docs: update README for fork, Python 3.12 and clean up dead links

- Add fork notice with credits to original author bugy/script-server
- Remove dead links: Travis CI badge (404), Gitter badge/room (shut down
  in 2023), demo server script-server.net (unreachable)
- Fix double-parenthesis typo in XSS wiki link (line 132 in original)
- Update requirements: Python 3.9+ minimum (3.12 recommended),
  tornado >=6.1, requests >=2.28; document optional ldap3/bcrypt deps
  with install instructions
- Add "What's new in this fork" section documenting 2025-05-27 changes
- Update contribution section to point to this fork's issue tracker

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: 2 people

README.md

@@ -1,14 +1,13 @@
-[![Build Status](https://travis-ci.com/bugy/script-server.svg?branch=master&status=passed)](https://travis-ci.com/bugy/script-server) [![Gitter](https://badges.gitter.im/script-server/community.svg)](https://gitter.im/script-server/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge)
+> **Fork** — This is a community-maintained fork of [bugy/script-server](https://github.com/bugy/script-server) (original author: [@bugy](https://github.com/bugy)). The upstream project is no longer actively maintained. See [What's new in this fork](#whats-new-in-this-fork) for the changes made here.
 
 # script-server
-Script-server is a Web UI for scripts.  
+
+Script-server is a Web UI for scripts.
 
 As an administrator, you add your existing scripts into Script server and other users would be able to execute them via a web interface.
 The UI is very straightforward and can be used by non-tech people.
 
-No script modifications are needed - you configure each script in Script server and it creates the corresponding UI with parameters and takes care of validation, execution, etc.  
-
-[DEMO server](https://script-server.net/)
+No script modifications are needed - you configure each script in Script server and it creates the corresponding UI with parameters and takes care of validation, execution, etc.
 
 [Admin interface screenshots](https://github.com/bugy/script-server/wiki/Admin-interface)
 
@@ -32,15 +31,31 @@ or [how to configure the server](https://github.com/bugy/script-server/wiki/Serv
 
 ### Server-side
 
-Python 3.7 or higher with the following modules:
+Python 3.9 or higher (Python 3.12 recommended) with the following modules:
+
+* tornado >= 6.1
+* requests >= 2.28
+
+Optional modules (required only for specific features):
+
+| Module | Feature |
+|--------|---------|
+| `ldap3 >= 2.9` | LDAP authentication |
+| `bcrypt >= 4.0` | bcrypt password support in htpasswd auth |
 
-* Tornado 5 / 6
+Install all dependencies at once:
+```bash
+pip install -r requirements.txt
+```
 
-Some features can require additional modules. Such requirements are specified in a corresponding feature description.
+Install with optional dependencies:
+```bash
+pip install -r requirements.txt ldap3>=2.9 bcrypt>=4.0
+```
 
 OS support:
 
-- Linux (main). Tested and working on Debian 10,11
+- Linux (main). Tested and working on Debian 10, 11
 - Windows (additional). Light testing
 - macOS (additional). Light testing
 
@@ -52,104 +67,108 @@ Internet connection is **not** needed. All the files are loaded from the server.
 
 ## Installation
 ### For production
-1. Download script-server.zip file from [Latest release](https://github.com/bugy/script-server/releases/latest) or [Dev release](https://github.com/bugy/script-server/releases/tag/dev)
-2. Create script-server folder anywhere on your PC and extract zip content to this folder
+1. Download script-server.zip from [Latest release](https://github.com/bugy/script-server/releases/latest) (last upstream release: v1.18.0)
+2. Create a script-server folder anywhere on your machine and extract the zip content into it
+3. Install dependencies: `pip install -r requirements.txt`
 
-(For detailed steps on linux with virtualenv, please see [Installation guide](https://github.com/bugy/script-server/wiki/Installing-on-virtualenv-(linux)))
+For detailed steps on Linux with virtualenv, see the [Installation guide](https://github.com/bugy/script-server/wiki/Installing-on-virtualenv-(linux)).
 
