diff --git a/CHANGELOG.md b/CHANGELOG.md
index a27c4c5..a9a96e6 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -72,7 +72,7 @@
different input formats.
* [#146](https://github.com/paragonie/airship/issues/146):
Created a button to purge the caches.
- * Hid the link to view blog post history, as that feature was
+ * Hid the link to view blog post history, as that feature was
overlooked. We'll implement it in version 1.4.0.
* Some image types can be viewed directly instead of always forcing a
download. The enforcement logic is a whitelist (that gadgets can
@@ -83,7 +83,7 @@
* Significant UI/UX improvements.
* Redesigned the Bridge UI to be more suitable for a control panel.
* The left menu in the Bridge is now collapsable, but automatically
- opens the sections which indicate your current location in the
+ opens the sections which indicate your current location in the
cabin.
* Update [Halite](https://github.com/paragonie/halite) to 2.2.0.
* Added a `WhiteList` filter, which is a strict typed alternative to
@@ -142,7 +142,7 @@
## Version 1.2.2 - 2016-07-13
* Improved Continuum/Keyggdrasil logging.
- * Created a tool for automating step one of the installer from the command
+ * Created a tool for automating step one of the installer from the command
line.
## Version 1.2.1 - 2016-07-09
@@ -173,10 +173,10 @@
Added a faster install option for deploying an Airship in a hurry, with the
sane defaults we provide.
* [#77](https://github.com/paragonie/airship/issues/77):
- Fixed responsive UI/UX warts (i.e. small links and buttons).
+ Fixed responsive UI/UX warts (i.e. small links and buttons).
* [#80](https://github.com/paragonie/airship/issues/80):
If the GD extension isn't loaded, render QR codes for two-factor
- authentication as SVG instead.
+ authentication as SVG instead.
* [#88](https://github.com/paragonie/airship/issues/88):
The installer now uses Zxcvbn to enforce a minimum password strength for
administrator accounts.
@@ -189,12 +189,12 @@
* i18n - run parameters through HTMLPurifier (with caching) to prevent future
XSS payloads in case someone forgets to escape these parameters. HTML is
- still allowed, so if you're inserting in an HTML attribute, use the
+ still allowed, so if you're inserting in an HTML attribute, use the
`|e('html_attr')` filter on your input.
* Use the correct POST index in account recovery.
* Treat SVG and XML files as plaintext, to prevent stored XSS. Reported on
[HackerOne](https://hackerone.com/reports/148853).
- * Send `Content-Security-Policy` headers on file downloads as well as web
+ * Send `Content-Security-Policy` headers on file downloads as well as web
pages. Just in case another file type exists in the world that executes
JavaScript when the file is viewed.
@@ -216,7 +216,7 @@
Fixes for bugs reported by [@kelunik](https://github.com/kelunik) and
[@co60ca](https://github.com/co60ca).
-
+
* [#61](https://github.com/paragonie/airship/issues/61):
Comments need a min-height attribute.
* [#62](https://github.com/paragonie/airship/issues/62), [#64](https://github.com/paragonie/airship/issues/64):
@@ -310,7 +310,7 @@
* Implemented input filters which work on multidimensional arrays (e.g
`$_POST`). We provide a few examples (one for each cabin's custom config
and one for the universal config).
- * Implemented optional **Two-Factor Authentication** support via TOTP
+ * Implemented optional **Two-Factor Authentication** support via TOTP
(e.g. Google Authenticator).
* Airship now supports in-memory caching via APCu instead of the filesystem.
* Comments are now loaded with AJAX when you elect to cache a blog post.
@@ -353,7 +353,7 @@
* Users can now selected uploaded image files to use for biography images and
avatars to accompany their blog comments.
* Lots of reorganization, refactoring, and clean-up.
- * Moved the [CMS Airship Documentation](https://github.com/paragonie/airship-docs)
+ * Moved the [CMS Airship Documentation](https://github.com/paragonie/airship/tree/master/docs)
to its own dedicated git repository.
* When you change a blog post's slug, you can optionally create an HTTP 301
redirect to the new URL to prevent visitors from getting an unfortunate
diff --git a/README.md b/README.md
index 3bc30ef..b976b77 100755
--- a/README.md
+++ b/README.md
@@ -18,13 +18,13 @@ if your company requires an alternative to the GNU Public License.
