solid-server 5.6.9-beta

package/.acl

@@ -0,0 +1,10 @@
+# Root ACL resource for the root
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+<#public>
+    a acl:Authorization;
+    acl:agentClass foaf:Agent;  # everyone
+    acl:accessTo </>;
+    acl:default </common/>;
+    acl:mode acl:Read.

package/.github/workflows/ci.yml

@@ -0,0 +1,47 @@
+# This workflow will do a clean install of node dependencies, build the source code and run tests across different versions of node
+# For more information see: https://help.github.com/actions/language-and-framework-guides/using-nodejs-with-github-actions
+
+name: CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build:
+
+    runs-on: ${{ matrix.os }}
+
+    strategy:
+      matrix:
+        node-version: [12.x, 14.x]
+        os: [ubuntu-latest]
+
+    steps:
+    - uses: actions/checkout@v2
+    # extract branch name
+    - if: github.event_name == 'pull_request'
+      run: echo "BRANCH_NAME=${GITHUB_HEAD_REF}" >> $GITHUB_ENV
+    - if: github.event_name != 'pull_request'
+      run: echo "BRANCH_NAME=${GITHUB_REF#refs/heads/}" >> $GITHUB_ENV
+
+    # print branch name
+    - name: Get branch name
+      run: echo 'The branch name is' $BRANCH_NAME
+
+    - name: Use Node.js ${{ matrix.node-version }}
+      uses: actions/setup-node@v1
+      with:
+        node-version: ${{ matrix.node-version }}
+    - run: npm ci
+    # test code
+    - run: npm run standard
+    - run: npm run validate
+    - run: npm run nyc
+    # Test global install of the package
+    - run: npm pack .
+    - run: npm install -g solid-server-*.tgz
+    # Run the Solid test-suite
+    - run: bash test/surface/run-solid-test-suite.sh $BRANCH_NAME

package/.nvmrc

@@ -0,0 +1 @@
+13.14.0

package/.snyk

@@ -0,0 +1,35 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.12.0
+# ignores vulnerabilities until expiry date; change duration by modifying expiry date
+ignore:
+  'npm:braces:20180219':
+    - http-proxy-middleware > micromatch > braces:
+        reason: None given
+        expires: '2018-09-11T01:52:14.022Z'
+  'npm:node-forge:20180226':
+    - node-forge:
+        reason: None given
+        expires: '2018-09-11T01:52:14.022Z'
+    - webid > node-forge:
+        reason: None given
+        expires: '2018-09-11T01:52:14.023Z'
+  'npm:base64url:20180511':
+    - rdflib > solid-auth-client > @trust/oidc-rp > base64url:
+        reason: None given
+        expires: '2018-09-11T01:52:14.023Z'
+    - rdflib > solid-auth-client > @trust/oidc-rp > @trust/webcrypto > base64url:
+        reason: None given
+        expires: '2018-09-11T01:52:14.023Z'
+    - oidc-auth-manager > rdflib > solid-auth-client > @trust/oidc-rp > base64url:
+        reason: None given
+        expires: '2018-09-11T01:52:14.023Z'
+    - oidc-auth-manager > rdflib > solid-auth-client > @trust/oidc-rp > @trust/webcrypto > base64url:
+        reason: None given
+        expires: '2018-09-11T01:52:14.023Z'
+    - solid-auth-client@2.1.0 > @trust/oidc-rp@0.4.3 > base64url@2.0.0:
+        reason: None given
+        expires: '2018-09-11T01:52:14.023Z'
+    - solid-auth-client@2.1.0 > @trust/oidc-rp@0.4.3 > @trust/webcrypto@0.4.0 > base64url@2.0.0:
+        reason: None given
+        expires: '2018-09-11T01:52:14.023Z'
+patch: {}

package/.well-known/.acl

@@ -0,0 +1,15 @@
+# ACL for the default .well-known/ resource
+# Server operators will be able to override it as they wish
+# Public-readable
+
+@prefix acl: <http://www.w3.org/ns/auth/acl#>.
+@prefix foaf: <http://xmlns.com/foaf/0.1/>.
+
+<#public>
+    a acl:Authorization;
+
+    acl:agentClass foaf:Agent;  # everyone
+
+    acl:accessTo </.well-known/>;
+
+    acl:mode acl:Read.