-##### As a docker container
-Please find pre-built images here: https://hub.docker.com/r/bugy/script-server/tags  
-For the usage please check [this ticket](https://github.com/bugy/script-server/issues/171#issuecomment-461620836)
+##### As a Docker container
+Pre-built images are available on [Docker Hub](https://hub.docker.com/r/bugy/script-server/tags).  
+For usage instructions, see [this ticket](https://github.com/bugy/script-server/issues/171#issuecomment-461620836).
 
 ### For development
-1. Clone/download the repository
-2. Run 'tools/init.py --no-npm' script
+1. Clone this repository
+2. Run `tools/init.py --no-npm`
 
-`init.py` script should be run after pulling any new changes
+`init.py` should be run after pulling any new changes.
 
-If you are making changes to web files, use `npm run build` or `npm run serve`
+If you are making changes to web files, use `npm run build` or `npm run serve`.
 
-### A issue running on OpenBSD and maybe other UNIX systems
-See [A issue running on OpenBSD and maybe other UNIX systems](https://github.com/bugy/script-server/wiki/OpenBSD-process-termination-issues).
+### A note on OpenBSD and some other UNIX systems
+See [OpenBSD process termination issues](https://github.com/bugy/script-server/wiki/OpenBSD-process-termination-issues).
 
 
 ## Setup and run
-1. Create configurations for your scripts in *conf/runners/* folder (see [script config page](https://github.com/bugy/script-server/wiki/Script-config) for details)
-2. Launch launcher.py from script-server folder
-  * Windows command: launcher.py
-  * Linux command: ./launcher.py
+1. Create configurations for your scripts in the *conf/runners/* folder (see [script config page](https://github.com/bugy/script-server/wiki/Script-config) for details)
+2. Launch launcher.py from the script-server folder
+  * Windows: `launcher.py`
+  * Linux/macOS: `./launcher.py`
 3. Add/edit scripts on the admin page
 
 By default, the server will run on http://localhost:5000
 
 ### Server config
-All the features listed above and some other minor features can be configured in *conf/conf.json* file. 
-It is allowed not to create this file. In this case, default values will be used.
-See [server config page](https://github.com/bugy/script-server/wiki/Server-configuration) for details
+All the features listed above and some other minor features can be configured in *conf/conf.json*.
+It is allowed not to create this file — default values will be used in that case.
+See [server config page](https://github.com/bugy/script-server/wiki/Server-configuration) for details.
 
 ### Admin panel
-Admin panel is accessible on admin.html page (e.g. http://localhost:5000/admin.html)
+Admin panel is accessible at admin.html (e.g. http://localhost:5000/admin.html)
 
 ## Logging
 
-All web/operating logs are written to the *logs/server.log*
-Additionally each script logs are written to separate file in *logs/processes*. File name format is
-{script\_name}\_{client\_address}\_{date}\_{time}.log.
+All web/operating logs are written to *logs/server.log*.
+Each script's logs are written to a separate file in *logs/processes*. File name format:
+`{script_name}_{client_address}_{date}_{time}.log`
 
 ## Testing/demo
 
-Script-server has bundled configs/scripts for testing/demo purposes, which are located in samples folder. You can
-link/copy these config files (samples/configs/\*.json) to server config folder (conf/runners).
+Script-server has bundled configs/scripts for testing/demo purposes, located in the samples folder. You can
+link/copy these config files (`samples/configs/*.json`) to the server config folder (`conf/runners`).
 
 ## Security
 
-I do my best to make script-server secure and invulnerable to attacks, injections or user data security. However to be
-on the safe side, it's better to run Script server only on a trusted network.  
-Any security leaks report or recommendations are greatly appreciated!
+Script-server is designed to be secure and invulnerable to attacks, injections or user data leaks. However, to be
+on the safe side, it's better to run Script server only on a trusted network.
 
