[allura] branch db/8486 created (now c825787f5)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/8486 in repository https://gitbox.apache.org/repos/asf/allura.git at c825787f5 [#8486] git repos should look for main & master branches as possible default names This branch includes the following new commits: new c825787f5 [#8486] git repos should look for main & master branches as possible default names The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] branch master updated: upgrade certifi
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 843f9abea upgrade certifi 843f9abea is described below commit 843f9abea6683a9cf1f5ececb66bd61f5d4e9bdd Author: Dave Brondsema AuthorDate: Thu Dec 8 17:13:36 2022 + upgrade certifi --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 4d2b8ab81..5e23160b9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -18,7 +18,7 @@ bleach[css]==5.0.1 # via pypeline cchardet==2.1.7 # via -r requirements.in -certifi==2022.9.24 +certifi==2022.12.7 # via requests cffi==1.15.1 # via cryptography
[allura] 01/01: [#8482] Memorable.forget() must run before any other Memorable.add anywhere
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8482 in repository https://gitbox.apache.org/repos/asf/allura.git commit ba9249ae1bb96279890d1f02ff6c0554983a1e39 Author: Dave Brondsema AuthorDate: Tue Dec 6 17:21:00 2022 -0500 [#8482] Memorable.forget() must run before any other Memorable.add anywhere --- Allura/allura/public/nf/js/memorable.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Allura/allura/public/nf/js/memorable.js b/Allura/allura/public/nf/js/memorable.js index 6b1af609e..25ba554f2 100644 --- a/Allura/allura/public/nf/js/memorable.js +++ b/Allura/allura/public/nf/js/memorable.js @@ -238,14 +238,12 @@ Memorable.inputFactory = function(obj) { } }; -Memorable.items = []; /** * Convenience method to find any classes decorated with `.memorable` and create a related Input object for it * @param selector - use to override the selector used to find all fields to be remembered */ Memorable.initialize = function(selector){ -Memorable.forget(); var s = selector || '.memorable'; $(s).each(function(){ Memorable.add(this); @@ -280,5 +278,7 @@ Memorable.add = function(obj){ }; -// Initialize +// Initialize. Some items must be immediately, not wait until domready, because other Memorable.add usage could happen before our dom-ready initialize fires +Memorable.items = []; +Memorable.forget(); $(function(){Memorable.initialize();});
[allura] branch db/8482 created (now ba9249ae1)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/8482 in repository https://gitbox.apache.org/repos/asf/allura.git at ba9249ae1 [#8482] Memorable.forget() must run before any other Memorable.add anywhere This branch includes the following new commits: new ba9249ae1 [#8482] Memorable.forget() must run before any other Memorable.add anywhere The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] branch master updated: [#8481] added target attributes to repository activity
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new eea5822eb [#8481] added target attributes to repository activity eea5822eb is described below commit eea5822ebbe85fbf33527e91c3ce34bc57e39a83 Author: Guillermo Cruz AuthorDate: Mon Nov 28 14:30:29 2022 -0600 [#8481] added target attributes to repository activity --- Allura/allura/app.py| 15 ++- Allura/allura/controllers/repository.py | 2 +- Allura/allura/lib/helpers.py| 2 +- Allura/allura/model/repo_refresh.py | 2 +- Allura/allura/tasks/repo_tasks.py | 2 +- Allura/allura/tests/model/test_repo.py | 3 ++- Allura/allura/tests/test_tasks.py | 4 ++-- 7 files changed, 22 insertions(+), 8 deletions(-) diff --git a/Allura/allura/app.py b/Allura/allura/app.py index 81ccd13e5..b278720f4 100644 --- a/Allura/allura/app.py +++ b/Allura/allura/app.py @@ -49,6 +49,7 @@ from allura import model as M from allura.tasks import index_tasks import six from io import BytesIO +from allura.model.timeline import ActivityObject log = logging.getLogger(__name__) @@ -218,7 +219,7 @@ class SitemapEntry: ) -class Application: +class Application(ActivityObject): """ The base Allura pluggable application @@ -820,6 +821,18 @@ class Application: """ return None +@property +def activity_name(self): +return self.config.options.mount_label + +@property +def activity_url(self): +return self.url + +@property +def activity_extras(self): +return {} + class AdminControllerMixin: """Provides common functionality admin controllers need""" diff --git a/Allura/allura/controllers/repository.py b/Allura/allura/controllers/repository.py index cb9cad866..96f77d0e9 100644 --- a/Allura/allura/controllers/repository.py +++ b/Allura/allura/controllers/repository.py @@ -219,7 +219,7 @@ class RepoRootController(BaseController, FeedController): ) session(t).flush() allura.tasks.notification_tasks.send_usermentions_notification.post(mr.index_id(), kw['description']) -g.director.create_activity(c.user, 'created', mr, +g.director.create_activity(c.user, 'created', mr, target=mr.app, related_nodes=[c.project], tags=['merge-request']) redirect(mr.url()) diff --git a/Allura/allura/lib/helpers.py b/Allura/allura/lib/helpers.py index 51d867ebc..6aefc5627 100644 --- a/Allura/allura/lib/helpers.py +++ b/Allura/allura/lib/helpers.py @@ -814,7 +814,7 @@ def get_tool_packages(tool_name): app = g.entry_points['tool'].get(tool_name.lower()) if not app: return [] -classes = [c for c in app.mro() if c not in (Application, object)] +classes = [c for c in app.mro() if c not in Application.mro()] return [cls.__module__.split('.')[0] for cls in classes] diff --git a/Allura/allura/model/repo_refresh.py b/Allura/allura/model/repo_refresh.py index da7d81651..f352a17c0 100644 --- a/Allura/allura/model/repo_refresh.py +++ b/Allura/allura/model/repo_refresh.py @@ -93,7 +93,7 @@ def refresh_repo(repo, all_commits=False, notify=True, new_clone=False, commits_ g.statsUpdater.newCommit(new, repo.app_config.project, user) actor = user or TransientActor( activity_name=new.committed.name or new.committed.email) -g.director.create_activity(actor, 'committed', new, +g.director.create_activity(actor, 'committed', new, target=repo.app, related_nodes=[repo.app_config.project], tags=['commit', repo.tool.lower()]) diff --git a/Allura/allura/tasks/repo_tasks.py b/Allura/allura/tasks/repo_tasks.py index 17f26788c..42eb6b914 100644 --- a/Allura/allura/tasks/repo_tasks.py +++ b/Allura/allura/tasks/repo_tasks.py @@ -160,7 +160,7 @@ def merge(merge_request_id): mr.app.repo.merge(mr) mr.add_meta_post(changes={'Status': [mr.status, 'merged']}) mr.status = 'merged' -g.director.create_activity(c.user, 'merged', mr, +g.director.create_activity(c.user, 'merged', mr, target=mr.app, related_nodes=[c.project], tags=['merge-request']) session(mr).flush(mr) diff --git a/Allura/allura/tests/model/test_repo.py b/Allura/allura/tests/model/test_repo.py index 85fa9b9fb..b1fab59d6 100644 --- a/Allura/allura/tests/model/test_repo.py +++ b/Allura/allura/tests/model/test_repo.py @@ -686,11 +686,12 @@ class TestMergeRequest: app_config=mock.Mock(_id=ObjectId()), downstream={'commit_id': '12345'}, request_num
[allura] branch master updated: [#8479] modified exisinting logic on settings and added support for script-src
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 45275ae41 [#8479] modified exisinting logic on settings and added support for script-src 45275ae41 is described below commit 45275ae41bacf0143702ec736a2afde188e3918f Author: Guillermo Cruz AuthorDate: Thu Nov 17 11:09:51 2022 -0600 [#8479] modified exisinting logic on settings and added support for script-src --- Allura/allura/lib/custom_middleware.py | 47 ++--- Allura/allura/tests/functional/test_root.py | 47 ++--- Allura/development.ini | 17 +-- 3 files changed, 74 insertions(+), 37 deletions(-) diff --git a/Allura/allura/lib/custom_middleware.py b/Allura/allura/lib/custom_middleware.py index 1968ad31c..4ea99c6d3 100644 --- a/Allura/allura/lib/custom_middleware.py +++ b/Allura/allura/lib/custom_middleware.py @@ -468,43 +468,56 @@ class ContentSecurityPolicyMiddleware: def __call__(self, environ, start_response): req = Request(environ) resp = req.get_response(self.app) -rules = resp.headers.getall('Content-Security-Policy') -report_rules = resp.headers.getall('Content-Security-Policy-Report-Only') -report_mode = asbool(self.config.get('csp.report_mode',False)) -report_enforce_mode = asbool(self.config.get('csp.report_enforce_mode',False)) +rules = set(resp.headers.getall('Content-Security-Policy')) +report_rules = set(resp.headers.getall('Content-Security-Policy-Report-Only')) report_uri = self.config.get('csp.report_uri', None) report_uri_enforce = self.config.get('csp.report_uri_enforce', None) if rules: resp.headers.pop('Content-Security-Policy') + if report_rules: resp.headers.pop('Content-Security-Policy-Report-Only') -if report_mode and report_uri: -report_rules.append(f'report-uri {report_uri}') if self.config['base_url'].startswith('https'): -rules.append('upgrade-insecure-requests') +rules.add('upgrade-insecure-requests') -if report_enforce_mode and report_uri_enforce: -rules.append(f'report-uri {report_uri_enforce}') if self.config.get('csp.frame_sources'): -if report_mode: -report_rules.append(f"frame-src {self.config['csp.frame_sources']}") +if asbool(self.config.get('csp.frame_sources_enforce',False)): +rules.add(f"frame-src {self.config['csp.frame_sources']}") else: -rules.append(f"frame-src {self.config['csp.frame_sources']}") +report_rules.add(f"frame-src {self.config['csp.frame_sources']}") if self.config.get('csp.form_action_urls'): -if report_mode: -report_rules.append(f"form-action {self.config['csp.form_action_urls']}") +if asbool(self.config.get('csp.form_actions_enforce',False)): +rules.add(f"form-action {self.config['csp.form_action_urls']}") +else: +report_rules.add(f"form-action {self.config['csp.form_action_urls']}") + +if self.config.get('csp.script_src'): +script_srcs = self.config['csp.script_src'] +""" +Sometimes you might have the need to build custom values from inside a controller and pass it +to the middleware. In this case we pass a custom list of domains from google that can't be built +directly in here. +""" +if environ.get('csp_script_domains',''): +script_srcs = f"{script_srcs} {' '.join(environ['csp_script_domains'])}" + +if asbool(self.config.get('csp.script_src_enforce',False)): +rules.add(f"script-src {script_srcs} {self.config.get('csp.script_src.extras','')}") else: -rules.append(f"form-action {self.config['csp.form_action_urls']}") +report_rules.add(f"script-src {script_srcs} {self.config.get('csp.script_src.extras','')}") + -rules.append("object-src 'none'") -rules.append("frame-ancestors 'self'") +rules.add("object-src 'none'") +rules.add("frame-ancestors 'self'") if rules: +rules.add(f'report-uri {report_uri_enforce}') resp.headers.add('Content-Security-Policy', '; '.join(rules)) if report_rules: +report_rules.add(f'report-uri {report_uri}') resp.headers.add('Content-Security-Policy-Report-Only', '; '.join(report_rule
[allura] branch master updated (d95969642 -> b75955a21)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/allura.git from d95969642 [#8478] Upgrade importlib-metadata 4.13.0 -> 5.0.0, and its deps: typing-extensions,zipp add 572b2ce52 [#8480] Upgrade Ming 0.12.1 -> 0.12.2, and its deps: pymongo,pytz add 7341bb892 [#8480] Upgrade testfixtures 7.0.2 -> 7.0.3 add 27dbf9a0a [#8480] Upgrade pytest 7.2.0 -> no upgrade, and its deps: attrs,exceptiongroup,importlib-metadata,typing-extensions,zipp,iniconfig,packaging,pyparsing,pluggy,importlib-metadata,typing-extensions,zipp,tomli add b75955a21 [#8480] Upgrade pytest-sugar 0.9.6 -> no upgrade, and its deps: packaging,pyparsing,pytest,attrs,exceptiongroup,importlib-metadata,typing-extensions,zipp,iniconfig,packaging,pyparsing,pluggy,importlib-metadata,typing-extensions,zipp,tomli,termcolor No new revisions were added by this update. Summary of changes: requirements.txt | 8 1 file changed, 4 insertions(+), 4 deletions(-)
[allura] branch master updated: [#8478] Upgrade importlib-metadata 4.13.0 -> 5.0.0, and its deps: typing-extensions,zipp
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new d95969642 [#8478] Upgrade importlib-metadata 4.13.0 -> 5.0.0, and its deps: typing-extensions,zipp d95969642 is described below commit d95969642ae9776754ea26aabcc99a558d2b4a1a Author: Dillon Walls AuthorDate: Wed Nov 16 21:09:54 2022 + [#8478] Upgrade importlib-metadata 4.13.0 -> 5.0.0, and its deps: typing-extensions,zipp importlib-metadata 4.13.0 -> 5.0.0 typing-extensions 4.4.0 -> no upgrade zipp 3.10.0 -> no upgrade --- requirements.in | 1 - requirements.txt | 3 +-- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/requirements.in b/requirements.in index 50e6726e7..6183ebd8b 100644 --- a/requirements.in +++ b/requirements.in @@ -47,7 +47,6 @@ WebHelpers2 WebOb werkzeug wrapt -importlib-metadata<5.0 # testing mock pyflakes diff --git a/requirements.txt b/requirements.txt index a928ae48f..0f6b711fd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -67,9 +67,8 @@ html5lib==1.1 # textile idna==3.4 # via requests -importlib-metadata==4.13.0 +importlib-metadata==5.0.0 # via -# -r requirements.in # markdown # pluggy # pytest
[allura] branch master updated: fix weird HTTPError issue; details at https://github.com/agronholm/exceptiongroup/issues/39
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new df1d579eb fix weird HTTPError issue; details at https://github.com/agronholm/exceptiongroup/issues/39 df1d579eb is described below commit df1d579ebbb8adcc52918a7362a8e486458dba87 Author: Dave Brondsema AuthorDate: Fri Nov 11 11:41:30 2022 -0500 fix weird HTTPError issue; details at https://github.com/agronholm/exceptiongroup/issues/39 --- Allura/allura/tests/test_helpers.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Allura/allura/tests/test_helpers.py b/Allura/allura/tests/test_helpers.py index 045d9a4e0..c686a9e32 100644 --- a/Allura/allura/tests/test_helpers.py +++ b/Allura/allura/tests/test_helpers.py @@ -15,6 +15,7 @@ # specific language governing permissions and limitations # under the License. +import io from unittest import TestCase, skipIf from os import path from datetime import datetime, timedelta @@ -487,7 +488,7 @@ class TestUrlOpen(TestCase): from six.moves.urllib.error import HTTPError def side_effect(url, timeout=None): -raise HTTPError('url', 408, 'timeout', None, None) +raise HTTPError('url', 408, 'timeout', None, io.BytesIO()) urlopen.side_effect = side_effect self.assertRaises(HTTPError, h.urlopen, 'myurl') @@ -498,7 +499,7 @@ class TestUrlOpen(TestCase): from six.moves.urllib.error import HTTPError def side_effect(url, timeout=None): -raise HTTPError('url', 404, 'timeout', None, None) +raise HTTPError('url', 404, 'timeout', None, io.BytesIO()) urlopen.side_effect = side_effect self.assertRaises(HTTPError, h.urlopen, 'myurl')
[allura] 01/06: convert == and != True/False/None in assert stmts to is / is not
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/pep8_nov2022 in repository https://gitbox.apache.org/repos/asf/allura.git commit 7114ce63e3d0a8ec8e23f52ec5362e4deef2e5c6 Author: Dave Brondsema AuthorDate: Wed Nov 9 16:10:42 2022 -0500 convert == and != True/False/None in assert stmts to is / is not --- Allura/allura/tests/functional/test_admin.py | 16 +++--- Allura/allura/tests/functional/test_auth.py| 24 - .../allura/tests/functional/test_neighborhood.py | 8 +-- Allura/allura/tests/functional/test_rest.py| 18 +++ Allura/allura/tests/functional/test_site_admin.py | 60 +++--- .../allura/tests/functional/test_user_profile.py | 8 +-- Allura/allura/tests/model/test_project.py | 2 +- Allura/allura/tests/model/test_repo.py | 22 Allura/allura/tests/test_app.py| 2 +- Allura/allura/tests/test_helpers.py| 14 ++--- Allura/allura/tests/test_multifactor.py| 6 +-- Allura/allura/tests/test_plugin.py | 16 +++--- Allura/allura/tests/test_tasks.py | 4 +- Allura/allura/tests/test_utils.py | 2 +- Allura/allura/tests/test_webhooks.py | 22 .../test_discussion_moderation_controller.py | 2 +- Allura/allura/tests/unit/spam/test_spam_filter.py | 2 +- .../allura/tests/unit/test_ldap_auth_provider.py | 4 +- Allura/allura/tests/unit/test_repo.py | 20 Allura/allura/tests/unit/test_solr.py | 2 +- .../forgeactivity/tests/functional/test_rest.py| 8 +-- ForgeBlog/forgeblog/tests/functional/test_rest.py | 8 +-- .../forgediscussion/tests/functional/test_rest.py | 10 ++-- .../forgefiles/tests/functional/test_root.py | 2 +- .../forgegit/tests/functional/test_controllers.py | 30 +-- ForgeGit/forgegit/tests/model/test_repository.py | 14 ++--- .../forgeimporters/github/tests/test_wiki.py | 4 +- .../tests/github/functional/test_github.py | 2 +- ForgeLink/forgelink/tests/functional/test_rest.py | 10 ++-- ForgeLink/forgelink/tests/functional/test_root.py | 2 +- .../forgesvn/tests/functional/test_controllers.py | 6 +-- ForgeSVN/forgesvn/tests/model/test_repository.py | 4 +- .../forgetracker/tests/functional/test_rest.py | 12 ++--- .../forgetracker/tests/functional/test_root.py | 36 ++--- ForgeTracker/forgetracker/tests/test_app.py| 2 +- .../forgetracker/tests/unit/test_globals_model.py | 2 +- .../forgetracker/tests/unit/test_ticket_model.py | 4 +- ForgeWiki/forgewiki/tests/functional/test_rest.py | 12 ++--- ForgeWiki/forgewiki/tests/functional/test_root.py | 6 +-- 39 files changed, 214 insertions(+), 214 deletions(-) diff --git a/Allura/allura/tests/functional/test_admin.py b/Allura/allura/tests/functional/test_admin.py index 11ac71129..c0a879c3f 100644 --- a/Allura/allura/tests/functional/test_admin.py +++ b/Allura/allura/tests/functional/test_admin.py @@ -1161,7 +1161,7 @@ class TestRestInstallTool(TestRestApiBase): 'tool': 'tickets' } r = self.api_post('/rest/p/test/admin/install_tool/', **data) -assert r.json['success'] == False +assert r.json['success'] is False assert r.json['info'] == 'All arguments required.' def test_invalid_tool(self): @@ -1175,7 +1175,7 @@ class TestRestInstallTool(TestRestApiBase): 'mount_label': 'tickets_label1' } r = self.api_post('/rest/p/test/admin/install_tool/', **data) -assert r.json['success'] == False +assert r.json['success'] is False assert (r.json['info'] == 'Incorrect tool name, or limit is reached.') @@ -1190,7 +1190,7 @@ class TestRestInstallTool(TestRestApiBase): 'mount_label': 'tickets_label1' } r = self.api_post('/rest/p/test/admin/install_tool/', **data) -assert r.json['success'] == False +assert r.json['success'] is False assert (r.json['info'] == 'Mount point "tickets_mount1" is invalid') @@ -1205,7 +1205,7 @@ class TestRestInstallTool(TestRestApiBase): 'mount_label': 'tickets_label1' } r = self.api_post('/rest/p/test/admin/install_tool/', **data) -assert r.json['success'] == True +assert r.json['success'] is True assert (r.json['info'] == 'Tool %s with mount_point %s and mount_label %s was created.' % ('tickets', 'ticketsmount1', 'tickets_label1')) @@ -1233,7 +1233,7 @@ class TestRestInstallTool(TestRestApiBase): with h.push_config(c, user=M.User.query.get()): project.install_app('wiki', mount_point=data['mount_point']) r = self.api_post('/rest/p/test/admin/install_tool
[allura] branch db/pep8_nov2022 created (now e7f78cec4)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/pep8_nov2022 in repository https://gitbox.apache.org/repos/asf/allura.git at e7f78cec4 ignore a pure reformatting change This branch includes the following new commits: new 7114ce63e convert == and != True/False/None in assert stmts to is / is not new a82d43f2e convert "assert not foo in bar" to "assert foo not in bar" new be3e33e28 change [pep8] to [pycodestyle] new c51a00794 allow and do not change the order of these imports new b5a3bcba5 autopep8 -i --max-line-length on many files new e7f78cec4 ignore a pure reformatting change The 6 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] 03/06: change [pep8] to [pycodestyle]
