version bump

Also expose api methods for programmatic usage

.github/workflows/test.yaml

@@ -10,18 +10,18 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       # Node
-      - uses: pnpm/action-setup@v2
-      - uses: actions/setup-node@v3
+      - uses: pnpm/action-setup@v3
+      - uses: actions/setup-node@v4
         with:
           cache: 'pnpm'
           node-version-file: '.nvmrc'
 
       # Docker
-      - uses: docker/setup-qemu-action@v2
-      - uses: docker/setup-buildx-action@v2
+      - uses: docker/setup-qemu-action@v3
+      - uses: docker/setup-buildx-action@v3
         with:
           install: true
 

.nvmrc

@@ -1 +1 @@
-v18.17.1
+v18.19.1

CHANGELOG.md

@@ -5,6 +5,13 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.4.0] - 2023-11-01
+
+### Changed
+
+- Removed HTML sanitation, display the original message as string
+- Links are now displayed under the note in a separate section
+
 ## [2.3.1] - 2023-06-23
 
 ### Added

Dockerfile

@@ -1,19 +1,19 @@
 # FRONTEND
 FROM node:18-alpine as client 
+ENV PNPM_HOME="/pnpm"
+ENV PATH="$PNPM_HOME:$PATH"
+RUN corepack enable
+
 WORKDIR /tmp
-RUN npm install -g pnpm@8
 COPY . .
 RUN pnpm install --frozen-lockfile
 RUN pnpm run build
 
 
 # BACKEND
-FROM rust:1.71-alpine as backend
+FROM rust:1.76-alpine as backend
 WORKDIR /tmp
 RUN apk add libc-dev openssl-dev alpine-sdk
-# COPY ./packages/backend/Cargo.* ./
-# ENV CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse
-# RUN cargo fetch
 COPY ./packages/backend ./
 RUN cargo build --release
 

docker-compose.dev.yaml

@@ -14,11 +14,12 @@ services:
     env_file: .dev.env
     depends_on:
       - redis
+    restart: unless-stopped
     ports:
       - 1234:8000
 
     healthcheck:
-      test: ["CMD", "curl", "--fail", "http://127.0.0.1:8000/api/live/"]
+      test: ['CMD', 'curl', '--fail', 'http://127.0.0.1:8000/api/live/']
       interval: 1m
       timeout: 3s
       retries: 2

package.json

@@ -1,5 +1,4 @@
 {
-  "packageManager": "pnpm@8.6.3",
   "scripts": {
     "dev:docker": "docker-compose -f docker-compose.dev.yaml up redis",
     "dev:packages": "pnpm --parallel run dev",
@@ -13,9 +12,10 @@
     "build": "pnpm run --recursive --filter=!@cryptgeon/backend build"
   },
   "devDependencies": {
-    "@playwright/test": "^1.33.0",
-    "@types/node": "^20.1.3",
+    "@playwright/test": "^1.42.1",
+    "@types/node": "^20.11.24",
     "npm-run-all": "^4.1.5",
     "shelljs": "^0.8.5"
-  }
+  },
+  "packageManager": "pnpm@8.15.4"
 }

packages/backend/Cargo.toml

@@ -1,9 +1,9 @@
 [package]
 name = "cryptgeon"
-version = "2.3.3"
+version = "2.5.0"
 authors = ["cupcakearmy <hi@nicco.io>"]
 edition = "2021"
-rust-version = "1.71"
+rust-version = "1.76"
 
 [[bin]]
 name = "cryptgeon"

packages/cli/package.json

@@ -1,43 +1,49 @@
 {
-  "version": "2.3.3",
   "name": "cryptgeon",
+  "version": "2.5.0",
+  "homepage": "https://github.com/cupcakearmy/cryptgeon",
   "repository": {
     "type": "git",
     "url": "https://github.com/cupcakearmy/cryptgeon.git",
     "directory": "packages/cli"
   },
-  "homepage": "https://github.com/cupcakearmy/cryptgeon",
   "type": "module",
-  "engines": {
-    "node": ">=18"
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js"
+    }
   },
-  "scripts": {
-    "dev": "./scripts/build.js --watch",
-    "build": "./scripts/build.js",
-    "package": "./scripts/package.js",
-    "bin": "run-s build package",
-    "prepublishOnly": "run-s build"
-  },
-  "main": "./dist/index.cjs",
+  "types": "./dist/index.d.ts",
   "bin": {
-    "cryptgeon": "./dist/index.cjs"
+    "cryptgeon": "./dist/cli.cjs"
   },
   "files": [
     "dist"
   ],
+  "scripts": {
+    "bin": "run-s build package",
+    "build": "tsc && ./scripts/build.js",
+    "dev": "./scripts/build.js --watch",
+    "package": "./scripts/package.js",
+    "prepublishOnly": "run-s build"
+  },
   "devDependencies": {
-    "@commander-js/extra-typings": "^11.0.0",
+    "@commander-js/extra-typings": "^12.0.1",
     "@cryptgeon/shared": "workspace:*",
-    "@types/inquirer": "^9.0.3",
-    "@types/mime": "^3.0.1",
-    "@types/node": "^20.5.0",
-    "commander": "^11.0.0",
-    "esbuild": "^0.19.2",
-    "inquirer": "^9.2.10",
-    "mime": "^3.0.0",
-    "occulto": "^2.0.1",
+    "@types/inquirer": "^9.0.7",
+    "@types/mime": "^3.0.4",
+    "@types/node": "^20.11.24",
+    "commander": "^12.0.0",
+    "esbuild": "^0.20.1",
+    "inquirer": "^9.2.15",
+    "mime": "^4.0.1",
+    "occulto": "^2.0.3",
     "pkg": "^5.8.1",
     "pretty-bytes": "^6.1.1",
-    "typescript": "^5.1.6"
+    "typescript": "^5.3.3"
+  },
+  "engines": {
+    "node": ">=18"
   }
 }

