Merge branch 'main' into cloudflare/fully-external-middleware

Author: conico974

.changeset/cool-seas-approve.md

@@ -0,0 +1,5 @@
+---
+"gitbook": patch
+---
+
+Fix navigation between sections/variants when previewing a site in v2

.changeset/fast-trees-battle.md

@@ -0,0 +1,5 @@
+---
+'@gitbook/react-openapi': patch
+---
+
+Add authorization header for OAuth2

.changeset/gorgeous-cycles-cheat.md

@@ -0,0 +1,5 @@
+---
+"gitbook-v2": patch
+---
+
+add a force-revalidate api route to force bust the cache in case of errors

.changeset/rotten-seals-rush.md

@@ -0,0 +1,5 @@
+---
+'@gitbook/react-openapi': patch
+---
+
+Indent JSON python code sample

.changeset/stupid-plums-perform.md

@@ -0,0 +1,6 @@
+---
+"gitbook": patch
+"gitbook-v2": patch
+---
+
+cache fonts and static image used in OGImage in memory

.changeset/thick-chefs-repeat.md

@@ -0,0 +1,5 @@
+---
+'@gitbook/react-openapi': patch
+---
+
+Handle nested deprecated properties in generateSchemaExample

.changeset/violet-schools-care.md

@@ -0,0 +1,5 @@
+---
+'@gitbook/react-openapi': patch
+---
+
+Deduplicate path parameters from OpenAPI spec

packages/gitbook-v2/next-env.d.ts

@@ -1,5 +1,6 @@
 /// <reference types="next" />
 /// <reference types="next/image-types/global" />
+/// <reference types="next/navigation-types/compat/navigation" />
 
 // NOTE: This file should not be edited
 // see https://nextjs.org/docs/app/api-reference/config/typescript for more information.

packages/gitbook-v2/src/lib/data/index.ts

@@ -4,5 +4,4 @@ export * from './pages';
 export * from './urls';
 export * from './errors';
 export * from './lookup';
-export * from './proxy';
 export * from './visitor';

packages/gitbook-v2/src/lib/data/visitor.ts

@@ -1,6 +1,6 @@
 import { withLeadingSlash, withTrailingSlash } from '@/lib/paths';
 import type { PublishedSiteContent } from '@gitbook/api';
-import { getProxyRequestIdentifier, isProxyRequest } from './proxy';
+import { getProxyRequestIdentifier, isProxyRequest } from '@v2/lib/proxy';
 
 /**
  * Get the appropriate base path for the visitor authentication cookie.

packages/gitbook-v2/src/lib/images/getImageResizingContextId.test.ts

@@ -0,0 +1,19 @@
+import { describe, expect, it } from 'bun:test';
+import { getImageResizingContextId } from './getImageResizingContextId';
+
+describe('getImageResizingContextId', () => {
+    it('should return proxy identifier for proxy requests', () => {
+        const proxyRequestURL = new URL('https://proxy.gitbook.site/sites/site_foo/hello/world');
+        expect(getImageResizingContextId(proxyRequestURL)).toBe('sites/site_foo');
+    });
+
+    it('should return preview identifier for preview requests', () => {
+        const previewRequestURL = new URL('https://preview/site_foo/hello/world');
+        expect(getImageResizingContextId(previewRequestURL)).toBe('site_foo');
+    });
+
+    it('should return host for regular requests', () => {
+        const regularRequestURL = new URL('https://example.com/docs/foo/hello/world');
+        expect(getImageResizingContextId(regularRequestURL)).toBe('example.com');
+    });
+});

packages/gitbook-v2/src/lib/images/getImageResizingContextId.ts

@@ -1,4 +1,5 @@
-import { getProxyRequestIdentifier, isProxyRequest } from '../data';
+import { getPreviewRequestIdentifier, isPreviewRequest } from '@v2/lib/preview';
+import { getProxyRequestIdentifier, isProxyRequest } from '@v2/lib/proxy';
 