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/pep8_nov2022 in repository https://gitbox.apache.org/repos/asf/allura.git commit be3e33e2810fc0689516185c1fabea64343f967a Author: Dave Brondsema AuthorDate: Wed Nov 9 16:19:03 2022 -0500 change [pep8] to [pycodestyle] --- Allura/setup.cfg | 2 +- AlluraTest/setup.cfg | 2 +- ForgeActivity/setup.cfg | 2 +- ForgeBlog/setup.cfg | 2 +- ForgeChat/setup.cfg | 2 +- ForgeDiscussion/setup.cfg | 2 +- ForgeFeedback/setup.cfg | 2 +- ForgeFiles/setup.cfg | 2 +- ForgeGit/setup.cfg| 2 +- ForgeImporters/setup.cfg | 2 +- ForgeLink/setup.cfg | 2 +- ForgeSVN/setup.cfg| 2 +- ForgeShortUrl/setup.cfg | 2 +- ForgeTracker/setup.cfg| 2 +- ForgeUserStats/setup.cfg | 2 +- ForgeWiki/setup.cfg | 2 +- setup.cfg | 2 +- 17 files changed, 17 insertions(+), 17 deletions(-) diff --git a/Allura/setup.cfg b/Allura/setup.cfg index 3398fc4e9..453efd7e3 100644 --- a/Allura/setup.cfg +++ b/Allura/setup.cfg @@ -15,7 +15,7 @@ # specific language governing permissions and limitations # under the License. -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/AlluraTest/setup.cfg b/AlluraTest/setup.cfg index 14bf9ca18..dc59fc75c 100644 --- a/AlluraTest/setup.cfg +++ b/AlluraTest/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeActivity/setup.cfg b/ForgeActivity/setup.cfg index 989542f50..c86f54040 100644 --- a/ForgeActivity/setup.cfg +++ b/ForgeActivity/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeBlog/setup.cfg b/ForgeBlog/setup.cfg index 0f1091a87..1f0e936bc 100644 --- a/ForgeBlog/setup.cfg +++ b/ForgeBlog/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeChat/setup.cfg b/ForgeChat/setup.cfg index 62fb31052..80089c8d0 100644 --- a/ForgeChat/setup.cfg +++ b/ForgeChat/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeDiscussion/setup.cfg b/ForgeDiscussion/setup.cfg index cad5dc70e..491caac9a 100644 --- a/ForgeDiscussion/setup.cfg +++ b/ForgeDiscussion/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeFeedback/setup.cfg b/ForgeFeedback/setup.cfg index feae30657..e04e3e8e2 100644 --- a/ForgeFeedback/setup.cfg +++ b/ForgeFeedback/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeFiles/setup.cfg b/ForgeFiles/setup.cfg index 1181fa30b..bbcd097b4 100644 --- a/ForgeFiles/setup.cfg +++ b/ForgeFiles/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeGit/setup.cfg b/ForgeGit/setup.cfg index 5b182c6a5..a7e174e4e 100644 --- a/ForgeGit/setup.cfg +++ b/ForgeGit/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeImporters/setup.cfg b/ForgeImporters/setup.cfg index c66965b0b..2d063f9d1 100644 --- a/ForgeImporters/setup.cfg +++ b/ForgeImporters/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeLink/setup.cfg b/ForgeLink/setup.cfg index 580ae47c7..8b29b373a 100644 --- a/ForgeLink/setup.cfg +++ b/ForgeLink/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeSVN/setup.cfg b/ForgeSVN/setup.cfg index 2eced00fe..479785ef8 100644 --- a/ForgeSVN/setup.cfg +++ b/ForgeSVN/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeShortUrl/setup.cfg b/ForgeShortUrl/setup.cfg index dcf13118b..6798578f6 100644 --- a/ForgeShortUrl/setup.cfg +++ b/ForgeShortUrl/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeTracker/setup.cfg b/ForgeTracker/setup.cfg index e9b9a0c7b..8551d861d 100644 --- a/ForgeTracker/setup.cfg +++ b/ForgeTracker/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeUserStats/setup.cfg b/ForgeUserStats/setup.cfg index f25f83d83..a208f628e 100644 --- a/ForgeUserStats/setup.cfg +++ b/ForgeUserStats/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/ForgeWiki/setup.cfg b/ForgeWiki/setup.cfg index 7e4ece29d..5a71cb269 100644 --- a/ForgeWiki/setup.cfg +++ b/ForgeWiki/setup.cfg @@ -1,4 +1,4 @@ -[pep8] +[pycodestyle] max-line-length = 119 [flake8] diff --git a/setup.cfg b/setup.cfg index 1ba576aeb..ed6ec68d5 100644 --- a/setup.cfg +++ b/setup.cfg @@ -15,7 +15,7 @@ # specific language governing permissions and limitations # under the License. -[pep8] +[pycodestyle] max-line-length = 119 [flake8]
[allura] 02/06: convert "assert not foo in bar" to "assert foo not in bar"
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/pep8_nov2022 in repository https://gitbox.apache.org/repos/asf/allura.git commit a82d43f2e82c84bf6b00b8d818641d76e1ca13a4 Author: Dave Brondsema AuthorDate: Wed Nov 9 16:16:23 2022 -0500 convert "assert not foo in bar" to "assert foo not in bar" --- ForgeTracker/forgetracker/tests/functional/test_root.py | 8 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ForgeTracker/forgetracker/tests/functional/test_root.py b/ForgeTracker/forgetracker/tests/functional/test_root.py index 28d2c0742..5c082033e 100644 --- a/ForgeTracker/forgetracker/tests/functional/test_root.py +++ b/ForgeTracker/forgetracker/tests/functional/test_root.py @@ -760,7 +760,7 @@ class TestFunctionalController(TrackerTestController): assert sidebar_contains(index_view, '1.0') index_view = self.app.get('/bugs/') assert sidebar_contains(index_view, '1.0') -assert not summary in index_view +assert summary not in index_view def test_render_ticket(self): summary = 'test render ticket' @@ -1579,7 +1579,7 @@ class TestFunctionalController(TrackerTestController): r = self.app.get('/bugs/1/', dict(page='1')) assert post_content in r # no pager if just one page -assert not 'Page 1 of 1' in r +assert 'Page 1 of 1' not in r # add some more posts and check for pager for i in range(2): r = self.app.post(f['action'], params=params, @@ -1679,7 +1679,7 @@ class TestFunctionalController(TrackerTestController): ticket_rows = response.html.find('table', {'class': 'ticket-list'}).find('tbody') assert 'test first ticket' in ticket_rows.text assert 'test second ticket' in ticket_rows.text -assert not 'test third ticket' in ticket_rows.text +assert 'test third ticket' not in ticket_rows.text edit_link = response.html.find('a', {'title': 'Bulk Edit'}) expected_link = "/p/test/bugs/edit/?q=status%3Aopen=25=%7B%7D=0" assert_equivalent_urls(expected_link, edit_link['href']) @@ -1687,7 +1687,7 @@ class TestFunctionalController(TrackerTestController): ticket_rows = response.html.find('tbody', {'class': 'ticket-list'}) assert 'test first ticket' in ticket_rows.text assert 'test second ticket' in ticket_rows.text -assert not 'test third ticket' in ticket_rows.text +assert 'test third ticket' not in ticket_rows.text def test_bulk_edit_after_filtering(self): self.new_ticket(summary='test first ticket', status='open')
[allura] 04/06: allow and do not change the order of these imports
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/pep8_nov2022 in repository https://gitbox.apache.org/repos/asf/allura.git commit c51a00794a2e9b4465427750f6a9cba8fe878311 Author: Dave Brondsema AuthorDate: Wed Nov 9 16:28:55 2022 -0500 allow and do not change the order of these imports --- Allura/allura/config/middleware.py | 30 +++--- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/Allura/allura/config/middleware.py b/Allura/allura/config/middleware.py index 2d759c4d8..d948706ab 100644 --- a/Allura/allura/config/middleware.py +++ b/Allura/allura/config/middleware.py @@ -51,21 +51,21 @@ except ImportError: else: patches.newrelic() -from allura.config.app_cfg import base_config, AlluraJinjaRenderer -from allura.config.environment import load_environment -from allura.config.app_cfg import ForgeConfig -from allura.lib.custom_middleware import AlluraTimerMiddleware -from allura.lib.custom_middleware import SSLMiddleware -from allura.lib.custom_middleware import StaticFilesMiddleware -from allura.lib.custom_middleware import CSRFMiddleware -from allura.lib.custom_middleware import CORSMiddleware -from allura.lib.custom_middleware import LoginRedirectMiddleware -from allura.lib.custom_middleware import RememberLoginMiddleware -from allura.lib.custom_middleware import SetRequestHostFromConfig -from allura.lib.custom_middleware import MingTaskSessionSetupMiddleware -from allura.lib.custom_middleware import ContentSecurityPolicyMiddleware -from allura.lib import helpers as h -from allura.lib.utils import configure_ming +from allura.config.app_cfg import base_config, AlluraJinjaRenderer # noqa: E402 +from allura.config.environment import load_environment # noqa: E402 +from allura.config.app_cfg import ForgeConfig # noqa: E402 +from allura.lib.custom_middleware import AlluraTimerMiddleware # noqa: E402 +from allura.lib.custom_middleware import SSLMiddleware # noqa: E402 +from allura.lib.custom_middleware import StaticFilesMiddleware # noqa: E402 +from allura.lib.custom_middleware import CSRFMiddleware # noqa: E402 +from allura.lib.custom_middleware import CORSMiddleware # noqa: E402 +from allura.lib.custom_middleware import LoginRedirectMiddleware # noqa: E402 +from allura.lib.custom_middleware import RememberLoginMiddleware # noqa: E402 +from allura.lib.custom_middleware import SetRequestHostFromConfig # noqa: E402 +from allura.lib.custom_middleware import MingTaskSessionSetupMiddleware # noqa: E402 +from allura.lib.custom_middleware import ContentSecurityPolicyMiddleware # noqa: E402 +from allura.lib import helpers as h # noqa: E402 +from allura.lib.utils import configure_ming # noqa: E402 __all__ = ['make_app']
[allura] 06/06: ignore a pure reformatting change
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/pep8_nov2022 in repository https://gitbox.apache.org/repos/asf/allura.git commit e7f78cec43e81e4020072207e12642a2bbf24dd8 Author: Dave Brondsema AuthorDate: Wed Nov 9 16:35:02 2022 -0500 ignore a pure reformatting change --- .git-blame-ignore-revs | 1 + 1 file changed, 1 insertion(+) diff --git a/.git-blame-ignore-revs b/.git-blame-ignore-revs index d0246d15f..0a6818042 100644 --- a/.git-blame-ignore-revs +++ b/.git-blame-ignore-revs @@ -25,3 +25,4 @@ f7bd15435448e354c7eb60cb9d60d513ef0f79d7 c93733acb492b4c9238ac8ec32136bb95f1a87d9 279efb75ca590dacc63caeb30ce7e01667b0eeeb 72b8ee3d0edc61e564a866dd14415d433bbdfb17 +b5a3bcba5f027bf80e8938af21df305f4090d8a7 \ No newline at end of file
[allura] 01/02: use error template for 410 Gone statuses too
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/410_gone in repository https://gitbox.apache.org/repos/asf/allura.git commit c061d5ecfea829895361daa0c089848464880e3e Author: Dave Brondsema AuthorDate: Wed Nov 9 14:51:35 2022 -0500 use error template for 410 Gone statuses too --- Allura/allura/config/app_cfg.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Allura/allura/config/app_cfg.py b/Allura/allura/config/app_cfg.py index 54b72eb48..5c0a3678f 100644 --- a/Allura/allura/config/app_cfg.py +++ b/Allura/allura/config/app_cfg.py @@ -61,7 +61,7 @@ class ForgeConfig(AppConfig): self.use_sqlalchemy = False self.use_toscawidgets = False self.use_transaction_manager = False -self.handle_status_codes = [403, 404] +self.handle_status_codes = [403, 404, 410] self.disable_request_extensions = True # if left to True (default) would use crank.util.default_path_translator to convert all URL punctuation to "_"
[allura] 02/02: type hint for chunked_find
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/410_gone in repository https://gitbox.apache.org/repos/asf/allura.git commit 9774cd4f053cf0baba85b56e6ce2c02addb95a18 Author: Dave Brondsema AuthorDate: Wed Nov 9 14:51:48 2022 -0500 type hint for chunked_find --- Allura/allura/lib/utils.py | 12 +--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/Allura/allura/lib/utils.py b/Allura/allura/lib/utils.py index 41b2c979f..6dca2dc8b 100644 --- a/Allura/allura/lib/utils.py +++ b/Allura/allura/lib/utils.py @@ -14,9 +14,10 @@ # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. +from __future__ import annotations import base64 -import operator +from collections.abc import Iterable from contextlib import contextmanager import time import string @@ -28,6 +29,7 @@ import datetime import random import mimetypes import re +from typing import Type, TypeVar import magic from itertools import groupby import operator as op @@ -37,7 +39,6 @@ from six.moves.urllib.parse import urlparse import six.moves.urllib.request import six.moves.urllib.parse import six.moves.urllib.error -import types import socket import tg @@ -61,6 +62,10 @@ from ming.odm.odmsession import ODMCursor from ming.odm import session import six + +T = TypeVar('T') + + MARKDOWN_EXTENSIONS = ['.markdown', '.mdown', '.mkdn', '.mkd', '.md'] @@ -154,7 +159,8 @@ class CustomWatchedFileHandler(logging.handlers.WatchedFileHandler): return super().format(record) -def chunked_find(cls, query=None, pagesize=1024, sort_key='_id', sort_dir=1): +def chunked_find(cls: Type[T], query: dict | None = None, pagesize: int = 1024, sort_key: str | None = '_id', + sort_dir: int = 1) -> Iterable[Iterable[T]]: ''' Execute a mongo query against the specified class, yield some results at a time (avoids mongo cursor timeouts if the total result set is very large).
[allura] branch db/410_gone created (now 9774cd4f0)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/410_gone in repository https://gitbox.apache.org/repos/asf/allura.git at 9774cd4f0 type hint for chunked_find This branch includes the following new commits: new c061d5ecf use error template for 410 Gone statuses too new 9774cd4f0 type hint for chunked_find The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] branch master updated: [#8475] return a 404 if thread is awaiting moderation
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 8fd44d208 [#8475] return a 404 if thread is awaiting moderation 8fd44d208 is described below commit 8fd44d208ed213e03a74ce2f82a3480c55c8c924 Author: Guillermo Cruz AuthorDate: Wed Nov 2 09:16:27 2022 -0600 [#8475] return a 404 if thread is awaiting moderation --- Allura/allura/controllers/discuss.py | 5 - Allura/allura/tests/functional/test_discuss.py | 20 +-- .../forgediscussion/tests/functional/test_forum.py | 23 ++ 3 files changed, 29 insertions(+), 19 deletions(-) diff --git a/Allura/allura/controllers/discuss.py b/Allura/allura/controllers/discuss.py index fb9ed913d..986fe9151 100644 --- a/Allura/allura/controllers/discuss.py +++ b/Allura/allura/controllers/discuss.py @@ -208,7 +208,10 @@ class ThreadController(BaseController, FeedController, metaclass=h.ProxiedAttrMe M.session.artifact_orm_session._get().skip_mod_date = True M.session.artifact_orm_session._get().skip_last_updated = True count = self.thread.query_posts(page=page, limit=int(limit)).count() - +if self.thread.num_replies == 0 or all(p.status != 'ok' for p in self.thread.posts): +# return status code 404 but still display the page content +request.environ['tg.status_code_redirect'] = True +response.status_int = 404 return dict(discussion=self.thread.discussion, thread=self.thread, page=int(page), diff --git a/Allura/allura/tests/functional/test_discuss.py b/Allura/allura/tests/functional/test_discuss.py index 8035fb93f..d27072b04 100644 --- a/Allura/allura/tests/functional/test_discuss.py +++ b/Allura/allura/tests/functional/test_discuss.py @@ -68,7 +68,7 @@ class TestDiscuss(TestDiscussBase): def _make_post(self, text): thread_link = self._thread_link() -thread = self.app.get(thread_link) +thread = self.app.get(thread_link, expect_errors=True) for f in thread.html.findAll('form'): if f.get('action', '').endswith('/post'): break @@ -80,9 +80,9 @@ class TestDiscuss(TestDiscussBase): params[f.find('textarea')['name']] = text r = self.app.post(f['action'], params=params, headers={'Referer': str(thread_link)}, + status=302, extra_environ=dict(username='root')) -r = r.follow() -return r +return self.app.get(r.response.headers['Location'], expect_errors=True) @patch('allura.controllers.discuss.g.spam_checker.check') @patch('allura.controllers.discuss.g.spam_checker.submit_spam') @@ -106,7 +106,7 @@ class TestDiscuss(TestDiscussBase): r = self.app.post(post_link, params=params, headers={'Referer': str(thread_link)}) -r = r.follow() +r = self.app.get(r.response.headers['Location'], status=404) assert 'This is a new post' in r, r r = self.app.get(post_link) assert str(r).count('This is a new post') == 3 @@ -146,7 +146,7 @@ class TestDiscuss(TestDiscussBase): # ok initially non_admin = 'test-user' -self.app.get(thread_url, status=200, +self.app.get(thread_url, status=404, extra_environ=dict(username=str(non_admin))) # set wiki page private @@ -160,7 +160,7 @@ class TestDiscuss(TestDiscussBase): M.DENY_ALL, ] -self.app.get(thread_url, status=200, # ok +self.app.get(thread_url, status=404, extra_environ=dict(username='test-admin')) self.app.get(thread_url, status=403, # forbidden extra_environ=dict(username=str(non_admin))) @@ -356,7 +356,7 @@ class TestDiscuss(TestDiscussBase): def test_post_paging(self): thread_link = self._thread_link() # just make sure it doesn't 500 -self.app.get('%s?limit=50=0' % thread_link) +self.app.get('%s?limit=50=0' % thread_link, status=404) @patch('allura.controllers.discuss.g.director.create_activity') def test_edit_post(self, create_activity): @@ -401,7 +401,7 @@ class TestAttachment(TestDiscussBase): def setup_method(self, method): super().setup_method(method) self.thread_link = self._thread_link() -thread = self.app.get(self.thread_link) +thread = self.app.get(self.thread_link, status=404) for f in thread.html.findAll('form'): if f.get('action', '').endswith('/post'): break @@ -521,10 +521,10 @@ class TestAttachment(TestDiscussBase): post.status = 'pending' session
[allura] branch master updated (0f69a432f -> 649503257)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/allura.git from 0f69a432f [#8474] upgrade pyflakes 2.4.0 -> 2.5.0 add 43cc8fc91 8455 nose2pytest for ./Allura add e474c3a6f first substantial test file mostly passing under pytest add ef63556b2 All tests in ./Allura collecting, and test_auth completely passing add e531c5465 all trivial failures resolved for ./Allura, only legit failures remain add c5b17848b [#8455] allura pytest - fix misc test failures that popped up during pytest conversion add a9693b565 [#8455] ran nose2pytest on Forge* and AlluraTest modules add acbc8eaf0 [#8455] converted the remaining modules fully to pytest add 8f2e1003f [#8455] added pytest.ini add 8709bdc10 [#8455] converted yield test to pytest.mark.parametrize add 5385c24da [#8455] remove @with_setup add e962bd479 [#8455] make setup 'method' param optional add bb53572e2 [#8445] pytest - remove alluratest.tools, dtadiff, nose asserts add c3c5e0f4c [#8445] remove datadiff add 49ca10e19 [#8455] remove unused tox.ini add a92536f9d [#8455] update test runner to use pytest and pytest-xdist for parallelization add 6f7431cd2 [#8455] remove @with_nose_compatability add 0cc46ae4d [#8455] updated test docs, removed various old references to nose and replaced with pytest add 730afcf7d [#8455] update docker test run to use pytest add ebd0d3b34 [#8455] remove 'test_suite' and 'tests_require' from setup.py as they are deprecated add 0c064dc0c [#8455] misc fixes to tests from pytest conversion add 649503257 [#8455] change pytest from dev dep to full dep, add pytest-sugar dep No new revisions were added by this update. Summary of changes: .travis.yml|1 - Allura/allura/lib/macro.py | 15 +- Allura/allura/model/project.py | 20 +- Allura/allura/tests/decorators.py |8 +- Allura/allura/tests/exclude_from_rewrite_hook.py | 31 + Allura/allura/tests/functional/test_admin.py | 182 ++- Allura/allura/tests/functional/test_auth.py| 574 Allura/allura/tests/functional/test_discuss.py | 24 +- Allura/allura/tests/functional/test_feeds.py |4 +- Allura/allura/tests/functional/test_gravatar.py|5 +- Allura/allura/tests/functional/test_home.py| 53 +- Allura/allura/tests/functional/test_nav.py |4 +- .../allura/tests/functional/test_neighborhood.py | 69 +- .../tests/functional/test_personal_dashboard.py| 33 +- Allura/allura/tests/functional/test_rest.py| 163 ++- Allura/allura/tests/functional/test_root.py| 24 +- Allura/allura/tests/functional/test_site_admin.py | 240 ++-- .../allura/tests/functional/test_trovecategory.py | 45 +- .../allura/tests/functional/test_user_profile.py | 116 +- Allura/allura/tests/model/test_artifact.py | 494 +++ Allura/allura/tests/model/test_auth.py | 835 ++- Allura/allura/tests/model/test_discussion.py | 966 ++--- Allura/allura/tests/model/test_filesystem.py | 19 +- Allura/allura/tests/model/test_monq.py |4 +- Allura/allura/tests/model/test_neighborhood.py | 108 +- Allura/allura/tests/model/test_notification.py | 53 +- Allura/allura/tests/model/test_oauth.py| 32 +- Allura/allura/tests/model/test_project.py | 325 ++--- Allura/allura/tests/model/test_repo.py | 89 +- Allura/allura/tests/model/test_timeline.py |6 +- .../tests/scripts/test_create_sitemap_files.py |9 +- .../allura/tests/scripts/test_delete_projects.py |7 +- Allura/allura/tests/scripts/test_misc_scripts.py |9 +- Allura/allura/tests/scripts/test_reindexes.py |9 +- .../tests/templates/jinja_master/test_lib.py | 16 +- Allura/allura/tests/test_app.py| 289 ++-- Allura/allura/tests/test_commands.py | 113 +- Allura/allura/tests/test_decorators.py | 30 +- Allura/allura/tests/test_diff.py |2 +- Allura/allura/tests/test_globals.py| 1501 ++-- Allura/allura/tests/test_helpers.py| 219 ++- Allura/allura/tests/test_mail_util.py | 98 +- Allura/allura/tests/test_middlewares.py| 34 +- Allura/allura/tests/test_multifactor.py| 72 +- Allura/allura/tests/test_patches.py| 21 +- Allura/allura/tests/test_plugin.py | 263 ++-- Allura/allura/tests/test_scripttask.py |2 +- Allura/allura/tests/test_security.py | 35 +- Allura/allura/tests/test_tasks.py | 217 ++- Allura/allura/tests/test_utils
