 3. run `go install github.com/cosmtrek/air` to install air, a cli tool for live reload, when you change the code, it automatically recompiles the application.
 4. run `go install github.com/joho/godotenv/cmd/godotenv` to install godotenv, a cli tool to load environment variables from a `.env` so that you don't have to change your machine environment variables.
-5. run `go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.45.0` to install golangci-lint, a linter for Go apps.
+5. run `go install github.com/golangci/golangci-lint/cmd/golangci-lint@v1.59.1` to install golangci-lint, a linter for Go apps.
 6. run `npm install` to install client side packages.
-7. run `docker-compose up -d` to start a local PostgreSQL database and Local SMTP (with [MailHog](https://github.com/mailhog/MailHog)) on Docker.
+7. run `docker compose up -d` to start a local PostgreSQL database and Local SMTP (with [MailHog](https://github.com/mailhog/MailHog)) on Docker.
 8. run `cp .example.env .env` to create a local environment configuration file.
 
 - **Important:** Fider has a strong dependency on an email delivery service. For easier local development, the docker-compose file already provides

diff --git a/Dockerfile b/Dockerfile
@@ -1,7 +1,7 @@
 #####################
 ### Server Build Step
 #####################
-FROM --platform=${TARGETPLATFORM:-linux/amd64} golang:1.18-buster AS server-builder 
+FROM --platform=${TARGETPLATFORM:-linux/amd64} golang:1.22-bookworm AS server-builder 
 
 
 RUN mkdir /server
@@ -18,12 +18,12 @@ RUN COMMITHASH=${COMMITHASH} GOOS=${TARGETOS} GOARCH=${TARGETARCH} make build-se
 #################
 ### UI Build Step
 #################
-FROM --platform=${TARGETPLATFORM:-linux/amd64} node:16-buster AS ui-builder 
+FROM --platform=${TARGETPLATFORM:-linux/amd64} node:22-bookworm AS ui-builder 
 
 WORKDIR /ui
 
 COPY package.json package-lock.json ./
-RUN npm ci
+RUN npm ci --maxsockets 1
 
 COPY . .
 RUN make build-ssr
@@ -32,7 +32,7 @@ RUN make build-ui
 ################
 ### Runtime Step
 ################
-FROM --platform=${TARGETPLATFORM:-linux/amd64} debian:buster-slim
+FROM --platform=${TARGETPLATFORM:-linux/amd64} debian:bookworm-slim
 
 RUN apt-get update
 RUN apt-get install -y ca-certificates

diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 ## This is a self-documented Makefile. For usage information, run `make help`:
 ##
-## For more information, refer to https://suva.sh/posts/well-documented-makefiles/
+## For more information, refer to https://www.thapaliya.com/en/writings/well-documented-makefiles/
 
 LDFLAGS += -X github.com/getfider/fider/app/pkg/env.commithash=${COMMITHASH}
 
@@ -78,7 +78,7 @@ watch-ui: ## Build and run server in watch mode
 lint: lint-server lint-ui ## Lint server and ui
 
 lint-server: ## Lint server code
-	golangci-lint run --timeout 2m
+	golangci-lint run --timeout 3m
 
 lint-ui: ## Lint ui code
 	npx eslint .

diff --git a/README.md b/README.md
@@ -7,63 +7,64 @@
 <p align="center">
   <img style="height:60px;display:inline-block;" src="etc/logo-small.png" />
   <div align="center">
-    <strong>Fider is a feedback portal to help you build better products.</strong>
+    <strong>Fider is a feedback portal for feature requests and suggestions.</strong>
   </div>
   <div align="center">Give your customers a voice and let them tell you what they need. Spend less time guessing and more time building the right product.</div>
 </p>
 
 <div align="center">
   <h3>
-    <a href="https://fider.io">
-      Learn more
-    </a>
-    <span> | </span>
     <a href="https://feedback.fider.io/">
       See it in action
     </a>
+    <span> &middot; </span>
+    <a href="https://fider.io">
+      Learn more »
+    </a>
   </h3>
 </div>
 
 <div align="center">
-  <sub>Built with ❤️ by <a href="https://github.com/goenning">Guilherme Oenning</a> and <a href="https://github.com/getfider/fider/graphs/contributors">contributors</a></sub>
+  <sub>Created with ❤️ by <a href="https://github.com/goenning">Guilherme Oenning</a>, now maintained by <a href="https://github.com/mattwoberts">Matt Roberts</a> and supported by <a href="https://github.com/getfider/fider/graphs/contributors">contributors</a></sub>
 </div>
 
