JSPaste · inetol · Jan 16, 2026 · Apr 1, 2025 · Apr 22, 2025 · Apr 27, 2025
diff --git a/.dockerignore b/.dockerignore
@@ -1,11 +1,12 @@
 *
 
-# Project files
-!/bun.lock
-!/bunfig.toml
+!/lib/**
+!/src/**
+!/.npmrc
+!/deno.json
+!/deno.lock
 !/LICENSE
+!/mise.toml
 !/package.json
-!/tsconfig.json
-
-# SRC
-!/src/**
+!/rolldown.config.ts
+!/tsconfig.json
diff --git a/.editorconfig b/.editorconfig
@@ -0,0 +1,22 @@
+# https://spec.editorconfig.org/#supported-pairs
+
+root = true
+
+[*]
+charset = utf-8
+end_of_line = lf
+indent_size = 2
+indent_style = space
+insert_final_newline = true
+max_line_length = 120
+tab_width = 2
+trim_trailing_whitespace = true
+
+[{*.json,*.jsonc}]
+insert_final_newline = false
+
+[{*.yaml,*.yml}]
+insert_final_newline = false
+
+[*.html]
+insert_final_newline = false
diff --git a/.env.example b/.env.example
@@ -1,40 +1,71 @@
-#? Rename or copy this file to ".env" and set the variables there.
+#?
+#? Rename this file to ".env" and edit the values as needed.
 #?
 #?####################
 #? VARIABLE STRUCTURE:
 #?####################
 #? [ default ] : type < min - max >
 #?      ^         ^         ^
 #?      |         |         |
-#?      |         |         +---- RANGE between two values (these included)
+#?      |         |         +---- RANGE between two values (inclusive)
 #?      |         +-------------- TYPE of the variable
-#?      +------------------------ DEFAULT value applied if not set
+#?      +------------------------ DEFAULT value if not set
 #?
 #?###################
 #? COMMENT STRUCTURE:
 #?###################
-#? "#?#..." or "###..." are used to comment a section line.
-#? "#?" is used to comment a help line.
-#? "##" is used to comment a description line.
-#? "#" is used to comment a variable line.
+#? "#?#...", "###..." for section headers
+#? "#?" for help
+#? "##" for description
+#? "#" for variable definitions
 #?
-#? You should remove the comment on variable lines only if you want to set the variable.
 
-##########
-## SERVER:
-##########
-## Set log verbosity [3]:integer
-#? (0=none <- 1=error <- 2=warn <- 3=info <- 4=debug)
-#LOGLEVEL=3
+## Log level: [3]:integer<0-4>
+#? 0=none, 1=error, 2=warn, 3=info, 4=debug
+#JSPB_LOG_VERBOSITY=3
+
+## Include timestamps in logs?: [true]:boolean
+#JSPB_LOG_TIME=true
 
-## Port for the server [4000]:integer
-#PORT=4000
+## Hostname to bind: [::]:string
+#JSPB_HOSTNAME=::
 
-## Is website served over HTTPS? [true]:boolean
-#TLS=true
+## Port to bind: [4000]:integer<0-65535>
+#JSPB_PORT=4000
 
 ############
 ## DOCUMENT:
 ############
-## Maximum document size in kilobytes [1024]:integer
-#DOCUMENT_MAXSIZE=1024
+## Maximum size per document: [1mb]:string
+#? 0=disabled, units: b/k(i)b/m(i)b/g(i)b/t(i)b
+#JSPB_DOCUMENT_SIZE=1mb
+
+## Compress document?: [true]:boolean
+#? It doesn't apply retroactively to existing documents.
+#JSPB_DOCUMENT_COMPRESSION=true
+
+## Delete documents older than: [0]:string
+#? 0=disabled, units: s/m/h/d/w/M/y
+#JSPB_DOCUMENT_AGE=0
+
+## Delete anonymous documents older than: [7d]:string
+#? 0=disabled, units: s/m/h/d/w/M/y
+#JSPB_DOCUMENT_ANONYMOUS_AGE=7d
+
+########
+## USER:
+########
+## Allow user registration?: [true]:boolean
+#? Root user can always create new users.
+#JSPB_USER_REGISTER=true
+
+## Restore the root user?: [false]:boolean
+#? Make sure to disable this again after successful recovery.
+#JSPB_USER_ROOT_RECOVERY=false
+
+########
+## TASK:
+########
+## Cleanup task cron schedule: [0 1 * * *]:string
+#? https://crontab.guru/#0_1_*_*_*
+#JSPB_TASK_SWEEPER=0 1 * * *
diff --git a/.github/renovate.json b/.github/renovate.json
@@ -1,14 +1,14 @@
 {
-	"$schema": "https://docs.renovatebot.com/renovate-schema.json",
-	"extends": ["config:recommended"],
-	"lockFileMaintenance": {
-		"enabled": true,
-		"automerge": true
-	},
-	"packageRules": [
-		{
-			"matchUpdateTypes": ["patch"],
-			"automerge": true
-		}
-	]
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "extends": ["config:recommended", "customManagers:biomeVersions"],
+  "lockFileMaintenance": {
+    "enabled": true,
+    "automerge": true
+  },
+  "packageRules": [
+    {
+      "matchUpdateTypes": ["patch"],
+      "automerge": true
+    }
+  ]
 }
diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml
@@ -23,7 +23,7 @@ on:
           - build-release
 
 concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
+  group: ${{ github.workflow }}
   cancel-in-progress: false
 
 permissions:
@@ -41,18 +41,18 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
-          egress-policy: audit
+          egress-policy: "audit"
 
-      - name: Setup Bun
-        uses: oven-sh/setup-bun@4bc047ad259df6fc24a6c9b0f9a0cb08cf17fbe5 # v2.0.1
+      - name: Setup mise-en-place
+        uses: jdx/mise-action@146a28175021df8ca24f8ee1828cc2a60f980bd5 # v3.5.1
 
       - name: Save context
         id: ctx
         env:
-          CTX_BRANCH: ${{ github.head_ref || github.ref_name }}
-          CTX_SHA: ${{ github.event.pull_request.head.sha || github.sha }}
+          CTX_BRANCH: "${{ github.head_ref || github.ref_name }}"
+          CTX_SHA: "${{ github.event.pull_request.head.sha || github.sha }}"
         run: |
           echo "branch=${CTX_BRANCH}" >>"$GITHUB_OUTPUT"
           echo "sha=${CTX_SHA}" >>"$GITHUB_OUTPUT"
@@ -61,8 +61,8 @@ jobs:
       - name: Save tags
         id: tags
         env:
-          BRANCH: ${{ steps.ctx.outputs.branch }}
-          SHA_SHORT: ${{ steps.ctx.outputs.sha_short }}
+          BRANCH: "${{ steps.ctx.outputs.branch }}"
+          SHA_SHORT: "${{ steps.ctx.outputs.sha_short }}"
         run: |
           TIMESTAMP="$(date +%Y.%m.%d)"
 
@@ -76,61 +76,46 @@ jobs:
           echo "extended=${TIMESTAMP}-${SHA_SHORT}" >>"$GITHUB_OUTPUT"
 
       - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
-          persist-credentials: false
-
-      - name: Install deps
-        run: bun install --frozen-lockfile
+          persist-credentials: "false"
 
