From 957b78fafd9faec303801974d3332e772ff435e0 Mon Sep 17 00:00:00 2001 From: alam00000 Date: Sun, 1 Mar 2026 21:29:13 +0530 Subject: [PATCH] fix: revert cropperjs dependency to version 1.6.2 and adjust Docker build commands for CORS proxy secrets --- Dockerfile | 11 ++- Dockerfile.nonroot | 11 ++- README.md | 13 +++- docs/self-hosting/cloudflare.md | 9 +++ docs/self-hosting/cors-proxy.md | 5 +- package-lock.json | 134 ++------------------------------ package.json | 2 +- 7 files changed, 40 insertions(+), 145 deletions(-) diff --git a/Dockerfile b/Dockerfile index ffa9898..12520e5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -47,14 +47,13 @@ ENV VITE_BRAND_NAME=$VITE_BRAND_NAME ENV VITE_BRAND_LOGO=$VITE_BRAND_LOGO ENV VITE_FOOTER_TEXT=$VITE_FOOTER_TEXT -ARG VITE_CORS_PROXY_URL -ARG VITE_CORS_PROXY_SECRET -ENV VITE_CORS_PROXY_URL=$VITE_CORS_PROXY_URL -ENV VITE_CORS_PROXY_SECRET=$VITE_CORS_PROXY_SECRET - ENV NODE_OPTIONS="--max-old-space-size=3072" -RUN npm run build:with-docs +RUN --mount=type=secret,id=VITE_CORS_PROXY_URL \ + --mount=type=secret,id=VITE_CORS_PROXY_SECRET \ + VITE_CORS_PROXY_URL=$(cat /run/secrets/VITE_CORS_PROXY_URL 2>/dev/null || echo "") \ + VITE_CORS_PROXY_SECRET=$(cat /run/secrets/VITE_CORS_PROXY_SECRET 2>/dev/null || echo "") \ + npm run build:with-docs # Production stage FROM quay.io/nginx/nginx-unprivileged:stable-alpine-slim diff --git a/Dockerfile.nonroot b/Dockerfile.nonroot index 43ef744..dc1e1a8 100644 --- a/Dockerfile.nonroot +++ b/Dockerfile.nonroot @@ -44,14 +44,13 @@ ENV VITE_BRAND_NAME=$VITE_BRAND_NAME ENV VITE_BRAND_LOGO=$VITE_BRAND_LOGO ENV VITE_FOOTER_TEXT=$VITE_FOOTER_TEXT -ARG VITE_CORS_PROXY_URL -ARG VITE_CORS_PROXY_SECRET -ENV VITE_CORS_PROXY_URL=$VITE_CORS_PROXY_URL -ENV VITE_CORS_PROXY_SECRET=$VITE_CORS_PROXY_SECRET - ENV NODE_OPTIONS="--max-old-space-size=3072" -RUN npm run build:with-docs +RUN --mount=type=secret,id=VITE_CORS_PROXY_URL \ + --mount=type=secret,id=VITE_CORS_PROXY_SECRET \ + VITE_CORS_PROXY_URL=$(cat /run/secrets/VITE_CORS_PROXY_URL 2>/dev/null || echo "") \ + VITE_CORS_PROXY_SECRET=$(cat /run/secrets/VITE_CORS_PROXY_SECRET 2>/dev/null || echo "") \ + npm run build:with-docs # Production stage — uses standard nginx (starts as root, drops to PUID/PGID) FROM nginx:stable-alpine-slim diff --git a/README.md b/README.md index 4dd1787..5a7ba3b 100644 --- a/README.md +++ b/README.md @@ -873,7 +873,10 @@ The **Digital Signature** tool uses a signing library that may need to fetch cer ``` Or with Docker: ```bash - docker build --build-arg VITE_CORS_PROXY_URL="https://your-worker-url.workers.dev" -t your-bentopdf . + export VITE_CORS_PROXY_URL="https://your-worker-url.workers.dev" + DOCKER_BUILDKIT=1 docker build \ + --secret id=VITE_CORS_PROXY_URL,env=VITE_CORS_PROXY_URL \ + -t your-bentopdf . ``` #### Production Security Features @@ -927,6 +930,14 @@ npx wrangler secret put PROXY_SECRET # Set in build environment VITE_CORS_PROXY_SECRET=your-secret npm run build + +# Or with Docker (optional; URL secret also shown for completeness) +export VITE_CORS_PROXY_URL="https://your-worker-url.workers.dev" +export VITE_CORS_PROXY_SECRET="your-secret" +DOCKER_BUILDKIT=1 docker build \ + --secret id=VITE_CORS_PROXY_URL,env=VITE_CORS_PROXY_URL \ + --secret id=VITE_CORS_PROXY_SECRET,env=VITE_CORS_PROXY_SECRET \ + -t your-bentopdf . ``` ### 📦 Version Management diff --git a/docs/self-hosting/cloudflare.md b/docs/self-hosting/cloudflare.md index 3f9ca7b..c2258c7 100644 --- a/docs/self-hosting/cloudflare.md +++ b/docs/self-hosting/cloudflare.md @@ -142,4 +142,13 @@ npx