packages/cli/scripts/build.js

@@ -4,14 +4,28 @@ import { build, context } from 'esbuild'
 import pkg from '../package.json' assert { type: 'json' }
 
 const options = {
-  entryPoints: ['./src/index.ts'],
+  entryPoints: ['./src/cli.ts'],
   bundle: true,
   minify: true,
   platform: 'node',
-  outfile: './dist/index.cjs',
+  outfile: './dist/cli.cjs',
   define: { VERSION: `"${pkg.version}"` },
 }
 
 const watch = process.argv.slice(2)[0] === '--watch'
-if (watch) (await context(options)).watch()
-else await build(options)
+if (watch) {
+  ;(await context(options)).watch()
+} else {
+  await build(options)
+
+  // Also build internals to expose
+  await build({
+    entryPoints: ['./src/index.ts'],
+    bundle: true,
+    minify: true,
+    platform: 'node',
+    format: 'esm',
+    outfile: './dist/index.js',
+    define: { VERSION: `"${pkg.version}"` },
+  })
+}

packages/cli/scripts/package.js

@@ -13,5 +13,5 @@ const targets = [
 
 for (const target of targets) {
   console.log(`🚀 Building ${target}`)
-  await exec(['./dist/index.cjs', '--target', target, '--output', `./bin/${target.replace('node18', 'cryptgeon')}`])
+  await exec(['./dist/cli.cjs', '--target', target, '--output', `./bin/${target.replace('node18', 'cryptgeon')}`])
 }

packages/cli/src/cli.ts

@@ -0,0 +1,106 @@
+#!/usr/bin/env node
+
+import { Argument, Option, program } from '@commander-js/extra-typings'
+import { setBase, status } from '@cryptgeon/shared'
+import prettyBytes from 'pretty-bytes'
+
+import { download } from './download.js'
+import { parseFile, parseNumber } from './parsers.js'
+import { getStdin } from './stdin.js'
+import { upload } from './upload.js'
+import { checkConstrains, exit } from './utils.js'
+
+const defaultServer = process.env['CRYPTGEON_SERVER'] || 'https://cryptgeon.org'
+const server = new Option('-s --server <url>', 'the cryptgeon server to use').default(defaultServer)
+const files = new Argument('<file...>', 'Files to be sent').argParser(parseFile)
+const text = new Argument('<text>', 'Text content of the note')
+const password = new Option('-p --password <string>', 'manually set a password')
+const all = new Option('-a --all', 'Save all files without prompt').default(false)
+const url = new Argument('<url>', 'The url to open')
+const views = new Option('-v --views <number>', 'Amount of views before getting destroyed').argParser(parseNumber)
+const minutes = new Option('-m --minutes <number>', 'Minutes before the note expires').argParser(parseNumber)
+
+// Node 18 guard
+parseInt(process.version.slice(1).split(',')[0]) < 18 && exit('Node 18 or higher is required')
+
+// @ts-ignore
+const version: string = VERSION
+
+program.name('cryptgeon').version(version).configureHelp({ showGlobalOptions: true })
+
+program
+  .command('info')
+  .description('show information about the server')
+  .addOption(server)
+  .action(async (options) => {
+    setBase(options.server)
+    const response = await status()
+    const formatted = {
+      ...response,
+      max_size: prettyBytes(response.max_size),
+    }
+    for (const key of Object.keys(formatted)) {
+      if (key.startsWith('theme_')) delete formatted[key as keyof typeof formatted]
+    }
+    console.table(formatted)
+  })
+
+const send = program.command('send').description('send a note')
+send
+  .command('file')
+  .addArgument(files)
+  .addOption(server)
+  .addOption(views)
+  .addOption(minutes)
+  .addOption(password)
+  .action(async (files, options) => {
+    setBase(options.server!)
+    await checkConstrains(options)
+    options.password ||= await getStdin()
+    try {
+      const url = await upload(files, { views: options.views, expiration: options.minutes, password: options.password })
+      console.log(`Note created:\n\n${url}`)
+    } catch {
+      exit('Could not create note')
+    }
+  })
+send
+  .command('text')
+  .addArgument(text)
+  .addOption(server)
+  .addOption(views)
+  .addOption(minutes)
+  .addOption(password)
+  .action(async (text, options) => {
+    setBase(options.server!)
+    await checkConstrains(options)
+    options.password ||= await getStdin()
+    try {
+      const url = await upload(text, { views: options.views, expiration: options.minutes, password: options.password })
+      console.log(`Note created:\n\n${url}`)
+    } catch {
+      exit('Could not create note')
+    }
+  })
+
+program
+  .command('open')
+  .description('open a link with text or files inside')
+  .addArgument(url)
+  .addOption(password)
+  .addOption(all)
+  .action(async (note, options) => {
+    try {
+      const url = new URL(note)
+      options.password ||= await getStdin()
+      try {
+        await download(url, options.all, options.password)
+      } catch (e) {
+        exit(e instanceof Error ? e.message : 'Unknown error occurred')
+      }
+    } catch {
+      exit('Invalid URL')
+    }
+  })
+
+program.parse()

