Merge pull request #8499 from ItzNotABug/main

Merge `main` to `1.5.x`

.github/workflows/pr-scan.yml

@@ -0,0 +1,87 @@
+name: PR Security Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+  workflow_dispatch:
+jobs:
+  scan:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        submodules: 'recursive'
+    - name: Build the Docker image
+      uses: docker/build-push-action@v5
+      with: 
+        context: .
+        push: false
+        load: true
+        tags: pr_image:${{ github.sha }}
+    - name: Run Trivy vulnerability scanner on image
+      uses: aquasecurity/trivy-action@0.20.0
+      with:
+        image-ref: 'pr_image:${{ github.sha }}'
+        format: 'json'
+        output: 'trivy-image-results.json'
+        severity: 'CRITICAL,HIGH'
+    - name: Run Trivy vulnerability scanner on source code
+      uses: aquasecurity/trivy-action@0.20.0
+      with:
+        scan-type: 'fs'
+        scan-ref: '.'
+        format: 'json'
+        output: 'trivy-fs-results.json'
+        severity: 'CRITICAL,HIGH'
+    - name: Process and post Trivy scan results
+      uses: actions/github-script@v7
+      with:
+        github-token: ${{secrets.GITHUB_TOKEN}}
+        script: |
+          const fs = require('fs');
+          let commentBody = '## Security Scan Results for PR\n\n';
+          
+          function processResults(results, title) {
+            let sectionBody = `### ${title}\n\n`;
+            if (results.Results && results.Results.some(result => result.Vulnerabilities && result.Vulnerabilities.length > 0)) {
+              sectionBody += '| Package | Version | Vulnerability | Severity |\n';
+              sectionBody += '|---------|---------|----------------|----------|\n';
+              
+              const uniqueVulns = new Set();
+              results.Results.forEach(result => {
+                if (result.Vulnerabilities) {
+                  result.Vulnerabilities.forEach(vuln => {
+                    const vulnKey = `${vuln.PkgName}-${vuln.InstalledVersion}-${vuln.VulnerabilityID}`;
+                    if (!uniqueVulns.has(vulnKey)) {
+                      uniqueVulns.add(vulnKey);
+                      sectionBody += `| ${vuln.PkgName} | ${vuln.InstalledVersion} | [${vuln.VulnerabilityID}](https://nvd.nist.gov/vuln/detail/${vuln.VulnerabilityID}) | ${vuln.Severity} |\n`;
+                    }
+                  });
+                }
+              });
+            } else {
+              sectionBody += '🎉 No vulnerabilities found!\n';
+            }
+            return sectionBody;
+          }
+          
+          try {
+            const imageResults = JSON.parse(fs.readFileSync('trivy-image-results.json', 'utf8'));
+            const fsResults = JSON.parse(fs.readFileSync('trivy-fs-results.json', 'utf8'));
+            
+            commentBody += processResults(imageResults, "Docker Image Scan Results");
+            commentBody += '\n';
+            commentBody += processResults(fsResults, "Source Code Scan Results");
+            
+          } catch (error) {
+            commentBody += `There was an error while running the security scan: ${error.message}\n`;
+            commentBody += 'Please contact the core team for assistance.';
+          }
+          
+          github.rest.issues.createComment({
+            issue_number: context.issue.number,
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            body: commentBody
+          });

CONTRIBUTING.md

@@ -497,6 +497,18 @@ If you are in PHP Storm you don't need any plugin. Below are the settings requir
 2. If needed edit the **dev/xdebug.ini** file to your needs.
 3. Launch your Appwrite instance while your debugger is listening for connections.
 
+## Profiling
+Appwrite uses XDebug [Profiler](https://xdebug.org/docs/profiler) for generating **CacheGrind** files. The generated file would be located in each of the `appwrite` containers inside the `/tmp/xdebug` folder.