 /**
  * Get the site identifier to use for image resizing for an incoming request.
@@ -8,6 +9,9 @@ export function getImageResizingContextId(url: URL): string {
     if (isProxyRequest(url)) {
         return getProxyRequestIdentifier(url);
     }
+    if (isPreviewRequest(url)) {
+        return getPreviewRequestIdentifier(url);
+    }
 
     return url.host;
 }

packages/gitbook-v2/src/lib/preview.test.ts

@@ -0,0 +1,21 @@
+import { describe, expect, it } from 'bun:test';
+import { getPreviewRequestIdentifier, isPreviewRequest } from './preview';
+
+describe('isPreviewRequest', () => {
+    it('should return true for preview requests', () => {
+        const previewRequestURL = new URL('https://preview/site_foo/hello/world');
+        expect(isPreviewRequest(previewRequestURL)).toBe(true);
+    });
+
+    it('should return false for non-preview requests', () => {
+        const nonPreviewRequestURL = new URL('https://example.com/docs/foo/hello/world');
+        expect(isPreviewRequest(nonPreviewRequestURL)).toBe(false);
+    });
+});
+
+describe('getPreviewRequestIdentifier', () => {
+    it('should return the correct identifier for preview requests', () => {
+        const previewRequestURL = new URL('https://preview/site_foo/hello/world');
+        expect(getPreviewRequestIdentifier(previewRequestURL)).toBe('site_foo');
+    });
+});

packages/gitbook-v2/src/lib/preview.ts

@@ -0,0 +1,13 @@
+/**
+ * Check if the request to the site is a preview request.
+ */
+export function isPreviewRequest(requestURL: URL): boolean {
+    return requestURL.host === 'preview';
+}
+
+export function getPreviewRequestIdentifier(requestURL: URL): string {
+    // For preview requests, we extract the site ID from the pathname
+    // e.g. https://preview/site_id/...
+    const pathname = requestURL.pathname.slice(1).split('/');
+    return pathname[0];
+}

packages/gitbook-v2/src/lib/data/proxy.test.ts renamed to packages/gitbook-v2/src/lib/proxy.test.ts

@@ -0,0 +1,49 @@
+import crypto from 'node:crypto';
+import type { NextApiRequest, NextApiResponse } from 'next';
+
+interface JsonBody {
+    // The paths need to be the rewritten one, `res.revalidate` call don't go through the middleware
+    paths: string[];
+}
+
+export default async function handler(req: NextApiRequest, res: NextApiResponse) {
+    // Only allow POST requests
+    if (req.method !== 'POST') {
+        return res.status(405).json({ error: 'Method not allowed' });
+    }
+    const signatureHeader = req.headers['x-gitbook-signature'] as string | undefined;
+    if (!signatureHeader) {
+        return res.status(400).json({ error: 'Missing signature header' });
+    }
+    // We cannot use env from `@/v2/lib/env` here as it make it crash because of the import "server-only" in the file.
+    if (process.env.GITBOOK_SECRET) {
+        try {
+            const computedSignature = crypto
+                .createHmac('sha256', process.env.GITBOOK_SECRET)
+                .update(JSON.stringify(req.body))
+                .digest('hex');
+
+            if (computedSignature === signatureHeader) {
+                const results = await Promise.allSettled(
+                    (req.body as JsonBody).paths.map((path) => {
+                        // biome-ignore lint/suspicious/noConsole: we want to log here
+                        console.log(`Revalidating path: ${path}`);
+                        return res.revalidate(path);
+                    })
+                );
+                return res.status(200).json({
+                    success: results.every((result) => result.status === 'fulfilled'),
+                    errors: results
+                        .filter((result) => result.status === 'rejected')
+                        .map((result) => (result as PromiseRejectedResult).reason),
+                });
+            }
+            return res.status(401).json({ error: 'Invalid signature' });
+        } catch (error) {
+            console.error('Error during revalidation:', error);
+            return res.status(400).json({ error: 'Invalid request or unable to parse JSON' });
+        }
+    }
+    // If no secret is set, we do not allow revalidation
+    return res.status(403).json({ error: 'Revalidation is disabled' });
+}

packages/gitbook-v2/src/lib/data/proxy.ts renamed to packages/gitbook-v2/src/lib/proxy.ts

@@ -2,6 +2,7 @@ import type { SiteSpace } from '@gitbook/api';
 
 import { tcls } from '@/lib/tailwind';
 
