pidgin/nest

Add extra way to report security vulnerability

2021-07-15, Sorvival
ade72caa087d
Add extra way to report security vulnerability

- Add an extra way of reporting a security vulnerability in the project. This
is done by creating a new issue in our issue tracker and ensuring that the
visibility of it is set so that only Pidgin Developers can view it.
- Fix a simple mistake in markdown link syntax in the contributing page which
links back to the Security page.
- Change hardcoded link to list of advisories to a Hugo ref link (if we ever
change the location of the advisories page this will make Hugo throw an error
since it won't be able to find the page, otherwise the link would just end up
being broken without us necessarily knowing about it.

Testing Done:
Ran `dev-server.sh` and verified content looks as intended.

Reviewed at https://reviews.imfreedom.org/r/806/
/**
* Runs after Hugo has built the site
* * Cleans, Minifies and Optimises hugo output
*
* USAGE: node tools/pre-prod [path to hugo output]
*/
/*****************************************************************************
* Imports
*****************************************************************************/
const fs = require('fs')
const path = require('path')
const { html: beautify_html } = require('js-beautify')
/*****************************************************************************
* Set Up
*****************************************************************************/
const target =
// looks for a path in first arg or default to `./public/`
path.join(__dirname, `..`, process.argv[2] || 'public') + path.sep
const xmlRegex = /\.(html|xml)$/
const jsonRegex = /\.json$/
const svgRegex = /\.svg$/
const htmlBeautifyOptions = { max_preserve_newlines: 0 }
/*****************************************************************************
* Execution
*****************************************************************************/
getFilePaths(target).forEach(path => {
if (path.match(xmlRegex)) {
tidyXML(path)
} else if (path.match(jsonRegex)) {
minifyJSON(path)
}
})
/*****************************************************************************
* File Handlers
*****************************************************************************/
/**
* Format XML and HTML, removing hugo template artifacts,
* like whitespace chasms
* @param {string} path
*/
function tidyXML(path) {
const data = fs.readFileSync(path, 'utf8')
const formatted = beautify_html(data, htmlBeautifyOptions)
fs.writeFile(path, formatted, err => {
if (err) {
console.log(`Error Tidying ${path}`, err)
}
console.log(`Tidied path: ${path.replace(target, '')}`)
})
}
/**
* Minify JSON
* @param {string} path
*/
function minifyJSON(path) {
const data = fs.readFileSync(path, 'utf8')
const formatted = JSON.stringify(JSON.parse(data))
fs.writeFile(path, formatted, err => {
if (err) {
console.log(`Error minifying ${path}`, err)
}
console.log(`Minified path: ${path.replace(target, '')}`)
})
}
/*****************************************************************************
* Helpers
*****************************************************************************/
function getFilePaths(input) {
const items = readDir(input)
const ret = []
while (items.length) {
const item = items.pop()
const stat = fs.statSync(item)
if (stat.isDirectory()) {
items.push(...readDir(item))
} else if (stat.isFile()) {
ret.push(item)
}
}
return ret
}
function readDir(item) {
return fs.readdirSync(item).map(i => path.join(item, i))
}