+
+To disable the profiler while debugging remove the `,profiler` mode from the `xdebug.ini` file
+```diff
+zend_extension=xdebug
+
+[xdebug]
+-xdebug.mode=develop,debug,profile
++xdebug.mode=develop,debug
+```
+
 ### VS Code Launch Configuration
 
 ```json

Dockerfile

@@ -108,9 +108,10 @@ RUN mkdir -p /etc/letsencrypt/live/ && chmod -Rf 755 /etc/letsencrypt/live/
 
 # Enable Extensions
 RUN if [ "$DEBUG" == "true" ]; then cp /usr/src/code/dev/xdebug.ini /usr/local/etc/php/conf.d/xdebug.ini; fi
+RUN if [ "$DEBUG" == "true" ]; then mkdir -p /tmp/xdebug; fi
 RUN if [ "$DEBUG" = "false" ]; then rm -rf /usr/src/code/dev; fi
 RUN if [ "$DEBUG" = "false" ]; then rm -f /usr/local/lib/php/extensions/no-debug-non-zts-20220829/xdebug.so; fi
 
 EXPOSE 80
 
-CMD [ "php", "app/http.php" ]
+CMD [ "php", "app/http.php" ]

app/config/locale/translations/ar-ma.json

@@ -0,0 +1,238 @@
+{
+    "settings.inspire": "\"الفن ديال الحكمة هو الفن ديال أنك تعرف أش تنخّل.\"",
+    "settings.locale": "ar-ma",
+    "settings.direction": "rtl",
+    "emails.sender": "فرقة %s",
+    "emails.verification.subject": "التيْقان ديال الحساب",
+    "emails.verification.hello": "السلام {{user}}",
+    "emails.verification.body": "تبّع هاد الوصلة باش تيقّن لادريسة تاع ليميل ديالك.",
+    "emails.verification.footer": "إلا ماشي نتا اللي طلبتي تيقّن هاد لادريسة تاع ليميل، ممكن تنخّل هاد البرية.",
+    "emails.verification.thanks": "شكرا",
+    "emails.verification.signature": "فرقة {{project}}",
+    "emails.magicSession.subject": "تكونيكطا",
+    "emails.magicSession.hello": "السلام,",
+    "emails.magicSession.body": "تبّع هاد الوصلة باش تتكونيكطا.",
+    "emails.magicSession.footer": "إلا ماشي نتا اللي طلبتي تتكونيكطا بهاد ليميل، ممكن تنخّل هاد البرية.",
+    "emails.magicSession.thanks": "شكرا",
+    "emails.magicSession.signature": "فرقة {{project}}",
+    "emails.recovery.subject": "تبدال كلمة السر",
+    "emails.recovery.hello": "السلام {{user}}",
+    "emails.recovery.body": "تبّع هاد الوصلة باش تبدّل كلمة السر تاع {{project}}.",
+    "emails.recovery.footer": "إلا ماشي نتا اللي طلبتي تبدّل كلمة السر، ممكن تنخّل هاد البرية.",
+    "emails.recovery.thanks": "شكرا",
+    "emails.recovery.signature": "فرقة {{project}}",
+    "emails.invitation.subject": "عراضة ل فرقة %s ف %s",
+    "emails.invitation.hello": "السلام",
+    "emails.invitation.body": "هاد البرية تصيفطات ليك حيت {{owner}} بغى يعرض عليك تولّي عضو ف فرقة {{team}} عند {{project}}.",
+    "emails.invitation.footer": "إلا كنتي ما مسوّقش, ممكن تنخّل هاد البرية.",
+    "emails.invitation.thanks": "شكرا",
+    "emails.invitation.signature": "فرقة {{project}}",
+    "emails.certificate.subject": "السرتافيكة فشلات ل %s",
+    "emails.certificate.hello": "السلام",
+    "emails.certificate.body": "السرتافيكة ديال الضومين ديالك '{{domain}}' ما قدّاتش تجينيرا. هادي هي المحاولة نمرة {{attempt}}, السبب ديال هاد الفشل هو: {{error}}",
