Merge remote-tracking branch 'origin/main'

.env.example

@@ -1,9 +1,11 @@
 # Configuration reference: http://docs.postiz.com/configuration/reference
 
-# === Required Settings
+# === Required Settings 
 DATABASE_URL="postgresql://postiz-user:postiz-password@localhost:5432/postiz-db-local"
 REDIS_URL="redis://localhost:6379"
 JWT_SECRET="random string for your JWT secret, make it long"
+
+# === This needs to be exactly the URL you're accessing Postiz on.
 FRONTEND_URL="http://localhost:4200"
 NEXT_PUBLIC_BACKEND_URL="http://localhost:3000"
 BACKEND_INTERNAL_URL="http://localhost:3000"
@@ -77,6 +79,7 @@ MASTODON_CLIENT_SECRET=""
 OPENAI_API_KEY=""
 NEXT_PUBLIC_DISCORD_SUPPORT=""
 NEXT_PUBLIC_POLOTNO=""
+NOT_SECURED=false
 
 # Payment settings
 FEE_AMOUNT=0.05

SECURITY.md

@@ -9,8 +9,7 @@ The Postiz app is committed to ensuring the security and integrity of our users'
 If you discover a security vulnerability in the Postiz app, please report it to us privately via email to one of the maintainers:
 
 * @nevo-david
-* @jamesread ([email](mailto:contact@jread.com))
-* @jonathan-irvin ([email](mailto:offendingcommit@gmail.com))
+* @egelhaus ([email](mailto:gelhausenno@outlook.de))
 
 When reporting a security vulnerability, please provide as much detail as possible, including:
 

libraries/nestjs-libraries/src/integrations/social/discord.provider.ts

@@ -117,7 +117,7 @@ export class DiscordProvider extends SocialAbstract implements SocialProvider {
     ).json();
 
     return list
-      .filter((p: any) => p.type === 0 || p.type === 15)
+      .filter((p: any) => p.type === 0 || p.type === 5 || p.type === 15)
       .map((p: any) => ({
         id: String(p.id),
         name: p.name,