packages/cli/src/download.ts

@@ -5,12 +5,12 @@ import { basename, resolve } from 'node:path'
 import { AES, Hex } from 'occulto'
 import pretty from 'pretty-bytes'
 
-import { exit } from './utils'
-
 export async function download(url: URL, all: boolean, suggestedPassword?: string) {
   setBase(url.origin)
   const id = url.pathname.split('/')[2]
-  const preview = await info(id).catch(() => exit('Note does not exist or is expired'))
+  const preview = await info(id).catch(() => {
+    throw new Error('Note does not exist or is expired')
+  })
 
   // Password
   let password: string
@@ -35,13 +35,14 @@ export async function download(url: URL, all: boolean, suggestedPassword?: strin
   const key = derivation ? (await AES.derive(password, derivation))[0] : Hex.decode(password)
   const note = await get(id)
 
-  const couldNotDecrypt = () => exit('Could not decrypt note. Probably an invalid password')
+  const couldNotDecrypt = new Error('Could not decrypt note. Probably an invalid password')
   switch (note.meta.type) {
     case 'file':
-      const files = await Adapters.Files.decrypt(note.contents, key).catch(couldNotDecrypt)
+      const files = await Adapters.Files.decrypt(note.contents, key).catch(() => {
+        throw couldNotDecrypt
+      })
       if (!files) {
-        exit('No files found in note')
-        return
+        throw new Error('No files found in note')
       }
 
       let selected: typeof files
@@ -63,7 +64,7 @@ export async function download(url: URL, all: boolean, suggestedPassword?: strin
         selected = files.filter((file) => names.includes(file.name))
       }
 
-      if (!selected.length) exit('No files selected')
+      if (!selected.length) throw new Error('No files selected')
       await Promise.all(
         selected.map(async (file) => {
           let filename = resolve(file.name)
@@ -79,7 +80,9 @@ export async function download(url: URL, all: boolean, suggestedPassword?: strin
 
       break
     case 'text':
-      const plaintext = await Adapters.Text.decrypt(note.contents, key).catch(couldNotDecrypt)
+      const plaintext = await Adapters.Text.decrypt(note.contents, key).catch(() => {
+        throw couldNotDecrypt
+      })
       console.log(plaintext)
       break
   }

packages/cli/src/index.ts

@@ -1,104 +1,4 @@
-#!/usr/bin/env node
-
-import { Argument, Option, program } from '@commander-js/extra-typings'
-import { setBase, status } from '@cryptgeon/shared'
-import prettyBytes from 'pretty-bytes'
-
-import { download } from './download.js'
-import { parseFile, parseNumber } from './parsers.js'
-import { getStdin } from './stdin.js'
-import { upload } from './upload.js'
-import { exit } from './utils.js'
-
-const defaultServer = process.env['CRYPTGEON_SERVER'] || 'https://cryptgeon.org'
-const server = new Option('-s --server <url>', 'the cryptgeon server to use').default(defaultServer)
-const files = new Argument('<file...>', 'Files to be sent').argParser(parseFile)
-const text = new Argument('<text>', 'Text content of the note')
-const password = new Option('-p --password <string>', 'manually set a password')
-const all = new Option('-a --all', 'Save all files without prompt').default(false)
-const url = new Argument('<url>', 'The url to open')
-const views = new Option('-v --views <number>', 'Amount of views before getting destroyed').argParser(parseNumber)
-const minutes = new Option('-m --minutes <number>', 'Minutes before the note expires').argParser(parseNumber)
-
-// Node 18 guard
-parseInt(process.version.slice(1).split(',')[0]) < 18 && exit('Node 18 or higher is required')
-
-// @ts-ignore
-const version: string = VERSION
-
-async function checkConstrains(constrains: { views?: number; minutes?: number }) {
-  const { views, minutes } = constrains
-  if (views && minutes) exit('cannot set view and minutes constrains simultaneously')
-  if (!views && !minutes) constrains.views = 1
-
-  const response = await status()
-  if (views && views > response.max_views)
-    exit(`Only a maximum of ${response.max_views} views allowed. ${views} given.`)
-  if (minutes && minutes > response.max_expiration)
-    exit(`Only a maximum of ${response.max_expiration} minutes allowed. ${minutes} given.`)
-}
-
-program.name('cryptgeon').version(version).configureHelp({ showGlobalOptions: true })
-
-program
-  .command('info')
-  .description('show information about the server')
-  .addOption(server)
-  .action(async (options) => {
-    setBase(options.server)
-    const response = await status()
-    const formatted = {
-      ...response,
-      max_size: prettyBytes(response.max_size),
-    }
-    for (const key of Object.keys(formatted)) {
-      if (key.startsWith('theme_')) delete formatted[key as keyof typeof formatted]
-    }
-    console.table(formatted)
-  })
-
-const send = program.command('send').description('send a note')
-send
-  .command('file')
-  .addArgument(files)
-  .addOption(server)
-  .addOption(views)
-  .addOption(minutes)
-  .addOption(password)
-  .action(async (files, options) => {
-    setBase(options.server!)
-    await checkConstrains(options)
-    options.password ||= await getStdin()
-    await upload(files, { views: options.views, expiration: options.minutes, password: options.password })
-  })
-send
-  .command('text')
-  .addArgument(text)
-  .addOption(server)
-  .addOption(views)
-  .addOption(minutes)
-  .addOption(password)
-  .action(async (text, options) => {
-    setBase(options.server!)
-    await checkConstrains(options)
-    options.password ||= await getStdin()
-    await upload(text, { views: options.views, expiration: options.minutes, password: options.password })
-  })
-
-program
-  .command('open')
-  .description('open a link with text or files inside')
-  .addArgument(url)
-  .addOption(password)
-  .addOption(all)
-  .action(async (note, options) => {
-    try {
-      const url = new URL(note)
-      options.password ||= await getStdin()
-      await download(url, options.all, options.password)
-    } catch {
-      exit('Invalid URL')
-    }
-  })
-
-program.parse()
+export * from '@cryptgeon/shared'
+export * from './download.js'
+export * from './upload.js'
+export * from './utils.js'