package/CHANGELOG.md

@@ -0,0 +1,198 @@
+# History
+## 5.3.0
+- Support for webid-oidc with DPop tokens
+
+## 5.3.0 Upgrade Notes
+You may have a `.db/oidc/op/provider.json` file that was generated by an older version
+of node-solid-server, which may still specify `"response_types_supported"` without listing
+`"id_token code"`. You can move this file out of the way and restart node-solid-server,
+it will be created again. See https://github.com/solid/node-solid-server/issues/1433 for
+more info.
+
+## 5.0.0
+
+- Node versions greater than 8 are supported.
+- Changes to vocabulary use:
+    - `solid:inbox` is deprecated in favour of `ldp:inbox`.
+    - `acl:defaultForNew` is deprecated in favour of `acl:default`.
+- Terms of Service may be added and enforced for new registrations,
+  but is disabled by default.    	
+- DELETE operations on a resource now require that the user has write permissions on
+  the file's container
+- Improved support for logout ensures users can use different
+  identities.
+- The profile container is now public readable by default.
+- Access Control: 
+    - The Access Control List system has undergone extensive
+      changes. Security has been tightened, and some unsafe practices that
+      where web apps was authorized access in the past are now not
+      permitted. 
+    - The browser-reported `Origin` header will now be checked by
+      default, and the ACL system can be used to restrict access
+      to applications for added security.
+    - Users can add `trustedApp` entries to their profile using a new databrowser pane.
+      You will see an 'A' icon added while you view a Person's profile URL
+      with the data browser (might have to hit refresh in your browser and make sure you
+      are viewing a WebId URL like https://localhost:8443/profile/card#me).
+- Logging is now verbose by default so the `-v` option has been
+  removed and a `--quiet` option has been added to mute the log.
+- To be bug compliant with 4.x releases, if a rule for public readable
+  root / does not exist, it will check in /index.html.acl (see issue #1063)
+- Command line options are now kebab-cased rather than camelCased,
+  config options may be both.
+- Resource with no extension now have '$.ttl' appended in the filename (see upgrades notes below).
+- Many smaller fixes.
+
+#### 5.0.0 Upgrade Notes
+
+- As of v5.0.0, all Turtle files need an extension. (**Intervention needed when updating from < 5.0.0!**)
+    - **How to upgrade?**
+        1. Stop the server.
+        2. Update node-solid-server to 5.0.0.
+        3. Make a backup of your `data/` and `config/` folders.
+        4. Invoke `solid migrate-legacy-resources -v`.
+           This makes the files in your `data/` and `config/` folders
+           automatically compatible with the new system.
+           You only need to do this once.
+           Different data folders can be migrated as well with the `-p` option:
+           `solid migrate-legacy-resources -p my/custom/data/folder -v`
+        5. You can now start the server again as usual.
+    - **Why?**
+    Before version 5.0.0, `https://pod.example/profile/card`
+    would map to `file:///solid/profile/card`, with the _assumption_
+    that it uses content-type `text/turtle`.
+    Now, this URL will map to `file:///solid/profile/card$.ttl` instead,
+    which makes the content-type automatically detectable.
+    This fixes many of the old Content-Type-related bugs.
+    _More information: https://www.w3.org/DesignIssues/HTTPFilenameMapping.html_
+
+## 4.4.0
+
+- Introduce a quota system. Delete the /settings/serverSide.ttl in the
+  user's POD to disable, or edit to fit your resource constraints.
+
+#### Changelog is incomplete for much of the 4.x series
+
+## 4.1.0
+
+- Add support for Group Access Control Lists.
+- Fix `Vary` header.
+- Improve the registration page.
+- Fix globbing.
+- Fix the use of allow handler.
+- Misc. cleanups and improvements.
+- Add .well-known folder and set up with public access.
+
+## 4.0.0
+- OIDC is now supported as authentication method in addition to WebID-TLS.
+- Both Node.js 6 and 8 are now supported.
+- The server now accepts N3 patches.
+- Responses now contain a WAC-Allow header, listing the access permissions
+  for the current user and non-authenticated users.
+- The `authProxy` configuration parameter has been added,
+  enabling back-end servers to serve authenticated content.
+  It accepts an object of path/server pairs
+  (such as `/my/path": "http://localhost:2345/app"`).
+  The Solid server acts as a reverse proxy for these paths, forwarding requests
+  to the back-end server along with the authenticated user (`User` header)