[allura] 06/24: [#8474] Upgrade oauthlib 3.2.1 -> 3.2.2
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 816616bfe18a42128953c63917cda8bea1d30535 Author: Guillermo Cruz AuthorDate: Wed Oct 26 21:16:12 2022 + [#8474] Upgrade oauthlib 3.2.1 -> 3.2.2 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 7ca61f410..9e21d227f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -91,7 +91,7 @@ ming==0.12.1 # via -r requirements.in mock==4.0.3 # via -r requirements.in -oauthlib==3.2.1 +oauthlib==3.2.2 # via # -r requirements.in # requests-oauthlib
[allura] 07/24: [#8474] Upgrade PasteDeploy 2.1.1 -> 3.0.1, and its deps: setuptools
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 88376c172f7e47f761f8aff560b94579254fef0c Author: Guillermo Cruz AuthorDate: Wed Oct 26 21:16:54 2022 + [#8474] Upgrade PasteDeploy 2.1.1 -> 3.0.1, and its deps: setuptools PasteDeploy 2.1.1 -> 3.0.1 setuptools 63.1.0 -> skipped (OUTDATED! latest is: 65.5.0) --- requirements.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 9e21d227f..8e9a47826 100644 --- a/requirements.txt +++ b/requirements.txt @@ -67,6 +67,7 @@ importlib-metadata==4.13.0 # via # -r requirements.in # markdown +# pastedeploy inflection==0.5.1 # via profanityfilter iso8601==1.0.2 @@ -102,7 +103,7 @@ paste==3.5.1 # -r requirements.in # easywidgets # pastescript -pastedeploy==2.1.1 +pastedeploy==3.0.1 # via # -r requirements.in # pastescript
[allura] 19/24: [#8474] Upgrade Pypeline 0.6.1 -> no upgrade, and its deps: bleach,six,webencodings,html5lib,six,webencodings,Creoleparser,Genshi,six,six,markdown,importlib-metadata,typing-extensions,
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit dd9fd07c8b2d89b42b62b23adbf16061f87f795b Author: Dave Brondsema AuthorDate: Wed Nov 2 20:18:33 2022 + [#8474] Upgrade Pypeline 0.6.1 -> no upgrade, and its deps: bleach,six,webencodings,html5lib,six,webencodings,Creoleparser,Genshi,six,six,markdown,importlib-metadata,typing-extensions,zipp,textile,html5lib,six,webencodings,regex Pypeline 0.6.1 -> no upgrade bleach5.0.1 -> no upgrade six 1.16.0 -> no upgrade webencodings 0.5.1 -> no upgrade html5lib1.1 -> no upgrade six 1.16.0 -> no upgrade webencodings 0.5.1 -> no upgrade Creoleparser 0.7.5 -> no upgrade Genshi0.7.7 -> no upgrade six 1.16.0 -> no upgrade six 1.16.0 -> no upgrade markdown 3.3.7 -> no upgrade (OUTDATED! latest is: 3.4.1) importlib-metadata 4.12.0 -> 4.13.0 (OUTDATED! latest is: 5.0.0) typing-extensions 4.4.0 -> no upgrade zipp 3.8.1 -> 3.10.0 textile 4.0.2 -> no upgrade html5lib1.1 -> no upgrade six 1.16.0 -> no upgrade webencodings 0.5.1 -> no upgrade regex 2022.9.13 -> 2022.10.31 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 3d8ed8d9c..8f3256ae2 100644 --- a/requirements.txt +++ b/requirements.txt @@ -142,7 +142,7 @@ pytz==2022.6 # ming qrcode==7.3.1 # via -r requirements.in -regex==2022.9.13 +regex==2022.10.31 # via # regex-as-re-globally # textile
[allura] 15/24: [#8474] Upgrade ActivityStream 0.4.0 -> no upgrade, and its deps: pymongo
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 89cf413b0d0cffea501c83876d761661181ba8a6 Author: Dave Brondsema AuthorDate: Wed Nov 2 20:14:54 2022 + [#8474] Upgrade ActivityStream 0.4.0 -> no upgrade, and its deps: pymongo ActivityStream0.4.0 -> no upgrade pymongo 3.11.4 -> 3.13.0 (OUTDATED! latest is: 4.3.2) --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 3493c4e9b..3e1b42af4 100644 --- a/requirements.txt +++ b/requirements.txt @@ -118,7 +118,7 @@ pyflakes==2.4.0 # via -r requirements.in pygments==2.13.0 # via -r requirements.in -pymongo==3.11.4 +pymongo==3.13.0 # via # -r requirements.in # activitystream
[allura] 24/24: [#8474] upgrade pyflakes 2.4.0 -> 2.5.0
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 0f69a432fc6db37c6fb34e04b9003f2a506f128d Author: Dave Brondsema AuthorDate: Wed Nov 2 21:48:48 2022 + [#8474] upgrade pyflakes 2.4.0 -> 2.5.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 40a4113ef..a17e8a8db 100644 --- a/requirements.txt +++ b/requirements.txt @@ -114,7 +114,7 @@ profanityfilter==2.0.6 # via -r requirements.in pycparser==2.21 # via cffi -pyflakes==2.4.0 +pyflakes==2.5.0 # via -r requirements.in pygments==2.13.0 # via -r requirements.in
[allura] 13/24: [#8474] Upgrade Pillow 9.2.0 -> 9.3.0
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 164a675ff5ecfceefd6fc6635ba8528c1108e7ff Author: Guillermo Cruz AuthorDate: Wed Nov 2 17:11:11 2022 + [#8474] Upgrade Pillow 9.2.0 -> 9.3.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 9cd84ece3..3da5fd613 100644 --- a/requirements.txt +++ b/requirements.txt @@ -108,7 +108,7 @@ pastedeploy==2.1.1 # pastescript pastescript==3.2.1 # via -r requirements.in -pillow==9.2.0 +pillow==9.3.0 # via -r requirements.in profanityfilter==2.0.6 # via -r requirements.in
[allura] 17/24: [#8474] Upgrade EasyWidgets 0.4.1 -> no upgrade, and its deps: formencode,six,markupsafe,paste,setuptools,six,python-dateutil,six,six,webob
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit b6c5a63c9b63732dca43563f53873b2764e767a0 Author: Dave Brondsema AuthorDate: Wed Nov 2 20:16:35 2022 + [#8474] Upgrade EasyWidgets 0.4.1 -> no upgrade, and its deps: formencode,six,markupsafe,paste,setuptools,six,python-dateutil,six,six,webob EasyWidgets 0.4.1 -> no upgrade formencode2.0.1 -> no upgrade six 1.16.0 -> no upgrade markupsafe2.1.0 -> no upgrade (OUTDATED! latest is: 2.1.1) paste 3.5.1 -> 3.5.2 setuptools 63.1.0 -> skipped (OUTDATED! latest is: 65.5.0) six 1.16.0 -> no upgrade python-dateutil 2.8.2 -> no upgrade six 1.16.0 -> no upgrade six 1.16.0 -> no upgrade webob 1.7.4 -> no upgrade (OUTDATED! latest is: 1.8.7) --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 76f6ec186..ffdd20986 100644 --- a/requirements.txt +++ b/requirements.txt @@ -97,7 +97,7 @@ oauthlib==3.2.2 # requests-oauthlib paginate==0.5.6 # via -r requirements.in -paste==3.5.1 +paste==3.5.2 # via # -r requirements.in # easywidgets
[allura] 16/24: [#8474] Upgrade colander 1.8.3 -> no upgrade, and its deps: iso8601,setuptools,translationstring
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit a042844accc18b07124a5544b0ada12a965bb57c Author: Dave Brondsema AuthorDate: Wed Nov 2 20:16:14 2022 + [#8474] Upgrade colander 1.8.3 -> no upgrade, and its deps: iso8601,setuptools,translationstring colander 1.8.3 -> no upgrade iso8601 1.0.2 -> 1.1.0 setuptools 63.1.0 -> skipped (OUTDATED! latest is: 65.5.0) translationstring 1.4 -> no upgrade --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 3e1b42af4..76f6ec186 100644 --- a/requirements.txt +++ b/requirements.txt @@ -69,7 +69,7 @@ importlib-metadata==4.13.0 # markdown inflection==0.5.1 # via profanityfilter -iso8601==1.0.2 +iso8601==1.1.0 # via colander jinja2==3.1.2 # via -r requirements.in
[allura] 08/24: [#8474] Upgrade Pygments 2.12.0 -> 2.13.0
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 3a5074912a67a817a1fd93789cbe2a5173d83ae0 Author: Guillermo Cruz AuthorDate: Wed Oct 26 21:24:40 2022 + [#8474] Upgrade Pygments 2.12.0 -> 2.13.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 8e9a47826..03cace679 100644 --- a/requirements.txt +++ b/requirements.txt @@ -117,7 +117,7 @@ pycparser==2.21 # via cffi pyflakes==2.4.0 # via -r requirements.in -pygments==2.12.0 +pygments==2.13.0 # via -r requirements.in pymongo==3.11.4 # via
[allura] 09/24: [#8474] Upgrade Pypeline 0.6.0 -> 0.6.1, and its deps: bleach,six,webencodings,html5lib,six,webencodings,Creoleparser,Genshi,six,six,markdown,importlib-metadata,typing-extensions,zipp,
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 925d8e6bee642f66679d65aaa1813fbce26774a7 Author: Guillermo Cruz AuthorDate: Wed Oct 26 21:27:26 2022 + [#8474] Upgrade Pypeline 0.6.0 -> 0.6.1, and its deps: bleach,six,webencodings,html5lib,six,webencodings,Creoleparser,Genshi,six,six,markdown,importlib-metadata,typing-extensions,zipp,textile,html5lib,six,webencodings,regex Pypeline 0.6.0 -> 0.6.1 bleach5.0.1 -> no upgrade six 1.16.0 -> no upgrade webencodings 0.5.1 -> no upgrade html5lib1.1 -> no upgrade six 1.16.0 -> no upgrade webencodings 0.5.1 -> no upgrade Creoleparser 0.7.5 -> no upgrade Genshi0.7.7 -> no upgrade six 1.16.0 -> no upgrade six 1.16.0 -> no upgrade markdown 3.3.7 -> 3.4.1 importlib-metadata 4.12.0 -> 4.13.0 (OUTDATED! latest is: 5.0.0) typing-extensions 4.3.0 -> 4.4.0 zipp 3.8.1 -> 3.10.0 textile 4.0.2 -> no upgrade html5lib1.1 -> no upgrade six 1.16.0 -> no upgrade webencodings 0.5.1 -> no upgrade regex 2022.6.2 -> 2022.9.13 --- requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 03cace679..3ed39dae5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -124,7 +124,7 @@ pymongo==3.11.4 # -r requirements.in # activitystream # ming -pypeline[creole,markdown,rst,textile]==0.6.0 +pypeline[creole,markdown,rst,textile]==0.6.1 # via -r requirements.in pysolr==3.9.0 # via -r requirements.in @@ -143,7 +143,7 @@ pytz==2022.1 # ming qrcode==7.3.1 # via -r requirements.in -regex==2022.6.2 +regex==2022.9.13 # via # regex-as-re-globally # textile
[allura] 11/24: [#8474] Upgrade testfixtures 6.18.5 -> 7.0.0
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit bbadd71d39b99bc8cb77ae8ddb661c15c9a6c197 Author: Guillermo Cruz AuthorDate: Wed Oct 26 22:09:24 2022 + [#8474] Upgrade testfixtures 6.18.5 -> 7.0.0 --- Allura/allura/tests/scripts/test_create_sitemap_files.py | 2 +- requirements.txt | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Allura/allura/tests/scripts/test_create_sitemap_files.py b/Allura/allura/tests/scripts/test_create_sitemap_files.py index 31fa0bfd1..89cca8691 100644 --- a/Allura/allura/tests/scripts/test_create_sitemap_files.py +++ b/Allura/allura/tests/scripts/test_create_sitemap_files.py @@ -45,7 +45,7 @@ class TestCreateSitemapFiles: rmtree(tmpdir.path) # needs to be non-existent for the script self.run_script(['-o', tmpdir.path]) -tmpdir.check('sitemap-0.xml', 'sitemap.xml') +tmpdir.compare(['sitemap-0.xml', 'sitemap.xml'],recursive=False, files_only=True) xml_index = ET.parse(os.path.join(tmpdir.path, 'sitemap.xml')) ns = {'ns0': 'http://www.sitemaps.org/schemas/sitemap/0.9'} diff --git a/requirements.txt b/requirements.txt index 91e175766..b26c21c87 100644 --- a/requirements.txt +++ b/requirements.txt @@ -179,7 +179,7 @@ smmap==5.0.0 # via gitdb soupsieve==2.3.2.post1 # via beautifulsoup4 -testfixtures==6.18.5 +testfixtures==7.0.0 # via -r requirements.in textile==4.0.2 # via pypeline
[allura] 05/24: [#8474] Upgrade markdown-checklist 0.4.3 -> 0.4.4, and its deps: markdown,importlib-metadata,typing-extensions,zipp
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 7c3bac9cba0639bf120b2274b8601f9b1a57c426 Author: Guillermo Cruz AuthorDate: Wed Oct 26 21:14:10 2022 + [#8474] Upgrade markdown-checklist 0.4.3 -> 0.4.4, and its deps: markdown,importlib-metadata,typing-extensions,zipp markdown-checklist0.4.3 -> 0.4.4 markdown 3.3.7 -> 3.4.1 importlib-metadata 4.12.0 -> 4.13.0 (OUTDATED! latest is: 5.0.0) typing-extensions 4.3.0 -> 4.4.0 zipp 3.8.1 -> 3.10.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 7e5e2c27c..7ca61f410 100644 --- a/requirements.txt +++ b/requirements.txt @@ -78,7 +78,7 @@ markdown==3.4.1 # -r requirements.in # markdown-checklist # pypeline -markdown-checklist==0.4.3 +markdown-checklist==0.4.4 # via -r requirements.in markupsafe==2.1.0 # via
[allura] 01/24: [#8474] pinned importlib-metadata < 5.0
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 99143a3ba8b298731b3eee258b5c48a0a95e1e3d Author: Guillermo Cruz AuthorDate: Wed Oct 26 20:46:15 2022 + [#8474] pinned importlib-metadata < 5.0 --- requirements.in | 2 +- requirements.txt | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/requirements.in b/requirements.in index 2d938e146..972f42ebf 100644 --- a/requirements.in +++ b/requirements.in @@ -47,7 +47,7 @@ WebHelpers2 WebOb werkzeug wrapt - +importlib-metadata<5.0 # testing datadiff mock diff --git a/requirements.txt b/requirements.txt index 840326b53..0c31f4d39 100644 --- a/requirements.txt +++ b/requirements.txt @@ -64,7 +64,9 @@ html5lib==1.1 idna==3.3 # via requests importlib-metadata==4.12.0 -# via markdown +# via +# -r requirements.in +# markdown inflection==0.5.1 # via profanityfilter iso8601==1.0.2
[allura] 04/24: [#8474] Upgrade markdown 3.3.7 -> 3.4.1, and its deps: importlib-metadata,typing-extensions,zipp
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 104bf6ef2067eaf81fd9857679c14283f6a8ea11 Author: Guillermo Cruz AuthorDate: Wed Oct 26 21:12:51 2022 + [#8474] Upgrade markdown 3.3.7 -> 3.4.1, and its deps: importlib-metadata,typing-extensions,zipp markdown 3.3.7 -> 3.4.1 importlib-metadata 4.12.0 -> 4.13.0 (OUTDATED! latest is: 5.0.0) typing-extensions 4.3.0 -> 4.4.0 zipp 3.8.1 -> 3.10.0 --- requirements.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements.txt b/requirements.txt index abc59b44b..7e5e2c27c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -63,7 +63,7 @@ html5lib==1.1 # textile idna==3.3 # via requests -importlib-metadata==4.12.0 +importlib-metadata==4.13.0 # via # -r requirements.in # markdown @@ -73,7 +73,7 @@ iso8601==1.0.2 # via colander jinja2==3.1.2 # via -r requirements.in -markdown==3.3.7 +markdown==3.4.1 # via # -r requirements.in # markdown-checklist @@ -218,7 +218,7 @@ werkzeug==2.1.2 # via -r requirements.in wrapt==1.14.1 # via -r requirements.in -zipp==3.8.0 +zipp==3.10.0 # via importlib-metadata # The following packages are considered to be unsafe in a requirements file:
[allura] 20/24: [#8474] Upgrade pysolr 3.9.0 -> no upgrade, and its deps: requests,certifi,charset-normalizer,idna,urllib3
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit c8d543f3ccec79ee52269788cc196e4d4ad426f6 Author: Dave Brondsema AuthorDate: Wed Nov 2 20:18:58 2022 + [#8474] Upgrade pysolr 3.9.0 -> no upgrade, and its deps: requests,certifi,charset-normalizer,idna,urllib3 pysolr3.9.0 -> no upgrade requests 2.28.1 -> no upgrade certifi 2022.6.15 -> 2022.9.24 charset-normalizer2.1.0 -> 2.1.1 (OUTDATED! latest is: 3.0.0) idna3.3 -> 3.4 urllib3 1.26.9 -> 1.26.12 --- requirements.txt | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/requirements.txt b/requirements.txt index 8f3256ae2..4dc5dbf33 100644 --- a/requirements.txt +++ b/requirements.txt @@ -16,11 +16,11 @@ bleach[css]==5.0.1 # via pypeline cchardet==2.1.7 # via -r requirements.in -certifi==2021.10.8 +certifi==2022.9.24 # via requests cffi==1.15.1 # via cryptography -charset-normalizer==2.0.12 +charset-normalizer==2.1.1 # via requests colander==1.8.3 # via -r requirements.in @@ -61,7 +61,7 @@ html5lib==1.1 # -r requirements.in # pypeline # textile -idna==3.3 +idna==3.4 # via requests importlib-metadata==4.13.0 # via @@ -150,7 +150,7 @@ regex-as-re-globally==0.0.2 # via -r requirements.in repoze-lru==0.7 # via turbogears2 -requests==2.27.1 +requests==2.28.1 # via # -r requirements.in # pysolr @@ -194,7 +194,7 @@ typing-extensions==4.4.0 # via # gitpython # importlib-metadata -urllib3==1.26.9 +urllib3==1.26.12 # via requests waitress==2.1.2 # via webtest
[allura] 21/24: [#8474] Upgrade testfixtures 7.0.0 -> 7.0.2
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit ffdebecce3aedf8e8add2df012a740021de90d0a Author: Dave Brondsema AuthorDate: Wed Nov 2 20:33:44 2022 + [#8474] Upgrade testfixtures 7.0.0 -> 7.0.2 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 4dc5dbf33..70e0fe6e5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -178,7 +178,7 @@ smmap==5.0.0 # via gitdb soupsieve==2.3.2.post1 # via beautifulsoup4 -testfixtures==7.0.0 +testfixtures==7.0.2 # via -r requirements.in textile==4.0.2 # via pypeline
[allura] 10/24: [#8474] Upgrade setproctitle 1.2.3 -> 1.3.2
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit abccb15fae13716f1914794cf935e045974f8315 Author: Guillermo Cruz AuthorDate: Wed Oct 26 21:34:07 2022 + [#8474] Upgrade setproctitle 1.2.3 -> 1.3.2 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 3ed39dae5..91e175766 100644 --- a/requirements.txt +++ b/requirements.txt @@ -158,7 +158,7 @@ requests==2.27.1 # requests-oauthlib requests-oauthlib==1.3.1 # via -r requirements.in -setproctitle==1.2.3 +setproctitle==1.3.2 # via -r requirements.in sgmllib3k==1.0.0 # via feedparser
[allura] 22/24: [#8474] upgrade cryptography 37.0.4 -> 38.0.3
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 0e24a91b316ab76e02aa6aa973806539574df3f7 Author: Dave Brondsema AuthorDate: Wed Nov 2 21:48:17 2022 + [#8474] upgrade cryptography 37.0.4 -> 38.0.3 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 70e0fe6e5..0bec0e707 100644 --- a/requirements.txt +++ b/requirements.txt @@ -28,7 +28,7 @@ crank==0.8.1 # via turbogears2 creoleparser==0.7.5 # via pypeline -cryptography==37.0.4 +cryptography==38.0.3 # via -r requirements.in datadiff==2.0.0 # via -r requirements.in
[allura] 02/24: [#8474] Upgrade emoji 1.7.0 -> 2.1.0
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit ebde51da14327e1c198f74c14f1ea73943b7cd6d Author: Guillermo Cruz AuthorDate: Wed Oct 26 21:06:11 2022 + [#8474] Upgrade emoji 1.7.0 -> 2.1.0 --- Allura/allura/lib/helpers.py | 2 +- Allura/allura/lib/markdown_extensions.py | 2 +- Allura/allura/lib/utils.py | 2 +- requirements.txt | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/Allura/allura/lib/helpers.py b/Allura/allura/lib/helpers.py index 2efce7911..da5f3e954 100644 --- a/Allura/allura/lib/helpers.py +++ b/Allura/allura/lib/helpers.py @@ -1288,7 +1288,7 @@ def hide_private_info(message): def emojize(text): """Coverts emoji codes to unicode emojis""" -return emoji.emojize(text, use_aliases=True) +return emoji.emojize(text, language="alias") def get_current_reaction(react_users_dict): diff --git a/Allura/allura/lib/markdown_extensions.py b/Allura/allura/lib/markdown_extensions.py index b929a6b7a..c1d089d77 100644 --- a/Allura/allura/lib/markdown_extensions.py +++ b/Allura/allura/lib/markdown_extensions.py @@ -311,7 +311,7 @@ class EmojiInlinePattern(markdown.inlinepatterns.Pattern): def handleMatch(self, m): emoji_code = m.group(2) -return emoji.emojize(emoji_code, use_aliases=True) +return emoji.emojize(emoji_code, language="alias") class UserMentionExtension(markdown.Extension): diff --git a/Allura/allura/lib/utils.py b/Allura/allura/lib/utils.py index b6e7ee0de..41b2c979f 100644 --- a/Allura/allura/lib/utils.py +++ b/Allura/allura/lib/utils.py @@ -761,7 +761,7 @@ def get_reactions_json(): """ Returns global reactions json """ j = OrderedDict() for em in get_reaction_emoji_list(): -j[em] = emoji.emojize(em, use_aliases=True) +j[em] = emoji.emojize(em, language='alias') return json.dumps(j) diff --git a/requirements.txt b/requirements.txt index 0c31f4d39..7d8f3e011 100644 --- a/requirements.txt +++ b/requirements.txt @@ -38,7 +38,7 @@ docutils==0.18.1 # via pypeline easywidgets==0.4.1 # via -r requirements.in -emoji==1.7.0 +emoji==2.1.0 # via -r requirements.in feedgenerator==2.0.0 # via -r requirements.in