+    "emails.certificate.footer": "السرتافيكة الفايتة ديالك غاتبقى مزيانة لمدة  30 يوم من عند أول فشل. كانشجعوك بزاف أنك تبقشش فهاد الموضوع, وا إلّا الضومين ديالك ما غايبقاش خدّام فيه الـ SSL.",
+    "emails.certificate.thanks": "شكرا",
+    "emails.certificate.signature": "فرقة {{project}}",
+    "locale.country.unknown": "ما معروفش",
+    "countries.af": "أفغانستان",
+    "countries.ao": "أنڭولا",
+    "countries.al": "ألبانيا",
+    "countries.ad": "أندورا",
+    "countries.ae": "الإمارات العربية المتّاحدة",
+    "countries.ar": "الأرجنتين",
+    "countries.am": "أرمينيا",
+    "countries.ag": "أنتيڭوا وبربودا",
+    "countries.au": "ؤسطراليا",
+    "countries.at": "النامسا",
+    "countries.az": "أديربيجان",
+    "countries.bi": "بوروندي",
+    "countries.be": "بلجيكا",
+    "countries.bj": "بينين",
+    "countries.bf": "بوركينا فاصو",
+    "countries.bd": "بنڭلاديش",
+    "countries.bg": "بلڭاريا",
+    "countries.bh": "البحرين",
+    "countries.bs": "دزيرات البهاما",
+    "countries.ba": "البوسنة ؤ الهرسك",
+    "countries.by": "بيلاروسيا",
+    "countries.bz": "بيليز",
+    "countries.bo": "بوليڤيا",
+    "countries.br": "البرازيل",
+    "countries.bb": "باربادوس",
+    "countries.bn": "بروناي",
+    "countries.bt": "بوتان",
+    "countries.bw": "بوتسوانا",
+    "countries.cf": "جمهورية إفريقيا الوسطانية",
+    "countries.ca": "كانادا",
+    "countries.ch": "سويسرا",
+    "countries.cl": "تشيلي",
+    "countries.cn": "الشينوا",
+    "countries.ci": "ساحل العاج",
+    "countries.cm": "الكاميرون",
+    "countries.cd": "جمهورية الكونڭو الديمقراطية",
+    "countries.cg": "جمهورية الكونڭو",
+    "countries.co": "كولومبيا",
+    "countries.km": "دزيرات القومور",
+    "countries.cv": "الراس الخضر",
+    "countries.cr": "كوسطاريكا",
+    "countries.cu": "كوبا",
+    "countries.cy": "قوبروص",
+    "countries.cz": "التشيك",
+    "countries.de": "ألمانيا",
+    "countries.dj": "دجيبوتي",
+    "countries.dm": "ضومينيكا",
+    "countries.dk": "الدنمارك",
+    "countries.do": "جمهورية الضومينيكان",
+    "countries.dz": "الدزاير",
+    "countries.ec": "إكوادور",
+    "countries.eg": "مصر",
+    "countries.er": "إريتريا",
+    "countries.es": "سبانيا",
+    "countries.ee": "إسطونيا",
+    "countries.et": "إتيوپيا",
+    "countries.fi": "فينلاندا",
+    "countries.fj": "فيدجي",
+    "countries.fr": "فرانسا",
+    "countries.fm": "ميكرونيزيا",
+    "countries.ga": "الڭابون",
+    "countries.gb": "المملكة المتّاحدة",
+    "countries.ge": "تجورجيا",
+    "countries.gh": "غانا",
+    "countries.gn": "غينيا",
+    "countries.gm": "ڭامبيا",
+    "countries.gw": "غينيا بيساو",
+    "countries.gq": "غينيا الستوائية",
+    "countries.gr": "اليونان",
+    "countries.gd": "ڭرينادا",
+    "countries.gt": "ڭواتيمالا",
+    "countries.gy": "ڭيانا",
+    "countries.hn": "هوندوراس",
+    "countries.hr": "كرواتيا",
+    "countries.ht": "هايتي",
+    "countries.hu": "الماجر",