-<br />
+<br/>
+<br/>
 
-## Get Started
+# Getting Started
 
-- **Fider Cloud**: The easiest and quickest way to get started. A fully managed services by the creators of Fider to help you get started in minutes. Forget about managing software updates and patches, we do it all for you! [Sign up now](https://fider.io/#get-started)
+## ☁️ **Fider Cloud**
 
-- **Self-Hosted**: You can also install Fider yourelf. It's free, but you are responsible for managing it. [Learn how](https://fider.io/docs/hosting-instance)
+The easiest and quickest way to get started. A fully managed services by the creators of Fider to help you get started in minutes. Forget about managing software updates and patches, we do it all for you! [Sign up now](https://fider.io/#get-started)
 
-## Contributors
+## 🏢 **Self-Hosted**
 
-This project exists thanks to all the people who contribute.
+You can also install Fider yourself. It's free, but you are responsible for managing it. [Learn how](https://fider.io/docs/hosting-instance)
 
-<a href="https://github.com/getfider/fider/graphs/contributors"><img src="https://opencollective.com/fider/contributors.svg?width=890&button=false" /></a>
+<br/>
+<br/>
 
-Read our [CONTRIBUTING](CONTRIBUTING.md) guide to learn how you can contribute to Fider.
+# Sponsors
 
-## Sponsors
+<a href="https://browserstack.com" target="_blank">
+  <img src="etc/browserstack.png">
+</a>
 
-Does your organization use Fider? [Become a sponsor](https://opencollective.com/fider) and your logo will show up here with a link to your website.
+<br />
+<br />
 
-<a href="https://opencollective.com/fider/sponsors/0/website" target="_blank"><img src="https://opencollective.com/fider/sponsors/0/avatar"></a>
-<a href="https://opencollective.com/fider/sponsors/1/website" target="_blank"><img src="https://opencollective.com/fider/sponsors/1/avatar"></a>
-<a href="https://opencollective.com/fider/sponsors/2/website" target="_blank"><img src="https://opencollective.com/fider/sponsors/2/avatar"></a>
-<a href="https://opencollective.com/fider/sponsors/3/website" target="_blank"><img src="https://opencollective.com/fider/sponsors/3/avatar"></a>
-<a href="https://opencollective.com/fider/sponsors/4/website" target="_blank"><img src="https://opencollective.com/fider/sponsors/4/avatar"></a>
+> Does your organization use Fider? [Become a sponsor](https://opencollective.com/fider) and get your logo and link on our README!
 
-## Backers
+<br/>
+<br/>
 
-Thank you to all our backers! 🙏
+# Contributors
 
-<a href="https://opencollective.com/fider" target="_blank">
-  <img src="https://opencollective.com/fider/backers.svg?width=890">
-</a>
+This project exists thanks to all the amazing people who contribute!
 
-Thanks to [BrowserStack](https://browserstack.com/) for providing us with free cross-browser testing for Fider.
+<a href="https://github.com/getfider/fider/graphs/contributors"><img src="https://opencollective.com/fider/contributors.svg?width=890&button=false" /></a>
 
-<a href="https://browserstack.com" target="_blank">
-  <img src="etc/browserstack.png">
-</a>
+Read our [CONTRIBUTING](CONTRIBUTING.md) guide to learn how you can contribute to Fider.
+
+<br/>
+<br/>
diff --git a/app/actions/post.go b/app/actions/post.go
@@ -133,6 +133,38 @@ func (action *UpdatePost) Validate(ctx context.Context, user *entity.User) *vali
 	return result
 }
 
+type ToggleCommentReaction struct {
+	Number   int    `route:"number"`
+	Comment  int    `route:"id"`
+	Reaction string `route:"reaction"`
+}
+
+// IsAuthorized returns true if current user is authorized to perform this action
+func (action *ToggleCommentReaction) IsAuthorized(ctx context.Context, user *entity.User) bool {
+	return user != nil
+}
+
+// Validate if current model is valid
+func (action *ToggleCommentReaction) Validate(ctx context.Context, user *entity.User) *validate.Result {
+
+	result := validate.Success()
+
+	allowedEmojis := []string{"👍", "👎", "😄", "🎉", "😕", "❤️", "🚀", "👀"}
+	isAllowed := false
+	for _, emoji := range allowedEmojis {
+		if action.Reaction == emoji {
+			isAllowed = true
+			break
+		}
+	}
+
+	if !isAllowed {
+		result.AddFieldFailure("reaction", i18n.T(ctx, "validation.custom.invalidemoji"))
+	}
+
+	return result
+}
+
 // AddNewComment represents a new comment to be added
 type AddNewComment struct {
 	Number      int                `route:"number"`