packages/cli/src/upload.ts

@@ -3,49 +3,43 @@ import { basename } from 'node:path'
 
 import { Adapters, BASE, create, FileDTO, Note, NoteMeta } from '@cryptgeon/shared'
 import mime from 'mime'
-import { AES, Hex, TypedArray } from 'occulto'
+import { AES, Hex } from 'occulto'
 
-import { exit } from './utils.js'
+export type UploadOptions = Pick<Note, 'views' | 'expiration'> & { password?: string }
 
-type UploadOptions = Pick<Note, 'views' | 'expiration'> & { password?: string }
+export async function upload(input: string | string[], options: UploadOptions): Promise<string> {
+  const { password, ...noteOptions } = options
+  const derived = options.password ? await AES.derive(options.password) : undefined
+  const key = derived ? derived[0] : await AES.generateKey()
 
-export async function upload(input: string | string[], options: UploadOptions) {
-  try {
-    const { password, ...noteOptions } = options
-    const derived = options.password ? await AES.derive(options.password) : undefined
-    const key = derived ? derived[0] : await AES.generateKey()
-
-    let contents: string
-    let type: NoteMeta['type']
-    if (typeof input === 'string') {
-      contents = await Adapters.Text.encrypt(input, key)
-      type = 'text'
-    } else {
-      const files: FileDTO[] = await Promise.all(
-        input.map(async (path) => {
-          const data = new Uint8Array(await readFile(path))
-          const stats = await stat(path)
-          const extension = path.substring(path.indexOf('.') + 1)
-          const type = mime.getType(extension) ?? 'application/octet-stream'
-          return {
-            name: basename(path),
-            size: stats.size,
-            contents: data,
-            type,
-          } satisfies FileDTO
-        })
-      )
-      contents = await Adapters.Files.encrypt(files, key)
-      type = 'file'
-    }
-
-    // Create the actual note and upload it.
-    const note: Note = { ...noteOptions, contents, meta: { type, derivation: derived?.[1] } }
-    const result = await create(note)
-    let url = `${BASE}/note/${result.id}`
-    if (!derived) url += `#${Hex.encode(key)}`
-    console.log(`Note created:\n\n${url}`)
-  } catch {
-    exit('Could not create note')
+  let contents: string
+  let type: NoteMeta['type']
+  if (typeof input === 'string') {
+    contents = await Adapters.Text.encrypt(input, key)
+    type = 'text'
+  } else {
+    const files: FileDTO[] = await Promise.all(
+      input.map(async (path) => {
+        const data = new Uint8Array(await readFile(path))
+        const stats = await stat(path)
+        const extension = path.substring(path.indexOf('.') + 1)
+        const type = mime.getType(extension) ?? 'application/octet-stream'
+        return {
+          name: basename(path),
+          size: stats.size,
+          contents: data,
+          type,
+        } satisfies FileDTO
+      })
+    )
+    contents = await Adapters.Files.encrypt(files, key)
+    type = 'file'
   }
+
+  // Create the actual note and upload it.
+  const note: Note = { ...noteOptions, contents, meta: { type, derivation: derived?.[1] } }
+  const result = await create(note)
+  let url = `${BASE}/note/${result.id}`
+  if (!derived) url += `#${Hex.encode(key)}`
+  return url
 }