[allura] branch master updated (048a180e2 -> 0f69a432f)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/allura.git from 048a180e2 added noindex meta tag to new tickets page new 99143a3ba [#8474] pinned importlib-metadata < 5.0 new ebde51da1 [#8474] Upgrade emoji 1.7.0 -> 2.1.0 new 5422cc7b7 [#8474] Upgrade GitPython 3.1.27 -> 3.1.29, and its deps: gitdb,smmap,typing-extensions new 104bf6ef2 [#8474] Upgrade markdown 3.3.7 -> 3.4.1, and its deps: importlib-metadata,typing-extensions,zipp new 7c3bac9cb [#8474] Upgrade markdown-checklist 0.4.3 -> 0.4.4, and its deps: markdown,importlib-metadata,typing-extensions,zipp new 816616bfe [#8474] Upgrade oauthlib 3.2.1 -> 3.2.2 new 88376c172 [#8474] Upgrade PasteDeploy 2.1.1 -> 3.0.1, and its deps: setuptools new 3a5074912 [#8474] Upgrade Pygments 2.12.0 -> 2.13.0 new 925d8e6be [#8474] Upgrade Pypeline 0.6.0 -> 0.6.1, and its deps: bleach,six,webencodings,html5lib,six,webencodings,Creoleparser,Genshi,six,six,markdown,importlib-metadata,typing-extensions,zipp,textile,html5lib,six,webencodings,regex new abccb15fa [#8474] Upgrade setproctitle 1.2.3 -> 1.3.2 new bbadd71d3 [#8474] Upgrade testfixtures 6.18.5 -> 7.0.0 new f8df93bc8 [#8474] pinned Markdown to 3.3.7 and PasteDeploy < 3 new 164a675ff [#8474] Upgrade Pillow 9.2.0 -> 9.3.0 new 37adfc65c [#8474] Upgrade emoji 2.1.0 -> 2.2.0 new 89cf413b0 [#8474] Upgrade ActivityStream 0.4.0 -> no upgrade, and its deps: pymongo new a042844ac [#8474] Upgrade colander 1.8.3 -> no upgrade, and its deps: iso8601,setuptools,translationstring new b6c5a63c9 [#8474] Upgrade EasyWidgets 0.4.1 -> no upgrade, and its deps: formencode,six,markupsafe,paste,setuptools,six,python-dateutil,six,six,webob new 18e076f79 [#8474] Upgrade feedgenerator 2.0.0 -> no upgrade, and its deps: pytz new dd9fd07c8 [#8474] Upgrade Pypeline 0.6.1 -> no upgrade, and its deps: bleach,six,webencodings,html5lib,six,webencodings,Creoleparser,Genshi,six,six,markdown,importlib-metadata,typing-extensions,zipp,textile,html5lib,six,webencodings,regex new c8d543f3c [#8474] Upgrade pysolr 3.9.0 -> no upgrade, and its deps: requests,certifi,charset-normalizer,idna,urllib3 new ffdebecce [#8474] Upgrade testfixtures 7.0.0 -> 7.0.2 new 0e24a91b3 [#8474] upgrade cryptography 37.0.4 -> 38.0.3 new 18aa4b888 [#8474] upgrade docutils 0.18.1 -> 0.19 new 0f69a432f [#8474] upgrade pyflakes 2.4.0 -> 2.5.0 The 24 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: Allura/allura/lib/helpers.py | 2 +- Allura/allura/lib/markdown_extensions.py | 2 +- Allura/allura/lib/utils.py | 2 +- .../tests/scripts/test_create_sitemap_files.py | 2 +- requirements.in| 6 +-- requirements.txt | 54 +++--- 6 files changed, 35 insertions(+), 33 deletions(-)
[allura] 12/24: [#8474] pinned Markdown to 3.3.7 and PasteDeploy < 3
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit f8df93bc878d5bc20a3008f5650680a48fe068ee Author: Guillermo Cruz AuthorDate: Wed Nov 2 17:00:40 2022 + [#8474] pinned Markdown to 3.3.7 and PasteDeploy < 3 --- requirements.in | 4 ++-- requirements.txt | 5 ++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/requirements.in b/requirements.in index 972f42ebf..4a5c6c15e 100644 --- a/requirements.in +++ b/requirements.in @@ -14,14 +14,14 @@ FormEncode GitPython html5lib Jinja2 -Markdown +Markdown==3.3.7 markdown-checklist MarkupSafe!=2.1.1 Ming oauthlib paginate Paste -PasteDeploy +PasteDeploy<3 PasteScript Pillow # profanity filter for feedback diff --git a/requirements.txt b/requirements.txt index b26c21c87..9cd84ece3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -67,14 +67,13 @@ importlib-metadata==4.13.0 # via # -r requirements.in # markdown -# pastedeploy inflection==0.5.1 # via profanityfilter iso8601==1.0.2 # via colander jinja2==3.1.2 # via -r requirements.in -markdown==3.4.1 +markdown==3.3.7 # via # -r requirements.in # markdown-checklist @@ -103,7 +102,7 @@ paste==3.5.1 # -r requirements.in # easywidgets # pastescript -pastedeploy==3.0.1 +pastedeploy==2.1.1 # via # -r requirements.in # pastescript
[allura] 23/24: [#8474] upgrade docutils 0.18.1 -> 0.19
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 18aa4b888dc1c6471c46909cce30a3f681edef0a Author: Dave Brondsema AuthorDate: Wed Nov 2 21:48:39 2022 + [#8474] upgrade docutils 0.18.1 -> 0.19 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 0bec0e707..40a4113ef 100644 --- a/requirements.txt +++ b/requirements.txt @@ -34,7 +34,7 @@ datadiff==2.0.0 # via -r requirements.in decorator==5.1.1 # via -r requirements.in -docutils==0.18.1 +docutils==0.19 # via pypeline easywidgets==0.4.1 # via -r requirements.in
[allura] 18/24: [#8474] Upgrade feedgenerator 2.0.0 -> no upgrade, and its deps: pytz
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 18e076f795228bd7fbba2b245980f8b054b1a140 Author: Dave Brondsema AuthorDate: Wed Nov 2 20:16:49 2022 + [#8474] Upgrade feedgenerator 2.0.0 -> no upgrade, and its deps: pytz feedgenerator 2.0.0 -> no upgrade pytz 2022.1 -> 2022.6 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index ffdd20986..3d8ed8d9c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -135,7 +135,7 @@ python-magic==0.4.27 # via -r requirements.in python-oembed==0.2.4 # via -r requirements.in -pytz==2022.1 +pytz==2022.6 # via # -r requirements.in # feedgenerator
[allura] 14/24: [#8474] Upgrade emoji 2.1.0 -> 2.2.0
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 37adfc65c5e305e62d652b32853e1e8e4ad63a14 Author: Guillermo Cruz AuthorDate: Wed Nov 2 17:14:18 2022 + [#8474] Upgrade emoji 2.1.0 -> 2.2.0 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 3da5fd613..3493c4e9b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -38,7 +38,7 @@ docutils==0.18.1 # via pypeline easywidgets==0.4.1 # via -r requirements.in -emoji==2.1.0 +emoji==2.2.0 # via -r requirements.in feedgenerator==2.0.0 # via -r requirements.in
[allura] 03/24: [#8474] Upgrade GitPython 3.1.27 -> 3.1.29, and its deps: gitdb,smmap,typing-extensions
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 5422cc7b772ef4ea91dd482a22203b4160d931e7 Author: Guillermo Cruz AuthorDate: Wed Oct 26 21:11:01 2022 + [#8474] Upgrade GitPython 3.1.27 -> 3.1.29, and its deps: gitdb,smmap,typing-extensions GitPython3.1.27 -> 3.1.29 gitdb 4.0.9 -> no upgrade smmap 5.0.0 -> no upgrade typing-extensions 4.3.0 -> 4.4.0 --- requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 7d8f3e011..abc59b44b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -52,7 +52,7 @@ genshi==0.7.7 # via creoleparser gitdb==4.0.9 # via gitpython -gitpython==3.1.27 +gitpython==3.1.29 # via -r requirements.in gunicorn==20.1.0 # via -r requirements.in @@ -190,7 +190,7 @@ translationstring==1.4 # via colander turbogears2==2.3.12 # via -r requirements.in -typing-extensions==4.3.0 +typing-extensions==4.4.0 # via # gitpython # importlib-metadata
[allura] branch pytest updated (1d898d2c1 -> 0510578e2)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch pytest in repository https://gitbox.apache.org/repos/asf/allura.git from 1d898d2c1 [#8455] remove @with_setup add 8ff97294d [#8455] make setup 'method' param optional add fe2b5be22 [#8445] pytest - remove alluratest.tools, dtadiff, nose asserts add 0510578e2 [#8445] remove datadiff No new revisions were added by this update. Summary of changes: Allura/allura/tests/decorators.py | 1 - Allura/allura/tests/functional/test_admin.py | 4 +- Allura/allura/tests/functional/test_gravatar.py| 1 - Allura/allura/tests/functional/test_home.py| 1 - .../allura/tests/functional/test_neighborhood.py | 1 - .../tests/functional/test_personal_dashboard.py| 1 - Allura/allura/tests/functional/test_rest.py| 1 - Allura/allura/tests/functional/test_root.py| 4 +- Allura/allura/tests/functional/test_site_admin.py | 2 - .../allura/tests/functional/test_trovecategory.py | 1 - .../allura/tests/functional/test_user_profile.py | 1 - Allura/allura/tests/model/test_filesystem.py | 1 - Allura/allura/tests/model/test_neighborhood.py | 1 - Allura/allura/tests/model/test_notification.py | 1 - Allura/allura/tests/model/test_project.py | 1 - Allura/allura/tests/model/test_repo.py | 1 - Allura/allura/tests/model/test_timeline.py | 2 - .../tests/scripts/test_create_sitemap_files.py | 1 - .../allura/tests/scripts/test_delete_projects.py | 1 - Allura/allura/tests/scripts/test_misc_scripts.py | 1 - Allura/allura/tests/scripts/test_reindexes.py | 1 - .../tests/templates/jinja_master/test_lib.py | 4 +- Allura/allura/tests/test_app.py| 1 - Allura/allura/tests/test_commands.py | 4 -- Allura/allura/tests/test_decorators.py | 1 - Allura/allura/tests/test_helpers.py| 49 ++ Allura/allura/tests/test_middlewares.py| 2 - Allura/allura/tests/test_tasks.py | 5 --- Allura/allura/tests/test_webhooks.py | 17 .../test_discussion_moderation_controller.py | 1 - Allura/allura/tests/unit/phone/test_nexmo.py | 2 - .../allura/tests/unit/phone/test_phone_service.py | 3 -- Allura/allura/tests/unit/spam/test_spam_filter.py | 1 - .../allura/tests/unit/spam/test_stopforumspam.py | 1 - Allura/allura/tests/unit/test_helpers/test_ago.py | 1 - .../allura/tests/unit/test_ldap_auth_provider.py | 3 +- Allura/allura/tests/unit/test_repo.py | 20 - Allura/allura/tests/unit/test_solr.py | 1 - AlluraTest/alluratest/controller.py| 4 +- .../forgeactivity/tests/functional/test_rest.py| 2 - .../forgeactivity/tests/functional/test_root.py| 1 - ForgeBlog/forgeblog/tests/functional/test_feeds.py | 1 - ForgeBlog/forgeblog/tests/functional/test_rest.py | 1 - ForgeBlog/forgeblog/tests/functional/test_root.py | 1 - ForgeBlog/forgeblog/tests/test_app.py | 1 - ForgeBlog/forgeblog/tests/test_commands.py | 2 - ForgeBlog/forgeblog/tests/unit/test_blog_post.py | 1 - ForgeChat/forgechat/tests/functional/test_root.py | 1 - .../tests/functional/test_import.py| 5 --- ForgeDiscussion/forgediscussion/tests/test_app.py | 1 - .../forgefeedback/tests/test_feedback_roles.py | 4 +- .../forgefeedback/tests/unit/test_feedback.py | 4 -- .../tests/unit/test_root_controller.py | 5 --- .../forgefiles/tests/functional/test_root.py | 1 - ForgeFiles/forgefiles/tests/model/test_files.py| 2 - ForgeFiles/forgefiles/tests/test_files_roles.py| 1 - ForgeGit/forgegit/tests/functional/test_auth.py| 1 - .../forgegit/tests/functional/test_controllers.py | 6 +-- ForgeGit/forgegit/tests/model/test_repository.py | 2 - ForgeGit/forgegit/tests/test_git_app.py| 1 - .../forgeimporters/github/tests/test_utils.py | 2 - .../forgeimporters/github/tests/test_wiki.py | 1 - .../tests/github/functional/test_github.py | 1 - .../trac/tests/functional/test_trac.py | 3 +- ForgeLink/forgelink/tests/functional/test_rest.py | 1 - ForgeLink/forgelink/tests/functional/test_root.py | 2 - ForgeLink/forgelink/tests/test_app.py | 1 - ForgeSVN/forgesvn/tests/functional/test_auth.py| 1 - .../forgesvn/tests/functional/test_controllers.py | 3 -- ForgeSVN/forgesvn/tests/model/test_repository.py | 3 -- .../forgesvn/tests/model/test_svnimplementation.py | 1 - ForgeSVN/forgesvn/tests/test_svn_app.py| 1 - ForgeSVN/forgesvn/tests/test_tasks.py | 1 - .../forgeshorturl/tests/functional/test_main.py| 1 - .../tests/command/test_fix_discussion.py | 1 - .../forgetracker/tests/functional
[allura] branch master updated: chunked_find: avoid redundant query at end
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new c125f0c9e chunked_find: avoid redundant query at end c125f0c9e is described below commit c125f0c9e89730ed2d622c3cdaa8db5df8da33c7 Author: Dave Brondsema AuthorDate: Tue Oct 18 12:33:17 2022 -0400 chunked_find: avoid redundant query at end --- Allura/allura/lib/utils.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/Allura/allura/lib/utils.py b/Allura/allura/lib/utils.py index 28a621038..b6e7ee0de 100644 --- a/Allura/allura/lib/utils.py +++ b/Allura/allura/lib/utils.py @@ -176,12 +176,14 @@ def chunked_find(cls, query=None, pagesize=1024, sort_key='_id', sort_dir=1): else: # skipping requires scanning, even for an indexed query q = cls.query.find(query).limit(pagesize).skip(pagesize * page) -results = (q.all()) +results = q.all() if not results: break if sort_key: max_id = results[-1][sort_key] yield results +if len(results) < pagesize: +break page += 1
[allura] branch master updated: [#8470] don't use newer report-to directive, it requires more setup to be correct
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 60992aecb [#8470] don't use newer report-to directive, it requires more setup to be correct 60992aecb is described below commit 60992aecb5ef659d5b792e1a467fef46de69e613 Author: Dave Brondsema AuthorDate: Mon Oct 17 14:20:16 2022 -0400 [#8470] don't use newer report-to directive, it requires more setup to be correct --- Allura/allura/lib/custom_middleware.py | 4 ++-- Allura/allura/tests/functional/test_root.py | 12 +++- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/Allura/allura/lib/custom_middleware.py b/Allura/allura/lib/custom_middleware.py index 8974734d3..1968ad31c 100644 --- a/Allura/allura/lib/custom_middleware.py +++ b/Allura/allura/lib/custom_middleware.py @@ -481,13 +481,13 @@ class ContentSecurityPolicyMiddleware: resp.headers.pop('Content-Security-Policy-Report-Only') if report_mode and report_uri: -report_rules.append(f'report-uri {report_uri}; report-to {report_uri}') +report_rules.append(f'report-uri {report_uri}') if self.config['base_url'].startswith('https'): rules.append('upgrade-insecure-requests') if report_enforce_mode and report_uri_enforce: -rules.append(f'report-uri {report_uri_enforce}; report-to {report_uri_enforce:}') +rules.append(f'report-uri {report_uri_enforce}') if self.config.get('csp.frame_sources'): if report_mode: diff --git a/Allura/allura/tests/functional/test_root.py b/Allura/allura/tests/functional/test_root.py index 6964fa0d5..f2f6b425d 100644 --- a/Allura/allura/tests/functional/test_root.py +++ b/Allura/allura/tests/functional/test_root.py @@ -202,15 +202,17 @@ class TestRootController(TestController): @mock.patch.dict(tg.config, {'csp.report_mode': True, 'csp.report_uri': 'https://example.com/r/d/csp/reportOnly'}) def test_headers_report(self): resp = self.app.get('/p/wiki/Home/') -assert resp.headers.getall('Content-Security-Policy-Report-Only')[0] == '; '.join(["report-uri https://example.com/r/d/csp/reportOnly;, - "report-to https://example.com/r/d/csp/reportOnly;, - "frame-src 'self' www.youtube-nocookie.com", - "form-action 'self'"]) +assert resp.headers.getall('Content-Security-Policy-Report-Only')[0] == '; '.join([ +"report-uri https://example.com/r/d/csp/reportOnly;, +"frame-src 'self' www.youtube-nocookie.com", +"form-action 'self'", +]) @mock.patch.dict(tg.config, {'csp.report_uri_enforce': 'https://example.com/r/d/csp/enforce', 'csp.report_enforce_mode': True}) def test_headers_report_enforce(self): resp = self.app.get('/p/wiki/Home/') -assert "report-uri https://example.com/r/d/csp/enforce; report-to https://example.com/r/d/csp/enforce; frame-src 'self' www.youtube-nocookie.com;" in resp.headers.getall('Content-Security-Policy')[0] +assert "report-uri https://example.com/r/d/csp/enforce; frame-src 'self' www.youtube-nocookie.com;" \ + in resp.headers.getall('Content-Security-Policy')[0] class TestRootWithSSLPattern(TestController):
[allura] branch master updated (5f3a3c86f -> d147d5f0a)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/allura.git from 5f3a3c86f [#8470] removed config globlas for csp and updated middleware code add d147d5f0a make oauth api_key unique, to match child class that has it unique No new revisions were added by this update. Summary of changes: Allura/allura/model/oauth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
[allura] branch db/mongo_indexes updated: improve artifact_feed.author_link index by including field it is sorted on
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/mongo_indexes in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/db/mongo_indexes by this push: new 50299480b improve artifact_feed.author_link index by including field it is sorted on 50299480b is described below commit 50299480b070f5dd3ae291172483a1451b7f756d Author: Dave Brondsema AuthorDate: Fri Oct 14 13:15:23 2022 -0400 improve artifact_feed.author_link index by including field it is sorted on --- Allura/allura/model/artifact.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Allura/allura/model/artifact.py b/Allura/allura/model/artifact.py index 487530f9d..4ec053255 100644 --- a/Allura/allura/model/artifact.py +++ b/Allura/allura/model/artifact.py @@ -898,7 +898,8 @@ class Feed(MappedClass): ('app_config_id', pymongo.ASCENDING), ('pubdate', pymongo.DESCENDING)), # used in ext/user_profile/user_main.py for user feeds -'author_link', +(('author_link', pymongo.ASCENDING), + ('pubdate', pymongo.DESCENDING)), # used in project feed (('project_id', pymongo.ASCENDING), ('pubdate', pymongo.DESCENDING)),
[allura] branch db/mongo_indexes created (now 8b08932b8)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/mongo_indexes in repository https://gitbox.apache.org/repos/asf/allura.git at 8b08932b8 add indexes to Post for update_stats() queries This branch includes the following new commits: new d147d5f0a make oauth api_key unique, to match child class that has it unique new 8b08932b8 add indexes to Post for update_stats() queries The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] 02/02: add indexes to Post for update_stats() queries
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/mongo_indexes in repository https://gitbox.apache.org/repos/asf/allura.git commit 8b08932b8f21dd6e9ab743ed7652c5ea5164a7c1 Author: Dave Brondsema AuthorDate: Fri Oct 14 13:06:37 2022 -0400 add indexes to Post for update_stats() queries --- Allura/allura/model/discuss.py | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Allura/allura/model/discuss.py b/Allura/allura/model/discuss.py index 49e0e4686..2c40db80f 100644 --- a/Allura/allura/model/discuss.py +++ b/Allura/allura/model/discuss.py @@ -512,7 +512,10 @@ class Post(Message, VersionedArtifact, ActivityObject, ReactableArtifact): indexes = [ # used in general lookups, last_post, etc ('discussion_id', 'status', 'timestamp'), -'thread_id', +# for update_stats() +('discussion_id', 'deleted', 'status'), +# for update_stats() and thread_id in general +('thread_id', 'status', 'deleted'), # for find_posts/query_posts, including full_slug sort which is useful on super big threads ('deleted', 'discussion_id', 'thread_id', 'full_slug'), ]
[allura] 01/02: make oauth api_key unique, to match child class that has it unique
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/mongo_indexes in repository https://gitbox.apache.org/repos/asf/allura.git commit d147d5f0a441ddc11d5ca54270c7e8691abf4d7b Author: Dave Brondsema AuthorDate: Fri Oct 14 13:06:02 2022 -0400 make oauth api_key unique, to match child class that has it unique --- Allura/allura/model/oauth.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Allura/allura/model/oauth.py b/Allura/allura/model/oauth.py index 69778b434..8060dfce2 100644 --- a/Allura/allura/model/oauth.py +++ b/Allura/allura/model/oauth.py @@ -46,7 +46,7 @@ class OAuthToken(MappedClass): class __mongometa__: session = main_orm_session name = 'oauth_token' -indexes = ['api_key'] +unique_indexes = ['api_key'] polymorphic_on = 'type' polymorphic_identity = None
[allura] branch master updated (299dc4070 -> 5f3a3c86f)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/allura.git from 299dc4070 [#8470] added default csp headers and configurable options to add additional frame-src and form-action add 5f3a3c86f [#8470] removed config globlas for csp and updated middleware code No new revisions were added by this update. Summary of changes: Allura/allura/lib/app_globals.py | 22 -- Allura/allura/lib/custom_middleware.py | 20 2 files changed, 12 insertions(+), 30 deletions(-)
[allura] branch master updated: [#8470] added default csp headers and configurable options to add additional frame-src and form-action
