Skip to content

Commit 7131d44

Browse files
eliandoraneliandoran
committed
docs(dev): integrate rest of the documentation
1 parent 7369f9d commit 7131d44

File tree

14 files changed

+772
-3231
lines changed

14 files changed

+772
-3231
lines changed

docs/DATABASE.md

Lines changed: 0 additions & 736 deletions
This file was deleted.

docs/Developer Guide/!!!meta.json

Lines changed: 106 additions & 60 deletions
Original file line numberDiff line numberDiff line change
@@ -172,64 +172,57 @@
172172
"children": [
173173
{
174174
"isClone": false,
175-
"noteId": "2DJZgzpTJ078",
175+
"noteId": "dsMq2EIOMOBU",
176176
"notePath": [
177177
"jdjRLhLV3TtI",
178178
"MhwWMgxwDTZL",
179-
"2DJZgzpTJ078"
179+
"dsMq2EIOMOBU"
180180
],
181-
"title": "Client-server architecture",
181+
"title": "Frontend",
182182
"notePosition": 10,
183183
"prefix": null,
184184
"isExpanded": false,
185185
"type": "text",
186186
"mime": "text/html",
187-
"attributes": [],
188-
"format": "markdown",
189-
"attachments": [],
190-
"dirFileName": "Client-server architecture",
191-
"children": [
187+
"attributes": [
192188
{
193-
"isClone": false,
194-
"noteId": "dsMq2EIOMOBU",
195-
"notePath": [
196-
"jdjRLhLV3TtI",
197-
"MhwWMgxwDTZL",
198-
"2DJZgzpTJ078",
199-
"dsMq2EIOMOBU"
200-
],
201-
"title": "Frontend",
202-
"notePosition": 10,
203-
"prefix": null,
204-
"isExpanded": false,
205-
"type": "text",
206-
"mime": "text/html",
207-
"attributes": [],
208-
"format": "markdown",
209-
"dataFileName": "Frontend.md",
210-
"attachments": []
211-
},
189+
"type": "label",
190+
"name": "shareAlias",
191+
"value": "frontend",
192+
"isInheritable": false,
193+
"position": 20
194+
}
195+
],
196+
"format": "markdown",
197+
"dataFileName": "Frontend.md",
198+
"attachments": []
199+
},
200+
{
201+
"isClone": false,
202+
"noteId": "tsswRlmHEnYW",
203+
"notePath": [
204+
"jdjRLhLV3TtI",
205+
"MhwWMgxwDTZL",
206+
"tsswRlmHEnYW"
207+
],
208+
"title": "Backend",
209+
"notePosition": 20,
210+
"prefix": null,
211+
"isExpanded": false,
212+
"type": "text",
213+
"mime": "text/html",
214+
"attributes": [
212215
{
213-
"isClone": false,
214-
"noteId": "tsswRlmHEnYW",
215-
"notePath": [
216-
"jdjRLhLV3TtI",
217-
"MhwWMgxwDTZL",
218-
"2DJZgzpTJ078",
219-
"tsswRlmHEnYW"
220-
],
221-
"title": "Backend",
222-
"notePosition": 20,
223-
"prefix": null,
224-
"isExpanded": false,
225-
"type": "text",
226-
"mime": "text/html",
227-
"attributes": [],
228-
"format": "markdown",
229-
"dataFileName": "Backend.md",
230-
"attachments": []
216+
"type": "label",
217+
"name": "shareAlias",
218+
"value": "backend",
219+
"isInheritable": false,
220+
"position": 20
231221
}
232-
]
222+
],
223+
"format": "markdown",
224+
"dataFileName": "Backend.md",
225+
"attachments": []
233226
},
234227
{
235228
"isClone": false,
@@ -240,7 +233,7 @@
240233
"pRZhrVIGCbMu"
241234
],
242235
"title": "Database",
243-
"notePosition": 20,
236+
"notePosition": 40,
244237
"prefix": null,
245238
"isExpanded": false,
246239
"type": "text",
@@ -785,15 +778,23 @@
785778
"MhwWMgxwDTZL",
786779
"Wxn82Em8B7U5"
787780
],
788-
"title": "API",
789-
"notePosition": 30,
781+
"title": "APIs",
782+
"notePosition": 50,
790783
"prefix": null,
791784
"isExpanded": false,
792785
"type": "text",
793786
"mime": "text/html",
794-
"attributes": [],
787+
"attributes": [
788+
{
789+
"type": "label",
790+
"name": "shareAlias",
791+
"value": "api",
792+
"isInheritable": false,
793+
"position": 20
794+
}
795+
],