packages/cli/src/utils.ts

@@ -1,6 +1,19 @@
+import { status } from '@cryptgeon/shared'
 import { exit as exitNode } from 'node:process'
 
 export function exit(message: string) {
   console.error(message)
   exitNode(1)
 }
+
+export async function checkConstrains(constrains: { views?: number; minutes?: number }) {
+  const { views, minutes } = constrains
+  if (views && minutes) exit('cannot set view and minutes constrains simultaneously')
+  if (!views && !minutes) constrains.views = 1
+
+  const response = await status()
+  if (views && views > response.max_views)
+    exit(`Only a maximum of ${response.max_views} views allowed. ${views} given.`)
+  if (minutes && minutes > response.max_expiration)
+    exit(`Only a maximum of ${response.max_expiration} minutes allowed. ${minutes} given.`)
+}

packages/cli/tsconfig.json

@@ -3,8 +3,11 @@
     "target": "es2022",
     "module": "es2022",
     "moduleResolution": "node",
-    "noEmit": true,
+    "declaration": true,
+    "emitDeclarationOnly": true,
     "strict": true,
+    "outDir": "./dist",
+    "rootDir": "./src",
     "allowSyntheticDefaultImports": true
   }
 }

packages/frontend/locales/de.json

@@ -1,53 +1,54 @@
 {
 	"common": {
-		"note": "Hinweis",
+		"note": "Notiz",
 		"file": "Datei",
-		"advanced": "erweitert",
-		"create": "erstellen",
-		"loading": "läd",
+		"advanced": "Erweiterte Optionen",
+		"create": "Notiz erstellen",
+		"loading": "Lädt...",
 		"mode": "Modus",
 		"views": "{n, plural, =0 {Ansichten} =1 {1 Ansicht} other {# Ansichten}}",
 		"minutes": "{n, plural, =0 {Minuten} =1 {1 Minute} other {# Minuten}}",
 		"max": "max",
 		"share_link": "Link teilen",
-		"copy_clipboard": "in die Zwischenablage kopieren",
-		"copied_to_clipboard": "in die Zwischenablage kopiert",
-		"encrypting": "verschlüsseln",
-		"decrypting": "entschlüsselt",
-		"uploading": "hochladen",
-		"downloading": "wird heruntergeladen",
-		"qr_code": "qr-code",
+		"copy_clipboard": "Link in die Zwischenablage kopieren",
+		"copied_to_clipboard": "Link in die Zwischenablage kopiert.",
+		"encrypting": "Notiz wird verschlüsselt...",
+		"decrypting": "Notiz wird entschlüsselt...",
+		"uploading": "Hochladen",
+		"downloading": "Wird heruntergeladen",
+		"qr_code": "QR-Code",
 		"password": "Passwort"
 	},
 	"home": {
-		"intro": "Senden Sie ganz einfach <i>vollständig verschlüsselte</i>, sichere Notizen oder Dateien mit einem Klick. Erstellen Sie einfach eine Notiz und teilen Sie den Link.",
-		"explanation": "die Notiz verfällt und wird nach {type} zerstört.",
-		"new_note": "neue Note",
-		"new_note_notice": "<b>Verfügbarkeit:</b><br />es ist nicht garantiert, dass die Notiz gespeichert wird, da alles im Speicher gehalten wird. Wenn dieser voll ist, werden die ältesten Notizen entfernt.<br />(Sie werden wahrscheinlich keine Probleme haben, seien Sie nur gewarnt).",
+		"intro": "Senden Sie mit ganz einfach einem Klick <i>vollständig verschlüsselte</i>, sichere Notizen oder Dateien. Erstellen Sie einfach eine Notiz und teilen Sie den Link.",
+		"explanation": "Die Notiz verfällt nach {type}.",
+		"new_note": "Neue Notiz",
+		"new_note_notice": "<b>Wichtiger Hinweis zur Verfügbarkeit:</b><br />Es kann nicht garantiert werden, dass diese Notiz gespeichert wird, da diese <b>ausschließlich im Speicher</b> gehalten werden. Ist dieser voll, werden die ältesten Notizen entfernt.<br />(Wahrscheinlich gibt es keine derartigen Probleme, seien Sie nur vorgewarnt).",
 		"errors": {
-			"note_to_big": "Notiz konnte nicht erstellt werden. Notiz ist zu groß",
-			"note_error": "konnte keine Notiz erstellen. Bitte versuchen Sie es erneut.",
+			"note_to_big": "Notiz konnte nicht erstellt werden, da sie zu groß ist.",
+			"note_error": "Notiz konnte nicht erstellt werden. Bitte versuchen Sie es erneut.",
 			"max": "max: {n}",
 			"empty_content": "Notiz ist leer."
 		},
 		"messages": {
-			"note_created": "notiz erstellt."
+			"note_created": "Notiz wurde erstellt."
 		},
 		"advanced": {
-			"explanation": "Standardmäßig wird für jede Notiz ein sicher generiertes Passwort verwendet. Sie können jedoch auch ein eigenes Kennwort wählen, das nicht in dem Link enthalten ist.",
-			"custom_password": "benutzerdefiniertes Passwort"
+			"explanation": "Standardmäßig wird für jede Notiz ein sicher generiertes Passwort verwendet. Sie können alternativ ein eigenes Kennwort wählen, das nicht im Link enthalten ist.",
+			"custom_password": "Benutzerdefiniertes Passwort"
 		}
 	},
 	"show": {
 		"errors": {
-			"not_found": "wurde nicht gefunden oder wurde bereits gelöscht.",
-			"decryption_failed": "falsches Passwort. konnte nicht entziffert werden. wahrscheinlich ein defekter Link. Notiz wurde zerstört.",
-			"unsupported_type": "nicht unterstützter Notiztyp."
+			"not_found": "Notiz konnte nicht gefunden werden oder wurde bereits gelöscht.",
+			"decryption_failed": "Notiz konnte nicht entschlüsselt werden. Vermutlich ist das Passwort falsch oder der Link defekt. Notiz wurde zerstört.",
+			"unsupported_type": "Nicht unterstützter Notiztyp."
 		},
-		"explanation": "Klicken Sie unten, um die Notiz anzuzeigen und zu löschen, wenn der Zähler sein Limit erreicht hat",
+		"explanation": "Klicken Sie unten, um die Notiz anzuzeigen und anschließend zu löschen, falls das Limit erreicht ist.",
 		"show_note": "Notiz anzeigen",
-		"warning_will_not_see_again": "haben Sie <b>keine</b> Gelegenheit, die Notiz noch einmal zu sehen.",
-		"download_all": "alle herunterladen"
+		"warning_will_not_see_again": "Achtung! Sie haben anschließend <b>keine</b> Gelegenheit, die Notiz noch einmal anzusehen.",
+		"download_all": "Alle Dateien herunterladen",
+		"links_found": "Links in der Notiz:"
 	},
 	"file_upload": {
 		"selected_files": "Ausgewählte Dateien",

