fix: package.json & package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-NODEMAILER-6219989

.editorconfig

@@ -1,15 +0,0 @@
-# EditorConfig is awesome: https://EditorConfig.org
-
-# top-most EditorConfig file
-root = true
-
-[*]
-indent_style = space
-indent_size = 2
-end_of_line = lf
-charset = utf-8
-trim_trailing_whitespace = false
-insert_final_newline = false
-
-[pug.ts]
-indent_size = 4

.eslintrc.json

@@ -1,3 +0,0 @@
-{
-  "extends": ["prettier"]
-}

.gitignore

@@ -201,5 +201,3 @@ notes
 public/stylesheets/style.css
 ngrok
 .dccache
-
-.DS_store

.husky/.gitignore

@@ -1 +0,0 @@
-_

.husky/pre-commit

@@ -1,4 +0,0 @@
-#!/bin/sh
-. "$(dirname "$0")/_/husky.sh"
-
-npx lint-staged

.prettierrc.json

@@ -1,8 +0,0 @@
-{
-  "trailingComma": "es5",
-  "semi": true,
-  "tabWidth": 2,
-  "singleQuote": true,
-  "jsxSingleQuote": true,
-  "plugins": ["prettier-plugin-tailwindcss"]
-}

app.js

@@ -4,7 +4,7 @@ var path = require('path');
 var cookieParser = require('cookie-parser');
 var mLogger = require('morgan');
 var logger = require('./config/winston');
-const helmet = require('helmet');
+const helmet = require("helmet");
 
 var indexRouter = require('./routes/index');
 var aboutRouter = require('./routes/about');
@@ -12,8 +12,7 @@ var contactRouter = require('./routes/contact');
 
 var app = express();
 
-if (process.env.IS_DOCKER != 'true')
-  app.set('trust proxy', 'loopback,uniquelocal');
+if (process.env.IS_DOCKER != 'true') app.set('trust proxy', 'loopback,uniquelocal');
 app.disable('x-powered-by');
 
 // view engine setup
@@ -21,72 +20,50 @@ app.set('views', path.join(__dirname, 'views'));
 app.set('view engine', 'pug');
 
 if (process.env.NODE_ENV === 'production') {
-  app.use(mLogger('common', { stream: logger.stream }));
+    app.use(mLogger("common", { "stream": logger.stream }));
 } else {
-  app.use(mLogger('dev'));
+    app.use(mLogger('dev'));
 }
 
 app.use(helmet());
 app.use(
-  helmet.contentSecurityPolicy({
-    directives: {
-      defaultSrc: ["'self'"],
-      scriptSrc: [
-        "'self'",
-        "'unsafe-inline'",
-        "'unsafe-eval'",
-        'https://hcaptcha.com',
-        'https://*.hcaptcha.com',
-        'https://cdn.ravenjs.com/',
-        'https://cdnjs.cloudflare.com/',
-        'https://cdn.jsdelivr.net/',
-        'https://*.cloudfront.net/',
-      ],
-      imgSrc: [
-        "'self'",
-        'https://blog.pastel.codes',
-        'https://static.ghost.org',
-        'https://secure.gravatar.com',
-        'data: ',
-      ],
-      styleSrc: [
-        "'self'",
-        "'unsafe-inline'",
-        'https://hcaptcha.com',
-        'https://*.hcaptcha.com',
-      ],
-      fontSrc: ["'self'", 'data:'],
-      frameSrc: ['https://hcaptcha.com', 'https://*.hcaptcha.com'],
-      objectSrc: ["'none'"],
-      upgradeInsecureRequests: [],
-    },
-  })
-);
+    helmet.contentSecurityPolicy({
+      directives: {
+        defaultSrc: ["'self'"],
+        scriptSrc: ["'self'", "'unsafe-inline'", "'unsafe-eval'", "https://hcaptcha.com", "https://*.hcaptcha.com", "https://cdn.ravenjs.com/"],
+        imgSrc: ["'self'", "https://blog.pastel.codes", "https://static.ghost.org", "https://secure.gravatar.com"],
+        styleSrc: ["'self'", "'unsafe-inline'", "https://hcaptcha.com", "https://*.hcaptcha.com"],
+        fontSrc: ["'self'", "data:"],
+        frameSrc: ["https://hcaptcha.com", "https://*.hcaptcha.com"],
+        objectSrc: ["'none'"],
+        upgradeInsecureRequests: [],
+      },
+    })
+  );
 
 app.use(express.json());
 app.use(express.urlencoded({ extended: false }));
 app.use(cookieParser());
 app.use(express.static(path.join(__dirname, 'public')));
-app.use('/obsidian', express.static(path.join(__dirname, 'obsidian')));
 
 app.use('/', indexRouter);
 app.use('/about', aboutRouter);
 app.use('/contact', contactRouter);
 
 // catch 404 and forward to error handler
-app.use(function (req, res, next) {
-  next(createError(404));
+app.use(function(req, res, next) {
+    next(createError(404));
 });
 
