1. 22 Jul, 2021 2 commits
  2. 15 Jul, 2021 2 commits
  3. 14 Jul, 2021 1 commit
    • Deimos's avatar
      Update mypy to 0.910 · 31afe0a8
      Deimos authored
      This also involved installing some new packages for the type stubs for a
      few of the major third-party libraries.
      
      I also had to change some of the imports in some model files in strange
      ways, I'm not sure why some of these were necessary. I suspect this
      might be a bug in mypy, but I'm not sure if I'll be able to build a
      reproduction of it to be able to report it.
      31afe0a8
  4. 13 Jul, 2021 1 commit
    • Deimos's avatar
      Use a prospector fork, update dependencies · 9720040c
      Deimos authored
      This is kind of dirty, but the prospector tool was broken after updating
      Python to 3.9, and it seems to no longer be maintained. I forked it to
      my personal GitHub account, un-pinned its dependencies, fixed a bug that
      came up after updating pylint, and deleted a few dependencies that I
      don't use (pylint plugins for Django, Flask, and Celery).
      
      This commit also fixes all the new complaints from the updated pylint,
      which were mostly explicitly re-raising exceptions, and some places
      where I could use a generator instead of an unnecessary list
      comprehension.
      
      This will work for now, but I probably don't want to leave it in this
      state. I should probably just stick to using the tools like pylint
      directly, since this is now the second time I've needed to replace my
      "tool runner" when it stopped being maintained (the first one was
      pylama).
      9720040c
  5. 12 Jul, 2021 4 commits
    • Deimos's avatar
      Convert all PostgreSQL integer keys to bigint · fe42c7a6
      Deimos authored
      There is one special exception in here: the unread_user_ids column in
      the message_conversations table had to be left as an integer array,
      since the PostgreSQL intarray extension doesn't work with bigints. The
      trigger that updates that column also needed a minor tweak.
      
      This isn't good, but I don't really like how that was done anyway (it
      was for the purpose of group messages that don't even exist), so it
      could probably just be eliminated.
      fe42c7a6
    • Deimos's avatar
      Update Python version to 3.9.5 · 240621df
      Deimos authored
      The minimal updates here were to update pygit2 and pip-tools.
      
      However, prospector is currently broken as well, so the full code style
      checks currently will not pass. This is not trivial to fix:
      
        - Currently, pylint returns errors from some of the mypy annotations
        - Upgrading pylint/astroid to the newest version fixes those errors,
          but breaks prospector
        - There is no newer release of prospector
      
      I'm not totally sure how I want to fix this, I may need to fork
      prospector.
      240621df
    • Deimos's avatar
      Update Redis version to 6.2.4 · 22039b2f
      Deimos authored
      22039b2f
    • Deimos's avatar
      Update PostgreSQL version to 13 · 3319e0a1
      Deimos authored
      3319e0a1
  6. 25 Jun, 2021 1 commit
    • Deimos's avatar
      Switch to Debian 10 and Ansible · 4cc100ab
      Deimos authored
      This changes the site to run on Debian 10 instead of Ubuntu 16.04. It
      also fully converts the previous Salt setup to use Ansible instead.
      
      Most of this was a relatively straightforward conversion, and it should
      be very close to equivalent. One notable difference is that I removed
      the setup for the "monitoring" server, since I wasn't confident that the
      way of setting up self-hosted Sentry and Grafana was working any more.
      I'll look to re-add that at some point, but it's not urgent.
      4cc100ab
  7. 27 May, 2021 1 commit
  8. 31 Mar, 2021 1 commit
  9. 15 Mar, 2021 2 commits
  10. 28 Feb, 2021 1 commit
  11. 27 Feb, 2021 2 commits
  12. 21 Feb, 2021 1 commit
    • Andrew Shu's avatar
      Process tags to left of comma only · 0404d0df
      Andrew Shu authored and Deimos's avatar Deimos committed
      If user types "tag1 tag2" then adds a comma between,
      it should respect the comma to give "tag1" and "tag2".
      
      We use keydown and setTimeout because keyup
      works on a keyboard but not reliably on mobile.
      
      Nonzero timeout is needed or else the comma is sometimes
      inserted too late and not seen by addChip(),
      tested on desktop Firefox.
      0404d0df
  13. 24 Jan, 2021 1 commit
  14. 16 Dec, 2020 1 commit
  15. 12 Dec, 2020 2 commits
    • Deimos's avatar
      Apply global rate-limit to Stripe donate endpoint · e685639e
      Deimos authored
      People are still continuing to try to abuse the donate page to check
      stolen credit card numbers, and last night there was a massive burst of
      attempts coming from many IPs, so the current rate-limiting wasn't able
      to block most of it. Luckily Stripe blocked all of the charges this
      time, but I can't keep risking another incident where Tildes is the
      source of a bunch of fraudulent charges.
      