packages/frontend/locales/en.json

@@ -23,9 +23,9 @@
 		"intro": "Easily send <i>fully encrypted</i>, secure notes or files with one click. Just create a note and share the link.",
 		"explanation": "the note will expire and be destroyed after {type}.",
 		"new_note": "new note",
-		"new_note_notice": "<b>availability:</b><br />the note is not guaranteed to be stored, as everything is kept in ram. if it fills up, the oldest notes will be removed.<br />(you probably will be fine, but just be warned.)",
+		"new_note_notice": "<b>availability:</b><br />the note is not guaranteed to be stored as everything is kept in ram, if it fills up the oldest notes will be removed.<br />(you probably will be fine, just be warned.)",
 		"errors": {
-			"note_to_big": "could not create note. note is too big.",
+			"note_to_big": "could not create note. note is to big",
 			"note_error": "could not create note. please try again.",
 			"max": "max: {n}",
 			"empty_content": "note is empty."
@@ -34,7 +34,7 @@
 			"note_created": "note created."
 		},
 		"advanced": {
-			"explanation": "By default, a securely generated password is used for each note. You can, however, also choose your own password, which is not included in the link.",
+			"explanation": "By default, a securely generated password is used for each note. You can however also choose your own password, which is not included in the link.",
 			"custom_password": "custom password"
 		}
 	},
@@ -44,10 +44,11 @@
 			"decryption_failed": "wrong password. could not decipher. probably a broken link. note was destroyed.",
 			"unsupported_type": "unsupported note type."
 		},
-		"explanation": "click below to show and delete the note if the counter has reached its limit.",
+		"explanation": "click below to show and delete the note if the counter has reached it's limit",
 		"show_note": "show note",
 		"warning_will_not_see_again": "you will <b>not</b> get the chance to see the note again.",
-		"download_all": "download all"
+		"download_all": "download all",
+		"links_found": "links found inside the note:"
 	},
 	"file_upload": {
 		"selected_files": "Selected Files",

packages/frontend/locales/es.json

@@ -23,7 +23,7 @@
 		"intro": "Envía fácilmente notas o archivos <i>totalmente encriptados</i> y seguros con un solo clic. Solo tienes que crear una nota y compartir el enlace.",
 		"explanation": "la nota expirará y se destruirá después de {type}.",
 		"new_note": "nueva nota",
-		"new_note_notice": "<b>disponibilidad:</b><br />no se garantiza que la nota se almacene, ya que todo se guarda en la memoria RAM, si se llena se eliminarán las notas más antiguas.<br />(probablemente estará bien, sólo está advertido.)",
+		"new_note_notice": "<b>disponibilidad:</b><br />no se garantiza que la nota se almacene, ya que todo se guarda en la memoria RAM, si se llena se eliminarán las notas más antiguas.<br />(probablemente estará bien, solo está advertido.)",
 		"errors": {
 			"note_to_big": "no se pudo crear la nota. la nota es demasiado grande",
 			"note_error": "No se ha podido crear la nota. Por favor, inténtelo de nuevo.",
@@ -34,7 +34,7 @@
 			"note_created": "nota creada."
 		},
 		"advanced": {
-			"explanation": "Por defecto, se utiliza una contraseña generada de forma segura para cada nota. No obstante, también puede elegir su propia contraseña, que no se incluye en el enlace.",
+			"explanation": "Por defecto, se utiliza una contraseña generada de forma segura para cada nota. No obstante, también puede elegir su propia contraseña, la cual no se incluye en el enlace.",
 			"custom_password": "contraseña personalizada"
 		}
 	},
@@ -47,7 +47,8 @@
 		"explanation": "pulse abajo para mostrar y borrar la nota si el contador ha llegado a su límite",
 		"show_note": "mostrar nota",
 		"warning_will_not_see_again": "<b>no</b> tendrás la oportunidad de volver a ver la nota.",
-		"download_all": "descargar todo"
+		"download_all": "descargar todo",
+		"links_found": "enlaces que se encuentran dentro de la nota:"
 	},
 	"file_upload": {
 		"selected_files": "Archivos seleccionados",