## Benefits of CMS Airship
-1. [**Digitally signed automatic security updates.**](https://github.com/paragonie/airship-docs/blob/master/en-us/WHY.md#1-digitally-signed-automatic-security-updates)
-2. [Community first.](https://github.com/paragonie/airship-docs/blob/master/en-us/WHY.md#2-the-community-is-always-in-control-of-any-add-ons-it-produces)
+1. [**Digitally signed automatic security updates.**](https://github.com/paragonie/airship/tree/master/docs/en-us/WHY.md#1-digitally-signed-automatic-security-updates)
+2. [Community first.](https://github.com/paragonie/airship/tree/master/docs/en-us/WHY.md#2-the-community-is-always-in-control-of-any-add-ons-it-produces)
The community is always in control of any add-ons it produces. No one
can backdoor your extensions without your signing keys.
-3. [Supports a multi-site architecture out of the box.](https://github.com/paragonie/airship-docs/blob/master/en-us/WHY.md#3-supports-a-multi-site-architecture-out-of-the-box)
-4. [Designed by progressive-minded application security professionals.](https://github.com/paragonie/airship-docs/blob/master/en-us/WHY.md#4-designed-by-progressive-minded-application-security-professionals)
-5. [Fully customizable and extensible.](https://github.com/paragonie/airship-docs/blob/master/en-us/WHY.md#5-our-gear-system-allows-the-framework-to-be-extended)
+3. [Supports a multi-site architecture out of the box.](https://github.com/paragonie/airship/tree/master/docs/en-us/WHY.md#3-supports-a-multi-site-architecture-out-of-the-box)
+4. [Designed by progressive-minded application security professionals.](https://github.com/paragonie/airship/tree/master/docs/en-us/WHY.md#4-designed-by-progressive-minded-application-security-professionals)
+5. [Fully customizable and extensible.](https://github.com/paragonie/airship/tree/master/docs/en-us/WHY.md#5-our-gear-system-allows-the-framework-to-be-extended)
Our `Gears` system allows extensions to easily restructure and/or
replace entire Airship features without causing conflicts with our
secure automatic updating process.
@@ -44,20 +44,20 @@ The [CMS Airship Documentation](https://github.com/paragonie/airship/tree/master
### Getting Started
- * [Five-minute overview of CMS Airship](https://github.com/paragonie/airship-docs/blob/master/en-us/5-Minute-Overview.md)
- * [Introduction](https://github.com/paragonie/airship-docs/tree/master/en-us/01-intro)
- * [How to install CMS Airship](https://github.com/paragonie/airship-docs/blob/master/en-us/01-intro/2-Installing.md)
+ * [Five-minute overview of CMS Airship](https://github.com/paragonie/airship/tree/master/docs/en-us/5-Minute-Overview.md)
+ * [Introduction](https://github.com/paragonie/airship/tree/master/docs/en-us/01-intro)
+ * [How to install CMS Airship](https://github.com/paragonie/airship/tree/master/docs/en-us/01-intro/2-Installing.md)
## Customizing Your Airship
-CMS Airship extensions come in three flavors ([detailed explanations](https://github.com/paragonie/airship-docs/blob/master/en-us/01-intro/1-Lingo-Jargon.md#airship-extension-types)):
+CMS Airship extensions come in three flavors ([detailed explanations](https://github.com/paragonie/airship/tree/master/docs/en-us/01-intro/1-Lingo-Jargon.md#airship-extension-types)):
* **Cabins**: self-contained applications
* **Gadgets**: alters the functionality of an existing Cabin (or of the
Engine itself)
* **Motifs**: alters the apperance of an existing Cabin
-To create and/or manage these extensions, check out
+To create and/or manage these extensions, check out
[barge, our command line utility](https://github.com/paragonie/airship-barge).
### Screenshot
@@ -67,6 +67,6 @@ To create and/or manage these extensions, check out
Airship is fully mobile responsive thanks to the [Pure CSS framework](http://purecss.io/).
See it in action at [CSPR.NG](https://cspr.ng).