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 299dc4070 [#8470] added default csp headers and configurable options to add additional frame-src and form-action 299dc4070 is described below commit 299dc407080bb7dcc6e4aa02eab0bc75cfd11677 Author: Guillermo Cruz AuthorDate: Wed Sep 28 11:21:10 2022 -0600 [#8470] added default csp headers and configurable options to add additional frame-src and form-action --- Allura/allura/config/middleware.py | 4 ++- Allura/allura/lib/app_globals.py| 22 + Allura/allura/lib/custom_middleware.py | 49 + Allura/allura/tests/functional/test_root.py | 25 +++ Allura/development.ini | 13 5 files changed, 112 insertions(+), 1 deletion(-) diff --git a/Allura/allura/config/middleware.py b/Allura/allura/config/middleware.py index e5ace854a..2d759c4d8 100644 --- a/Allura/allura/config/middleware.py +++ b/Allura/allura/config/middleware.py @@ -63,6 +63,7 @@ from allura.lib.custom_middleware import LoginRedirectMiddleware from allura.lib.custom_middleware import RememberLoginMiddleware from allura.lib.custom_middleware import SetRequestHostFromConfig from allura.lib.custom_middleware import MingTaskSessionSetupMiddleware +from allura.lib.custom_middleware import ContentSecurityPolicyMiddleware from allura.lib import helpers as h from allura.lib.utils import configure_ming @@ -142,7 +143,8 @@ def _make_core_app(root, global_conf, full_stack=True, **app_conf): Middleware = mw_ep.load() if getattr(Middleware, 'when', 'inner') == 'inner': app = Middleware(app, config) - +# CSP headers +app = ContentSecurityPolicyMiddleware(app, config) # Required for sessions app = SessionMiddleware(app, config, data_serializer=BeakerPickleSerializerWithLatin1()) # Handle "Remember me" functionality diff --git a/Allura/allura/lib/app_globals.py b/Allura/allura/lib/app_globals.py index 65279bbca..5895459e4 100644 --- a/Allura/allura/lib/app_globals.py +++ b/Allura/allura/lib/app_globals.py @@ -662,6 +662,28 @@ class Globals: def commit_statuses_enabled(self): return asbool(config['scm.commit_statuses']) +@property +def csp_report_mode(self): +if config.get('csp.report_mode'): +return asbool(config['csp.report_mode']) +return False + +@property +def csp_report_uri(self): +if config.get('csp.report_uri'): +return config['csp.report_uri'] +return None +@property +def csp_report_uri_enforce(self): +if config.get('csp.report_uri_enforce'): +return config['csp.report_uri_enforce'] +return None +@property +def csp_report_enforce(self): +if config.get('csp.report_enforce_mode'): +return True +return False + class Icon: def __init__(self, css, title=None): diff --git a/Allura/allura/lib/custom_middleware.py b/Allura/allura/lib/custom_middleware.py index ca97111f0..7665f64de 100644 --- a/Allura/allura/lib/custom_middleware.py +++ b/Allura/allura/lib/custom_middleware.py @@ -35,6 +35,7 @@ from allura.lib import helpers as h from allura.lib.utils import is_ajax from allura import model as M import allura.model.repository +from tg import tmpl_context as c, app_globals as g log = logging.getLogger(__name__) @@ -455,3 +456,51 @@ class MingTaskSessionSetupMiddleware: # this is sufficient to ensure an ODM session is always established session(M.MonQTask).impl return self.app(environ, start_response) + + +class ContentSecurityPolicyMiddleware: +''' Sets Content-Security-Policy headers ''' + +def __init__(self, app, config): +self.app = app +self.config = config + +def __call__(self, environ, start_response): +req = Request(environ) +resp = req.get_response(self.app) +rules = resp.headers.getall('Content-Security-Policy') +report_rules = resp.headers.getall('Content-Security-Policy-Report-Only') + +if rules: +resp.headers.pop('Content-Security-Policy') +if report_rules: + resp.headers.pop('Content-Security-Policy-Report-Only') + +if g.csp_report_mode and g.csp_report_uri: +report_rules.append(f'report-uri {g.csp_report_uri}; report-to {g.csp_report_uri}') + +if self.config['base_url'].startswith('https'): +rules.append('upgrade-insecure-requests') + +if g.csp_report_enforce and g.csp_report_uri_enforce: +rules.append(f'report-uri {g.csp_report_uri_enforce}; report-to {g.csp_report_uri_enforce:}') + +if self.config.get('csp.frame_sources'): +if g.csp_r
[allura] branch db/8473 created (now 8885ed3b0)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/8473 in repository https://gitbox.apache.org/repos/asf/allura.git at 8885ed3b0 [#8473] use jinja tojson instead of our own This branch includes the following new commits: new 8885ed3b0 [#8473] use jinja tojson instead of our own The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] 01/01: [#8473] use jinja tojson instead of our own
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8473 in repository https://gitbox.apache.org/repos/asf/allura.git commit 8885ed3b0ac72f6055d14a9c72d41e1ed0a1cc00 Author: Dave Brondsema AuthorDate: Tue Oct 11 15:07:04 2022 -0400 [#8473] use jinja tojson instead of our own --- Allura/allura/ext/admin/templates/project_admin.html | 2 +- Allura/allura/ext/admin/templates/project_install_tool.html | 2 +- Allura/allura/lib/helpers.py | 8 +--- Allura/allura/templates/jinja_master/top_nav.html | 2 +- Allura/allura/templates_responsive/jinja_master/top_nav.html | 2 +- Allura/allura/tests/test_helpers.py | 2 +- .../templates/tracker_widgets/ticket_search_results.html | 2 +- 7 files changed, 11 insertions(+), 9 deletions(-) diff --git a/Allura/allura/ext/admin/templates/project_admin.html b/Allura/allura/ext/admin/templates/project_admin.html index 3633fc883..fafdc2628 100644 --- a/Allura/allura/ext/admin/templates/project_admin.html +++ b/Allura/allura/ext/admin/templates/project_admin.html @@ -121,7 +121,7 @@ {% block extra_js %} $(function() { -var tour = {{ h.escape_json(tour)|safe }}; +var tour = {{ tour|tojson }}; tour.onError = function() { var step = hopscotch.getCurrStepNum(); console.warn('Error on tour step #', step, tour.steps[step]); diff --git a/Allura/allura/ext/admin/templates/project_install_tool.html b/Allura/allura/ext/admin/templates/project_install_tool.html index b3e577d7f..556471e40 100644 --- a/Allura/allura/ext/admin/templates/project_install_tool.html +++ b/Allura/allura/ext/admin/templates/project_install_tool.html @@ -79,7 +79,7 @@ <script> -var _existingMountPoints = {{ h.escape_json(existing_mount_points)|safe }}; +var _existingMountPoints = {{ existing_mount_points|tojson }}; $('#admin_modal_title').hide(); var mount_point = $('#id_url_input'); diff --git a/Allura/allura/lib/helpers.py b/Allura/allura/lib/helpers.py index 77523e856..2efce7911 100644 --- a/Allura/allura/lib/helpers.py +++ b/Allura/allura/lib/helpers.py @@ -58,7 +58,7 @@ from formencode.variabledecode import variable_decode import formencode from markupsafe import Markup from jinja2.filters import escape, do_filesizeformat -from jinja2.utils import pass_context +from jinja2.utils import pass_context, htmlsafe_json_dumps from paste.deploy.converters import asbool, aslist, asint from webhelpers2 import date, text from webob.exc import HTTPUnauthorized @@ -153,8 +153,10 @@ def make_safe_path_portion(ustr, relaxed=True): return s -def escape_json(data): -return json.dumps(data).replace('<', '\\u003C') +def escape_json(data) -> str: +# Templates should use `|tojson` instead of this +return str(htmlsafe_json_dumps(data)) # str() to keep previous behavior of being str, not MarkupSafe + def querystring(request, url_params): """ diff --git a/Allura/allura/templates/jinja_master/top_nav.html b/Allura/allura/templates/jinja_master/top_nav.html index 980f4ef36..53923c1d5 100644 --- a/Allura/allura/templates/jinja_master/top_nav.html +++ b/Allura/allura/templates/jinja_master/top_nav.html @@ -53,7 +53,7 @@ <script> 'use strict'; /*global ReactDOM, React, Main, ToggleAddNewTool */ -var _data = {{ h.escape_json(c.project.nav_data(admin_options=True, navbar_entries=navbar_entries))|safe }}; +var _data = {{ c.project.nav_data(admin_options=True, navbar_entries=navbar_entries)|tojson }}; $(document).ready(function () { $('#toggle-admin-btn').click(function () { if (typeof Main === 'undefined') { diff --git a/Allura/allura/templates_responsive/jinja_master/top_nav.html b/Allura/allura/templates_responsive/jinja_master/top_nav.html index 0627272c2..36e2f21ae 100644 --- a/Allura/allura/templates_responsive/jinja_master/top_nav.html +++ b/Allura/allura/templates_responsive/jinja_master/top_nav.html @@ -53,7 +53,7 @@ <script> 'use strict'; /*global ReactDOM, React, Main, ToggleAddNewTool */ -var _data = {{ h.escape_json(c.project.nav_data(admin_options=True, navbar_entries=navbar_entries))|safe }}; +var _data = {{ c.project.nav_data(admin_options=True, navbar_entries=navbar_entries)|tojson }}; $(document).ready(function () { $('#toggle-admin-btn').click(function () { if (typeof Main === 'undefined') { diff --git a/Allura/allura/tests/test_helpers.py b/Allura/allura/tests/test_helpers.py index 650ba023f..16408b5d6 100644 --- a/Allura/allura/tests/test_helpers.py +++ b/Allura/allura/tests/test_helpers.py @@ -78,7 +78,7 @@ class TestMakeSafePathPortion(TestCase): def test_escape_json(): inputdata = {"foo": "bar"} -outputsample =
[allura-site] branch asf-site updated: rebuild output
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/allura-site.git The following commit(s) were added to refs/heads/asf-site by this push: new cba05aa rebuild output cba05aa is described below commit cba05aa060fe168e899e3bd8936704cff16b8b15 Author: Dave Brondsema AuthorDate: Thu Oct 6 12:56:32 2022 -0400 rebuild output --- download.html| 14 +++--- index.html | 12 ++-- news.html| 2 +- posts/2015-allura-1.3.1-release.html | 2 +- posts/2015-allura-1.3.2.html | 2 +- posts/2015-cors.html | 2 +- posts/2015-markdown-editor.html | 2 +- posts/2015-rest-api-docs.html| 2 +- posts/2015-updated-icons.html| 2 +- posts/2016-admin-toolbar.html| 2 +- posts/2016-allura-1.4.0.html | 2 +- posts/2016-allura-1.5.0.html | 2 +- posts/2016-allura-1.6.0.html | 2 +- posts/2016-gsoc-16.html | 2 +- posts/2016-two-factor-auth.html | 2 +- posts/2017-allura-1.7.0.html | 2 +- posts/2018-allura-1.10.0.html| 2 +- posts/2018-allura-1.8.0.html | 2 +- posts/2018-allura-1.8.1.html | 2 +- posts/2018-allura-1.9.0.html | 2 +- posts/2019-allura-1.11.0.html| 2 +- posts/2019-allura-1.11.1.html| 2 +- posts/2019-allura-1.12.0.html| 2 +- posts/2021-allura-1.13.0.html| 2 +- posts/2022-allura-1.14.0.html| 2 +- tag/feature.html | 2 +- tag/gsoc.html| 2 +- tag/release.html | 2 +- 28 files changed, 39 insertions(+), 39 deletions(-) diff --git a/download.html b/download.html index 5e8a912..fae7433 100644 --- a/download.html +++ b/download.html @@ -81,7 +81,7 @@ See the Allura homepage for latest news, instructions, and project information. - http://archive.apache.org/dist/allura/;>Archive of older releases + https://archive.apache.org/dist/allura/;>Archive of older releases @@ -110,24 +110,24 @@ -http://www.apache.org/licenses/;>License +https://www.apache.org/licenses/;>License -http://www.apache.org/foundation/sponsorship.html;>Sponsorship +https://www.apache.org/foundation/sponsorship.html;>Sponsorship -http://www.apache.org/foundation/thanks.html;>Thanks +https://www.apache.org/foundation/thanks.html;>Thanks -http://www.apache.org/security/;>Security +https://www.apache.org/security/;>Security -http://www.apache.org/;>Apacheâ„¢ +https://www.apache.org/;>Apacheâ„¢ @@ -150,7 +150,7 @@ http://willleonard.org Site design: Perry Merrity - http://perrymerrity.com/ + https://perrymerrity.com/ bg-header-forge.jpg Photo by: Stefan Schmitz diff --git a/index.html b/index.html index 71e1a43..ae1155c 100644 --- a/index.html +++ b/index.html @@ -171,24 +171,24 @@ -http://www.apache.org/licenses/;>License +https://www.apache.org/licenses/;>License -http://www.apache.org/foundation/sponsorship.html;>Sponsorship +https://www.apache.org/foundation/sponsorship.html;>Sponsorship -http://www.apache.org/foundation/thanks.html;>Thanks +https://www.apache.org/foundation/thanks.html;>Thanks -http://www.apache.org/security/;>Security +https://www.apache.org/security/;>Security -http://www.apache.org/;>Apacheâ„¢ +https://www.apache.org/;>Apacheâ„¢ @@ -211,7 +211,7 @@ http://willleonard.org Site design: Perry Merrity - http://perrymerrity.com/ + https://perrymerrity.com/ bg-header-forge.jpg Photo by: Stefan Schmitz diff --git a/news.html b/news.html index 61d2565..65e48b0 100644 --- a/news.html +++ b/news.html @@ -316,7 +316,7 @@ http://willleonard.org Site design: Perry Merrity - http://perrymerrity.com/ + https://perrymerrity.com/ bg-header-forge.jpg Photo by: Stefan Schmitz diff --git a/posts/2015-allura-1.3.1-release.html b/posts/2015-allura-1.3.1-release.html index 2e87ebf..4369dc3 100644 --- a/posts/2015-allura-1.3.1-release.html +++ b/posts/2015-allura-1.3.1-release.html @@ -102,7 +102,7 @@ new features are: http://willleonard.org Site design: Perry Merrity - http://perrymerrity.com/ + https://p
[allura-site] branch asf-site updated: Update some links to https
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/allura-site.git The following commit(s) were added to refs/heads/asf-site by this push: new 04ec771 Update some links to https new a263e46 Merge pull request #2 from raboof/https 04ec771 is described below commit 04ec77152d7b8158813cd7dd05877356bd4c51c6 Author: Arnout Engelen AuthorDate: Wed Oct 5 17:00:43 2022 +0200 Update some links to https --- _src/allura-theme/templates/base.html | 2 +- _src/allura-theme/templates/download.html | 12 ++-- _src/allura-theme/templates/index.html| 10 +- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/_src/allura-theme/templates/base.html b/_src/allura-theme/templates/base.html index 0cddd16..2568ca4 100644 --- a/_src/allura-theme/templates/base.html +++ b/_src/allura-theme/templates/base.html @@ -75,7 +75,7 @@ http://willleonard.org Site design: Perry Merrity - http://perrymerrity.com/ + https://perrymerrity.com/ bg-header-forge.jpg Photo by: Stefan Schmitz diff --git a/_src/allura-theme/templates/download.html b/_src/allura-theme/templates/download.html index 4977d08..4b7213a 100644 --- a/_src/allura-theme/templates/download.html +++ b/_src/allura-theme/templates/download.html @@ -41,7 +41,7 @@ See the Allura homepage for latest news, instructions, and project information. - http://archive.apache.org/dist/allura/;>Archive of older releases + https://archive.apache.org/dist/allura/;>Archive of older releases @@ -70,24 +70,24 @@ -http://www.apache.org/licenses/;>License +https://www.apache.org/licenses/;>License -http://www.apache.org/foundation/sponsorship.html;>Sponsorship +https://www.apache.org/foundation/sponsorship.html;>Sponsorship -http://www.apache.org/foundation/thanks.html;>Thanks +https://www.apache.org/foundation/thanks.html;>Thanks -http://www.apache.org/security/;>Security +https://www.apache.org/security/;>Security -http://www.apache.org/;>Apacheâ„¢ +https://www.apache.org/;>Apacheâ„¢ diff --git a/_src/allura-theme/templates/index.html b/_src/allura-theme/templates/index.html index 33f8782..540ffc2 100644 --- a/_src/allura-theme/templates/index.html +++ b/_src/allura-theme/templates/index.html @@ -132,24 +132,24 @@ -http://www.apache.org/licenses/;>License +https://www.apache.org/licenses/;>License -http://www.apache.org/foundation/sponsorship.html;>Sponsorship +https://www.apache.org/foundation/sponsorship.html;>Sponsorship -http://www.apache.org/foundation/thanks.html;>Thanks +https://www.apache.org/foundation/thanks.html;>Thanks -http://www.apache.org/security/;>Security +https://www.apache.org/security/;>Security -http://www.apache.org/;>Apacheâ„¢ +https://www.apache.org/;>Apacheâ„¢
[allura] branch master updated: [#8472] update on how query is constructed, since mongo cares about dict order, but we don't here
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 6e686f31a [#8472] update on how query is constructed, since mongo cares about dict order, but we don't here 6e686f31a is described below commit 6e686f31a2a58dd9b7688a3edc33f562c341cf71 Author: Guillermo Cruz AuthorDate: Wed Oct 5 16:32:59 2022 -0600 [#8472] update on how query is constructed, since mongo cares about dict order, but we don't here --- ForgeActivity/forgeactivity/main.py | 34 +++--- 1 file changed, 11 insertions(+), 23 deletions(-) diff --git a/ForgeActivity/forgeactivity/main.py b/ForgeActivity/forgeactivity/main.py index f6f927383..30a2bdd41 100644 --- a/ForgeActivity/forgeactivity/main.py +++ b/ForgeActivity/forgeactivity/main.py @@ -42,6 +42,8 @@ from allura.lib import helpers as h from allura.lib.decorators import require_post from allura.lib.widgets.form_fields import PageList from allura.ext.user_profile import ProfileSectionBase +from formencode.variabledecode import variable_encode + from .widgets.follow import FollowToggle import re @@ -257,32 +259,18 @@ class ForgeActivityController(BaseController): # but only within a small time window, so we can do efficient searching activity_ts = activity._id.generation_time time_window = timedelta(hours=1) -log.info(f"Time Window - {time_window} Activity TS {activity_ts}") -log.info(f"plus 1 hr {activity_ts + time_window}") -log.info(f"minus 1 hr {activity_ts - time_window}") -all_copies = Activity.query.find({ -'_id': { -'$gt': ObjectId.from_datetime(activity_ts - time_window), -'$lt': ObjectId.from_datetime(activity_ts + time_window), -}, -'obj': activity.obj, -'target': activity.target, -'actor': activity.actor, -'verb': activity.verb, -'tags': activity.tags, -}).all() -log.info("Delete Activity Query") -log.info({ +query = { '_id': { '$gt': ObjectId.from_datetime(activity_ts - time_window), '$lt': ObjectId.from_datetime(activity_ts + time_window), -}, -'obj': activity.obj, -'target': activity.target, -'actor': activity.actor, -'verb': activity.verb, -'tags': activity.tags, -}) +} +} +query.update(variable_encode(activity.obj, prepend='obj')) +query.update(variable_encode(activity.target, prepend='target')) +query.update(variable_encode(activity.actor, prepend='actor')) +query.update(verb=activity.verb) +query.update(tags=activity.tags) +all_copies = Activity.query.find(query).all() log.info('Deleting %s copies of activity record: %s %s %s', len(all_copies), activity.actor.activity_url, activity.verb, activity.obj.activity_url) for activity in all_copies:
[allura] branch master updated (f0a4fe461 -> 27e1314ef)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/allura.git from f0a4fe461 [#8471] wiki noindex: cleanup, tests, and check for comments now add 27e1314ef [#8472] added extra debug info to find out why the query is returning zero results No new revisions were added by this update. Summary of changes: ForgeActivity/forgeactivity/main.py | 15 +++ 1 file changed, 15 insertions(+)
[allura] branch master updated: noindex,follow for ticket milestone pages
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 108f8e409 noindex,follow for ticket milestone pages 108f8e409 is described below commit 108f8e4094aab6f7d205bf753a2bce84cb5fff54 Author: Dave Brondsema AuthorDate: Wed Sep 28 11:06:04 2022 -0400 noindex,follow for ticket milestone pages --- ForgeTracker/forgetracker/templates/tracker/milestone.html | 1 + 1 file changed, 1 insertion(+) diff --git a/ForgeTracker/forgetracker/templates/tracker/milestone.html b/ForgeTracker/forgetracker/templates/tracker/milestone.html index 0bdca6b61..ad012915a 100644 --- a/ForgeTracker/forgetracker/templates/tracker/milestone.html +++ b/ForgeTracker/forgetracker/templates/tracker/milestone.html @@ -25,6 +25,7 @@ {% block header %}{{field.label}} {{milestone.name}}{% endblock %} {% block head %} + {{ lib.canonical_tag(page) }} {{ lib.pagination_meta_tags(request, page, count, limit) }} {% endblock %}
[allura] branch db/8471 created (now 710699b5f)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/8471 in repository https://gitbox.apache.org/repos/asf/allura.git at 710699b5f [#8471] wiki noindex: cleanup, tests, and check for comments now This branch includes the following new commits: new 710699b5f [#8471] wiki noindex: cleanup, tests, and check for comments now The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] 01/01: [#8471] wiki noindex: cleanup, tests, and check for comments now