packages/frontend/locales/fr.json

@@ -47,7 +47,8 @@
 		"explanation": "Cliquez ci-dessous pour afficher et supprimer la note si le compteur a atteint sa limite.",
 		"show_note": "note de présentation",
 		"warning_will_not_see_again": "vous <b>n'aurez pas</b> la chance de revoir la note.",
-		"download_all": "télécharger tout"
+		"download_all": "télécharger tout",
+		"links_found": "liens trouvés à l’intérieur de la note :"
 	},
 	"file_upload": {
 		"selected_files": "Fichiers sélectionnés",

packages/frontend/locales/it.json

@@ -47,7 +47,8 @@
 		"explanation": "clicca sotto per mostrare e cancellare la nota se il contatore ha raggiunto il suo limite",
 		"show_note": "mostra la nota",
 		"warning_will_not_see_again": "<b>non</b> avrete la possibilità di rivedere la nota.",
-		"download_all": "scarica tutti"
+		"download_all": "scarica tutti",
+		"links_found": "link presenti all'interno della nota:"
 	},
 	"file_upload": {
 		"selected_files": "File selezionati",

packages/frontend/locales/ja.json

@@ -47,7 +47,8 @@
 		"explanation": "カウンターが上限に達した場合、ノートの表示と削除を行うには、以下をクリックします。",
 		"show_note": "メモを表示",
 		"warning_will_not_see_again": "あなた <b>できません</b> このノートをもう一度見る",
-		"download_all": "すべてダウンロード"
+		"download_all": "すべてダウンロード",
+		"links_found": "メモ内にあるリンク:"
 	},
 	"file_upload": {
 		"selected_files": "選択したファイル",

packages/frontend/locales/ru.json

@@ -23,10 +23,10 @@
 		"intro": "Легко отправляйте <i>полностью зашифрованные</i> защищенные заметки или файлы одним щелчком мыши. Просто создайте заметку и поделитесь ссылкой.",
 		"explanation": "заметка истечет и будет уничтожена после {type}.",
 		"new_note": "новая заметка",
-		"new_note_notice": "<b>предупреждение:</b><br />не гарантируется, что заметка будет сохранена, так как все хранится в оперативной памяти, если она заполнится, самые старые заметки будут удалены..<br />(вероятно всё будет хорошо, просто будьте осторожны.)",
+		"new_note_notice": "<b>availability:</b><br />the note is not guaranteed to be stored as everything is kept in ram, if it fills up the oldest notes will be removed.<br />(you probably will be fine, just be warned.)",
 		"errors": {
 			"note_to_big": "нельзя создать новую заметку. заметка слишком большая",
-			"note_error": "нельзя создать новую заметку. пожалуйста попробуйте позднее.",
+			"note_error": "нельзя создать новую заметку. пожалйста попробуйте позднее.",
 			"max": "макс: {n}",
 			"empty_content": "пустая заметка."
 		},
@@ -44,10 +44,11 @@
 			"decryption_failed": "неправильный пароль. не смог расшифровать. возможно ссылка битая. записка уничтожена.",
 			"unsupported_type": "неподдерживаемый тип заметки."
 		},
-		"explanation": "щелкните ниже, чтобы показать и удалить заметку, если счетчик достиг предела",
+		"explanation": "щелкните ниже, чтобы показать и удалить примечание, если счетчик достиг предела",
 		"show_note": "показать заметку",
 		"warning_will_not_see_again": "вы <b>не сможете</b> больше просмотреть заметку.",
-		"download_all": "скачать всё"
+		"download_all": "скачать всё",
+		"links_found": "ссылки внутри заметки:"
 	},
 	"file_upload": {
 		"selected_files": "Выбранные файлы",

packages/frontend/locales/zh.json

@@ -47,7 +47,8 @@
 		"explanation": "点击下方按钮即可查看密信，阅后即焚。",
 		"show_note": "查看密信",
 		"warning_will_not_see_again": "你将<b>无法</b>再次查看该密信，请尽快复制到粘贴板。",
-		"download_all": "下载全部"
+		"download_all": "下载全部",
+		"links_found": "注释中找到的链接："
 	},
 	"file_upload": {
 		"selected_files": "已选中的文件",

