Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    Stefan Bakić
    @sbakic_gitlab
    Just try to go to /libraries, try to edit site, set description to empty save it. It will save description as NULL (check nodes properties)
    Milochanzy
    @Milochanzy
    I'm trying to configure custom metadata field with "List" Constraint on Digital Workspace, but I dont see option to do so. How can I configure the dropdown on Digital Workspace?
    Milochanzy
    @Milochanzy

    I'm not able to install alfresco-content-app because of the Security Vulnerability (https://snyk.io/vuln/SNYK-JS-AJV-584908)

    "https://alfresco-content-app.netlify.app/#/getting-started/building-from-source"

    Any thought when is Alfresco looking to resolve this.

    Denys Vuika
    @DenysVuika
    @Milochanzy what do you mean "cannot install" ? those security checks give warnings, does it give build error for you?
    Milochanzy
    @Milochanzy

    @DenysVuika, thanks for responding.

    So before I try to install "alfresco-content-app", I need to get the dependency ajv-cli@3.1.0, when I try to get that within our firm, the security scan rejects it because "ajv-cli@3.1.0" uses json.schema.migrate@0.2.0 which in-turn depends on ajv@5.5.2 which has the vulnerability SNYK-JS-AJV-584908. Sorry for long explanation. But I can add more details if that helps.

    Denys Vuika
    @DenysVuika
    this lib is used to validate "app.config.json" correctness, I'm sure you can either upgrade to latest dependency yourself, or just remove it together with the checks in "package.json"
    We keep all the dependencies up-to-date, but with the NPM ecosystem it's quite common that some security issues are raised. Note that ajv is not used to build/run/deploy application to production (as it's the backend tooling), so there's no way it can be exploited in real life
    Milochanzy
    @Milochanzy
    I can remove ajv-cli@3.1.0? that would be great, at least get me moving! @DenysVuika
    Denys Vuika
    @DenysVuika
    Screenshot 2020-10-30 at 14.57.00.png
    You can either remove all "validate-config" calls, of replace the validate-config command value with something like "echo 'skipped'"
    I will check if there's a new version of ajv released so that we upgrade the libs
    Milochanzy
    @Milochanzy
    @DenysVuika, Thanks will give it a try and update. Much appreciate the suggestion!
    Denys Vuika
    @DenysVuika
    We don't do extension endpoints for login at this point. What features are you missing in the current one?
    Milochanzy
    @Milochanzy
    @DenysVuika , I worked out the suggestion of removing "validate-config" from package.json. I am through with that particular issues, thanks a million. There is however some additional feedback I'd like to share. Some of the dependent modules have Security vulneravilities. Especially the ones with Angular 7 (angular-devkit). I am using the v8 latest version. Hoping it works.
    Any plan for upgrading to v8?
    Denys Vuika
    @DenysVuika
    what do you mean by v8 ?
    ACA is using Angular 10
    If you are in the web dev for some time, you should know that those vulnerabilities appear daily, and it takes time for entire JavaScript ecosystem to reflect that.
    as soon as Google updates it's dependencies, we update them too. I suggest raising issues in the corresponding library repositories, or you can raise PRs for ACA to update the libs. But we have dependabot that is watching for libs and creates PRs anyway
    Milochanzy
    @Milochanzy

    Hi @DenysVuika, For example
    https://www.npmjs.com/package/@angular-devkit/build-ng-packagr

    Check the "versions", I am using the "v8-lts", this does not correspond to Angular 8?

    Denys Vuika
    @DenysVuika
    this is the latest list of dependencies, not sure what exactly you are talking about, sorry: https://github.com/Alfresco/alfresco-content-app/blob/develop/package.json
    Milochanzy
    @Milochanzy
    I agree on not blindly following Snyk, but Firm does :(
    @DenysVuika What is the production stable branch for ACA?
    I cloned master branch
    Denys Vuika
    @DenysVuika
    Yes, it's master
    As I've said, we have Dependabot watching libs, and Snyk watching each PR. If there's something that appeared since the master was released - it gets to the next version on develop branch.
    Or you can manually keep everything updated for your clone, it's a matter of running "npm audit" and "npm audit fix" I believe
    Milochanzy
    @Milochanzy
    I see that from last time I downloaded the source, there are some changes :|. Let get the latest. Thanks for pointing it out.
    I tried npm fix on stuff I could :)
    We have a private NPM repo, so it make it difficult to work with npm fic. But let me try with the latest master code!
    Milochanzy
    @Milochanzy