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8471 in repository https://gitbox.apache.org/repos/asf/allura.git commit 710699b5f74aeea0182de461a51f969136b6cf50 Author: Dave Brondsema AuthorDate: Tue Sep 27 11:32:18 2022 -0400 [#8471] wiki noindex: cleanup, tests, and check for comments now --- Allura/allura/model/discuss.py| 6 ++ ForgeWiki/forgewiki/tests/test_app.py | 23 ++- ForgeWiki/forgewiki/wiki_main.py | 20 +--- 3 files changed, 37 insertions(+), 12 deletions(-) diff --git a/Allura/allura/model/discuss.py b/Allura/allura/model/discuss.py index a91ea93d7..49e0e4686 100644 --- a/Allura/allura/model/discuss.py +++ b/Allura/allura/model/discuss.py @@ -435,10 +435,8 @@ class Thread(Artifact, ActivityObject): q = q.limit(limit) return q -def find_posts(self, page=None, limit=None, timestamp=None, - style='threaded'): -return self.query_posts(page=page, limit=limit, -timestamp=timestamp, style=style).all() +def find_posts(self, *args, **kwargs): +return self.query_posts(*args, **kwargs).all() def url(self): # Can't use self.discussion because it might change during the req diff --git a/ForgeWiki/forgewiki/tests/test_app.py b/ForgeWiki/forgewiki/tests/test_app.py index 86ad91743..580423939 100644 --- a/ForgeWiki/forgewiki/tests/test_app.py +++ b/ForgeWiki/forgewiki/tests/test_app.py @@ -30,6 +30,7 @@ from allura import model as M from allura.tests import decorators as td from alluratest.controller import setup_basic_test, setup_global_objects from forgewiki import model as WM +from forgewiki.wiki_main import ForgeWikiApp class TestBulkExport: @@ -134,7 +135,7 @@ class TestApp: @td.with_wiki def setup_with_tools(self): self.project = M.Project.query.get(shortname='test') -self.wiki = self.project.app_instance('wiki') +self.wiki: ForgeWikiApp = self.project.app_instance('wiki') page = WM.Page.upsert('A New Hope') page.text = 'Star Wars Episode IV: A New Hope' page.mod_date = datetime.datetime(2013, 7, 5) @@ -166,3 +167,23 @@ class TestApp: # c.app.uninstall(c.project) errors out, but works ok in test_uninstall for repo tools. So instead: c.project.uninstall_app('wiki') assert not WM.Page.query.get(title='A New Hope') + +def test_should_noindex_page(self): +assert not self.wiki.should_noindex_page(None) + +assert not self.wiki.should_noindex_page(WM.Page.query.get(title='A New Hope')) + +home_page = WM.Page.query.get(title='Home') +assert self.wiki.should_noindex_page(home_page) + +home_page.text = 'changed' +home_page.commit() +assert not self.wiki.should_noindex_page(home_page) + +page_default_text = WM.Page.upsert('old_default') +page_default_text.text = 'You can edit this description' +page_default_text.commit() +assert self.wiki.should_noindex_page(page_default_text) + +page_default_text.discussion_thread.add_post(text='test comment') +assert not self.wiki.should_noindex_page(page_default_text) diff --git a/ForgeWiki/forgewiki/wiki_main.py b/ForgeWiki/forgewiki/wiki_main.py index 12306b292..7f95921d6 100644 --- a/ForgeWiki/forgewiki/wiki_main.py +++ b/ForgeWiki/forgewiki/wiki_main.py @@ -238,14 +238,20 @@ The wiki uses [Markdown](%s) syntax. return [ SitemapEntry(menu_id, '.')[SitemapEntry('Pages')[pages]]] -def should_noindex_page(self, page): +def should_noindex_page(self, page: WM.Page) -> bool: """Checks whether a page should not be indexed.""" -# If page has default name (i.e. 'Home') and has not been edited, noindex. -res = page and page['title'] == self.default_root_page_name and page['version'] == 1 -if not res: -if page and page['text'] in ('You can edit this description', ): -res = True -return res +if not page: +# this shouldn't happen; just a safeguard for using `page` below +return False +elif (page['title'] == self.default_root_page_name and page['version'] == 1) \ +or page['text'] in ('You can edit this description', ): +# If page has default name (i.e. 'Home') and has not been edited, noindex. +# or old default text +# but not if comments are visible +visible_comments = page.discussion_thread.find_posts(status='ok', limit=1) +return not visible_comments +else: +return False def create_common_wiki_menu(self, has_create_access, admin_menu=False): links = []
[allura] branch master updated: [#8469] added missing canonical tags to user profile, discussion, blog, list and tickets
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 897e23408 [#8469] added missing canonical tags to user profile, discussion, blog, list and tickets 897e23408 is described below commit 897e234088997f1f07df593c9b70fd365290b828 Author: Guillermo Cruz AuthorDate: Thu Sep 22 15:05:33 2022 -0600 [#8469] added missing canonical tags to user profile, discussion, blog, list and tickets --- Allura/allura/ext/user_profile/templates/user_index.html | 13 +++-- Allura/allura/templates/jinja_master/lib.html | 15 +-- Allura/allura/templates/tool_list.html| 6 -- ForgeBlog/forgeblog/templates/blog/post.html | 5 + .../forgediscussion/templates/discussionforums/index.html | 7 --- ForgeTracker/forgetracker/templates/tracker/ticket.html | 10 ++ ForgeWiki/forgewiki/templates/wiki/browse_tags.html | 5 +++-- 7 files changed, 38 insertions(+), 23 deletions(-) diff --git a/Allura/allura/ext/user_profile/templates/user_index.html b/Allura/allura/ext/user_profile/templates/user_index.html index 6d9b238c3..feace956b 100644 --- a/Allura/allura/ext/user_profile/templates/user_index.html +++ b/Allura/allura/ext/user_profile/templates/user_index.html @@ -18,18 +18,19 @@ -#} {% set hide_left_bar = True %} {% extends g.theme.master %} - +{% from 'allura:templates/jinja_master/lib.html' import canonical_tag %} {% block title %}{{user.username}} / Profile{% endblock %} {% block header %}{{ user.display_name|default(user.username) }}{% endblock %} -{% block head %} +{%- block head -%} {% if noindex %} - + {% endif %} - - -{% endblock %} + + +{{ canonical_tag() }} +{%- endblock -%} {% block actions %} {{ g.icons['feed'].render(href=c.app.url + 'feed.rss', title='Follow', rel='nofollow') }} diff --git a/Allura/allura/templates/jinja_master/lib.html b/Allura/allura/templates/jinja_master/lib.html index 91b4d3e80..1a47884e2 100644 --- a/Allura/allura/templates/jinja_master/lib.html +++ b/Allura/allura/templates/jinja_master/lib.html @@ -884,13 +884,16 @@ This page is based on some examples from Greg Schueler, mailto:greg@var {%- endmacro %} {% macro canonical_tag(page=None) %} -{# in case is inherithed from a child template and has no access to a page value #} -{% set page = request.GET['page'] if not page and 'page=' in request.query_string else page %} -{% if page == '0' %} - +{% if not page and not 'page=' in request.query_string %} + {% else %} - - +{# in case is inherithed from a child template and has no access to a page value #} +{% set page = request.GET['page'] if not page and 'page=' in request.query_string else page %} +{% if page == '0' %} + +{% else %} + +{% endif %} {% endif %} {% endmacro %} diff --git a/Allura/allura/templates/tool_list.html b/Allura/allura/templates/tool_list.html index 499c532af..60cfa4421 100644 --- a/Allura/allura/templates/tool_list.html +++ b/Allura/allura/templates/tool_list.html @@ -18,9 +18,11 @@ -#} {% set hide_left_bar = True %} {% extends g.theme.master %} -{% block head %} +{% from 'allura:templates/jinja_master/lib.html' import canonical_tag %} +{%- block head -%} -{% endblock %} +{{ canonical_tag() }} +{%- endblock -%} {% block title %}{{c.project.name}} / {{type}} tools{% endblock %} diff --git a/ForgeBlog/forgeblog/templates/blog/post.html b/ForgeBlog/forgeblog/templates/blog/post.html index 0b1ff6497..dacb8c1dd 100644 --- a/ForgeBlog/forgeblog/templates/blog/post.html +++ b/ForgeBlog/forgeblog/templates/blog/post.html @@ -17,6 +17,11 @@ under the License. -#} {% extends g.theme.master %} +{% from 'allura:templates/jinja_master/lib.html' import canonical_tag %} + +{%- block head -%} +{{ canonical_tag() }} +{%- endblock -%} {% block title %}{{c.project.name}} / {{c.app.config.options.mount_label}}: {{post.title}}{% endblock %} diff --git a/ForgeDiscussion/forgediscussion/templates/discussionforums/index.html b/ForgeDiscussion/forgediscussion/templates/discussionforums/index.html index 1db6d49f4..74b052111 100644 --- a/ForgeDiscussion/forgediscussion/templates/discussionforums/index.html +++ b/ForgeDiscussion/forgediscussion/templates/discussionforums/index.html @@ -17,15 +17,16 @@ under the License. -#} {% extends g.theme.master %} -{% import 'allura:templates/jinja_master/lib.html' as lib with context %} +{% from 'allura:templates/jinja_master/lib.html' import canonical_tag %} {% block title %}{{c.project.name}} / {{c.app.config.options.mount_label}}{% endblock %} -{% block head %} +{%- block head -%} {% if noindex
svn commit: r56966 - in /release/allura: allura-1.13.0.tar.gz allura-1.13.0.tar.gz.asc allura-1.13.0.tar.gz.sha512
Author: brondsem Date: Fri Sep 23 21:05:29 2022 New Revision: 56966 Log: Remove allura 1.13.0 release Removed: release/allura/allura-1.13.0.tar.gz release/allura/allura-1.13.0.tar.gz.asc release/allura/allura-1.13.0.tar.gz.sha512
[allura-site] 01/04: .asf.yaml for website publishing
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/allura-site.git commit 4fff7e04c40cdaba8fb0d55034caa9b838aa28d0 Author: Dave Brondsema AuthorDate: Fri Sep 23 15:03:27 2022 -0400 .asf.yaml for website publishing --- .asf.yaml | 10 ++ 1 file changed, 10 insertions(+) diff --git a/.asf.yaml b/.asf.yaml new file mode 100644 index 000..ceda472 --- /dev/null +++ b/.asf.yaml @@ -0,0 +1,10 @@ +# https://cwiki.apache.org/confluence/display/INFRA/git+-+.asf.yaml+features#Git.asf.yamlfeatures-WebsitedeploymentserviceforGitrepositories + +# TODO: use automatic Pelican building? https://cwiki.apache.org/confluence/display/INFRA/Git+-+.asf.yaml+features#Git.asf.yamlfeatures-PelicanCMS + +publish: + whoami: asf-site + +# https://allura.staged.apache.org/ +# staging: +# whoami: asf-staging
[allura-site] 03/04: rebuild: update copyright year
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/allura-site.git commit d8bd71cda3a85a88a543a71f10cd70592de0a820 Author: Dave Brondsema AuthorDate: Fri Sep 23 15:04:23 2022 -0400 rebuild: update copyright year --- download.html| 2 +- index.html | 2 +- news.html| 2 +- posts/2015-allura-1.3.1-release.html | 2 +- posts/2015-allura-1.3.2.html | 2 +- posts/2015-cors.html | 2 +- posts/2015-markdown-editor.html | 2 +- posts/2015-rest-api-docs.html| 2 +- posts/2015-updated-icons.html| 2 +- posts/2016-admin-toolbar.html| 2 +- posts/2016-allura-1.4.0.html | 2 +- posts/2016-allura-1.5.0.html | 2 +- posts/2016-allura-1.6.0.html | 2 +- posts/2016-gsoc-16.html | 2 +- posts/2016-two-factor-auth.html | 2 +- posts/2017-allura-1.7.0.html | 2 +- posts/2018-allura-1.10.0.html| 2 +- posts/2018-allura-1.8.0.html | 2 +- posts/2018-allura-1.8.1.html | 2 +- posts/2018-allura-1.9.0.html | 2 +- posts/2019-allura-1.11.0.html| 2 +- posts/2019-allura-1.11.1.html| 2 +- posts/2019-allura-1.12.0.html| 2 +- posts/2021-allura-1.13.0.html| 2 +- tag/feature.html | 2 +- tag/gsoc.html| 2 +- tag/release.html | 2 +- 27 files changed, 27 insertions(+), 27 deletions(-) diff --git a/download.html b/download.html index 038428b..e64b218 100644 --- a/download.html +++ b/download.html @@ -135,7 +135,7 @@ -Copyright © 2021 The Apache Software Foundation, Licensed under +Copyright © 2022 The Apache Software Foundation, Licensed under http://www.apache.org/licenses/LICENSE-2.0.html;>the Apache License, Version 2.0. Apache, Allura, Apache Allura, and the Apache feather logo are trademarks of The Apache Software Foundation. diff --git a/index.html b/index.html index 988ce67..87be56f 100644 --- a/index.html +++ b/index.html @@ -196,7 +196,7 @@ -Copyright © 2021 The Apache Software Foundation, Licensed under +Copyright © 2022 The Apache Software Foundation, Licensed under http://www.apache.org/licenses/LICENSE-2.0.html;>the Apache License, Version 2.0. Apache, Allura, Apache Allura, and the Apache feather logo are trademarks of The Apache Software Foundation. diff --git a/news.html b/news.html index 426e31e..44b7e0a 100644 --- a/news.html +++ b/news.html @@ -290,7 +290,7 @@ -Copyright © 2021 The Apache Software Foundation, Licensed under +Copyright © 2022 The Apache Software Foundation, Licensed under http://www.apache.org/licenses/LICENSE-2.0.html;>the Apache License, Version 2.0. Apache, Allura, Apache Allura, and the Apache feather logo are trademarks of The Apache Software Foundation. diff --git a/posts/2015-allura-1.3.1-release.html b/posts/2015-allura-1.3.1-release.html index 9cfb97a..2e87ebf 100644 --- a/posts/2015-allura-1.3.1-release.html +++ b/posts/2015-allura-1.3.1-release.html @@ -86,7 +86,7 @@ new features are: -Copyright © 2021 The Apache Software Foundation, Licensed under +Copyright © 2022 The Apache Software Foundation, Licensed under http://www.apache.org/licenses/LICENSE-2.0.html;>the Apache License, Version 2.0. Apache, Allura, Apache Allura, and the Apache feather logo are trademarks of The Apache Software Foundation. diff --git a/posts/2015-allura-1.3.2.html b/posts/2015-allura-1.3.2.html index 83d03a8..78d37ab 100644 --- a/posts/2015-allura-1.3.2.html +++ b/posts/2015-allura-1.3.2.html @@ -90,7 +90,7 @@ new features are: -Copyright © 2021 The Apache Software Foundation, Licensed under +Copyright © 2022 The Apache Software Foundation, Licensed under http://www.apache.org/licenses/LICENSE-2.0.html;>the Apache License, Version 2.0. Apache, Allura, Apache Allura, and the Apache feather logo are trademarks of The Apache Software Foundation. diff --git a/posts/2015-cors.html b/posts/2015-cors.html index ff3a743..006c8af 100644 --- a/posts/2015-cors.html +++ b/posts/2015-cors.html @@ -83,7 +83,7 @@ cookies cannot be used - so nobody could be tricked into doing something acciden -Copyright © 2021 The Apache Software Foundation, Licensed under +Copyright © 2022 The Apache Software Foundation, Licensed under http://www.apache.org/licenses/LICENSE-2.0.html;>the Apache License, Version 2.0. Apache, Allura, Apache Allura, and the Apache feather logo are trademarks of The Apache So
[allura-site] 02/04: README updates
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/allura-site.git commit 106a4a9f48c74eeecf4ee7ae900aa5e469a94337 Author: Dave Brondsema AuthorDate: Fri Sep 23 15:03:43 2022 -0400 README updates --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index b4bd91b..45aad26 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,8 @@ Generated content is placed under root directory. # Bootstrapping pelican -~$ virtualenv allura-site +~$ python -m venv ../allura-site-venv +~$ source ../allura-site-venv/bin/activate ~$ pip install pelican markdown # Working on site
[allura-site] 04/04: allura 1.14.0
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch asf-site in repository https://gitbox.apache.org/repos/asf/allura-site.git commit c6d7a3d0d7f7706ad76611c5143b968ac89bf48c Author: Dave Brondsema AuthorDate: Fri Sep 23 15:15:43 2022 -0400 allura 1.14.0 --- _src/content/2022-allura-1.14.0.md | 39 _src/pelicanconf.py| 6 +- download.html | 8 +- feeds/all.atom.xml | 22 - feeds/tag.release.atom.xml | 22 - index.html | 8 +- news.html | 11 +++ download.html => posts/2022-allura-1.14.0.html | 121 + tag/release.html | 11 +++ 9 files changed, 156 insertions(+), 92 deletions(-) diff --git a/_src/content/2022-allura-1.14.0.md b/_src/content/2022-allura-1.14.0.md new file mode 100644 index 000..d96f7fc --- /dev/null +++ b/_src/content/2022-allura-1.14.0.md @@ -0,0 +1,39 @@ +Title: Apache Allura 1.14.0 released +Date: 2022-09-23 +Tags: release +Slug: allura-1.14.0 +Summary: Version 1.14.0 of Allura released + + What's New? + +Apache Allura 1.14.0 has been released, after a long time since 1.13.0. It includes a new app/tool, SEO improvements +and a huge list of small fixes and improvements. The highlights are: + + * Added ForgeFiles app for uploading and managing file releases. + * Many SEO improvements related to links, redirects, canonical and noindex tags. + +For full details of all the changes and fixes, see the [release notes](https://forge-allura.apache.org/p/allura/git/ci/master/tree/CHANGES). + + Only Python 3.7 supported + +This release drops support for Python 2.7 and 3.6, and only supports Python 3.7. + + Upgrade Instructions + +To install updated dependencies, run: `pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed` + +Run: `./rebuild-all.bash` to get new ForgeFiles app available + +Run: `paster ensure_index development.ini` in Allura dir + +If switching from Python 3.6 to 3.7, you will need to make a completely new python virtual environment, +and run `pip install ...` in it, and then use it to run Allura. If you're still on Python 2, you probably should upgrade +to the previous release 1.13.0 first, following its upgrade instructions, and then switch to Python 3 before doing the 1.14.0 upgrade. + +If using docker, rebuild the allura image and restart containers. + +Feel free to ask any questions on the [dev mailing list](https://lists.apache.org/list.html?d...@allura.apache.org). + + Get 1.14.0 + +[Download Allura](//allura.apache.org/download.html) and [install it](https://forge-allura.apache.org/docs/getting_started/installation.html) today. diff --git a/_src/pelicanconf.py b/_src/pelicanconf.py index 772632a..577e3f9 100644 --- a/_src/pelicanconf.py +++ b/_src/pelicanconf.py @@ -45,9 +45,9 @@ TAG_FEED_ATOM = 'feeds/tag.{slug}.atom.xml' CURRENT_YEAR = dt.date.today().year -RELEASE_VERSION = '1.13.0' -RELEASE_DATE = 'May 2021' -RELEASE_NEWS = 'posts/2021-allura-1.13.0.html' +RELEASE_VERSION = '1.14.0' +RELEASE_DATE = 'Sep 2022' +RELEASE_NEWS = 'posts/2022-allura-1.14.0.html' DIST_URL = 'https://downloads.apache.org/allura/' FORGE_ALLURA_URL = 'https://forge-allura.apache.org/' diff --git a/download.html b/download.html index e64b218..5e8a912 100644 --- a/download.html +++ b/download.html @@ -54,15 +54,15 @@ -https://www.apache.org/dyn/closer.cgi/allura/allura-1.13.0.tar.gz;>Download Allura v1.13.0. This is the latest release of Apache Allura, released May 2021. - Read what's new. +https://www.apache.org/dyn/closer.cgi/allura/allura-1.14.0.tar.gz;>Download Allura v1.14.0. This is the latest release of Apache Allura, released Sep 2022. + Read what's new. Verify the download: -https://downloads.apache.org/allura/allura-1.13.0.tar.gz.sha512;>SHA-512 checksum -PGP https://downloads.apache.org/allura/allura-1.13.0.tar.gz.asc;>signature & https://downloads.apache.org/allura/KEYS;>keys +https://downloads.apache.org/allura/allura-1.14.0.tar.gz.sha512;>SHA-512 checksum +PGP https://downloads.apache.org/allura/allura-1.14.0.tar.gz.asc;>signature & https://downloads.apache.org/allura/KEYS;>keys https://www.apache.org/info/verification.html;>Instructions for how to verify a download using these files. diff --git a/feeds/all.atom.xml b/feeds/all.atom.xml index 1817586..be8d0ba 100644 --- a/feeds/all.atom.xml +++ b/feeds/all.atom.xml @@ -1,5 +1,25 @@ -http://www.w3.org/2005/Atom;>Apache Allura//allura.apache.org/2021-05-17T00:00:00+00:00Apach
[allura-site] branch asf-site updated (822bffc -> c6d7a3d)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch asf-site in repository https://gitbox.apache.org/repos/asf/allura-site.git from 822bffc Change link to download.html template to work in newer versions of pelican (couldn't figure out a variable that worked, so hardcoded it) new 4fff7e0 .asf.yaml for website publishing new 106a4a9 README updates new d8bd71c rebuild: update copyright year new c6d7a3d allura 1.14.0 The 4 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .asf.yaml | 10 ++ README.md | 3 +- _src/content/2022-allura-1.14.0.md | 39 _src/pelicanconf.py| 6 ++-- download.html | 10 +++--- feeds/all.atom.xml | 22 +++- feeds/tag.release.atom.xml | 22 +++- index.html | 10 +++--- news.html | 13 ++- posts/2015-allura-1.3.1-release.html | 2 +- posts/2015-allura-1.3.2.html | 2 +- posts/2015-cors.html | 2 +- posts/2015-markdown-editor.html| 2 +- posts/2015-rest-api-docs.html | 2 +- posts/2015-updated-icons.html | 2 +- posts/2016-admin-toolbar.html | 2 +- posts/2016-allura-1.4.0.html | 2 +- posts/2016-allura-1.5.0.html | 2 +- posts/2016-allura-1.6.0.html | 2 +- posts/2016-gsoc-16.html| 2 +- posts/2016-two-factor-auth.html| 2 +- posts/2017-allura-1.7.0.html | 2 +- posts/2018-allura-1.10.0.html | 2 +- posts/2018-allura-1.8.0.html | 2 +- posts/2018-allura-1.8.1.html | 2 +- posts/2018-allura-1.9.0.html | 2 +- posts/2019-allura-1.11.0.html | 2 +- posts/2019-allura-1.11.1.html | 2 +- posts/2019-allura-1.12.0.html | 2 +- posts/2021-allura-1.13.0.html | 2 +- ...-allura-1.13.0.html => 2022-allura-1.14.0.html} | 41 +++--- tag/feature.html | 2 +- tag/gsoc.html | 2 +- tag/release.html | 13 ++- 34 files changed, 174 insertions(+), 61 deletions(-) create mode 100644 .asf.yaml create mode 100644 _src/content/2022-allura-1.14.0.md copy posts/{2021-allura-1.13.0.html => 2022-allura-1.14.0.html} (72%)
[allura] tag rel/1.14.0 created (now fcaa2bbb3)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to tag rel/1.14.0 in repository https://gitbox.apache.org/repos/asf/allura.git at fcaa2bbb3 (commit) No new revisions were added by this update.