wrangler deploy VITE_CORS_PROXY_URL=https://your-worker.workers.dev npm run build ``` +Or with Docker: + +```bash +export VITE_CORS_PROXY_URL="https://your-worker.workers.dev" +DOCKER_BUILDKIT=1 docker build \ + --secret id=VITE_CORS_PROXY_URL,env=VITE_CORS_PROXY_URL \ + -t your-bentopdf . +``` + > **Note:** See [README](https://github.com/alam00000/bentopdf#digital-signature-cors-proxy-required) for HMAC signature setup. diff --git a/docs/self-hosting/cors-proxy.md b/docs/self-hosting/cors-proxy.md index 092c6d8..210f3fd 100644 --- a/docs/self-hosting/cors-proxy.md +++ b/docs/self-hosting/cors-proxy.md @@ -64,8 +64,9 @@ If you're self-hosting BentoPDF, you'll need to deploy your own CORS proxy for d If using Docker: ```bash - docker build \ - --build-arg VITE_CORS_PROXY_URL="https://your-worker.workers.dev" \ + export VITE_CORS_PROXY_URL="https://your-worker.workers.dev" + DOCKER_BUILDKIT=1 docker build \ + --secret id=VITE_CORS_PROXY_URL,env=VITE_CORS_PROXY_URL \ -t your-bentopdf . ``` diff --git a/package-lock.json b/package-lock.json index f36a34b..53e966e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -29,7 +29,7 @@ "archiver": "^7.0.1", "blob-stream": "^0.1.3", "bwip-js": "^4.8.0", - "cropperjs": "^2.1.0", + "cropperjs": "^1.6.2", "embedpdf-snippet": "file:vendor/embedpdf/embedpdf-snippet-2.3.0.tgz", "heic2any": "^0.0.4", "highlight.js": "^11.11.1", @@ -559,126 +559,6 @@ "integrity": "sha512-4mudFAQ6H+MqBTfqLmU7G1ZwRzCLfJEooL/fsF6rCX5eePMbGhoy5n4g+G4vlh2muDcsCTJtL+uKbOzWxs5LHA==", "license": "Apache-2.0" }, - "node_modules/@cropper/element": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/element/-/element-2.1.0.tgz", - "integrity": "sha512-2zELddqHQNmlvkPoiYzE5nxEjPE+C8nXoTPuvV3FvLp3YjBinc7qb73Icg9UXP0o9qC4+h9q96JgGo0AyMO/Ng==", - "license": "MIT", - "dependencies": { - "@cropper/utils": "^2.1.0" - } - }, - "node_modules/@cropper/element-canvas": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/element-canvas/-/element-canvas-2.1.0.tgz", - "integrity": "sha512-el+rfJpZxsD2q5XxDBA4fRczcrOqB65Lb7roqXOq8LKufwf4bPWA9C6DjNJJahh/TP94dsLIEy3tSkgRMDv3Aw==", - "license": "MIT", - "dependencies": { - "@cropper/element": "^2.1.0", - "@cropper/utils": "^2.1.0" - } - }, - "node_modules/@cropper/element-crosshair": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/element-crosshair/-/element-crosshair-2.1.0.tgz", - "integrity": "sha512-0V589dAx8uZAfvJwdINLn76gfPQEafPH94ukjJ76uX0FCUovLaAVX+VRD/MDSYn0Mza/xejzmL9Dhd1DfemvmA==", - "license": "MIT", - "dependencies": { - "@cropper/element": "^2.1.0", - "@cropper/utils": "^2.1.0" - } - }, - "node_modules/@cropper/element-grid": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/element-grid/-/element-grid-2.1.0.tgz", - "integrity": "sha512-dEnk0rO+vp553LMvsPYgfrqVFcYXeVFrgFeavBYYEhAXtO40p7kN4rmLYLMMjaN+T/Mx2BATv6kUQpALKy2HLw==", - "license": "MIT", - "dependencies": { - "@cropper/element": "^2.1.0", - "@cropper/utils": "^2.1.0" - } - }, - "node_modules/@cropper/element-handle": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/element-handle/-/element-handle-2.1.0.tgz", - "integrity": "sha512-8BklWA4C/2GGAULupIWleSnGutECvYt3vx9flodqDfZpDEozws4LgLqmmzVuQmVkRVUdLnXdtx28kjgWLtzkHg==", - "license": "MIT", - "dependencies": { - "@cropper/element": "^2.1.0", - "@cropper/utils": "^2.1.0" - } - }, - "node_modules/@cropper/element-image": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/element-image/-/element-image-2.1.0.tgz", - "integrity": "sha512-mXOV8ixJvG0XtTxLebYAKDjEkFbFOQnsF02hXPZk1yQSV0J+LLhN7a2NePrtKnoTsEV19fhhX3UorMoyGGxvzg==", - "license": "MIT", - "dependencies": { - "@cropper/element": "^2.1.0", - "@cropper/element-canvas": "^2.1.0", - "@cropper/utils": "^2.1.0" - } - }, - "node_modules/@cropper/element-selection": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/element-selection/-/element-selection-2.1.0.tgz", - "integrity": "sha512-mtFtBl6HIa/s9TWohXw+Z5eJoeYTqylrIcHvS7oVv0uM7IyeRwBW65Q7z+KtLfq/LW+2Sw/XDyvR+VN/DawBPw==", - "license": "MIT", - "dependencies": { - "@cropper/element": "^2.1.0", - "@cropper/element-canvas": "^2.1.0", - "@cropper/element-image": "^2.1.0", - "@cropper/utils": "^2.1.0" - } - }, - "node_modules/@cropper/element-shade": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/element-shade/-/element-shade-2.1.0.tgz", - "integrity": "sha512-zMdyqbb0lc0Vd1oj2Z1miIZvhyZG41OXMHvrNt0hNwblh0dVdrvtw48lnFDgRv+672vt2CNx7Q04GuvCQfPlgg==", - "license": "MIT", - "dependencies": { - "@cropper/element": "^2.1.0", - "@cropper/element-canvas": "^2.1.0", - "@cropper/element-selection": "^2.1.0", - "@cropper/utils": "^2.1.0" - } - }, - "node_modules/@cropper/element-viewer": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/element-viewer/-/element-viewer-2.1.0.tgz", - "integrity": "sha512-XnxlQuqHitd1FOFZ6E0yXAF5NYd/LyIvONLLHI9p1rJw747WYKUPxQaSYtFKF7IOizJu/8mMj++Zc1dZ5ZP3YQ==", - "license": "MIT", - "dependencies": { - "@cropper/element": "^2.1.0", - "@cropper/element-canvas": "^2.1.0", - "@cropper/element-image": "^2.1.0", - "@cropper/element-selection": "^2.1.0", - "@cropper/utils": "^2.1.0" - } - }, - "node_modules/@cropper/elements": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/elements/-/elements-2.1.0.tgz", - "integrity": "sha512-qvzlYDn3VQgPPpsCu6Gi1XUO0v3vpXQFSjjxcVijbXeNsl/eiKrN7H9/CEiRgi5vr8kXfd7ZvgYxBjUBbH+y+w==", - "license": "MIT", - "dependencies": { - "@cropper/element": "^2.1.0", - "@cropper/element-canvas": "^2.1.0", - "@cropper/element-crosshair": "^2.1.0", - "@cropper/element-grid": "^2.1.0", - "@cropper/element-handle": "^2.1.0", - "@cropper/element-image": "^2.1.0", - "@cropper/element-selection": "^2.1.0", - "@cropper/element-shade": "^2.1.0", - "@cropper/element-viewer": "^2.1.0" - } - }, - "node_modules/@cropper/utils": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@cropper/utils/-/utils-2.1.0.tgz", - "integrity": "sha512-wLtpZ4/UWgo+fGmG8NBWge8x5ehjfDe9ovleDfLy8kpwFaw43XXOEXQtRL1UNr0u4JZxaeO8FcXcolRWUUrlRQ==", - "license": "MIT" - }, "node_modules/@csstools/color-helpers": { "version": "6.0.2", "resolved": "https://registry.npmjs.org/@csstools/color-helpers/-/color-helpers-6.0.2.tgz", @@ -5705,14 +5585,10 @@ "license": "MIT" }, "node_modules/cropperjs": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/cropperjs/-/cropperjs-2.1.0.tgz", - "integrity": "sha512-SsSDqdVRl+mjbIBkGWlk1gCGcc+HzBqCbH5EQ+1tkAFUdxq2KUGukXF1RqhmvXrrdrX7PDwSUkWgXS7E36KvGQ==", - "license": "MIT", - "dependencies": { - "@cropper/elements": "^2.1.0", - "@cropper/utils": "^2.1.0" - } + "version": "1.6.2", + "resolved": "https://registry.npmjs.org/cropperjs/-/cropperjs-1.6.2.tgz", + "integrity": "sha512-nhymn9GdnV3CqiEHJVai54TULFAE3VshJTXSqSJKa8yXAKyBKDWdhHarnlIPrshJ0WMFTGuFvG02YjLXfPiuOA==", + "license": "MIT" }, "node_modules/cross-fetch": { "version": "4.0.0", diff --git a/package.json b/package.json index 61eb38b..c0a3596 100644 --- a/package.json +++ b/package.json @@ -85,7 +85,7 @@ "archiver": "^7.0.1", "blob-stream": "^0.1.3", "bwip-js": "^4.8.0", - "cropperjs": "^2.1.0", + "cropperjs": "^1.6.2", "embedpdf-snippet": "file:vendor/embedpdf/embedpdf-snippet-2.3.0.tgz", "heic2any": "^0.0.4", "highlight.js": "^11.11.1",