    @DenysVuika, Need to provide manual review for the following vulnerability

    https://npmjs.com/advisories/1179

    Suggestion?
    Denys Vuika
    @DenysVuika
    what do you mean by "manual review" ?
    Milochanzy
    @Milochanzy
    when I do a "npm audit fix" it's not able to resolve the minimist vulnerability.
    Path │ lite-server > minimist
    Denys Vuika
    @DenysVuika
    lite-server is used for e2e tests, not ending up in the application in any way. if you want to get audit happy, you will need to ask "lite-server" team to upgrade the minimist I think
    as I've said already, we have a bot that bumps all dependencies as they are released to NPM, if it's not in "develop", then it's not fixed yet by corresponding projects
    George Hernando
    @ghernando_gitlab
    The ACA PDFJS viewer in version 2.1.0 has a 'Fit' option. I'd like to be able to have a 'full height' or 'full width' capability (actually both). I'm not sure what it's doing now -- it looks like it may be viewing at 100%. Is there a way to configure the behavior?
    Milochanzy
    @Milochanzy
    @DenysVuika for sharing the info. I finally got the ACA up on my office machine.
    Will work to get it up on my laptop
    NihatOsman
    @NihatOsman

    Hello, I installed ACA and I have a Cors issue. I changed only my url in proxy.conf.js -no change in app.config.json. app.config.json
    ecmHost": "{protocol}//{hostname}{:port}", "aosHost": "{protocol}//{hostname}{:port}/alfresco/aos", "baseShareUrl": "{protocol}//{hostname}{:port}/#/preview/s", "providers": "ECM", "authType": "BASIC",

    proxy.conf.js
    const API_CONTENT_HOST = 'My url'; module.exports = { '/alfresco': { target: API_CONTENT_HOST, secure: false, changeOrigin: true, // workaround for REPO-2260 onProxyRes: function(proxyRes, req, res) { const header = proxyRes.headers['www-authenticate']; if (header && header.startsWith('Basic')) { proxyRes.headers['www-authenticate'] = 'x' + header; }} }, '/auth': { target: API_CONTENT_HOST, secure: false, changeOrigin: true }};

    Milochanzy
    @Milochanzy
    Hi, Is it possible to add static dropdown list for custom metadata on Alfresco content app?
    Denys Vuika
    @DenysVuika
    @NihatOsman probably you custom url is incorrect? proxy-conf.js file is the config for Angular development server, meaning it will work only if you use "npm start" or "ng run app" commands. Are you running like that?
    NihatOsman
    @NihatOsman
    @DenysVuika when my custom URL is not correct(different) I'm getting (You've entered an unknown username or password). I'm running with 'npm start' and I'm using the ACA 1.9.0. By the way, when I click on sign in I'm seeing 3 requests - the first one is localhost:4200 and the other two is for the server
    alt
    Stefan Bakić
    @sbakic_gitlab
    @DenysVuika There is a bug in datatable.component. It is not possible to unselect row in selectionMode="single".
    Denys Vuika
    @DenysVuika
    @sbakic_gitlab why is this a bug? what does this break?
    Dylan van den Brink
    @dylanvdbrink
    Hi, I'm trying to create a custom component. I've used the "library-list" component which is in the content-services-extension as an example. Registration, route and showing nodes work. But I also want to show the contextMenu and the toolbar that are shown when navigating in existing ACA components, which works in the "library-list" component but I can't seem to get it to work in my custom one. So my question is, how can we re-use the toolbar- and contextmenu actions in custom components?
    Dylan van den Brink
    @dylanvdbrink
    I've searched through the history here, but the working solution for @oviwon which suggests specifying aca-shared as a module dependency does not seem to work for me. The default "browser" context menu is not firing either so it seems like my data-table does override the functionality of the browser but does not show any context menu actions. The toolbar does not show any actions either.
    Denys Vuika
    @DenysVuika
    you need document list probably, the context menus and all other features are there, the data-table is just a basic table component
    Dylan van den Brink
    @dylanvdbrink
    Hmm okay thanks, still thinking of why it is working for the "content-services-extension" though
    Denys Vuika
    @DenysVuika
    @dylanvdbrink content-services-extension is an enterprise plugin for ADW, not ACA