+  and the host through which Solid is being accessed (`Forwarded` header).
+- The `acceptCertificateHeader` configuration parameter has been added.
+  This allows WebID-TLS authentication behind a reverse proxy such as NGINX:
+  the reverse proxy should be configured to pass the client certificate
+  in a certain header, which is then read by a (non-public) Solid server.
+- Self-signed certificates are no longer trusted in production.
+  To allow self-signed certificates (for testing purposes), use `bin/solid-test`,
+  which sets `NODE_TLS_REJECT_UNAUTHORIZED=0` and `--no-reject-unauthorized`.
+- On POST requests, an extension will be appended to the file.
+- Server logging is now more concise.
+- Express server injection is now supported
+- The root route (e.g. `/`) now displays a public home page.
+- Several other bugfixes
+
+#### 4.0.0 Upgrade Notes
+- The `proxy` configuration parameter has been deprecated and
+  renamed to `corsProxy` to better distinguish it from `authProxy`.
+- The `idp` configuration parameter has been deprecated and
+  renamed to `multiuser` to better identify its purpose.
+- Cross-domain cookie-based authentication has been removed for security reasons.
+  We instead recommend https://github.com/solid/solid-auth-client.
+- Clients should not include an extension in the slug of POST requests
+  (they never should have), as the server now adds an extension.
+
+## 3.5.0
+
+- Major refactoring of Account Creation classes (new account resources are now
+  initialized from a customizable account directory template)
+- Disable crashing `verifyDelegator()` code in `allow()` handler
+- Add support for HTTP COPY of external resources
+- Fix URI encoding in file listing and decoding to get file names
+- Fix issue where requesting a different format (e.g. `text/turtle`) of a
+  JSON-LD resource crashed the server
+
+#### 3.5.0 Upgrade Notes
+
+- New config parameter: `serverUri` - Solid server uri (with protocol,
+  hostname and port), defaults to `https://localhost:8443`. In multi-user
+  (`"idp": true`) mode, new account directories are now created based on this
+  `serverUri` parameter. For example, if the `config.json` contains the entry
+  `"serverUri": "https://example.com"`, a new account for `alice` will create
+  a subdirectory `alice.example.com` in the directory specified by the `root`
+  config parameter.
+- New account template system. On first server startup, the contents of the
+  `default-account-template` source folder get copied to `config/account-template`.
+  When a new account is created, a copy is made of that new account template
+  directory for the user. Server operators can customize the contents of this
+  new account template for their server installation.
+- Email template system. Similarly to the new account template, the Welcome
+  email that gets sent out on new user registration is generated from the
+  customizable local `config/email-templates/welcome.js` template file, which
+  gets copied from `default-email-templates` source folder on first startup.
+
+## 3.4.0
+
+- Fix handling/url-encoding of container names
+- Allow video skip with Accept-Ranges
+- In a directory listing, add the media type class when we know it
+- Add the trailing slash on the URI of a folder listed within a folder
+
+## 3.3.0
+
+- Refactor acl checker to use solid-permissions lib
+- Various DataBrowser fixes, dataBrowserOption option to specify path of db file
+
+## 3.2.0
+
+- Refactor to use external solid-namespace library
+- Move debrack() to utils.js, remove unused vocab/rdf.js functions
+- Switch from node-mime to mime-types lib
+- Refactor acl.js to prep for external solid-permissions lib
+- Fix crash on PATCH request with no Content-Type
+
+## 3.1.0
+
+- Misc fixes and features (see commit log)
+- Implemented COPY verb
+
+## 3.0.0
+- feat Discover WebID from root account https://github.com/solid/node-solid-server/pull/371
+- feat: Server capabilities https://github.com/solid/node-solid-server/pull/365
+- feat: pass app in createServer https://github.com/solid/node-solid-server/pull/357
+- breaking: Accounts API https://github.com/solid/node-solid-server/pull/339
+
+## 2.3.0
+- feat: added Capability discovery https://github.com/solid/node-solid-server/pull/347
+
+## 2.2.0
+- feat: added `--auth` https://github.com/solid/node-solid-server/pull/346
+
+## 2.1.0
+- patch: Proxy https://github.com/solid/node-solid-server/pull/343 https://github.com/solid/node-solid-server/pull/342
+- feat: added Account Recovery
+- feat: added Token Service
+- feat: added ldp.graph
+
+## 2.0.0
+
+- feat: added Welcome Email
+- feat: added Email Service
+- other: `ldnode` turns into `solid-server`