-## Contributing to CMS Airship
+## Contributing to CMS Airship
* See [CONTRIBUTING.md](https://github.com/paragonie/airship/blob/master/.github/CONTRIBUTING.md)
diff --git a/composer.json b/composer.json
index 53169cf..78d63e8 100755
--- a/composer.json
+++ b/composer.json
@@ -20,7 +20,7 @@
"email": "security@paragonie.com",
"issues": "https://github.com/paragonie/airship/issues",
"source": "https://github.com/paragonie/airship",
- "docs": "https://github.com/paragonie/airship-docs"
+ "docs": "https://github.com/paragonie/airship/tree/master/docs"
},
"keywords": [
"Airship",
diff --git a/docs/README.md b/docs/README.md
index 445f377..11e54a2 100644
--- a/docs/README.md
+++ b/docs/README.md
@@ -1,9 +1,9 @@
# CMS Airship Documentation
This contains the documentation for [CMS Airship](https://github.com/paragonie/airship).
-The documentation is available under the CC0 license for free at
-[https://github.com/paragonie/airship-docs](https://github.com/paragonie/airship-docs).
+The documentation is available under the CC0 license for free at
+[https://github.com/paragonie/airship/tree/master/docs](https://github.com/paragonie/airship/tree/master/docs).
### Languages
-* [English (U.S.)](https://github.com/paragonie/airship-docs/tree/master/en-us)
+* [English (U.S.)](https://github.com/paragonie/airship/tree/master/docs/en-us)
diff --git a/docs/en-us/01-intro/2-Installing.md b/docs/en-us/01-intro/2-Installing.md
index 29a053f..8764f35 100644
--- a/docs/en-us/01-intro/2-Installing.md
+++ b/docs/en-us/01-intro/2-Installing.md
@@ -63,7 +63,7 @@ Run these commands to get PHP 7 installed. These instructions assume you have Ub
echo -e "\033[33mDownloading PGP Public Key...\033[0m"
gpg --recv-keys 6572BBEF1B5FF28B28B706837E3F070089DF5277
# http://pgp.mit.edu/pks/lookup?op=vindex&fingerprint=on&search=0x6572BBEF1B5FF28B28B706837E3F070089DF5277
- # DotDeb Signing Key
+ # DotDeb Signing Key
gpg --fingerprint 6572BBEF1B5FF28B28B706837E3F070089DF5277
if [ $? -ne 0 ]; then
echo -e "\033[31mCould not download PGP public key for verification\033[0m"
@@ -71,17 +71,17 @@ Run these commands to get PHP 7 installed. These instructions assume you have Ub
fi
fi
gpg -a --export 6572BBEF1B5FF28B28B706837E3F070089DF5277 | sudo apt-key add -
-
+
# Install PHP from DotDeb
sudo apt-get -y install php7.0 php7.0-cli php7.0-fpm php7.0-json php7.0-pgsql php7.0-curl php7.0-dev php7.0-mbstring php7.0-gd
wget https://pear.php.net/go-pear.phar
-
+
# The PEAR team doesn't provide a GPG signature, so we have to do this:
echo "8322214a6979a0917f0068af924428a80ff7083b94343396b13dac1d0f916748025fab72290af340d30633837222c277 go-pear.phar" | sha384sum -c
if [ $? -eq 0 ]; then
php go-pear.phar
fi
-
+
sudo pecl install zip
echo "extension=zip.so" > /etc/php/7.0/cli/conf.d/20-zip.ini
echo "extension=zip.so" > /etc/php/7.0/fpm/conf.d/zip.ini
@@ -95,7 +95,7 @@ Run these commands to get PHP 7 installed. These instructions assume you have Ub
echo -e "\033[33mDownloading PGP Public Key...\033[0m"
gpg --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
# http://pgp.mit.edu/pks/lookup?op=vindex&fingerprint=on&search=0xB97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
- # PostgreSQL Signing Key
+ # PostgreSQL Signing Key
gpg --fingerprint B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
if [ $? -ne 0 ]; then
echo -e "\033[31mCould not download PGP public key for verification\033[0m"
@@ -103,7 +103,7 @@ Run these commands to get PHP 7 installed. These instructions assume you have Ub
fi
fi
gpg -a --export B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8 | sudo apt-key add -
-
+
# Now. let's install PostgreSQL
sudo apt-get update
sudo apt-get install postgresql-9.5
@@ -188,13 +188,13 @@ If you haven't already done so, restart your webserver then visit the URL or IP
address that corresponds to the active virtual host in your browser.