       - name: Build artifact
         run: |
-          bun run build:server
-
-          bun run build:standalone:darwin-arm64
-          chmod 755 ./dist/server
-          tar -c --owner=0 --group=0 --mtime='now' --utc .env.example LICENSE README.md -C ./dist/ server | xz -z -6 >./dist/backend_${{ steps.tags.outputs.tag }}_darwin-arm64.tar.xz
-          tar -tJf ./dist/backend_${{ steps.tags.outputs.tag }}_darwin-arm64.tar.xz >/dev/null
-
-          bun run build:standalone:linux-amd64-glibc
-          chmod 755 ./dist/server
-          tar -c --owner=0 --group=0 --mtime='now' --utc .env.example LICENSE README.md -C ./dist/ server | xz -z -6 >./dist/backend_${{ steps.tags.outputs.tag }}_linux-amd64-glibc.tar.xz
-          tar -tJf ./dist/backend_${{ steps.tags.outputs.tag }}_linux-amd64-glibc.tar.xz >/dev/null
-
-          bun run build:standalone:linux-amd64-musl
-          chmod 755 ./dist/server
-          tar -c --owner=0 --group=0 --mtime='now' --utc .env.example LICENSE README.md -C ./dist/ server | xz -z -6 >./dist/backend_${{ steps.tags.outputs.tag }}_linux-amd64-musl.tar.xz
-          tar -tJf ./dist/backend_${{ steps.tags.outputs.tag }}_linux-amd64-musl.tar.xz >/dev/null
-
-          bun run build:standalone:linux-arm64-glibc
-          chmod 755 ./dist/server
-          tar -c --owner=0 --group=0 --mtime='now' --utc .env.example LICENSE README.md -C ./dist/ server | xz -z -6 >./dist/backend_${{ steps.tags.outputs.tag }}_linux-arm64-glibc.tar.xz
-          tar -tJf ./dist/backend_${{ steps.tags.outputs.tag }}_linux-arm64-glibc.tar.xz >/dev/null
-
-          bun run build:standalone:linux-arm64-musl
-          chmod 755 ./dist/server
-          tar -c --owner=0 --group=0 --mtime='now' --utc .env.example LICENSE README.md -C ./dist/ server | xz -z -6 >./dist/backend_${{ steps.tags.outputs.tag }}_linux-arm64-musl.tar.xz
-          tar -tJf ./dist/backend_${{ steps.tags.outputs.tag }}_linux-arm64-musl.tar.xz >/dev/null
-
-          bun run build:standalone:windows-amd64
-          chmod 755 ./dist/server.exe
-          zip -j -X -9 -l -o ./dist/backend_${{ steps.tags.outputs.tag }}_windows-amd64.zip .env.example LICENSE README.md ./dist/server.exe
-          zip -T ./dist/backend_${{ steps.tags.outputs.tag }}_windows-amd64.zip
+          mise run build:standalone:darwin-arm64
+          chmod 755 ./dist/backend.darwin-arm64
+          tar -c --owner=0 --group=0 --mtime='now' --utc .env.example LICENSE README.md -C ./dist/ backend.darwin-arm64 | xz -z -6 >./dist/backend-${{ steps.tags.outputs.tag }}_darwin-arm64.tar.xz
+          tar -tJf ./dist/backend-${{ steps.tags.outputs.tag }}_darwin-arm64.tar.xz >/dev/null
+
+          mise run build:standalone:linux-amd64
+          chmod 755 ./dist/backend.linux-amd64
+          tar -c --owner=0 --group=0 --mtime='now' --utc .env.example LICENSE README.md -C ./dist/ backend.linux-amd64 | xz -z -6 >./dist/backend-${{ steps.tags.outputs.tag }}_linux-amd64.tar.xz
+          tar -tJf ./dist/backend-${{ steps.tags.outputs.tag }}_linux-amd64.tar.xz >/dev/null
+
+          mise run build:standalone:linux-arm64
+          chmod 755 ./dist/backend.linux-arm64
+          tar -c --owner=0 --group=0 --mtime='now' --utc .env.example LICENSE README.md -C ./dist/ backend.linux-arm64 | xz -z -6 >./dist/backend-${{ steps.tags.outputs.tag }}_linux-arm64.tar.xz
+          tar -tJf ./dist/backend-${{ steps.tags.outputs.tag }}_linux-arm64.tar.xz >/dev/null
+
+          mise run build:standalone:windows-amd64
+          chmod 755 ./dist/backend.windows-amd64.exe
+          zip -j -X -9 -l -o ./dist/backend-${{ steps.tags.outputs.tag }}_windows-amd64.zip .env.example LICENSE README.md ./dist/backend.windows-amd64.exe
+          zip -T ./dist/backend-${{ steps.tags.outputs.tag }}_windows-amd64.zip
 
       - if: inputs.artifact-action == 'build-release'
         name: Release artifact
-        uses: ncipollo/release-action@440c8c1cb0ed28b9f43e4d1d670870f059653174 # v1.16.0
+        uses: ncipollo/release-action@b7eabc95ff50cbeeedec83973935c8f306dfcd0b # v1.20.0
         with:
-          name: ${{ steps.tags.outputs.extended }}
-          tag: ${{ steps.tags.outputs.extended }}
-          artifacts: dist/*.tar.xz,dist/*.zip
-          makeLatest: true
-          prerelease: ${{ steps.ctx.outputs.branch != 'stable' }}
-          generateReleaseNotes: ${{ steps.ctx.outputs.branch == 'stable' }}
+          name: "${{ steps.tags.outputs.extended }}"
+          tag: "${{ steps.tags.outputs.extended }}"
+          artifacts: "dist/*.tar.xz,dist/*.zip"
+          makeLatest: "true"
+          prerelease: "${{ steps.ctx.outputs.branch != 'stable' }}"
+          generateReleaseNotes: "${{ steps.ctx.outputs.branch == 'stable' }}"
 