package/CONTRIBUTING.md

@@ -0,0 +1,139 @@
+# CONTRIBUTING
+
+The MIT Linked Data group and the `solid` project welcomes new contributors. This document will guide you
+through the process.
+
+### Step 1: FORK
+
+Fork the project [on GitHub](https://github.com/solid/node-solid-server) and check out
+your copy.
+
+```sh
+$ git clone git@github.com:your_username/node-solid-server.git
+$ cd node-solid-server
+$ git remote add upstream git://github.com/solid/node-solid-server.git
+$ npm install
+```
+
+
+### Step 2: BRANCH
+
+Create a feature branch and start hacking:
+
+```sh
+$ git checkout -b my-feature-branch -t origin/master
+```
+
+
+### Step 3: COMMIT
+
+Make sure git knows your name and email address:
+
+```sh
+$ git config --global user.name "J. Random User"
+$ git config --global user.email "j.random.user@example.com"
+```
+
+Writing good commit logs is important.  A commit log should describe what
+changed and why.  Follow these guidelines when writing one:
+
+1. The first line should be 50 characters or less and contain a short
+   description of the change prefixed with the name of the changed
+   subsystem (e.g. "net: add localAddress and localPort to Socket").
+2. Keep the second line blank.
+3. Wrap all other lines at 72 columns.
+
+A good commit log looks like this:
+
+```
+subsystem: explaining the commit in one line
+
+Body of commit message is a few lines of text, explaining things
+in more detail, possibly giving some background about the issue
+being fixed, etc etc.
+
+The body of the commit message can be several paragraphs, and
+please do proper word-wrap and keep columns shorter than about
+72 characters or so. That way `git log` will show things
+nicely even when it is indented.
+```
+
+The header line should be meaningful; it is what other people see when they
+run `git shortlog` or `git log --oneline`.
+
+Check the output of `git log --oneline files_that_you_changed` to find out
+what subsystem (or subsystems) your changes touch.
+
+
+### Step 4: REBASE
+
+Use `git rebase` (not `git merge`) to sync your work from time to time.
+
+```sh
+$ git fetch upstream
+$ git rebase upstream/master
+```
+
+
+### Step 5: TEST
+
+Bug fixes and features should come with tests.  Add your tests in the
+`test/` directory.  Look at other tests to see how they should be
+structured (license boilerplate, common includes, etc.).
+
+```sh
+$ npm test
+```
+
+Makeall tests pass.  Please, do not submit patches that fail either check.
+
+
+### Step 6: PUSH
+
+```sh
+$ git push origin my-feature-branch
+```
+
+Go to https://github.com/username/node-solid-server and select your feature branch.  Click
+the 'Pull Request' button and fill out the form.
+
+Pull requests are usually reviewed within a few days.  If there are comments
+to address, apply your changes in a separate commit and push that to your
+feature branch.  Post a comment in the pull request afterwards; GitHub does
+not send out notifications when you add commits.
+
+### Step 7: PUBLISH
+
+If you have permission access, we reccomend using:
+
+```bash
+$ npm version patch && npm publish && git push --follow-tags
+```
+
+## Using HUB
+
+[hub](https://hub.github.com/) is a tool released by Github to help developers to use their website from command line.
+
+The described guidelines can be resumed as following:
+
+```bash
+$ git clone https://github.com/solid/node-solid-server
+$ cd node-solid-server
+
+# to fork the repository
+$ hub fork
+
+# to fork the repository
+$ git checkout -b feature-branch
+
+# after committing your changes, push to your repo
+$ git push your_username feature-branch
+
+# start a PR
+$ hub pull-request
+```
+
+This document is forked from [joyent/node](https://github.com/joyent/node/blob/master/CONTRIBUTING.md)
+
+
+[issue tracker]: https://github.com/solid/node-solid-server/issues

