From 99e4bb5c4da6824e4029b5d7b06e686e8404cb96 Mon Sep 17 00:00:00 2001
From: Klemek <Klemek@outlook.fr>
Date: Thu, 19 Sep 2019 19:03:49 +0200
Subject: [PATCH 1/4] [skip CI] lgtm config

---
 lgtm.yml | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 lgtm.yml

diff --git a/lgtm.yml b/lgtm.yml
new file mode 100644
index 0000000..7643c5b
--- /dev/null
+++ b/lgtm.yml
@@ -0,0 +1,7 @@
+path_classifiers:
+  test:
+    - test
+  docs:
+    - uml
+  library:
+    - src/lib
\ No newline at end of file

From c9ef93088b22e4464d187bfb1ff25fa30c0c9368 Mon Sep 17 00:00:00 2001
From: Klemek <Klemek@outlook.fr>
Date: Thu, 19 Sep 2019 19:13:41 +0200
Subject: [PATCH 2/4] express rate limit

---
 package-lock.json       | 7 ++++++-
 package.json            | 1 +
 src/app.js              | 8 ++++++++
 src/config.default.json | 1 +
 4 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/package-lock.json b/package-lock.json
index 893237a..49b9f40 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -1,6 +1,6 @@
 {
   "name": "gitblog.md",
-  "version": "1.2.6",
+  "version": "1.2.7",
   "lockfileVersion": 1,
   "requires": true,
   "dependencies": {
@@ -3130,6 +3130,11 @@
         "vary": "~1.1.2"
       }
     },
+    "express-rate-limit": {
+      "version": "5.0.0",
+      "resolved": "https://registry.npmjs.org/express-rate-limit/-/express-rate-limit-5.0.0.tgz",
+      "integrity": "sha512-dhT57wqxfqmkOi4HM7NuT4Gd7gbUgSK2ocG27Y6lwm8lbOAw9XQfeANawGq8wLDtlGPO1ZgDj0HmKsykTxfFAg=="
+    },
     "extend": {
       "version": "3.0.2",
       "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz",
diff --git a/package.json b/package.json
index 67cee62..ae9e65d 100644
--- a/package.json
+++ b/package.json
@@ -9,6 +9,7 @@
     "crypto": "^1.0.1",
     "ejs": "^2.6.2",
     "express": "^4.17.1",
+    "express-rate-limit": "^5.0.0",
     "fa-diagrams": "^1.0.3",
     "mathjax-node": "^2.1.1",
     "ncp": "^2.0.0",
diff --git a/src/app.js b/src/app.js
index 5496fe2..7dfaf50 100644
--- a/src/app.js
+++ b/src/app.js
@@ -3,6 +3,7 @@ const app = express();
 const fs = require('fs');
 const path = require('path');
 const pjson = require('../package.json');
+const rateLimit = require('express-rate-limit');
 
 app.enable('trust proxy');
 
@@ -122,6 +123,13 @@ module.exports = (config) => {
     next();
   });
 
+  //rate limit for safer server
+  const limiter = rateLimit({
+    windowMs: 15 * 60 * 1000, // 15 minutes
+    max: config['rate_limit']
+  });
+  app.use(limiter);
+
   //log request at result end
   app.use((req, res, next) => {
     if (config['access_log']) {
diff --git a/src/config.default.json b/src/config.default.json
index 79fe3f3..f0d0678 100644
--- a/src/config.default.json
+++ b/src/config.default.json
@@ -3,6 +3,7 @@
   "host": "",
   "data_dir": "data",
   "view_engine": "ejs",
+  "rate_limit": 100,
   "access_log": "access.log",
   "error_log": "error.log",
   "modules": {

From 7e9e1e19faf088dbbf21ffbcfad7e4ddac01ebad Mon Sep 17 00:00:00 2001
From: Klemek <Klemek@outlook.fr>
Date: Thu, 19 Sep 2019 19:14:16 +0200
Subject: [PATCH 3/4] changed version number

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index ae9e65d..43266f0 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "gitblog.md",
-  "version": "1.2.7",
+  "version": "1.2.8",
   "description": "A static blog using Markdown pulled from your git repository.",
   "main": "src/server.js",
   "dependencies": {

From ae2eb52cf836d7bbdbf5b50546c65473de9d981e Mon Sep 17 00:00:00 2001
From: Klemek <Klemek@outlook.fr>
Date: Thu, 19 Sep 2019 19:16:31 +0200
Subject: [PATCH 4/4] [skip CI]updated README.md

---
 README.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/README.md b/README.md
index 45bc3d4..f24e25b 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,7 @@
 [![Build Status](https://img.shields.io/travis/Klemek/GitBlog.md.svg?branch=master)](https://travis-ci.org/Klemek/GitBlog.md)
 [![Coverage Status](https://img.shields.io/coveralls/github/Klemek/GitBlog.md.svg?branch=master)](https://coveralls.io/github/Klemek/GitBlog.md?branch=master)
+[![Language grade: JavaScript](https://img.shields.io/lgtm/grade/javascript/g/Klemek/GitBlog.md.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/Klemek/GitBlog.md/context:javascript)
+[![Total alerts](https://img.shields.io/lgtm/alerts/g/Klemek/GitBlog.md.svg?logo=lgtm&logoWidth=18)](https://lgtm.com/projects/g/Klemek/GitBlog.md/alerts/)
 
 # GitBlog.md
 
@@ -260,6 +262,8 @@ Any URL like `/year/month/day/anything/` will redirect to this article (and link
   the directory where will be located the git repo with templates and articles
 * `view_engine` (default: ejs)  
   the Express view engine used to render pages from templates
+* `rate_limit` (default: 100)  
+  number of requests allowed in a time-frame of 15 minutes
 * `access_log` (default: access.log)  
   log file where to save access requests (empty to disable)
 * `error_log` (default: error.log)