svn commit: r56964 - /dev/allura/allura-1.14.0.tar.gz /dev/allura/allura-1.14.0.tar.gz.asc /dev/allura/allura-1.14.0.tar.gz.sha512 /release/allura/allura-1.14.0.tar.gz /release/allura/allura-1.14.0.ta
Author: brondsem Date: Fri Sep 23 16:08:07 2022 New Revision: 56964 Log: Move allura 1.14.0 from dev to release Added: release/allura/allura-1.14.0.tar.gz - copied unchanged from r56963, dev/allura/allura-1.14.0.tar.gz release/allura/allura-1.14.0.tar.gz.asc - copied unchanged from r56963, dev/allura/allura-1.14.0.tar.gz.asc release/allura/allura-1.14.0.tar.gz.sha512 - copied unchanged from r56963, dev/allura/allura-1.14.0.tar.gz.sha512 Removed: dev/allura/allura-1.14.0.tar.gz dev/allura/allura-1.14.0.tar.gz.asc dev/allura/allura-1.14.0.tar.gz.sha512
[allura] 01/01: [#8468] RAML ugprade WORK IN PROGRESS
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8468 in repository https://gitbox.apache.org/repos/asf/allura.git commit d9d0b79d883c0a270490a4e5af3d9e0020fb257d Author: Dave Brondsema AuthorDate: Thu Sep 22 13:03:02 2022 -0400 [#8468] RAML ugprade WORK IN PROGRESS --- Allura/docs/api-rest/api.raml| 2 +- Allura/docs/api-rest/resourceTypes.yaml | 14 +++--- Allura/docs/api-rest/schemas/discussion.json | 4 ++-- Allura/docs/api-rest/schemas/tickets.json| 2 +- Allura/docs/api-rest/securitySchemes.yaml| 2 +- Allura/docs/api-rest/traits.yaml | 10 +- 6 files changed, 17 insertions(+), 17 deletions(-) diff --git a/Allura/docs/api-rest/api.raml b/Allura/docs/api-rest/api.raml index 85742059d..11099f11d 100755 --- a/Allura/docs/api-rest/api.raml +++ b/Allura/docs/api-rest/api.raml @@ -1,4 +1,4 @@ -#%RAML 0.8 +#%RAML 1.0 # Licensed to the Apache Software Foundation (ASF) under one # or more contributor license agreements. See the NOTICE file # distributed with this work for additional information diff --git a/Allura/docs/api-rest/resourceTypes.yaml b/Allura/docs/api-rest/resourceTypes.yaml index fca9fa77c..c2519f94e 100755 --- a/Allura/docs/api-rest/resourceTypes.yaml +++ b/Allura/docs/api-rest/resourceTypes.yaml @@ -15,7 +15,7 @@ # specific language governing permissions and limitations # under the License. -- base: +base: get?: responses: # yaml syntax to alias properties 200: @@ -30,11 +30,11 @@ description: Created delete?: responses: *standardResponses -- collection: +collection: type: base get: is: [ pageable, bearerAuth ] -- generic: +generic: # this is really just a shorthand for us when we have a schema & example # so we couldn't come up with a good name and picked something generic :) type: base @@ -66,7 +66,7 @@ application/json: schema: <> delete?: -- searchableCollection: +searchableCollection: get: is: [ bearerAuth ] queryParameters: @@ -80,7 +80,7 @@ application/json: schema: <> example: <> -- typedCollection: +typedCollection: type: collection get: responses: @@ -89,12 +89,12 @@ application/json: schema: <> example: <> -- permission: +permission: description: | Checks if a given user has permissions. get: is: [permissionTestable, bearerAuth] -- project: +project: type: base get: responses: diff --git a/Allura/docs/api-rest/schemas/discussion.json b/Allura/docs/api-rest/schemas/discussion.json index 5a66073e8..43e237008 100755 --- a/Allura/docs/api-rest/schemas/discussion.json +++ b/Allura/docs/api-rest/schemas/discussion.json @@ -33,7 +33,7 @@ "id": "_id" }, "last_post": { -"type": "object", +"type": ["object", "null"], "id": "last_post", "properties": { "status": { @@ -41,7 +41,7 @@ "id": "status" }, "last_edited": { -"type": "null", +"type": ["string", "null"], "id": "last_edited" }, "author": { diff --git a/Allura/docs/api-rest/schemas/tickets.json b/Allura/docs/api-rest/schemas/tickets.json index a30e01c74..e8df259e1 100755 --- a/Allura/docs/api-rest/schemas/tickets.json +++ b/Allura/docs/api-rest/schemas/tickets.json @@ -46,7 +46,7 @@ }, "default": { "id": "default", - "type": "string" + "type": ["string", "boolean"], }, "description": { "id": "description", diff --git a/Allura/docs/api-rest/securitySchemes.yaml b/Allura/docs/api-rest/securitySchemes.yaml index 194b5f71a..3f1156e6b 100755 --- a/Allura/docs/api-rest/securitySchemes.yaml +++ b/Allura/docs/api-rest/securitySchemes.yaml @@ -15,7 +15,7 @@ # specific language governing permissions and limitations # under the License. -- oauth_1_0: +oauth_1_0: description: | OAuth 1.0 may be used to authenticate API requests
[allura] branch db/8468 created (now d9d0b79d8)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/8468 in repository https://gitbox.apache.org/repos/asf/allura.git at d9d0b79d8 [#8468] RAML ugprade WORK IN PROGRESS This branch includes the following new commits: new d9d0b79d8 [#8468] RAML ugprade WORK IN PROGRESS The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] branch db/8467 created (now 1b85eefb1)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/8467 in repository https://gitbox.apache.org/repos/asf/allura.git at 1b85eefb1 [#8467] misc type hints This branch includes the following new commits: new eefe25415 [#8467] DefOptScriptTask and other improvements to task submission in web ui new 1b85eefb1 [#8467] misc type hints The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] 02/02: [#8467] misc type hints
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8467 in repository https://gitbox.apache.org/repos/asf/allura.git commit 1b85eefb145b76b692dc8a7a2e216faeb0f63c79 Author: Dave Brondsema AuthorDate: Thu Sep 22 10:50:17 2022 -0400 [#8467] misc type hints --- Allura/allura/lib/plugin.py| 2 +- Allura/allura/model/project.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py index 89537d810..d9cdf9a0d 100644 --- a/Allura/allura/lib/plugin.py +++ b/Allura/allura/lib/plugin.py @@ -1224,7 +1224,7 @@ class ProjectRegistrationProvider: It should be overridden for your specific envirnoment''' return None -def registration_date(self, project): +def registration_date(self, project) -> datetime: ''' Return the datetime the project was created. ''' diff --git a/Allura/allura/model/project.py b/Allura/allura/model/project.py index c0a010f5e..f0d3552b4 100644 --- a/Allura/allura/model/project.py +++ b/Allura/allura/model/project.py @@ -1015,7 +1015,7 @@ class Project(SearchIndexable, MappedClass, ActivityNode, ActivityObject): uids = [uid for uid in named_roles.userids_that_reach if uid is not None] return list(User.query.find({'_id': {'$in': uids}, 'disabled': False, 'pending': False})) -def users_with_role(self, *role_names): +def users_with_role(self, *role_names) -> list[User]: """Return all users in this project that have at least one of the roles specified.
[allura] 01/02: [#8467] DefOptScriptTask and other improvements to task submission in web ui
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8467 in repository https://gitbox.apache.org/repos/asf/allura.git commit eefe2541595705db0ab8320456e665476dae3531 Author: Dave Brondsema AuthorDate: Thu Sep 22 10:50:05 2022 -0400 [#8467] DefOptScriptTask and other improvements to task submission in web ui --- Allura/allura/controllers/site_admin.py | 3 ++ Allura/allura/lib/helpers.py | 1 + Allura/allura/scripts/scripttask.py | 69 ++-- Allura/allura/templates/site_admin_task_new.html | 7 +-- Allura/docs/api/scripts.rst | 25 + Allura/docs/conf.py | 2 +- 6 files changed, 100 insertions(+), 7 deletions(-) diff --git a/Allura/allura/controllers/site_admin.py b/Allura/allura/controllers/site_admin.py index d7b2cf97a..d8372e44c 100644 --- a/Allura/allura/controllers/site_admin.py +++ b/Allura/allura/controllers/site_admin.py @@ -620,6 +620,9 @@ class TaskManagerController: try: task = v.TaskValidator.to_python(task_name) doc = task.__doc__ or 'No doc string available' +doc = re.sub(r'^usage: ([^-][a-z_-]+ )?', # remove usage: and possible incorrect binary like "mod_wsgi" + 'Enter CLI formatted args above, like "args": ["--foo bar baz"]\n\n', + doc) except Invalid as e: error = str(e) return dict(doc=doc, error=error) diff --git a/Allura/allura/lib/helpers.py b/Allura/allura/lib/helpers.py index 5ecb7862f..1df3497df 100644 --- a/Allura/allura/lib/helpers.py +++ b/Allura/allura/lib/helpers.py @@ -828,6 +828,7 @@ def datetimeformat(value, format='%Y-%m-%d %H:%M:%S'): @contextmanager def log_output(log): +# TODO: replace with contextlib.redirect_stdout and redirect_stderr? class Writer: def __init__(self, func): diff --git a/Allura/allura/scripts/scripttask.py b/Allura/allura/scripts/scripttask.py index f466610ea..0a1255c4c 100644 --- a/Allura/allura/scripts/scripttask.py +++ b/Allura/allura/scripts/scripttask.py @@ -32,12 +32,26 @@ To use, subclass ScriptTask and implement two methods:: '''Your main code goes here.''' pass +Or using the `defopt library <https://defopt.readthedocs.io/>`_ (must be installed), +subclass `DefOptScriptTask` and implement one method:: + +class MyScript(DefOptScriptTask): +@classmethod +def execute(cls, *, limit: int = 10, dry_run: bool = False): +''' +Description/usage of this script + +:param limit: +Explanation of parametes, if desired +''' +pass + To call as a script:: if __name__ == '__main__': MyScript.main() -To call as a task:: +To run as a background task:: # post the task with cmd-line-style args MyScript.post('-p myproject --dry-run') @@ -45,10 +59,10 @@ To call as a task:: """ import argparse +import contextlib +import io import logging -import six - from allura.lib.decorators import task from allura.lib.helpers import shlex_split @@ -62,6 +76,7 @@ class MetaParserDocstring(type): return cls.parser().format_help() def __new__(meta, classname, bases, classDict): +# make it look like a task return task(type.__new__(meta, classname, bases, classDict)) @@ -70,6 +85,8 @@ class ScriptTask(metaclass=MetaParserDocstring): """Base class for a command-line script that is also executable as a task.""" def __new__(cls, arg_string=''): +# when taskd calls SomeTaskClass(), then this runs. Not really the normal way to use __new__ +# and can't use __init__ since we want to return a value return cls._execute_task(arg_string) @classmethod @@ -94,3 +111,49 @@ class ScriptTask(metaclass=MetaParserDocstring): def main(cls): options = cls.parser().parse_args() cls.execute(options) + + +try: +import defopt +except ModuleNotFoundError: +pass +else: + +class MetaDefOpt(type): +def __new__(meta, classname, bases, classDict): +return task(type.__new__(meta, classname, bases, classDict)) + +@property +def __doc__(cls): +with contextlib.redirect_stdout(io.StringIO()) as stderr: +try: +cls.main(argv=['--help']) +except SystemExit: +pass +return stderr.getvalue() + + +class DefOptScriptTask(metaclass=MetaDefOpt): +"""Base class for a command-line script that is also executable as a task.""" + +def __new__(cls, arg_string=''): +# when taskd calls SomeTaskClass(), then this runs. Not really the normal w
[allura] branch master updated: Fix phone.attempts_limit check, if user had surpassed it already
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new b3df09680 Fix phone.attempts_limit check, if user had surpassed it already b3df09680 is described below commit b3df09680ecb141c1b80545e040ca1e41ee68a54 Author: Dave Brondsema AuthorDate: Mon Sep 19 13:21:09 2022 -0400 Fix phone.attempts_limit check, if user had surpassed it already --- Allura/allura/lib/plugin.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py index fe2a97c52..89537d810 100644 --- a/Allura/allura/lib/plugin.py +++ b/Allura/allura/lib/plugin.py @@ -915,7 +915,7 @@ class ProjectRegistrationProvider: 'error': 'That phone number has already been used.'} count = user.get_tool_data('phone_verification', 'count') or 0 attempt_limit = config.get('phone.attempts_limit', '5') -if count == int(attempt_limit): +if count >= int(attempt_limit): msg = 'Maximum phone verification attempts reached.' h.auditlog_user(msg, user=user) return {'status': 'error',
svn commit: r56893 - in /dev/allura: allura-1.14.0.tar.gz allura-1.14.0.tar.gz.asc allura-1.14.0.tar.gz.sha512
Author: brondsem Date: Mon Sep 19 14:27:26 2022 New Revision: 56893 Log: allura 1.14.0 Added: dev/allura/allura-1.14.0.tar.gz (with props) dev/allura/allura-1.14.0.tar.gz.asc dev/allura/allura-1.14.0.tar.gz.sha512 Added: dev/allura/allura-1.14.0.tar.gz == Binary file - no diff available. Propchange: dev/allura/allura-1.14.0.tar.gz -- svn:mime-type = application/octet-stream Added: dev/allura/allura-1.14.0.tar.gz.asc == --- dev/allura/allura-1.14.0.tar.gz.asc (added) +++ dev/allura/allura-1.14.0.tar.gz.asc Mon Sep 19 14:27:26 2022 @@ -0,0 +1,17 @@ +-BEGIN PGP SIGNATURE- +Comment: GPGTools - http://gpgtools.org + +iQIzBAABCAAdFiEE0YkrXHcuZD67lzl+ZzfqVWLvu3MFAmMk+OQACgkQZzfqVWLv +u3MkXg/8CJGkFNmgNfWeL3z4zBA3gLuEoDkd+rwAvWM/hhA46nKKZYzc68PM1m5i +g3YEB/qK+KawAQCOWYqf/94VEE/05fvDXxaGEOtPn/gR4WrPNF+eTxOMGbQqLpOj +vt0sIt2GKNLNfIYQAYv8xvU5gkKBWJFt7rFgVbxBO+Hk5zqmjq5E+BAG1fhL6pus +j7s99avlHgmDVxneAe4//QPakZE87f/KhIqaw3LFxM0TAMM1EJl3sY4RKbeKWUGw +QkkUrG1uOhGfLc09VGd2UjGhJU1Txm8uhlJVNlNiC2bQoabV48IQzey7aF3l0m38 +mGy0zVQwEt0TpqaUE5SBuPJtPf9LEzome5P2ldNmwtqlhDEHS01NRv6vUTxAoMi7 +jf5B+ampCvhxhVXjfPabNz8nLCMRT3bCAh+ZKMroLGX1JXoftxd0ApgWeMTNeQsx +xZvkhjNF8h+jFAqH9yrghRxfamXq4PGQIkqE/2fS5gUV/6FzQbEn2yPHjzCtHVig +aPsuVJfPQbev67NwLdJ1xkkEYpkN8KsmN6EzqX6P/35MwF8jfCm3yM9lTtZwUcbq +A3oMkCs9k70D0YkMw0ZI1RCqzkSbLTj4DPphDINxDdnua/ljiljELdmlBMrbsMbi +OnBTnFRtIAdfZhczK3tmF2uHCZfRgMta/RUwDYKtdzFQCAEpda4= +=V8Qr +-END PGP SIGNATURE- Added: dev/allura/allura-1.14.0.tar.gz.sha512 == --- dev/allura/allura-1.14.0.tar.gz.sha512 (added) +++ dev/allura/allura-1.14.0.tar.gz.sha512 Mon Sep 19 14:27:26 2022 @@ -0,0 +1 @@ +04631b4880283a4dcfa7d3d5e4cd9cc91c47f24a2837c5f739e9812d4ad774ac9fd724ae21ebdc5a0715be3f1508dc0b8aec1661352482dd276f5b7f60a985f0 allura-1.14.0.tar.gz
[allura] branch master updated (ff1a1d03e -> fcaa2bbb3)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/allura.git from ff1a1d03e Update copyright year new 782e84e15 dashboard: fix default user icon display new fcaa2bbb3 CHANGES updated for ASF release 1.14.0 The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../templates/dashboard_index.html | 3 +- CHANGES| 177 - 2 files changed, 175 insertions(+), 5 deletions(-)
[allura] 01/02: dashboard: fix default user icon display
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 782e84e156d4825060da47500068b90a9cbef7f5 Author: Dave Brondsema AuthorDate: Fri Sep 16 18:07:49 2022 -0400 dashboard: fix default user icon display --- Allura/allura/ext/personal_dashboard/templates/dashboard_index.html | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/Allura/allura/ext/personal_dashboard/templates/dashboard_index.html b/Allura/allura/ext/personal_dashboard/templates/dashboard_index.html index 86919db05..ad9bb1bc6 100644 --- a/Allura/allura/ext/personal_dashboard/templates/dashboard_index.html +++ b/Allura/allura/ext/personal_dashboard/templates/dashboard_index.html @@ -33,8 +33,7 @@ {% endblock %} {% block nav_menu %} - +{{lib.gravatar(user, size=48)}} {{ user.display_name }} / Dashboard
[allura] 02/02: CHANGES updated for ASF release 1.14.0
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit fcaa2bbb3be9b0488f647678181319f8348901d1 Author: Dave Brondsema AuthorDate: Fri Sep 16 18:29:37 2022 -0400 CHANGES updated for ASF release 1.14.0 --- CHANGES | 177 ++-- 1 file changed, 174 insertions(+), 3 deletions(-) diff --git a/CHANGES b/CHANGES index 1d032757b..bc2e43ded 100644 --- a/CHANGES +++ b/CHANGES @@ -1,9 +1,20 @@ -Unreleased +Version 1.14.0 (September 2022) -[#8413] This release drops support for Python 3.6. +Upgrade Instructions + + To install updated dependencies, run: +pip install -r requirements.txt --no-deps --upgrade --upgrade-strategy=only-if-needed + Run: `./rebuild-all.bash` to get new ForgeFiles app available + Run: `paster ensure_index development.ini` in Allura dir + + If switching from Python 3.6 to 3.7, you will need to make a completely new python virtual environment, + and run `pip install ...` in it, and then use it to run Allura. + + If using docker, rebuild the allura image and restart containers. Breaking Changes - * [#8399] In an effort to update the Docker startup steps to make them as + * [#8413] [#8390] drop support for Python 2.7 and 3.6. Only Python 3.7 is supported in this release. + * [#8399] In an effort to update the Docker startup steps to make them as easy as possible and compatible across as many OS's as possible, the default allura-data location has been moved from `/allura-data` to `./allura-data`. This will likely break existing Docker deployments. To fix your deployment, @@ -12,6 +23,166 @@ Breaking Changes ./allura-data). * Remove the `force_ssl.logged_in` config option. It is recommended to use https for all visitors, whether logged in or not. + * [#8438] gravatar integration is disabled by default, for privacy reasons. If you wish to enable it, add + `use_gravatar = true` to your .ini file + +Major New Features + * [#8368] new Files App + +Security + * [#8414] Added a new validator to restrict private/internal ips from being submitted in import forms + * Many package upgrades + +General + * [#8388] consolidate markdown_syntax and search_help pages + * [#8402] Remove PreChecked Checkboxes + * [#8424] Better Error Handling For Wiki And Discussion Pages + * [#8404] SMTP maximum allowed line length + * [#8430] improve SMTP retry logic + * [#8401] Project Icon URL Param Issue + * [#8454] Prevent Anonymous Github Imports + * [#8403] Github Importer Enhancements + * page and limit url params are now being included in threaded comments links + * underscores in user's mentions parse correctly + * Remove gittip_button macro; gittip is defunct + * Avoid occasional errors in cached_convert logging + * Prevent discussion stats endpoint from 500ing if hit without parameters + +Code Repositories + * [#5593] Create backlink from ticket when commit message contains ticket link + * [#8060] Commit overview and diff changes are a bit messed up + * [#8431] handle dir/file/symlink changes better + * [#8432] diffs - add max file size + * [#8450] API to list repos + * Lower SVN import retry count significantly; block imports from plugins.svn.wordpress.org since it has millions of revisions + +Wikis + * [#8246] Set Home dialog validation fix + * [#8459] Wiki Tool Installation Optional + +Tickets + * [#8434] Tickets Tool Search Better Error Handling + * [#8457] Tickets Tool Actions Bug + +Admin & Accounts + * [#8393] Password recovery - resend verification mail for pending users + * [#8391] Unsubscribe from a project when a user is removed from Admin group + * [#8448] Oauth Authorize Screen Visual Update + * [#8451] [#8458] record more admin actions in audit log + * [#8405] added last_access field to save the last access date for OAuth tokens + * Only activate+enable users exactly when needed + * Make "enter" do the natural thing when adding an email to an account + * Added checkbox option that sends message replies to users active email address + * Ensure audit log email is the same as what was actually used + * Show multifactor setup key in addition to QR code + * various TaskCommand improvements triggered by expansions to purge command + * add filter by age of task to TaskCommands + +SEO + * [#8418] SEO - omit certain empty apps/tools from sitemap + * [#8420] Add "nofollow" to Markdown Syntax + * [#8421] SEO - omit certain empty apps/tools from sitemap - pt2 + * [#8423] Wiki Page Versions Improvement + * [#8429] Add noindex,follow to Authorization Redirects + * [#8435] Robots Tag For Wiki History Pages + * [#8437] Do Not Index Empty Blog and Discussion Forums + * [#8439] Tool Search Add noindex, follow + * [#8440] Add Canonical Link To Project Activity + * [#8441] Project Members Page Better Title and H1 + * [#8442] Code Repos Links Should nofollow + *