       - if: inputs.artifact-action == 'build-release'
         name: Attest artifact
-        uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v2.2.3
+        uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
         with:
           subject-path: |
             dist/*.tar.xz
@@ -150,15 +135,15 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
-          egress-policy: audit
+          egress-policy: "audit"
 
       - name: Save context
         id: ctx
         env:
-          CTX_BRANCH: ${{ github.head_ref || github.ref_name }}
-          CTX_SHA: ${{ github.event.pull_request.head.sha || github.sha }}
+          CTX_BRANCH: "${{ github.head_ref || github.ref_name }}"
+          CTX_SHA: "${{ github.event.pull_request.head.sha || github.sha }}"
         run: |
           echo "branch=${CTX_BRANCH}" >>"$GITHUB_OUTPUT"
           echo "sha=${CTX_SHA}" >>"$GITHUB_OUTPUT"
@@ -167,9 +152,9 @@ jobs:
       - name: Save tags
         id: tags
         env:
-          BRANCH: ${{ steps.ctx.outputs.branch }}
-          SHA: ${{ steps.ctx.outputs.sha }}
-          SHA_SHORT: ${{ steps.ctx.outputs.sha_short }}
+          BRANCH: "${{ steps.ctx.outputs.branch }}"
+          SHA: "${{ steps.ctx.outputs.sha }}"
+          SHA_SHORT: "${{ steps.ctx.outputs.sha_short }}"
         run: |
           TIMESTAMP="$(date +%Y.%m.%d)"
           TIMESTAMP_ISO="$(date -u +%Y-%m-%dT%H:%M:%SZ)"
@@ -189,20 +174,20 @@ jobs:
           echo "list=${TAGS[*]}" >>"$GITHUB_OUTPUT"
 
       - name: Checkout
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
-          persist-credentials: false
+          persist-credentials: "false"
 
       - name: Build image
         id: build-image
         uses: redhat-actions/buildah-build@7a95fa7ee0f02d552a32753e7414641a04307056 # v2.13
         with:
-          containerfiles: Dockerfile
-          platforms: linux/amd64,linux/arm64
-          image: ${{ github.repository }}
-          layers: true
-          oci: true
-          tags: ${{ steps.tags.outputs.list }}
+          containerfiles: "Dockerfile"
+          platforms: "linux/amd64,linux/arm64"
+          image: "${{ github.repository }}"
+          layers: "true"
+          oci: "true"
+          tags: "${{ steps.tags.outputs.list }}"
           extra-args: |
             --squash
             --identity-label=false
@@ -214,23 +199,23 @@ jobs:
         name: Login to GHCR
         uses: redhat-actions/podman-login@4934294ad0449894bcd1e9f191899d7292469603 # v1.7
         with:
-          username: ${{ github.repository_owner }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-          registry: ${{ env.REGISTRY }}
+          username: "${{ github.repository_owner }}"
+          password: "${{ secrets.GITHUB_TOKEN }}"
+          registry: "${{ env.REGISTRY }}"
 
       - if: inputs.image-action == 'build-release'
         name: Push to GHCR
         id: push-image
         uses: redhat-actions/push-to-registry@5ed88d269cf581ea9ef6dd6806d01562096bee9c # v2.8
         with:
-          image: ${{ steps.build-image.outputs.image }}
-          tags: ${{ steps.build-image.outputs.tags }}
-          registry: ${{ env.REGISTRY }}
+          image: "${{ steps.build-image.outputs.image }}"
+          tags: "${{ steps.build-image.outputs.tags }}"
+          registry: "${{ env.REGISTRY }}"
 
       - if: inputs.image-action == 'build-release'
         name: Attest image
-        uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v2.2.3
+        uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
         with:
           subject-name: "${{ env.REGISTRY }}/${{ steps.build-image.outputs.image }}"
-          subject-digest: ${{ steps.push-image.outputs.digest }}
-          push-to-registry: false
+          subject-digest: "${{ steps.push-image.outputs.digest }}"
+          push-to-registry: "false"