+import { joinPath } from '@/lib/paths';
 import type { GitBookSiteContext } from '@v2/lib/context';
 import { DropdownChevron, DropdownMenu } from './DropdownMenu';
 import { SpacesDropdownMenuItem } from './SpacesDropdownMenuItem';
@@ -74,11 +75,22 @@ export function SpacesDropdown(props: {
                         title: otherSiteSpace.title,
                         url: otherSiteSpace.urls.published
                             ? linker.toLinkForContent(otherSiteSpace.urls.published)
-                            : otherSiteSpace.space.urls.app,
+                            : getFallbackSiteSpaceURL(otherSiteSpace, context),
                     }}
                     active={otherSiteSpace.id === siteSpace.id}
                 />
             ))}
         </DropdownMenu>
     );
 }
+
+/**
+ * When the site is not published yet, `urls.published` is not available.
+ * To ensure navigation works in preview, we compute a relative URL from the siteSpace path.
+ */
+function getFallbackSiteSpaceURL(siteSpace: SiteSpace, context: GitBookSiteContext) {
+    const { linker, sections } = context;
+    return linker.toPathInSite(
+        sections?.current ? joinPath(sections.current.path, siteSpace.path) : siteSpace.path
+    );
+}

packages/gitbook-v2/src/pages/api/~gitbook/force-revalidate.ts

@@ -53,6 +53,8 @@ function encodeSection(context: GitBookSiteContext, section: SiteSection) {
         description: section.description,
         icon: section.icon,
         object: section.object,
-        url: section.urls.published ? linker.toLinkForContent(section.urls.published) : '',
+        url: section.urls.published
+            ? linker.toLinkForContent(section.urls.published)
+            : linker.toPathInSite(section.path),
     };
 }

packages/gitbook/src/components/Header/SpacesDropdown.tsx

@@ -9,7 +9,6 @@ import { getAssetURL } from '@/lib/assets';
 import { filterOutNullable } from '@/lib/typescript';
 import { getCacheTag } from '@gitbook/cache-tags';
 import type { GitBookSiteContext } from '@v2/lib/context';
-import { getCloudflareContext } from '@v2/lib/data/cloudflare';
 import { getResizedImageURL } from '@v2/lib/images';
 
 const googleFontsMap: { [fontName in CustomizationDefaultFont]: string } = {
@@ -73,8 +72,12 @@ export async function serveOGImage(baseContext: GitBookSiteContext, params: Page
 
             const fonts = (
                 await Promise.all([
-                    loadGoogleFont({ fontFamily, text: regularText, weight: 400 }),
-                    loadGoogleFont({ fontFamily, text: boldText, weight: 700 }),
+                    getWithCache(`google-font:${fontFamily}:400`, () =>
+                        loadGoogleFont({ fontFamily, text: regularText, weight: 400 })
+                    ),
+                    getWithCache(`google-font:${fontFamily}:700`, () =>
+                        loadGoogleFont({ fontFamily, text: boldText, weight: 700 })
+                    ),
                 ])
             ).filter(filterOutNullable);
 
@@ -322,24 +325,6 @@ function logOnCloudflareOnly(message: string) {
     }
 }
 
-/**
- * Fetch a resource from the function itself.
- * To avoid error with worker to worker requests in the same zone, we use the `WORKER_SELF_REFERENCE` binding.
- */
-async function fetchSelf(url: string) {
-    const cloudflare = getCloudflareContext();
-    if (cloudflare?.env.WORKER_SELF_REFERENCE) {
-        logOnCloudflareOnly(`Fetching self: ${url}`);
-        return await cloudflare.env.WORKER_SELF_REFERENCE.fetch(
-            // `getAssetURL` can return a relative URL, so we need to make it absolute
-            // the URL doesn't matter, as we're using the worker-self-reference binding
-            new URL(url, 'https://worker-self-reference/')
-        );
-    }
-
-    return await fetch(url);
-}
-
 /**
  * Read an image from a response as a base64 encoded string.
  */
@@ -357,27 +342,34 @@ async function readImage(response: Response) {
     return `data:${contentType};base64,${base64}`;
 }
 