      This adds a global rate-limit to the donate page that should never get
      hit during normal usage. Hopefully this will be enough to keep the abuse
      away from the page when it stops working for them relatively quickly.
      e685639e
    • Deimos's avatar
      Add support for globally rate-limiting actions · 06764e9b
      Deimos authored
      Previously, rate limits had to apply to a particular user or a
      particular IP address, or both. This adds support for global
      rate-limits, where the limit will apply to everyone trying to perform
      the action. This probably won't be used much overall, but might be
      necessary for certain cases where something abusive is happening and it
      can't be easily blocked by user or IP.
      
      This is a bit ugly and would probably be better implemented by having a
      separate class that inherits from RateLimitedAction or something
      similar, but it will do the job.
      06764e9b
  16. 06 Dec, 2020 1 commit
  17. 01 Dec, 2020 2 commits
    • Deimos's avatar
      Run app-related services under the app user · 88944bed
      Deimos authored
      88944bed
    • Deimos's avatar
      Add ability to process posts with Lua scripts · 5fbc72c4
      Deimos authored
      This adds the backend pieces (no interface yet) to configure Lua scripts
      that will be applied to topics and comments due to different events.
      Initially, it only supports running a script when a new topic or comment
      is posted. For example, here is a Lua script that would prepend a new
      topic's title with "[Text] " or "[Link] " depending on its type, as well
      as replace its tags with either "text" or "link":
      
      function on_topic_post (topic)
          if (topic.is_text_type) then
              topic.title = "[Text] " .. topic.title
              topic.tags = {"text"}
          elseif (topic.is_link_type) then
              topic.title = "[Link] " .. topic.title
              topic.tags = {"link"}
          end
      end
      
      There can be a global script as well as group-specific scripts, and the
      scripts are sandboxed, with limited access to data as well as being
      restricted to a subset of Lua's built-in functions. The Lua sandboxing
      code comes from Splash (https://github.com/scrapinghub/splash). It will
      need to be modified, but this commit keeps it unmodified so that future
      changes can be more easily tracked by comparing to the original state of
      the file.
      
      The sandboxing also includes some restrictions on number of instructions
      and memory usage, but this might be more effectively managed on the OS
      level. More research will still need to be done on security and resource
      restrictions before this feature can be safely opened to users.
      5fbc72c4
  18. 18 Nov, 2020 1 commit
  19. 16 Nov, 2020 1 commit
  20. 15 Nov, 2020 1 commit
    • Deimos's avatar
      Add ability to edit topic title from listing pages · dac8ec3a
      Deimos authored
      This adds an "Edit title" choice in the actions dropdown for topics on
      listing pages, instead of needing to go to the comments page.
      
      Some pieces of this feel a little hack-ish (like needing to reduce the
      bottom padding because of the usually-empty div that the title-editing
      input gets put into), so I'll probably want to try and find a better
      overall approach to this eventually, but it should do the job for now.
      dac8ec3a
  21. 04 Nov, 2020 2 commits
    • Deimos's avatar
      Alphabetize invoke task functions · 8c913d59
      Deimos authored
      Just rearranges the module so the functions are in alphabetical order
      (except web_server_reload, which has to be earlier so it can be called
      as a post-task).
      8c913d59
    • Deimos's avatar
      Rename invoke tasks to standardize format · 79072f76
      Deimos authored
      I think this is going to be a better way to name invoke tasks. The
      previous naming where a verb was often first made it much harder for
      anyone to figure out the name of a task that affects a certain thing
      without always looking through the entire list.
      
      For example, if someone is looking for a task that affects the web
      server, it's much easier to find web-server-reload than
      reload-web-server.
      
      The changes were:
      
      - check-code-style -> code-style-check
      - reload-web-server -> web-server-reload
      - renew-tls-certificate -> tls-certificate-renew
      - type-checking -> type-check
      - update-pip-requirements -> pip-requirements-update
      79072f76
  22. 02 Nov, 2020 2 commits
  23. 21 Oct, 2020 1 commit
  24. 10 Oct, 2020 2 commits
    • Deimos's avatar
      Remove "via" annotations from requirements files · f3105267
      Deimos authored
      I should have just done this all along, these have been way more trouble
      than they're worth.
      
      If the information is needed, it's always possible to just do a temp run
      of pip-compile without --no-annotate or use a dedicated tool like
      pipdeptree.
      f3105267
    • Deimos's avatar
      Add --full flag to invoke test · 9652dfb7
      Deimos authored
      This is simpler than needing to know that --html-validation is the flag
      to use to make sure that all tests are run, and can stay constant even
      if we add other types of excluded-by-default tests in the future.
      9652dfb7
  25. 09 Oct, 2020 3 commits
  26. 07 Oct, 2020 1 commit