diff --git a/Dockerfile b/Dockerfile
index 384bdfd28..d9af68ca2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
-ARG SERVER_VERSION=v0.34.0
-ARG SERVER_VERSION_STRING=v0.34.0
+ARG SERVER_VERSION=v0.34.1
+ARG SERVER_VERSION_STRING=v0.34.1
# Builder image to compile the website
FROM ubuntu:24.04 AS builder
diff --git a/configuration/application.yml b/configuration/application.yml
index de651c088..d04409427 100644
--- a/configuration/application.yml
+++ b/configuration/application.yml
@@ -198,10 +198,11 @@ ovsx:
rate-limit:
enabled: true
token-prefix: ovsx_rl_
- # on the trust boundary, "X-Real-IP" is set for any external requests
- # for internal requests from within the cluster check first of "X-Forwarded-For" is set, otherwise use the remote addr.
+ # on the trust boundary (fastly edge), "X-Fastly-Real-IP" is set for any external requests
+ # on nginx, "X-Real-IP" is set for any external requests, kept as a fallback
+ # for internal requests from within the cluster check first if "X-Forwarded-For" is set, otherwise use the remote addr.
# jetty seems to return "[127.0.0.1]" as remote addr in some cases, need to investigate why this is happening
- ip-address-function: '(getHeader("X-Real-IP")?: getHeader("X-Forwarded-For")?: getRemoteAddr()).split(",")[0].trim()'
+ ip-address-function: '(getHeader("X-Fastly-Real-IP")?: getHeader("X-Real-IP")?: getHeader("X-Forwarded-For")?: getRemoteAddr()).split(",")[0].trim()'
filters:
- url: '/(api|vscode)/.*'
http-response-headers:
diff --git a/website/package.json b/website/package.json
index d8a4acbfb..ef0565a7b 100644
--- a/website/package.json
+++ b/website/package.json
@@ -10,7 +10,7 @@
},
"type": "module",
"dependencies": {
- "openvsx-webui": "npm:openvsx-webui@0.20.0"
+ "openvsx-webui": "npm:openvsx-webui@0.20.1"
},
"resolutions": {
"qs": "^6.14.1"
diff --git a/website/src/about.tsx b/website/src/about.tsx
index 25d07bb06..e0a20f3eb 100644
--- a/website/src/about.tsx
+++ b/website/src/about.tsx
@@ -61,12 +61,7 @@ const About = () => {
Contact Us
- To report malicious extensions, extensions with known vulnerabilities, or other urgent matters, connect with us
- at
-
- openvsx@eclipse-foundation.org
-
- . For non-urgent questions, including managing namespaces or publishing extensions, please visit our
+ For non-urgent questions, including managing namespaces or publishing extensions, please visit our
wiki
diff --git a/website/src/footer-content.tsx b/website/src/footer-content.tsx
index cef79899f..79a115a46 100644
--- a/website/src/footer-content.tsx
+++ b/website/src/footer-content.tsx
@@ -62,7 +62,9 @@ const MainFooter = ({ isSmallDisplay, isLargeDisplay, expanded, toggleExpanded }
{isSmallDisplay ? null : repositoryLink()}
{isLargeDisplay ? (
- {privacyPolicy()}
+ {ossAccess()}
+ {privacyPolicy()}
+ {securityPolicy()}
{termsOfUse()}
{compliance()}
{legalResources(false)}
@@ -102,7 +104,9 @@ const FooterContent: FunctionComponent<{ expanded: boolean }> = ({ expanded }) =
return (
+ {ossAccess()}
{privacyPolicy()}
+ {securityPolicy()}
{termsOfUse()}
{compliance()}
{legalResources(isSmallDisplay)}
@@ -135,12 +139,24 @@ const repositoryLink = () => (
);
+const ossAccess = () => (
+
+ OSS Access
+
+);
+
const privacyPolicy = () => (
Privacy Policy
);
+const securityPolicy = () => (
+
+ Security Policy
+
+);
+
const termsOfUse = () => Terms of Use;
const compliance = () => (
diff --git a/website/src/menu-content.tsx b/website/src/menu-content.tsx
index d5c533098..5cb7807d2 100644
--- a/website/src/menu-content.tsx
+++ b/website/src/menu-content.tsx
@@ -33,6 +33,7 @@ import PeopleAltIcon from '@mui/icons-material/PeopleAlt';
import HubIcon from '@mui/icons-material/Hub';
import AccountBoxIcon from '@mui/icons-material/AccountBox';
import BusinessIcon from '@mui/icons-material/Business';
+import SecurityIcon from '@mui/icons-material/Security';
import { UserSettingsRoutes } from 'openvsx-webui/lib/pages/user/user-settings-routes';
import { MainContext } from 'openvsx-webui/lib/context';
import {
@@ -90,6 +91,12 @@ export const MobileMenuContent: FunctionComponent = () => {
Commercial Usage
+