-const staticImagesCache = new Map<string, string>();
+// biome-ignore lint/suspicious/noExplicitAny: <explanation>
+const staticCache = new Map<string, any>();
+
+// Do we need to limit the in-memory cache size? I think given the usage, we should be fine.
+async function getWithCache<T>(key: string, fn: () => Promise<T>) {
+    const cached = staticCache.get(key) as T;
+    if (cached) {
+        return Promise.resolve(cached);
+    }
+
+    const result = await fn();
+    staticCache.set(key, result);
+    return result;
+}
 
 /**
  * Read a static image and cache it in memory.
  */
 async function readStaticImage(url: string) {
-    const cached = staticImagesCache.get(url);
-    if (cached) {
-        return cached;
-    }
-
-    const image = await readSelfImage(url);
-    staticImagesCache.set(url, image);
-    return image;
+    logOnCloudflareOnly(`Reading static image: ${url}, cache size: ${staticCache.size}`);
+    return getWithCache(`static-image:${url}`, () => readSelfImage(url));
 }
 
 /**
  * Read an image from GitBook itself.
  */
 async function readSelfImage(url: string) {
-    const response = await fetchSelf(url);
+    const response = await fetch(url);
     const image = await readImage(response);
     return image;
 }

packages/gitbook/src/components/SiteSections/encodeClientSiteSections.ts

@@ -312,6 +312,11 @@ function getSecurityHeaders(securities: OpenAPIOperationData['securities']): {
                 [name]: 'YOUR_API_KEY',
             };
         }
+        case 'oauth2': {
+            return {
+                Authorization: 'Bearer YOUR_OAUTH2_TOKEN',
+            };
+        }
         default: {
             return {};
         }

packages/gitbook/src/routes/ogimage.tsx

@@ -18,7 +18,7 @@ export function OpenAPISpec(props: {
 
     const { operation } = data;
 
-    const parameters = operation.parameters ?? [];
+    const parameters = deduplicateParameters(operation.parameters ?? []);
     const parameterGroups = groupParameters(parameters, context);
 
     const securities = 'securities' in data ? data.securities : [];
@@ -113,3 +113,23 @@ function getParameterGroupName(paramIn: string, context: OpenAPIClientContext):
             return paramIn;
     }
 }
+
+/** Deduplicate parameters by name and in.
+ * Some specs have both parameters define at path and operation level.
+ * We only want to display one of them.
+ */
+function deduplicateParameters(parameters: OpenAPI.Parameters): OpenAPI.Parameters {
+    const seen = new Set();
+
+    return parameters.filter((param) => {
+        const key = `${param.name}:${param.in}`;
+
+        if (seen.has(key)) {
+            return false;
+        }
+
+        seen.add(key);
+
+        return true;
+    });
+}

packages/react-openapi/src/OpenAPICodeSample.tsx

@@ -400,7 +400,7 @@ describe('python code sample generator', () => {
         const output = generator?.generate(input);
 
         expect(output).toBe(
-            'import requests\n\nresponse = requests.get(\n    "https://example.com/path",\n    headers={"Content-Type":"application/x-www-form-urlencoded"},\n    data={"key":"value"}\n)\n\ndata = response.json()'
+            'import requests\n\nresponse = requests.get(\n    "https://example.com/path",\n    headers={"Content-Type":"application/x-www-form-urlencoded"},\n    data={\n      "key": "value"\n    }\n)\n\ndata = response.json()'
         );
     });
 
@@ -422,7 +422,7 @@ describe('python code sample generator', () => {
         const output = generator?.generate(input);
 
         expect(output).toBe(
-            'import requests\n\nresponse = requests.get(\n    "https://example.com/path",\n    headers={"Content-Type":"application/json"},\n    data=json.dumps({"key":"value","truethy":True,"falsey":False,"nullish":None})\n)\n\ndata = response.json()'
+            'import requests\n\nresponse = requests.get(\n    "https://example.com/path",\n    headers={"Content-Type":"application/json"},\n    data=json.dumps({\n      "key": "value",\n      "truethy": True,\n      "falsey": False,\n      "nullish": None\n    })\n)\n\ndata = response.json()'
         );
     });