+    "countries.id": "إندونيسيا",
+    "countries.in": "الهند",
+    "countries.ie": "إرلاندا",
+    "countries.ir": "إران",
+    "countries.iq": "العراق",
+    "countries.is": "إسلاندا",
+    "countries.il": "إسرائيل",
+    "countries.it": "الطاليان",
+    "countries.jm": "جامايكا",
+    "countries.jo": "الأردن",
+    "countries.jp": "الجاپون",
+    "countries.kz": "كازاخستان",
+    "countries.ke": "كينيا",
+    "countries.kg": "قيرغيزستان",
+    "countries.kh": "كمبوديا",
+    "countries.ki": "كيريباتي",
+    "countries.kn": "سانت كيتس ؤ نيفيس",
+    "countries.kr": "كوريا الجنوبية",
+    "countries.kw": "الكويت",
+    "countries.la": "لاوس",
+    "countries.lb": "لبنان",
+    "countries.lr": "ليبيريا",
+    "countries.ly": "ليبيا",
+    "countries.lc": "سانت لوسيا",
+    "countries.li": "ليختنشتاين",
+    "countries.lk": "سري لانكا",
+    "countries.ls": "ليسوتو",
+    "countries.lt": "ليتوانيا",
+    "countries.lu": "لوكسمبورڭ",
+    "countries.lv": "لاتفيا",
+    "countries.ma": "المغريب",
+    "countries.mc": "موناكو",
+    "countries.md": "مولضوڤا",
+    "countries.mg": "ماداغشقار",
+    "countries.mv": "دزيرات المالديڤ",
+    "countries.mx": "الميكسيك",
+    "countries.mh": "دزيرات مارشال",
+    "countries.mk": "مقدونيا",
+    "countries.ml": "مالي",
+    "countries.mt": "مالطا",
+    "countries.mm": "ميانمار",
+    "countries.me": "مونطينيڭرو",
+    "countries.mn": "منغوليا",
+    "countries.mz": "الموزمبيق",
+    "countries.mr": "موريتانيا",
+    "countries.mu": "موريشيوس",
+    "countries.mw": "مالاوي",
+    "countries.my": "ماليزيا",
+    "countries.na": "ناميبيا",
+    "countries.ne": "النيجر",
+    "countries.ng": "نيجيريا",
+    "countries.ni": "نيكاراڭوا",
+    "countries.nl": "هولاندا",
+    "countries.no": "النرويج",
+    "countries.np": "نيپال",
+    "countries.nr": "ناورو",
+    "countries.nz": "نيوزيلاندا",
+    "countries.om": "عمّان",
+    "countries.pk": "پاكيستان",
+    "countries.pa": "پاناما",
+    "countries.pe": "الپيرو",
+    "countries.ph": "الفيليپين",
+    "countries.pw": "پالاو",
+    "countries.pg": "پاپوا غينيا الجديدة",
+    "countries.pl": "پولاندا",
+    "countries.kp": "كوريا الشمالية",
+    "countries.pt": "البرطقيز",
+    "countries.py": "الپاراڭواي",
+    "countries.qa": "قطر",
+    "countries.ro": "رومانيا",
+    "countries.ru": "روسيا",
+    "countries.rw": "روّاندا",
+    "countries.sa": "المملكة العربية السعودية",
+    "countries.sd": "السودان",
+    "countries.sn": "السينيڭال",
+    "countries.sg": "سنغافورة",
+    "countries.sb": "دزيرات سليمان",
+    "countries.sl": "صييراليون",
+    "countries.sv": "السالڤاضور",
+    "countries.sm": "سان مارينو",
+    "countries.so": "الصومال",
+    "countries.rs": "صيربيا",
+    "countries.ss": "جنوب السودان",
+    "countries.st": "صاو طومي ؤ پرينسيپي",
+    "countries.sr": "سورينام",
+    "countries.sk": "صلوڤاكيا",
+    "countries.si": "صلوڤينيا",
+    "countries.se": "السويد",