Once you access the web installer, a security cookie is placed in your browser
-which prevents anyone from accessing the installer until the process is
+which prevents anyone from accessing the installer until the process is
finished. If you get locked out, run this command and reload
the page. (You will have to start over, but the process is brief.)
php src/Installer/launch.php reset
-
+
From this point, follow the prompts on the web-based installer and you'll be
ready to take off.
-[Next: Basic Usage](https://github.com/paragonie/airship-docs/tree/master/en-us/02-basic-usage).
+[Next: Basic Usage](https://github.com/paragonie/airship/tree/master/docs/en-us/02-basic-usage).
diff --git a/docs/en-us/WHY.md b/docs/en-us/WHY.md
index 0090b71..d6728d6 100644
--- a/docs/en-us/WHY.md
+++ b/docs/en-us/WHY.md
@@ -9,27 +9,27 @@
### 1. Digitally signed automatic security updates.
-Unlike other frameworks and content management systems, our authenticated
+Unlike other frameworks and content management systems, our authenticated
automatic security updating mechanism is a **first-class design decision**.
-If a security vulnerability is ever discovered in Airship, the patch
+If a security vulnerability is ever discovered in Airship, the patch
will automatically be applied in your website within an hour of being
released by our team.
-All security updates will be digitally signed with a secret key to
+All security updates will be digitally signed with a secret key to
guarantee authenticity; the associated public key is packaged with the
default Airship configuration. The digital signature algorithm we use is
**`Ed25519`** (facilitated by libsodium).
We take extra care when handling our secret key; should it ever be
-compromised, we will use our backup key to revoke the old one and
+compromised, we will use our backup key to revoke the old one and
replace it with a new one.
You can disable the auto-update feature from the Bridge, but we do not
recommend doing this.
-You can also choose to trust someone else's mirrors and public key
-instead of ours. The code is completely open, but you only need change a
+You can also choose to trust someone else's mirrors and public key
+instead of ours. The code is completely open, but you only need change a
JSON configuration file to decide to trust someone else.
### 2. The community is always in control of any add-ons it produces.
@@ -37,17 +37,17 @@ JSON configuration file to decide to trust someone else.
Airship offers three strategies for extending its base features:
1. Cabins, which are entire applications (see #3 below).
-2. Gadgets, which are plugins that can be applied at a per-Cabin level
+2. Gadgets, which are plugins that can be applied at a per-Cabin level
or across every Cabin in your ship.
-3. Motifs, which change the look and feel of your Airship.
+3. Motifs, which change the look and feel of your Airship.
All Cabins, Gadgets, and Motifs can be assigned to a vendor (which has
-its own Ed25519 key pair), and that supplier has control of the
+its own Ed25519 key pair), and that supplier has control of the
distribution of automatic updates.
-**This gives you, the supplier, control over your add-ons**, not us.
+**This gives you, the supplier, control over your add-ons**, not us.
Neither the Airship development team nor Paragon Initiative Enterprises
-can prevent your users from installing, updating, or using any add-on.
+can prevent your users from installing, updating, or using any add-on.
We *can* still de-list abusive add-ons from the official SkyPort, but
anyone can operate their own and we will always aspire to make switching
@@ -58,7 +58,7 @@ barriers to entry.
### 3. Supports a multi-site architecture out of the box.
-Each Cabin is its own website. Install as many Cabins as you need. No
+Each Cabin is its own website. Install as many Cabins as you need. No
questionable hacks needed.
### 4. Designed by progressive-minded application security professionals.
@@ -68,9 +68,9 @@ We specialize in application security and applied cryptography.
### 5. Our Gear system allows the framework to be extended.
-Because of our auto-updater, any local changes made to the Engine files
+Because of our auto-updater, any local changes made to the Engine files
will be obliterated whenever an upstream change occurs. To allow users
-to extend and customize the core classes to meet their needs, we
+to extend and customize the core classes to meet their needs, we
designed our application around the `Gears` system.