795796
"format": "markdown",
796-
"dataFileName": "API.md",
797+
"dataFileName": "APIs.md",
797798
"attachments": []
798799
},
799800
{
@@ -805,7 +806,7 @@
805806
"Vk4zD1Iirarg"
806807
],
807808
"title": "Arhitecture Decision Records",
808-
"notePosition": 40,
809+
"notePosition": 60,
809810
"prefix": null,
810811
"isExpanded": false,
811812
"type": "text",
@@ -817,6 +818,13 @@
817818
"value": "Jg7clqogFOyD",
818819
"isInheritable": false,
819820
"position": 20
821+
},
822+
{
823+
"type": "label",
824+
"name": "shareAlias",
825+
"value": "adr",
826+
"isInheritable": false,
827+
"position": 30
820828
}
821829
],
822830
"format": "markdown",
@@ -825,14 +833,14 @@
825833
},
826834
{
827835
"isClone": false,
828-
"noteId": "QW1MB7RZB5Gf",
836+
"noteId": "RHbKw3xiwk3S",
829837
"notePath": [
830838
"jdjRLhLV3TtI",
831839
"MhwWMgxwDTZL",
832-
"QW1MB7RZB5Gf"
840+
"RHbKw3xiwk3S"
833841
],
834-
"title": "Security Architecture",
835-
"notePosition": 50,
842+
"title": "Security",
843+
"notePosition": 80,
836844
"prefix": null,
837845
"isExpanded": false,
838846
"type": "text",
@@ -841,13 +849,13 @@
841849
{
842850
"type": "label",
843851
"name": "shareAlias",
844-
"value": "security-architecture",
852+
"value": "security",
845853
"isInheritable": false,
846854
"position": 20
847855
}
848856
],
849857
"format": "markdown",
850-
"dataFileName": "Security Architecture.md",
858+
"dataFileName": "Security.md",
851859
"attachments": []
852860
}
853861
]
@@ -1153,6 +1161,13 @@
11531161
"value": "bx bx-rocket",
11541162
"isInheritable": false,
11551163
"position": 30
1164+
},
1165+
{
1166+
"type": "label",
1167+
"name": "shareAlias",
1168+
"value": "releasing",
1169+
"isInheritable": false,
1170+
"position": 40
11561171
}
11571172
],
11581173
"format": "markdown",
@@ -1181,6 +1196,13 @@
11811196
"value": "bx bxs-component",
11821197
"isInheritable": false,
11831198
"position": 20
1199+
},
1200+
{
1201+
"type": "label",
1202+
"name": "shareAlias",
1203+
"value": "dependencies",
1204+
"isInheritable": false,
1205+
"position": 30
11841206
}
11851207
],
11861208
"format": "markdown",
@@ -1527,6 +1549,13 @@
15271549
"value": "bx bx-microchip",
15281550
"isInheritable": false,
15291551
"position": 20
1552+
},
1553+
{
1554+
"type": "label",
1555+
"name": "shareAlias",
1556+
"value": "cache",
1557+
"isInheritable": false,
1558+
"position": 30
15301559
}
15311560
],
15321561
"format": "markdown",
@@ -2001,7 +2030,15 @@
20012030
"isExpanded": false,
20022031
"type": "text",
20032032
"mime": "text/html",
2004-
"attributes": [],
2033+
"attributes": [
2034+
{
2035+
"type": "label",
2036+
"name": "shareAlias",
2037+
"value": "note-types",
2038+
"isInheritable": false,
2039+
"position": 20
2040+
}
2041+
],
20052042
"format": "markdown",
20062043
"attachments": [],
20072044
"dirFileName": "Note Types",
@@ -2547,6 +2584,7 @@
25472584
}
25482585
],
25492586
"format": "markdown",
2587+
"dataFileName": "Synchronisation.md",
25502588
"attachments": [],
25512589
"dirFileName": "Synchronisation",
25522590
"children": [
@@ -2794,7 +2832,15 @@
27942832
"isExpanded": false,
27952833
"type": "text",
27962834
"mime": "text/html",
2797-
"attributes": [],
2835+
"attributes": [
2836+
{
2837+
"type": "label",
2838+
"name": "shareAlias",
2839+
"value": "unit-tests",
2840+
"isInheritable": false,
2841+
"position": 20
2842+
}
2843+
],
27982844
"format": "markdown",
27992845
"dataFileName": "Unit tests.md",
28002846
"attachments": []

