diff --git a/README.md b/README.md index cd1593c9..1e6a67d3 100644 --- a/README.md +++ b/README.md @@ -61,4 +61,6 @@ ## Startup script - `start.sh` is intentionally ignored by Git (`.gitignore`) so server secrets are not committed. -- Use `start.example.sh` as the tracked template and keep real credentials in environment variables (or `.env` on the server). \ No newline at end of file +- Use `start.example.sh` as the tracked template and keep real credentials in environment variables (or `.env` on the server). +- Startup scripts run patch helpers before boot (`scripts/patch-lightningcss.mjs`, `scripts/patch-endpoint-media-scope.mjs`). +- The media scope patch fixes a known upstream issue where file uploads can fail if the token scope is `create update delete` without explicit `media`. \ No newline at end of file diff --git a/package.json b/package.json index 306f899a..1bb2a84e 100644 --- a/package.json +++ b/package.json @@ -4,8 +4,8 @@ "description": "", "main": "index.js", "scripts": { - "postinstall": "node scripts/patch-lightningcss.mjs", - "serve": "node node_modules/@indiekit/indiekit/bin/cli.js serve --config indiekit.config.mjs", + "postinstall": "node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs", + "serve": "node scripts/patch-lightningcss.mjs && node scripts/patch-endpoint-media-scope.mjs && node node_modules/@indiekit/indiekit/bin/cli.js serve --config indiekit.config.mjs", "test": "echo \"Error: no test specified\" && exit 1" }, "keywords": [], diff --git a/scripts/patch-endpoint-media-scope.mjs b/scripts/patch-endpoint-media-scope.mjs new file mode 100644 index 00000000..896713ca --- /dev/null +++ b/scripts/patch-endpoint-media-scope.mjs @@ -0,0 +1,51 @@ +import { access, readFile, writeFile } from "node:fs/promises"; + +const candidates = [ + "node_modules/@indiekit/endpoint-media/lib/scope.js", + "node_modules/@indiekit/indiekit/node_modules/@indiekit/endpoint-media/lib/scope.js", +]; + +const oldCode = 'if (scope === "create" && action === "media") {'; +const newCode = 'if (scope.includes("create") && action === "media") {'; + +async function exists(path) { + try { + await access(path); + return true; + } catch { + return false; + } +} + +let checked = 0; +let patched = 0; + +for (const filePath of candidates) { + if (!(await exists(filePath))) { + continue; + } + + checked += 1; + + const source = await readFile(filePath, "utf8"); + + if (source.includes(newCode)) { + continue; + } + + if (!source.includes(oldCode)) { + continue; + } + + const updated = source.replace(oldCode, newCode); + await writeFile(filePath, updated, "utf8"); + patched += 1; +} + +if (checked === 0) { + console.log("[postinstall] No endpoint-media scope files found"); +} else if (patched === 0) { + console.log("[postinstall] endpoint-media scope already patched"); +} else { + console.log(`[postinstall] Patched endpoint-media scope in ${patched} file(s)`); +} diff --git a/start.example.sh b/start.example.sh index b097585c..0b03397c 100644 --- a/start.example.sh +++ b/start.example.sh @@ -27,4 +27,8 @@ fi export NODE_ENV="${NODE_ENV:-production}" +# Ensure runtime dependency patches are applied even if node_modules already exists. +/usr/local/bin/node scripts/patch-lightningcss.mjs +/usr/local/bin/node scripts/patch-endpoint-media-scope.mjs + exec /usr/local/bin/node node_modules/@indiekit/indiekit/bin/cli.js serve --config indiekit.config.mjs