Most of the core `Engine` classes can be extended at runtime by the
@@ -83,7 +83,7 @@ accessing the core classes directly, load the latest version of the Gear
Compare, for example, [this long guide to securing WordPress](https://codex.wordpress.org/Hardening_WordPress)
with our guide to securing Airship:
-1. Use TLS (if you use [Caddy](https://github.com/paragonie/airship-docs/blob/master/en-us/01-intro/2-Installing.md#caddy-recommended),
+1. Use TLS (if you use [Caddy](https://github.com/paragonie/airship/blob/master/docs/en-us/01-intro/2-Installing.md#caddy-recommended),
this is automatic in production environments).
2. Don't disable automatic updates.
3. Use a strong password.
@@ -95,7 +95,7 @@ of Service attacks. Even if our infrastrucutre is compromised, your Airship is
protected by [strong cryptography](https://paragonie.com/blog/2016/05/keyggdrasil-continuum-cryptography-powering-cms-airship).
### Vulnerabilities we Prevent
-
+
What follows is a list of security vulnerabilities you will almost certainly
never have to worry about if you use CMS Airship.
@@ -103,7 +103,7 @@ never have to worry about if you use CMS Airship.
* Airship uses a virtual filesystem that offers read-only access (and only
to authorized users) to uploaded files. Files will never execute in the
server nor in your browser.
-* **SQL Injection** is effectively mitigated by our use of prepared
+* **SQL Injection** is effectively mitigated by our use of prepared
statements in nearly every context. Where prepared statements aren't
used, a typecast to int or strict whitelist of allowed characters is
enforced instead.
@@ -166,4 +166,4 @@ never have to worry about if you use CMS Airship.
* Tor-friendly server-side communications
* Manage your security headers from a web interface.
* Content-Security-Policy
- * HTTP Public-Key-Pinning
\ No newline at end of file
+ * HTTP Public-Key-Pinning
diff --git a/docs/es-la/01-intro/2-Installing.md b/docs/es-la/01-intro/2-Installing.md
index da585ef..c6557ff 100644
--- a/docs/es-la/01-intro/2-Installing.md
+++ b/docs/es-la/01-intro/2-Installing.md
@@ -5,7 +5,7 @@
Hay un archivo docker-compose.yml en [el repositorio principal](https://github.com/paragonie/airship) que usado junto con
docker-compose construirá el software requerido. Leer [la documentaciòn oficial de docker](https://docs.docker.com/compose/overview/) para màs detalles sobre còmo utilizar docker-compose.
-## Instalación Manual
+## Instalación Manual
> Nota: Si tiene problemas al verificar las firmas GPG, puede que necesite
> [cambiar la ruta de PGP](http://jotham-city.com/blog/2015/02/14/verifying-gpg-signatures-for-makepkg/).
@@ -63,7 +63,7 @@ Ejecute estos comandos para instalar PHP 7. Estas instrucciones asumn que tiene
echo -e "\033[33mDownloading PGP Public Key...\033[0m"
gpg --recv-keys 6572BBEF1B5FF28B28B706837E3F070089DF5277
# http://pgp.mit.edu/pks/lookup?op=vindex&fingerprint=on&search=0x6572BBEF1B5FF28B28B706837E3F070089DF5277
- # DotDeb Signing Key
+ # DotDeb Signing Key
gpg --fingerprint 6572BBEF1B5FF28B28B706837E3F070089DF5277
if [ $? -ne 0 ]; then
echo -e "\033[31mCould not download PGP public key for verification\033[0m"
@@ -71,17 +71,17 @@ Ejecute estos comandos para instalar PHP 7. Estas instrucciones asumn que tiene
fi
fi
gpg -a --export 6572BBEF1B5FF28B28B706837E3F070089DF5277 | sudo apt-key add -
-
+
# Instalar PHP desde DotDeb
sudo apt-get -y install php7.0 php7.0-cli php7.0-fpm php7.0-json php7.0-pgsql php7.0-curl php7.0-dev php7.0-mbstring php7.0-gd
wget https://pear.php.net/go-pear.phar
-
+
# PEAR team no provee una firma GPG, así que tendremos que hacer ésto:
echo "8322214a6979a0917f0068af924428a80ff7083b94343396b13dac1d0f916748025fab72290af340d30633837222c277 go-pear.phar" | sha384sum -c
if [ $? -eq 0 ]; then
php go-pear.phar
fi
-
+
sudo pecl install zip
echo "extension=zip.so" > /etc/php/7.0/cli/conf.d/20-zip.ini
echo "extension=zip.so" > /etc/php/7.0/fpm/conf.d/zip.ini
@@ -95,7 +95,7 @@ Ejecute estos comandos para instalar PHP 7. Estas instrucciones asumn que tiene
echo -e "\033[33mDownloading PGP Public Key...\033[0m"
gpg --recv-keys B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
# http://pgp.mit.edu/pks/lookup?op=vindex&fingerprint=on&search=0xB97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
- # PostgreSQL Signing Key
+ # PostgreSQL Signing Key
gpg --fingerprint B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8
if [ $? -ne 0 ]; then
echo -e "\033[31mCould not download PGP public key for verification\033[0m"
@@ -103,7 +103,7 @@ Ejecute estos comandos para instalar PHP 7. Estas instrucciones asumn que tiene
fi
fi
gpg -a --export B97B0AFCAA1A47F044F244A07FCC7D46ACCC4CF8 | sudo apt-key add -
-
+
# Ahora, a instalar PostgreSQL
sudo apt-get update
sudo apt-get install postgresql-9.5
@@ -188,13 +188,13 @@ Si no lo ha hecho todavía, reinicie su webserver y visite su URL o dirección I
que corresponde al host virtual activo en su browser.