+    "countries.sz": "سوازيلاند",
+    "countries.sc": "السيشيل",
+    "countries.sy": "سوريا",
+    "countries.td": "تشاد",
+    "countries.tg": "الطوڭو",
+    "countries.th": "الطايلوند",
+    "countries.tj": "طادجيكيستان",
+    "countries.tm": "تركمانيستان",
+    "countries.tl": "تيمور الشرقية",
+    "countries.to": "تونڭا",
+    "countries.tt": "ترينيداد ؤ طوباڭو",
+    "countries.tn": "تونس",
+    "countries.tr": "توركيا",
+    "countries.tv": "توڤالو",
+    "countries.tz": "طنزانيا",
+    "countries.ug": "ؤڭاندا",
+    "countries.ua": "ؤكرانيا",
+    "countries.uy": "ؤروڭواي",
+    "countries.us": "ميريكان",
+    "countries.uz": "ؤزباكيستان",
+    "countries.va": "مدينة الڤاتيكان",
+    "countries.vc": "سانت ڤانسون ؤ دزيرات ڭرينادين",
+    "countries.ve": "ڤينيزويلا",
+    "countries.vn": "ڤيطنام",
+    "countries.vu": "ڤانواتو",
+    "countries.ws": "ساموا",
+    "countries.ye": "اليمن",
+    "countries.za": "جنوب إفريقيا",
+    "countries.zm": "زامبيا",
+    "countries.zw": "زيمبابوي",
+    "continents.af": "أفريقيا",
+    "continents.an": "القارة القطبية الجنوبية",
+    "continents.as": "أسيا",
+    "continents.eu": "ؤروپا",
+    "continents.na": "ميريكان الشمالية",
+    "continents.oc": "ؤقيانوسيا",
+    "continents.sa": "ميريكان الجنوبية"
+}

app/controllers/api/proxy.php

@@ -51,7 +51,7 @@ App::post('/v1/proxy/rules')
         }
 
         $functionsDomain = System::getEnv('_APP_DOMAIN_FUNCTIONS', '');
-        if (str_ends_with($domain, $functionsDomain)) {
+        if ($functionsDomain != '' && str_ends_with($domain, $functionsDomain)) {
             throw new Exception(Exception::GENERAL_ARGUMENT_INVALID, 'You cannot assign your functions domain or it\'s subdomain to specific resource. Please use different domain.');
         }
 

dev/xdebug.ini

@@ -1,6 +1,8 @@
 zend_extension=xdebug
 
 [xdebug]
-xdebug.mode=develop,debug
+xdebug.mode=develop,debug,profile
 xdebug.client_host=host.docker.internal
-xdebug.start_with_request=yes
+xdebug.start_with_request=yes
+xdebug.output_dir=/tmp/xdebug
+xdebug.use_compression=false

docs/references/avatars/get-favicon.md

@@ -1 +1,3 @@
 Use this endpoint to fetch the favorite icon (AKA favicon) of any remote website URL.
+
+This endpoint does not follow HTTP redirects.

docs/references/avatars/get-image.md

@@ -1,3 +1,5 @@
 Use this endpoint to fetch a remote image URL and crop it to any image size you want. This endpoint is very useful if you need to crop and display remote images in your app or in case you want to make sure a 3rd party image is properly served using a TLS protocol.
 
 When one dimension is specified and the other is 0, the image is scaled with preserved aspect ratio. If both dimensions are 0, the API provides an image at source quality. If dimensions are not specified, the default size of image returned is 400x400px.
+
+This endpoint does not follow HTTP redirects.