package/CONTRIBUTORS.md

@@ -0,0 +1,36 @@
+# Contributors to the solid-server npm module
+
+The Solid community wants to acknowledge the hard work and dedication put in by many people, several of whom are listed below.
+
+Please [let us know](https://github.com/solid/node-solid-server/edit/master/CONTRIBUTORS.md) if anyone is missing from this list, or if you wish to add yourself.
+
+## Project lead
+- [Tim Berners-Lee](https://www.w3.org/People/Berners-Lee/)
+
+## Current code contributors
+People with significant code contributions over the past couple of months, in alphabetical order:
+
+- [Arne Hassel](http://icanhasweb.net/)
+- [Kjetil Kjernsmo](http://kjetil.kjernsmo.net/)
+- [Ruben Taelman](https://www.rubensworks.net/)
+
+## Previous code contributors
+People with significant code contributions further in the past, in alphabetical order:
+
+- [Nicola Greco](https://nicola.io/)
+- [Martin Martinez Rivera](https://github.com/martinmr)
+- [Andrei Sambra](https://deiu.me/)
+- [Ruben Verborgh](https://ruben.verborgh.org/)
+- [Dmitri Zagidulin](http://computingjoy.com/)
+
+## Project contributors
+People who have significantly contributed to issues, testing, and/or discussions, in alphabetical order:
+- [Justin Bingham](https://github.com/justinwb)
+- [Sarven Capadisli](http://csarven.ca/)
+- [Melvin Carvalho](https://melvincarvalho.com/)
+- [Amy Guy](https://rhiaro.co.uk/)
+- [Kingsley Idehen](https://github.com/kidehen)
+
+## Community contributors
+Thanks to everyone who has tried solid-server, discussed about it, created issues and/or pull requests.
+Your input is necessary to help Solid grow!

package/Dockerfile

@@ -0,0 +1,22 @@
+FROM node:lts
+
+# build
+RUN mkdir -p /usr/src/app
+WORKDIR /usr/src/app
+COPY package.json /usr/src/app/
+RUN npm install
+COPY . /usr/src/app
+
+# start
+EXPOSE 8443
+COPY config.json-default config.json
+RUN openssl req \
+    -new \
+    -newkey rsa:4096 \
+    -days 365 \
+    -nodes \
+    -x509 \
+    -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=www.example.com" \
+    -keyout privkey.pem \
+    -out fullchain.pem
+CMD npm run solid start

package/LICENSE.md

@@ -0,0 +1,23 @@
+The MIT License (MIT)
+
+Copyright © 2014–present Arne Hassel, Nicola Greco, Kjetil Kjernsmo,
+Martin Martinez Rivera, Andrei Sambra, Ruben Taelman, Ruben Verborgh,
+and Dmitri Zagidulin
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+