 ### Shell commands injection
 
 Script server guarantees that all user parameters are passed to an executable script as arguments and won't be executed
-under any conditions. There is no way to inject fraud command from a client-side. However, user parameters are not
-escaped, so scripts should take care of not executing them also (general recommendation for bash is at least to wrap all
-arguments in double-quotes). It's recommended to use typed parameters when appropriate, because they are validated for
-proper values and so they are harder to be subject of commands injection. Such attempts would be easier to detect also.
+under any conditions. There is no way to inject a fraudulent command from the client side. However, user parameters are not
+escaped, so scripts should take care of not executing them directly (the general recommendation for bash is to wrap all
+arguments in double-quotes). Using typed parameters is recommended when appropriate, as they are validated for
+proper values and are harder to exploit.
 
-_Important!_ Command injection protection is fully supported for Linux, but _only_ for .bat and .exe files on Windows
+_Important!_ Command injection protection is fully supported for Linux, but _only_ for .bat and .exe files on Windows.
 
 ### XSS and CSRF
 
-_(v1.0 - v1.16)_  
+_(v1.0 - v1.16)_
 Script server _is_ vulnerable to these attacks.
 
-_(v1.17+)_  
-Script server is protected against XSRF attacks via a special token.      
+_(v1.17+)_
+Script server is protected against XSRF attacks via a special token.
 XSS protection: the code is written according to
 [OWASP Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/DOM_based_XSS_Prevention_Cheat_Sheet.html)
 and the only **known** vulnerabilities are:
 
 * `output_format`=`html_iframe`, see the reasoning in the
-  linked [Wiki page]((https://github.com/bugy/script-server/wiki/Script-config#output_format))
+  linked [Wiki page](https://github.com/bugy/script-server/wiki/Script-config#output_format)
 
-## Contribution
+## What's new in this fork
+
+### 2025-05-27 — Python 3.12 compatibility
+
+**Python version support:** updated minimum from Python 3.7 (end-of-life since June 2023) to **Python 3.9+** (Python 3.12 recommended).
 
-If you like the project and think you could help with making it better, there are many ways you can do it:
+**Fixes:**
+- Replaced invalid string escape sequences (`\d`, `\w`, `\/`, `\ `, `\|`, `\p`, `\[`, `\.`) with raw strings (`r'...'`) in test files — these would become `SyntaxError` in Python 3.14
+- Replaced deprecated `thread.setDaemon(True)` with `thread.daemon = True` in `user_file_storage.py` and `auth_abstract_oauth.py`
 
-- Create a new issue for new feature proposal or a bug
-- Implement existing issues (there are quite some of them: frontend/backend, simple/complex, choose whatever you like)
-- Help with improving the documentation
-- Set up a demo server
-- Spread a word about the project to your colleagues, friends, blogs or any other channels
-- Any other things you could imagine
+**Dependencies (`requirements.txt`):**
+- Raised Tornado floor from `>=4` to `>=6.1` (Tornado 4/5 are incompatible with Python 3.12)
+- Added `requests>=2.28` as an explicit dependency (used by HTTP notification destinations)
+- Documented optional dependencies (`ldap3`, `bcrypt`) with install instructions
+
+## Contribution
 
-Any contribution would be of great help and I will highly appreciate it! 
-If you have any questions, please create a new issue, or contact me via buggygm@gmail.com
+If you find a bug or want to propose a feature, please [open an issue](https://github.com/knep/script-server/issues) on this fork.
 
-## Asking questions
-If you have any questions, feel free to:
-- Ask in gitter: https://gitter.im/script-server/community
-- or [create a ticket](https://github.com/bugy/script-server/issues/new)
-- or contact me via email: buggygm@gmail.com (for some non-shareable questions)
+Contributions are welcome:
+- Bug reports and feature proposals
+- Pull requests (fixes, features, documentation)
+- Any other improvements you can think of
 
 ## Special thanks
 ![JetBrains logo](https://github.com/JetBrains/logos/blob/master/web/jetbrains/jetbrains.svg)