Una vez que haya accedido al instalador,una cookie de seguridad es puesta en su navegador,
-la cual evita que cualquier otra persona entre al instalador hasta que el proceso haya
+la cual evita que cualquier otra persona entre al instalador hasta que el proceso haya
terminado. Si por alguna razón ha quedado fuera, ejecute este comando y refresque
la página. (Tendrá que hacer todo de nuevo, pero el proceso no tarda mucho.)
php src/Installer/launch.php reset
-
+
A partir de aquí, siga las instrucciones en el navegador y estará
listo para despegar.
-[Siguiente: Uso Básico](https://github.com/paragonie/airship-docs/tree/master/en-us/02-basic-usage).
+[Siguiente: Uso Básico](https://github.com/paragonie/airship/tree/master/docs/en-us/02-basic-usage).
diff --git a/docs/es-la/WHY.md b/docs/es-la/WHY.md
index 0090b71..bdd5ba8 100644
--- a/docs/es-la/WHY.md
+++ b/docs/es-la/WHY.md
@@ -9,27 +9,27 @@
### 1. Digitally signed automatic security updates.
-Unlike other frameworks and content management systems, our authenticated
+Unlike other frameworks and content management systems, our authenticated
automatic security updating mechanism is a **first-class design decision**.
-If a security vulnerability is ever discovered in Airship, the patch
+If a security vulnerability is ever discovered in Airship, the patch
will automatically be applied in your website within an hour of being
released by our team.
-All security updates will be digitally signed with a secret key to
+All security updates will be digitally signed with a secret key to
guarantee authenticity; the associated public key is packaged with the
default Airship configuration. The digital signature algorithm we use is
**`Ed25519`** (facilitated by libsodium).
We take extra care when handling our secret key; should it ever be
-compromised, we will use our backup key to revoke the old one and
+compromised, we will use our backup key to revoke the old one and
replace it with a new one.
You can disable the auto-update feature from the Bridge, but we do not
recommend doing this.
-You can also choose to trust someone else's mirrors and public key
-instead of ours. The code is completely open, but you only need change a
+You can also choose to trust someone else's mirrors and public key
+instead of ours. The code is completely open, but you only need change a
JSON configuration file to decide to trust someone else.
### 2. The community is always in control of any add-ons it produces.
@@ -37,17 +37,17 @@ JSON configuration file to decide to trust someone else.
Airship offers three strategies for extending its base features:
1. Cabins, which are entire applications (see #3 below).
-2. Gadgets, which are plugins that can be applied at a per-Cabin level
+2. Gadgets, which are plugins that can be applied at a per-Cabin level
or across every Cabin in your ship.
-3. Motifs, which change the look and feel of your Airship.
+3. Motifs, which change the look and feel of your Airship.
All Cabins, Gadgets, and Motifs can be assigned to a vendor (which has
-its own Ed25519 key pair), and that supplier has control of the
+its own Ed25519 key pair), and that supplier has control of the
distribution of automatic updates.
-**This gives you, the supplier, control over your add-ons**, not us.
+**This gives you, the supplier, control over your add-ons**, not us.
