Merge branch 'master' into dev/precommit

Author: michielbdejong

.github/ISSUE_TEMPLATE/nss-5-0-0-regressions.md

@@ -0,0 +1,20 @@
+---
+name: NSS-5.0.0 Regressions
+about: To report regressions in 5.0.0 (i.e. things that used to work in earlier releases),
+  use this template
+title: ''
+labels: ''
+assignees: ''
+
+---
+
+## Please describe what you did in reproducible steps
+
+
+## How did it work with 4.x series servers?
+
+
+## What happened when you tried the same with the 5.x series server?
+
+
+## Any material that will help, logs, error messages, etc.

.gitignore

@@ -14,4 +14,4 @@
 /data
 /coverage
 /node_modules
-/npm-debug.log
+/npm-debug.log

.travis.yml

@@ -23,6 +23,7 @@ install:
 script:
   # Test the code
   - npm run standard
+  - npm run validate
   - npm run nyc
   # Test global install of the package
   - npm pack .
@@ -31,6 +32,8 @@ script:
 after_success:
   - snyk monitor
 
+cache: npm
+
 notifications:
   email:
   - solid@janeirodigital.com

CHANGELOG.md

@@ -1,5 +1,69 @@
 # History
 
+## 5.0.0
+
+- Node versions greater than 8 are supported.
+- Changes to vocabulary use:
+    - `solid:inbox` is deprecated in favour of `ldp:inbox`.
+    - `acl:defaultForNew` is deprecated in favour of `acl:default`.
+- Terms of Service may be added and enforced for new registrations,
+  but is disabled by default.    	
+- DELETE operations on a resource now require that the user has write permissions on
+  the file's container
+- Improved support for logout ensures users can use different
+  identities.
+- The profile container is now public readable by default.
+- Access Control: 
+    - The Access Control List system has undergone extensive
+      changes. Security has been tightened, and some unsafe practices that
+      where web apps was authorized access in the past are now not
+      permitted. 
+    - The browser-reported `Origin` header will now be checked by
+      default, and the ACL system can be used to restrict access
+      to applications for added security.
+    - Users can add `trustedApp` entries to their profile using a new databrowser pane.
+      You will see an 'A' icon added while you view a Person's profile URL
+      with the data browser (might have to hit refresh in your browser and make sure you
+      are viewing a WebId URL like https://localhost:8443/profile/card#me).
+- Logging is now verbose by default so the `-v` option has been
+  removed and a `--quiet` option has been added to mute the log.
+- To be bug compliant with 4.x releases, if a rule for public readable
+  root / does not exist, it will check in /index.html.acl (see issue #1063)
+- Command line options are now kebab-cased rather than camelCased,
+  config options may be both.
+- Resource with no extension now have '$.ttl' appended in the filename (see upgrades notes below).
+- Many smaller fixes.
+
+#### 5.0.0 Upgrade Notes
+
+- As of v5.0.0, all Turtle files need an extension. (**Intervention needed when updating from < 5.0.0!**)
+    - **How to upgrade?**
+        1. Stop the server.
+        2. Update node-solid-server to 5.0.0.
+        3. Make a backup of your `data/` and `config/` folders.
+        4. Invoke `solid migrate-legacy-resources -v`.
+           This makes the files in your `data/` and `config/` folders
+           automatically compatible with the new system.
+           You only need to do this once.
+           Different data folders can be migrated as well with the `-p` option:
+           `solid migrate-legacy-resources -p my/custom/data/folder -v`
+        5. You can now start the server again as usual.
+    - **Why?**
+    Before version 5.0.0, `https://pod.example/profile/card`
+    would map to `file:///solid/profile/card`, with the _assumption_
+    that it uses content-type `text/turtle`.
+    Now, this URL will map to `file:///solid/profile/card$.ttl` instead,
+    which makes the content-type automatically detectable.
+    This fixes many of the old Content-Type-related bugs.
+    _More information: https://www.w3.org/DesignIssues/HTTPFilenameMapping.html_
+
+## 4.4.0
+
+- Introduce a quota system. Delete the /settings/serverSide.ttl in the
+  user's POD to disable, or edit to fit your resource constraints.
+
+#### Changelog is incomplete for much of the 4.x series
+
 ## 4.1.0
 
 - Add support for Group Access Control Lists.

CONTRIBUTORS.md

@@ -0,0 +1,36 @@
+# Contributors to the solid-server npm module
+
+The Solid community wants to acknowledge the hard work and dedication put in by many people, several of whom are listed below.
+
+Please [let us know](https://github.com/solid/node-solid-server/edit/master/CONTRIBUTORS.md) if anyone is missing from this list, or if you wish to add yourself.
+
+## Project lead
+- [Tim Berners-Lee](https://www.w3.org/People/Berners-Lee/)
+
+## Current code contributors
+People with significant code contributions over the past couple of months, in alphabetical order:
+
+- [Arne Hassel](http://icanhasweb.net/)
+- [Kjetil Kjernsmo](http://kjetil.kjernsmo.net/)
+- [Ruben Taelman](https://www.rubensworks.net/)
+
+## Previous code contributors
+People with significant code contributions further in the past, in alphabetical order:
+
+- [Nicola Greco](https://nicola.io/)
+- [Martin Martinez Rivera](https://github.com/martinmr)
+- [Andrei Sambra](https://deiu.me/)
+- [Ruben Verborgh](https://ruben.verborgh.org/)
+- [Dmitri Zagidulin](http://computingjoy.com/)
+
+## Project contributors
+People who have significantly contributed to issues, testing, and/or discussions, in alphabetical order:
+- [Justin Bingham](https://github.com/justinwb)
+- [Sarven Capadisli](http://csarven.ca/)
+- [Melvin Carvalho](https://melvincarvalho.com/)
+- [Amy Guy](https://rhiaro.co.uk/)
+- [Kingsley Idehen](https://github.com/kidehen)
+
+## Community contributors
+Thanks to everyone who has tried solid-server, discussed about it, created issues and/or pull requests.
+Your input is necessary to help Solid grow!

EXAMPLES.md

@@ -1,6 +1,8 @@
 The MIT License (MIT)
 
-Copyright © 2014 
+Copyright © 2014–present Arne Hassel, Nicola Greco, Kjetil Kjernsmo,
+Martin Martinez Rivera, Andrei Sambra, Ruben Taelman, Ruben Verborgh,
+and Dmitri Zagidulin
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
@@ -15,8 +17,7 @@ copies or substantial portions of the Software.
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR
+IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.