OSS 2020

As 2020 comes to an end, I thought that it might be interesting to document and comment on the OSS contributions which I made in the past year.

MongoDB & mongoose

  • PR #6 mongo-sanitize adds recursive object sanitisation, to mitigate mongoose/MongoDB injection attacks (which can occur on e.g. unsanitised JSON input).
  • Issue #8521 mongoose was created after I found that calling syncIndex() after updating the collation index for a model (for case-insensitive username matching) had no effect.
  • PR #9688 mongoose adds Github Actions CI configuration (after travis.org announcement). This was somewhat challenging due to environment (os, node, and dependency) differences and timing issues which exists in the test suite. In hindsight, it probably would have been easier if I tested it using Docker first.
  • PR #9696 mongoose adds single document populate to the new internal type definitions.
  • PR #9705 mongoose is a small CSS responsive design fix for documentation.
  • PR #374 connect-mongo (not yet merged) fixes type definitions errors caused by upstream type definition updates.


For project 2 of COMP90024, we were required to use CouchDB and its MapReduce functions to analyze harvested Twitter data. One of the tasks is to use ansible to automate the deployment of fresh nodes. Though Docker was optional, I decided to use it to reduce complexity in making changes. During this process, I ran into several non-obvious details and issues.

  • PR #185 couchdb-docker adds documentation about the default ports which are exposed by vm.args and the Dockerfile.
  • PR #186 couchdb-docker (not merged) adds a sample docker compose file.
  • PR #3036 couchdb fixes an issue which causes the finish_cluster API call to fail when executed on a fresh CouchDB node with no UUID. I helped by describing and reproducing the issue (using scripts and 2 networked VMs) and submitting the final PR.

  • PR #225 couchdb-nano fixes typescript definitions for generic user-defined requests (request, relax, dinosaur functions). I discovered this issue when attempting to use the request function to get metadata about the instance using the / route.
  • PR #226 couchdb-nano adds nano.info(), a method specifically used to retrieve the metadata. This PR came about because I was expecting a method to access the / route, but didn’t find any. As I didn’t have enough time before the project was due, I used nano.request() for the project and submitted this PR during the winter break.


  • PR #576 (my first Rust PR!) was a small fix to remove a duplicated occurrence of json in tokei --help. I came across the attached issue by chance and thought that it might be a fun problem to tackle.
  • PR #580 adds summary information (i.e. the Total) to output formats. Some minor refactoring was done to accommodate this change.

Misc self-hosted web apps

  • PR #35 wakapi adds BASE_PATH as an environment variable.
  • PR #1495 trilium was a small change to rename the session cookie from the default. This PR was inspired by a clash of express-session cookies which occurred on one of my subdomains.
  • PR #252 linx-server removes entrypoint from the sample docker-compose.yml file suggested by the documentation. This prevents the default ENTRYPOINT from the Dockerfile from being overridden.

Rose compiler

  • Issue #141 reports a compilation error.


2020 is the first year where I have started to look at and dive more deeply into the code of the software and packages that I use. Though I have mostly focused on small bugs and minor issues, I have found the process to be highly rewarding and something worthwhile to repeat for the future.

Though I doubt that many people (if there are any at all) read my blog, I wish you all the best for 2021!

← Previous Post