Neither the Airship development team nor Paragon Initiative Enterprises
-can prevent your users from installing, updating, or using any add-on.
+can prevent your users from installing, updating, or using any add-on.
We *can* still de-list abusive add-ons from the official SkyPort, but
anyone can operate their own and we will always aspire to make switching
@@ -58,7 +58,7 @@ barriers to entry.
### 3. Supports a multi-site architecture out of the box.
-Each Cabin is its own website. Install as many Cabins as you need. No
+Each Cabin is its own website. Install as many Cabins as you need. No
questionable hacks needed.
### 4. Designed by progressive-minded application security professionals.
@@ -68,9 +68,9 @@ We specialize in application security and applied cryptography.
### 5. Our Gear system allows the framework to be extended.
-Because of our auto-updater, any local changes made to the Engine files
+Because of our auto-updater, any local changes made to the Engine files
will be obliterated whenever an upstream change occurs. To allow users
-to extend and customize the core classes to meet their needs, we
+to extend and customize the core classes to meet their needs, we
designed our application around the `Gears` system.
Most of the core `Engine` classes can be extended at runtime by the
@@ -83,7 +83,7 @@ accessing the core classes directly, load the latest version of the Gear
Compare, for example, [this long guide to securing WordPress](https://codex.wordpress.org/Hardening_WordPress)
with our guide to securing Airship:
-1. Use TLS (if you use [Caddy](https://github.com/paragonie/airship-docs/blob/master/en-us/01-intro/2-Installing.md#caddy-recommended),
+1. Use TLS (if you use [Caddy](https://github.com/paragonie/airship/tree/master/docs/en-us/01-intro/2-Installing.md#caddy-recommended),
this is automatic in production environments).
2. Don't disable automatic updates.
3. Use a strong password.
@@ -95,7 +95,7 @@ of Service attacks. Even if our infrastrucutre is compromised, your Airship is
protected by [strong cryptography](https://paragonie.com/blog/2016/05/keyggdrasil-continuum-cryptography-powering-cms-airship).
### Vulnerabilities we Prevent
-
+
What follows is a list of security vulnerabilities you will almost certainly
never have to worry about if you use CMS Airship.
@@ -103,7 +103,7 @@ never have to worry about if you use CMS Airship.
* Airship uses a virtual filesystem that offers read-only access (and only
to authorized users) to uploaded files. Files will never execute in the
server nor in your browser.
-* **SQL Injection** is effectively mitigated by our use of prepared
+* **SQL Injection** is effectively mitigated by our use of prepared
statements in nearly every context. Where prepared statements aren't
used, a typecast to int or strict whitelist of allowed characters is
enforced instead.
@@ -166,4 +166,4 @@ never have to worry about if you use CMS Airship.
* Tor-friendly server-side communications
* Manage your security headers from a web interface.
* Content-Security-Policy
- * HTTP Public-Key-Pinning
\ No newline at end of file
+ * HTTP Public-Key-Pinning
diff --git a/src/Cabin/Bridge/Controller/IndexPage.php b/src/Cabin/Bridge/Controller/IndexPage.php
index 8a14ac0..de5149c 100755
--- a/src/Cabin/Bridge/Controller/IndexPage.php
+++ b/src/Cabin/Bridge/Controller/IndexPage.php
@@ -286,7 +286,7 @@ public function helpPage(): void
);
} else {
// Not a registered user? Go read the docs. No info leaks for you!
- \Airship\redirect('https://github.com/paragonie/airship-docs');
+ \Airship\redirect('https://github.com/paragonie/airship/tree/master/docs');
}
}
diff --git a/src/Cabin/Bridge/View/cargo/bridge_menu.twig b/src/Cabin/Bridge/View/cargo/bridge_menu.twig
index d67b9e4..3c8b096 100755
--- a/src/Cabin/Bridge/View/cargo/bridge_menu.twig
+++ b/src/Cabin/Bridge/View/cargo/bridge_menu.twig
@@ -229,7 +229,7 @@
\ No newline at end of file
+
diff --git a/src/Cabin/Bridge/View/help.twig b/src/Cabin/Bridge/View/help.twig
index c01bb1f..f1da155 100755
--- a/src/Cabin/Bridge/View/help.twig
+++ b/src/Cabin/Bridge/View/help.twig
@@ -10,7 +10,7 @@
-