packages/frontend/package.json

@@ -13,29 +13,28 @@
 	},
 	"type": "module",
 	"devDependencies": {
-		"@lokalise/node-api": "^10.0.0",
-		"@sveltejs/adapter-static": "^2.0.3",
-		"@sveltejs/kit": "^1.22.6",
-		"@types/dompurify": "^3.0.2",
-		"@types/file-saver": "^2.0.5",
+		"@lokalise/node-api": "^12.1.0",
+		"@sveltejs/adapter-static": "^3.0.1",
+		"@sveltejs/kit": "^2.5.2",
+		"@sveltejs/vite-plugin-svelte": "^3.0.2",
+		"@types/file-saver": "^2.0.7",
 		"@zerodevx/svelte-toast": "^0.9.5",
 		"adm-zip": "^0.5.10",
-		"dotenv": "^16.3.1",
-		"svelte": "^4.2.0",
-		"svelte-check": "^3.5.0",
+		"dotenv": "^16.4.5",
+		"svelte": "^4.2.12",
+		"svelte-check": "^3.6.6",
 		"svelte-intl-precompile": "^0.12.3",
-		"tslib": "^2.6.1",
-		"typescript": "^5.1.6",
-		"vite": "^4.4.9"
+		"tslib": "^2.6.2",
+		"typescript": "^5.3.3",
+		"vite": "^5.1.4"
 	},
 	"dependencies": {
 		"@cryptgeon/shared": "workspace:*",
 		"@fontsource/fira-mono": "^5.0.8",
 		"copy-to-clipboard": "^3.3.3",
-		"dompurify": "^3.0.5",
 		"file-saver": "^2.0.5",
-		"occulto": "^2.0.1",
+		"occulto": "^2.0.3",
 		"pretty-bytes": "^6.1.1",
 		"qrious": "^4.0.2"
 	}
-}
+}

packages/frontend/src/lib/ui/ShowNote.svelte

@@ -3,7 +3,6 @@
 </script>
 
 <script lang="ts">
-	import DOMPurify from 'dompurify'
 	import { saveAs } from 'file-saver'
 	import prettyBytes from 'pretty-bytes'
 	import { t } from 'svelte-intl-precompile'
@@ -34,22 +33,29 @@
 		saveAs(f)
 	}
 
-	function contentWithLinks(content: string): string {
-		const replaced = content.replace(
-			RE_URL,
-			(url) => `<a href="${url}" rel="noreferrer">${url}</a>`
-		)
-		return DOMPurify.sanitize(replaced, { USE_PROFILES: { html: true } })
-	}
+	$: links = typeof note.contents === 'string' ? note.contents.match(RE_URL) : []
 </script>
 
 <p class="error-text">{@html $t('show.warning_will_not_see_again')}</p>
 <div data-testid="result">
 	{#if note.meta.type === 'text'}
 		<div class="note">
-			{@html contentWithLinks(note.contents)}
+			{note.contents}
 		</div>
 		<Button on:click={() => copy(note.contents)}>{$t('common.copy_clipboard')}</Button>
+
+		{#if links && links.length}
+			<div class="links">
+				{$t('show.links_found')}
+				<ul>
+					{#each links as link}
+						<li>
+							<a href={link} target="_blank" rel="noopener noreferrer">{link}</a>
+						</li>
+					{/each}
+				</ul>
+			</div>
+		{/if}
 	{:else}
 		{#each files as file}
 			<div class="note file">
@@ -92,4 +98,20 @@
 	.note.file small {
 		padding-left: 1rem;
 	}
+
+	.links {
+		margin-top: 2rem;
+	}
+	.links ul {
+		margin: 0;
+		padding: 0;
+		margin-top: 0.5rem;
+		padding-left: 1rem;
+		list-style: square;
+	}
+
+	.links ul li {
+		margin-bottom: 0.5rem;
+		word-wrap: break-word;
+	}
 </style>

packages/frontend/svelte.config.js

@@ -1,6 +1,6 @@
 import adapter from '@sveltejs/adapter-static'
 import precompileIntl from 'svelte-intl-precompile/sveltekit-plugin'
-import { vitePreprocess } from '@sveltejs/kit/vite'
+import { vitePreprocess } from '@sveltejs/vite-plugin-svelte'
 
 export default {
 	preprocess: vitePreprocess([precompileIntl('locales')]),

packages/shared/package.json

@@ -14,9 +14,9 @@
     "build": "tsc"
   },
   "devDependencies": {
-    "typescript": "^5.1.6"
+    "typescript": "^5.3.3"
   },
   "dependencies": {
-    "occulto": "^2.0.1"
+    "occulto": "^2.0.3"
   }
 }

test/utils.ts

@@ -88,7 +88,7 @@ export async function checkLinkDoesNotExist(page: Page, link: string) {
 }
 
 export async function CLI(...args: string[]) {
-  return await exec('./packages/cli/dist/index.cjs', args, {
+  return await exec('./packages/cli/dist/cli.cjs', args, {
     env: {
       ...process.env,
       CRYPTGEON_SERVER: 'http://localhost:1234',