 // error handler
-app.use(function (err, req, res, _next) {
-  // set locals, only providing error in development
-  res.locals.message = err.message;
-  res.locals.error = req.app.get('env') === 'development' ? err : {};
+app.use(function(err, req, res, next) {
+    // set locals, only providing error in development
+    res.locals.message = err.message;
+    res.locals.error = req.app.get('env') === 'development' ? err : {};
 
-  // render the error page
-  res.status(err.status || 500);
-  res.render('error', { title: 'Error', description: 'Error' });
+    // render the error page
+    res.status(err.status || 500);
+    res.render('error', { title: 'Error', description: "Error" });
 });
 
 module.exports = app;

bin/www

@@ -35,19 +35,19 @@ server.on('listening', onListening);
  */
 
 function normalizePort(val) {
-  var port = parseInt(val, 10);
+    var port = parseInt(val, 10);
 
-  if (isNaN(port)) {
-    // named pipe
-    return val;
-  }
+    if (isNaN(port)) {
+        // named pipe
+        return val;
+    }
 
-  if (port >= 0) {
-    // port number
-    return port;
-  }
+    if (port >= 0) {
+        // port number
+        return port;
+    }
 
-  return false;
+    return false;
 }
 
 /**
@@ -55,25 +55,27 @@ function normalizePort(val) {
  */
 
 function onError(error) {
-  if (error.syscall !== 'listen') {
-    throw error;
-  }
+    if (error.syscall !== 'listen') {
+        throw error;
+    }
 
-  var bind = typeof port === 'string' ? 'Pipe ' + port : 'Port ' + port;
+    var bind = typeof port === 'string'
+        ? 'Pipe ' + port
+        : 'Port ' + port;
 
-  // handle specific listen errors with friendly messages
-  switch (error.code) {
-    case 'EACCES':
-      console.error(bind + ' requires elevated privileges');
-      process.exit(1);
-      break;
-    case 'EADDRINUSE':
-      console.error(bind + ' is already in use');
-      process.exit(1);
-      break;
-    default:
-      throw error;
-  }
+    // handle specific listen errors with friendly messages
+    switch (error.code) {
+        case 'EACCES':
+            console.error(bind + ' requires elevated privileges');
+            process.exit(1);
+            break;
+        case 'EADDRINUSE':
+            console.error(bind + ' is already in use');
+            process.exit(1);
+            break;
+        default:
+            throw error;
+    }
 }
 
 /**
@@ -81,7 +83,9 @@ function onError(error) {
  */
 
 function onListening() {
-  var addr = server.address();
-  var bind = typeof addr === 'string' ? 'pipe ' + addr : 'port ' + addr.port;
-  debug('Listening on ' + bind);
+    var addr = server.address();
+    var bind = typeof addr === 'string'
+        ? 'pipe ' + addr
+        : 'port ' + addr.port;
+    debug('Listening on ' + bind);
 }

config/winston.js

@@ -2,29 +2,29 @@ var winston = require('winston');
 var appRoot = require('app-root-path');
 
 var logger = new winston.createLogger({
-  transports: [
-    new winston.transports.File({
-      level: 'info',
-      filename: `${appRoot}/logs/app.log`,
-      handleExceptions: true,
-      json: true,
-      maxsize: 5242880, //5MB
-      maxFiles: 5,
-      colorize: false,
-    }),
-    new winston.transports.Console({
-      level: 'debug',
-      handleExceptions: true,
-      json: false,
-      colorize: true,
-    }),
-  ],
-  exitOnError: false,
+    transports: [
+        new winston.transports.File({
+            level: 'info',
+            filename: `${appRoot}/logs/app.log`,
+            handleExceptions: true,
+            json: true,
+            maxsize: 5242880, //5MB
+            maxFiles: 5,
+            colorize: false
+        }),
+        new winston.transports.Console({
+            level: 'debug',
+            handleExceptions: true,
+            json: false,
+            colorize: true
+        })
+    ],
+    exitOnError: false
 });
 
 logger.stream = {
-  write: function (message, _encoding) {
-    logger.info(message);
-  },
+    write: function(message, encoding){
+        logger.info(message);
+    }
 };
-module.exports = logger;
+module.exports = logger

eslint.config.mjs

@@ -1,20 +0,0 @@
-import globals from 'globals';
-import pluginJs from '@eslint/js';
-
-export default [
-  { files: ['**/*.js'], languageOptions: { sourceType: 'commonjs' } },
-  { languageOptions: { globals: { ...globals.browser, ...globals.node } } },
-  pluginJs.configs.recommended,
-  {
-    rules: {
-      'no-unused-vars': [
-        'error',
-        {
-          argsIgnorePattern: '^_',
-          varsIgnorePattern: '^_',
-          caughtErrorsIgnorePattern: '^_',
-        },
-      ],
-    },
-  },
-];