docs/Developer Guide/Developer Guide/Architecture.md

Lines changed: 82 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -118,4 +118,85 @@ desktop → client → commons
118118
server → client → commons
119119
client → ckeditor5, codemirror, highlightjs
120120
ckeditor5 → ckeditor5-* plugins
121-
```
121+
```
122+
123+
## Security summary
124+
125+
### Encryption System
126+
127+
**Per-Note Encryption:**
128+
129+
* Notes can be individually protected
130+
* AES-128-CBC encryption for encrypted notes.
131+
* Separate protected session management
132+
133+
**Protected Session:**
134+
135+
* Time-limited access to protected notes
136+
* Automatic timeout
137+
* Re-authentication required
138+
* Frontend: `protected_session.ts`
139+
* Backend: `protected_session.ts`
140+
141+
### Authentication
142+
143+
**Password Auth:**
144+
145+
* PBKDF2 key derivation
146+
* Salt per installation
147+
* Hash verification
148+
149+
**OpenID Connect:**
150+
151+
* External identity provider support
152+
* OAuth 2.0 flow
153+
* Configurable providers
154+
155+
**TOTP (2FA):**
156+
157+
* Time-based one-time passwords
158+
* QR code setup
159+
* Backup codes
160+
161+
### Authorization
162+
163+
**Single-User Model:**
164+
165+
* Desktop: single user (owner)
166+
* Server: single user per installation
167+
168+
**Share Notes:**
169+
170+
* Public access without authentication
171+
* Separate Shaca cache
172+
* Read-only access
173+
174+
### CSRF Protection
175+
176+
**CSRF Tokens:**
177+
178+
* Required for state-changing operations
179+
* Token in header or cookie
180+
* Validation middleware
181+
182+
### Input Sanitization
183+
184+
**XSS Prevention:**
185+
186+
* DOMPurify for HTML sanitization
187+
* CKEditor content filtering
188+
* CSP headers
189+
190+
**SQL Injection:**
191+
192+
* Parameterized queries only
193+
* Better-sqlite3 prepared statements
194+
* No string concatenation in SQL
195+
196+
### Dependency Security
197+
198+
**Vulnerability Scanning:**
199+
200+
* Renovate bot for updates
201+
* npm audit integration
202+
* Override vulnerable sub-dependencies

docs/Developer Guide/Developer Guide/Architecture/API.md renamed to docs/Developer Guide/Developer Guide/Architecture/APIs.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
# API
1+
# APIs
22
### Internal API
33

44
**REST Endpoints** (`/api/*`)

docs/Developer Guide/Developer Guide/Architecture/Client-server architecture/Backend.md renamed to docs/Developer Guide/Developer Guide/Architecture/Backend.md

File renamed without changes.

docs/Developer Guide/Developer Guide/Architecture/Database.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# Database
2-
Trilium uses **SQLite** as its database engine, managed via `better-sqlite3`.
2+
Trilium uses **SQLite** (via `better-sqlite3`) as its embedded database engine, providing a reliable, file-based storage system that requires no separate database server. The database stores all notes, their relationships, metadata, and configuration.
33

44
Schema location: `apps/server/src/assets/db/schema.sql`
55

docs/Developer Guide/Developer Guide/Architecture/Client-server architecture/Frontend.md renamed to docs/Developer Guide/Developer Guide/Architecture/Frontend.md

File renamed without changes.

0 commit comments

Comments
 (0)