Conversation
Signed-off-by: Teror Fox <i@trfox.top>
SafeDep Report Summary
No dependency changes detected. Nothing to scan. This report is generated by SafeDep Github App |
|
| GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
|---|---|---|---|---|---|
| 26382684 | Triggered | Username Password | b89c707 | apps/core/src/constants/error-code.constant.ts | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secret safely. Learn here the best practices.
- Revoke and rotate this secret.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
There was a problem hiding this comment.
Pull request overview
This pull request adds support for template placeholders in file upload paths and filenames, addressing issue #2469. The feature allows users to customize file naming and organization using dynamic placeholders like date/time, random strings, MD5 hashes, and UUIDs. Additionally, the PR improves S3 compatibility for Tencent COS by implementing virtual-hosted style URLs and adds a new security scanning workflow.
Changes:
- Added a comprehensive filename template utility with 16+ placeholder types for flexible file organization
- Implemented new file upload configuration options with customizable naming and path templates
- Enhanced S3 uploader to support Tencent COS virtual-hosted style endpoints and improved error messages
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 8 comments.
Show a summary per file
| File | Description |
|---|---|
apps/core/src/utils/filename-template.util.ts |
New utility implementing template placeholder replacement system for filenames and paths |
apps/core/test/src/utils/filename-template.util.spec.ts |
Comprehensive test suite for template functionality covering all placeholders |
apps/core/src/modules/configs/configs.schema.ts |
Added FileUploadOptions schema with template configuration fields |
apps/core/src/modules/configs/configs.interface.ts |
Extended IConfig interface to include fileUploadOptions |
apps/core/src/modules/configs/configs.default.ts |
Added default configuration for file upload options |
apps/core/src/modules/file/file.controller.ts |
Integrated template system into file upload endpoint with path construction logic |
apps/core/src/processors/helper/helper.image-migration.service.ts |
Applied template processing to S3 prefix for image migration |
apps/core/src/utils/s3.util.ts |
Added Tencent COS virtual-hosted style support and enhanced error reporting |
.github/workflows/strix.yml |
Added new security scanning workflow using Strix tool |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Teror Fox <imaginehtr@qq.com>
1 participant
Description
更新文件上传前缀支持模板占位符,增强灵活性
变量列表
{Y}2026{y}26{m}02{d}15{h}14{i}30{s}45{ms}123{timestamp}1739620800000{md5}5d41402abc4b2a76b9719d911017c592{md5-16}5d41402abc4b2a76{uuid}550e8400-e29b-41d4-a716-446655440000{str-N}{str-10}→aBcDeFgHiJ{filename}photo.jpg{name}photo{ext}.jpg{type}image/file/avatar/icon{localFolder:N}{localFolder:1}→uploads配置示例:
结果测试:
Linked Issues
#2469
Additional context