[allura] 01/02: node-sass removal: one more spot
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit 38a8b27c9eae459814facce103b39996bbd2766a Author: Dave Brondsema AuthorDate: Fri Sep 16 17:45:41 2022 -0400 node-sass removal: one more spot --- scripts/init-docker-dev.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/scripts/init-docker-dev.sh b/scripts/init-docker-dev.sh index 381ee0626..325d09ff4 100755 --- a/scripts/init-docker-dev.sh +++ b/scripts/init-docker-dev.sh @@ -54,7 +54,8 @@ pip install -q -r requirements.txt /allura/rebuild-all.bash echo -if [[ ! -e /allura/Allura/allura/public/nf/js/build/transpiled.js || ! -e /allura/Allura/allura/nf/responsive/css/styles.css ]]; then +if [[ ! -e /allura/Allura/allura/public/nf/js/build/transpiled.js ]]; then +# || ! -e /allura/Allura/allura/nf/responsive/css/styles.css echo -e "Installing npm packages" npm ci # if we want more progress displayed: --loglevel http
[allura] branch master updated (ea8d7e02f -> ff1a1d03e)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/allura.git from ea8d7e02f upgrade oauthlib new 38a8b27c9 node-sass removal: one more spot new ff1a1d03e Update copyright year The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: Allura/NOTICE | 2 +- Allura/docs/conf.py | 2 +- ForgeDiscussion/NOTICE | 2 +- ForgeGit/NOTICE | 2 +- ForgeImporters/NOTICE | 2 +- ForgeImporters/docs/conf.py | 2 +- ForgeLink/NOTICE| 2 +- ForgeSVN/NOTICE | 2 +- ForgeTracker/NOTICE | 2 +- ForgeWiki/NOTICE| 2 +- NOTICE | 2 +- scripts/init-docker-dev.sh | 3 ++- 12 files changed, 13 insertions(+), 12 deletions(-)
[allura] 02/02: Update copyright year
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git commit ff1a1d03e724500a0881a5ab51d12e01942d990a Author: Dave Brondsema AuthorDate: Fri Sep 16 17:45:49 2022 -0400 Update copyright year --- Allura/NOTICE | 2 +- Allura/docs/conf.py | 2 +- ForgeDiscussion/NOTICE | 2 +- ForgeGit/NOTICE | 2 +- ForgeImporters/NOTICE | 2 +- ForgeImporters/docs/conf.py | 2 +- ForgeLink/NOTICE| 2 +- ForgeSVN/NOTICE | 2 +- ForgeTracker/NOTICE | 2 +- ForgeWiki/NOTICE| 2 +- NOTICE | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/Allura/NOTICE b/Allura/NOTICE index e271a1eed..5aa85b787 100644 --- a/Allura/NOTICE +++ b/Allura/NOTICE @@ -1,5 +1,5 @@ Apache Allura -Copyright 2012-2021 The Apache Software Foundation +Copyright 2012-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/Allura/docs/conf.py b/Allura/docs/conf.py index cacb92e89..59be57ba9 100644 --- a/Allura/docs/conf.py +++ b/Allura/docs/conf.py @@ -56,7 +56,7 @@ master_doc = 'index' # General information about the project. project = 'Apache Allura' -copyright = '2012-2021 The Apache Software Foundation' +copyright = '2012-2022 The Apache Software Foundation' # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the diff --git a/ForgeDiscussion/NOTICE b/ForgeDiscussion/NOTICE index e271a1eed..5aa85b787 100644 --- a/ForgeDiscussion/NOTICE +++ b/ForgeDiscussion/NOTICE @@ -1,5 +1,5 @@ Apache Allura -Copyright 2012-2021 The Apache Software Foundation +Copyright 2012-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/ForgeGit/NOTICE b/ForgeGit/NOTICE index e271a1eed..5aa85b787 100644 --- a/ForgeGit/NOTICE +++ b/ForgeGit/NOTICE @@ -1,5 +1,5 @@ Apache Allura -Copyright 2012-2021 The Apache Software Foundation +Copyright 2012-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/ForgeImporters/NOTICE b/ForgeImporters/NOTICE index e271a1eed..5aa85b787 100644 --- a/ForgeImporters/NOTICE +++ b/ForgeImporters/NOTICE @@ -1,5 +1,5 @@ Apache Allura -Copyright 2012-2021 The Apache Software Foundation +Copyright 2012-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/ForgeImporters/docs/conf.py b/ForgeImporters/docs/conf.py index 31521fd71..fade3b900 100644 --- a/ForgeImporters/docs/conf.py +++ b/ForgeImporters/docs/conf.py @@ -52,7 +52,7 @@ master_doc = 'index' # General information about the project. project = 'Apache Allura' -copyright = '2012-2021 The Apache Software Foundation' +copyright = '2012-2022 The Apache Software Foundation' # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the diff --git a/ForgeLink/NOTICE b/ForgeLink/NOTICE index e271a1eed..5aa85b787 100644 --- a/ForgeLink/NOTICE +++ b/ForgeLink/NOTICE @@ -1,5 +1,5 @@ Apache Allura -Copyright 2012-2021 The Apache Software Foundation +Copyright 2012-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/ForgeSVN/NOTICE b/ForgeSVN/NOTICE index e271a1eed..5aa85b787 100644 --- a/ForgeSVN/NOTICE +++ b/ForgeSVN/NOTICE @@ -1,5 +1,5 @@ Apache Allura -Copyright 2012-2021 The Apache Software Foundation +Copyright 2012-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/ForgeTracker/NOTICE b/ForgeTracker/NOTICE index e271a1eed..5aa85b787 100644 --- a/ForgeTracker/NOTICE +++ b/ForgeTracker/NOTICE @@ -1,5 +1,5 @@ Apache Allura -Copyright 2012-2021 The Apache Software Foundation +Copyright 2012-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/ForgeWiki/NOTICE b/ForgeWiki/NOTICE index e271a1eed..5aa85b787 100644 --- a/ForgeWiki/NOTICE +++ b/ForgeWiki/NOTICE @@ -1,5 +1,5 @@ Apache Allura -Copyright 2012-2021 The Apache Software Foundation +Copyright 2012-2022 The Apache Software Foundation This product includes software developed at The Apache Software Foundation (http://www.apache.org/). diff --git a/NOTICE b/NOTICE index e271a1eed..5aa85b787 100644 --- a/NOTICE +++ b/NOTICE @@ -1,5 +1,5 @@ Apache Allura -Copyright 2012-2021 The Apache Software
[allura] branch master updated: upgrade oauthlib
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new ea8d7e02f upgrade oauthlib ea8d7e02f is described below commit ea8d7e02f65cdd9481693ac43b35dac48ae54f44 Author: Dave Brondsema AuthorDate: Fri Sep 16 13:41:53 2022 -0400 upgrade oauthlib --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index f8f681776..e6e411352 100644 --- a/requirements.txt +++ b/requirements.txt @@ -93,7 +93,7 @@ mock==4.0.3 # via -r requirements.in oauth2 @ https://github.com/joestump/python-oauth2/archive/b94f69b1ad195513547924e380d9265133e995fa.zip # via -r requirements.in -oauthlib==3.2.0 +oauthlib==3.2.1 # via requests-oauthlib paginate==0.5.6 # via -r requirements.in
[allura] branch master updated: fix sphinx documentation issues
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 3da11b88b fix sphinx documentation issues 3da11b88b is described below commit 3da11b88be9ebef93f05e0879ed9563816c5ea83 Author: Dave Brondsema AuthorDate: Wed Sep 14 16:47:54 2022 -0400 fix sphinx documentation issues --- Allura/allura/command/show_models.py | 3 ++- Allura/allura/lib/plugin.py | 3 +-- Allura/allura/model/artifact.py | 2 +- Allura/docs/api/lib/security.rst | 1 + Allura/docs/getting_started/install_each_step.rst | 5 ++--- ForgeImporters/forgeimporters/base.py | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Allura/allura/command/show_models.py b/Allura/allura/command/show_models.py index 5e2175350..6357d8e03 100644 --- a/Allura/allura/command/show_models.py +++ b/Allura/allura/command/show_models.py @@ -54,7 +54,8 @@ class ReindexCommand(base.Command): min_args = 1 max_args = 1 usage = '' -summary = 'Reindex into solr and re-shortlink all artifacts' +summary = 'Reindex into solr and re-shortlink all artifacts\n' \ + 'By default both --refs and --tasks are enabled, but if you specify just one, the other will be disabled' parser = base.Command.standard_parser(verbose=True) parser.add_option('-p', '--project', dest='project', default=None, help='project to reindex') diff --git a/Allura/allura/lib/plugin.py b/Allura/allura/lib/plugin.py index b1d47e3f2..fe2a97c52 100644 --- a/Allura/allura/lib/plugin.py +++ b/Allura/allura/lib/plugin.py @@ -888,8 +888,7 @@ class ProjectRegistrationProvider: Returns True if one of the following is true: - phone verification is disabled - :param user: has 'admin' access to :param neighborhood: -- :param user: is has 'admin' access for some project, which belongs - to :param neighborhood: +- :param user: is has 'admin' access for some project, which belongs to :param neighborhood: - phone is already verified for a :param user: Otherwise returns False. diff --git a/Allura/allura/model/artifact.py b/Allura/allura/model/artifact.py index 6ff629e68..487530f9d 100644 --- a/Allura/allura/model/artifact.py +++ b/Allura/allura/model/artifact.py @@ -445,7 +445,7 @@ class Artifact(MappedClass, SearchIndexable): :param filename: file name :param fp: a file-like object (implements ``read()``) -:param **kw: passed through to Attachment class constructor +:param kw: passed through to Attachment class constructor """ att = self.attachment_class().save_attachment( diff --git a/Allura/docs/api/lib/security.rst b/Allura/docs/api/lib/security.rst index 08c9ba4fb..42877572a 100644 --- a/Allura/docs/api/lib/security.rst +++ b/Allura/docs/api/lib/security.rst @@ -24,3 +24,4 @@ .. autoclass:: RoleCache :members: :special-members: __init__ +:noindex: diff --git a/Allura/docs/getting_started/install_each_step.rst b/Allura/docs/getting_started/install_each_step.rst index 5014022a3..395a6dcec 100644 --- a/Allura/docs/getting_started/install_each_step.rst +++ b/Allura/docs/getting_started/install_each_step.rst @@ -24,9 +24,6 @@ Step-by-Step Installation .. contents:: :local: -Step-by-Step Installation -- - For a simpler setup using Docker images, see :ref:`docker-install` instead. In these instructions, we'll use `VirtualBox <http://www.virtualbox.org>`__ and `Ubuntu 18.04 <http://ubuntu.com>`_ to create a disposable sandbox for Allura development/testing. Allura should work on other Linux systems (including OSX), but setting up all the dependencies will be different. @@ -62,6 +59,7 @@ To install MongoDB, follow the instructions `here <https://docs.mongodb.org/manu Optional, for SVN support: .. code-block:: bash + ~$ sudo apt-get install subversion libsvn-dev make g++ python3-svn Setting up a python virtual environment @@ -122,6 +120,7 @@ This may take a little while. Optional, for SVN support: install the wheel package then use the pysvn-installer script to build a pysvn wheel. .. code-block:: bash + (env-allura)~/src/allura$ pip install wheel (env-allura)~/src/allura$ curl https://raw.githubusercontent.com/reviewboard/pysvn-installer/master/install.py | python diff --git a/ForgeImporters/forgeimporters/base.py b/ForgeImporters/forgeimporters/base.py index 0d9d359e9..4cdf67dba 100644 --- a/ForgeImporters/forgeimporters/base.py +++ b/ForgeImporters/forgeimporters/base.py @@ -334,7 +334,7 @@ class ProjectImporter(BaseController): tool imports happen. :pa
[allura] 01/07: [#8461] convert oauth tests to not mock the oauth library, use requests_oauthlib as a helper to build requests instead
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8461 in repository https://gitbox.apache.org/repos/asf/allura.git commit 50a05541e9cb7a6a652dee209277e1d5e731afdf Author: Dave Brondsema AuthorDate: Wed Sep 7 12:45:03 2022 -0400 [#8461] convert oauth tests to not mock the oauth library, use requests_oauthlib as a helper to build requests instead --- Allura/allura/tests/decorators.py | 19 +- Allura/allura/tests/functional/test_auth.py | 296 ++-- AlluraTest/alluratest/controller.py | 18 ++ 3 files changed, 180 insertions(+), 153 deletions(-) diff --git a/Allura/allura/tests/decorators.py b/Allura/allura/tests/decorators.py index 6c561c228..34854ad0f 100644 --- a/Allura/allura/tests/decorators.py +++ b/Allura/allura/tests/decorators.py @@ -209,18 +209,29 @@ def out_audits(*messages, **kwargs): # not a decorator but use it with LogCapture() context manager -def assert_logmsg_and_no_warnings_or_errors(logs, msg): +def assert_logmsg(logs, msg, maxlevel=logging.CRITICAL+1): """ +can also use logs.check() or logs.check_present() :param testfixtures.logcapture.LogCapture logs: LogCapture() instance -:param str msg: Message to look for +:param str msg: Message substring to look for """ found_msg = False for r in logs.records: if msg in r.getMessage(): found_msg = True -if r.levelno > logging.INFO: +if r.levelno > maxlevel: raise AssertionError(f'unexpected log {r.levelname} {r.getMessage()}') -assert found_msg, 'Did not find {} in logs: {}'.format(msg, '\n'.join([r.getMessage() for r in logs.records])) +assert found_msg, \ +'Did not find "{}" in these logs: {}'.format(msg, '\n'.join([r.getMessage() for r in logs.records])) + + +def assert_logmsg_and_no_warnings_or_errors(logs, msg): +""" +can also use logs.check() or logs.check_present() +:param testfixtures.logcapture.LogCapture logs: LogCapture() instance +:param str msg: Message substring to look for +""" +return assert_logmsg(logs, msg, maxlevel=logging.INFO) def assert_equivalent_urls(url1, url2): diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py index c6b8fae11..1d15220d5 100644 --- a/Allura/allura/tests/functional/test_auth.py +++ b/Allura/allura/tests/functional/test_auth.py @@ -14,17 +14,22 @@ # KIND, either express or implied. See the License for the # specific language governing permissions and limitations # under the License. +from __future__ import annotations import calendar from base64 import b32encode from datetime import datetime, time, timedelta from time import time as time_time import json + from six.moves.urllib.parse import urlparse, parse_qs from six.moves.urllib.parse import urlencode from bson import ObjectId import re + +from testfixtures import LogCapture + from ming.orm.ormsession import ThreadLocalORMSession, session from tg import config, expose from mock import patch, Mock @@ -40,17 +45,15 @@ from alluratest.tools import ( assert_false, ) from tg import tmpl_context as c, app_globals as g -import oauth2 from allura.tests import TestController from allura.tests import decorators as td -from allura.tests.decorators import audits, out_audits -from alluratest.controller import setup_trove_categories, TestRestApiBase +from allura.tests.decorators import audits, out_audits, assert_logmsg +from alluratest.controller import setup_trove_categories, TestRestApiBase, oauth1_webtest from allura import model as M from allura.lib import plugin from allura.lib import helpers as h from allura.lib.multifactor import TotpService, RecoveryCodeService -import six def unentity(s): @@ -1854,109 +1857,55 @@ class TestOAuth(TestController): M.OAuthAccessToken.for_user(M.User.by_username('test-admin')), []) def test_interactive(self): -with mock.patch('allura.controllers.rest.oauth.Server') as Server, \ -mock.patch('allura.controllers.rest.oauth.Request') as Request: # these are the oauth2 libs -user = M.User.by_username('test-admin') -M.OAuthConsumerToken( -api_key='api_key', -user_id=user._id, -description='ctok_desc', -) -ThreadLocalORMSession.flush_all() -Request.from_request.return_value = { -'oauth_consumer_key': 'api_key', -'oauth_callback': 'http://my.domain.com/callback', -} -r = self.app.post('/rest/oauth/request_token', params={}) -rtok = parse_qs(r.text)['oauth_token'][0] -r = self.app.post('/rest/oauth/authorize', - params={'oauth_
[allura] 07/07: [#8461] include oauth_callback in our example clients, to match spec
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8461 in repository https://gitbox.apache.org/repos/asf/allura.git commit ae26886d459e9ed63772dcf48991e22e168babff Author: Dave Brondsema AuthorDate: Tue Sep 13 18:25:42 2022 -0400 [#8461] include oauth_callback in our example clients, to match spec --- Allura/docs/api-rest/docs.md | 2 +- scripts/wiki-copy.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Allura/docs/api-rest/docs.md b/Allura/docs/api-rest/docs.md index 425ae8912..886514719 100755 --- a/Allura/docs/api-rest/docs.md +++ b/Allura/docs/api-rest/docs.md @@ -93,7 +93,7 @@ If you want your application to be able to use the API on behalf of another user AUTHORIZE_URL = 'https://forge-allura.apache.org/rest/oauth/authorize' ACCESS_TOKEN_URL = 'https://forge-allura.apache.org/rest/oauth/access_token' -oauth = OAuth1Session(CONSUMER_KEY, client_secret=CONSUMER_SECRET) +oauth = OAuth1Session(CONSUMER_KEY, client_secret=CONSUMER_SECRET, callback_uri='oob') # Step 1: Get a request token. This is a temporary token that is used for # having the user authorize an access token and to sign the request to obtain diff --git a/scripts/wiki-copy.py b/scripts/wiki-copy.py index fc6553761..ddb3187d3 100644 --- a/scripts/wiki-copy.py +++ b/scripts/wiki-copy.py @@ -81,7 +81,7 @@ def make_oauth_client(base_url) -> requests.Session: oauth_token = cp.get(base_url, 'oauth_token') oauth_token_secret = cp.get(base_url, 'oauth_token_secret') except NoOptionError: -oauthSess = OAuth1Session(oauth_key, client_secret=oauth_secret) +oauthSess = OAuth1Session(oauth_key, client_secret=oauth_secret, callback_uri='oob') request_token = oauthSess.fetch_request_token(REQUEST_TOKEN_URL) pin_url = oauthSess.authorization_url(AUTHORIZE_URL, request_token['oauth_token']) if isinstance(webbrowser.get(), webbrowser.GenericBrowser):
[allura] 04/07: [#8461] update test values (to be ok with oauthlib validations)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8461 in repository https://gitbox.apache.org/repos/asf/allura.git commit 54a934985ca01aa7e77b17c0cb3f7e42c85eea68 Author: Dave Brondsema AuthorDate: Thu Sep 8 11:25:00 2022 -0400 [#8461] update test values (to be ok with oauthlib validations) --- Allura/allura/tests/functional/test_auth.py | 108 ++-- 1 file changed, 54 insertions(+), 54 deletions(-) diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py index a2b936f46..92806fb59 100644 --- a/Allura/allura/tests/functional/test_auth.py +++ b/Allura/allura/tests/functional/test_auth.py @@ -1859,15 +1859,15 @@ class TestOAuth(TestController): def test_interactive(self): user = M.User.by_username('test-admin') M.OAuthConsumerToken( -api_key='api_key', -secret_key='dummy-client-secret', +api_key='api_key_api_key_12345', +secret_key='test-client-secret', user_id=user._id, description='ctok_desc', ) ThreadLocalORMSession.flush_all() oauth_params = dict( -client_key='api_key', -client_secret='dummy-client-secret', +client_key='api_key_api_key_12345', +client_secret='test-client-secret', callback_uri='http://my.domain.com/callback', ) r = self.app.post(*oauth1_webtest('/rest/oauth/request_token', oauth_params, method='POST')) @@ -1883,8 +1883,8 @@ class TestOAuth(TestController): assert pin oauth_params = dict( -client_key='api_key', -client_secret='dummy-client-secret', +client_key='api_key_api_key_12345', +client_secret='test-client-secret', resource_owner_key=rtok, resource_owner_secret=rsecr, verifier=pin, @@ -1898,8 +1898,8 @@ class TestOAuth(TestController): oauth_token = atok['oauth_token'][0] oauth_secret = atok['oauth_token_secret'][0] oaurl, oaparams, oahdrs = oauth1_webtest('/rest/p/test/', dict( -client_key='api_key', -client_secret='dummy-client-secret', +client_key='api_key_api_key_12345', +client_secret='test-client-secret', resource_owner_key=oauth_token, resource_owner_secret=oauth_secret, signature_type='query' @@ -1910,106 +1910,106 @@ class TestOAuth(TestController): def test_authorize_ok(self): user = M.User.by_username('test-admin') ctok = M.OAuthConsumerToken( -api_key='api_key', +api_key='api_key_api_key_12345', user_id=user._id, description='ctok_desc', ) M.OAuthRequestToken( -api_key='api_key_reqtok', +api_key='api_key_reqtok_12345', consumer_token_id=ctok._id, callback='oob', user_id=user._id, ) ThreadLocalORMSession.flush_all() -r = self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key_reqtok'}) +r = self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key_reqtok_12345'}) assert_in('ctok_desc', r.text) -assert_in('api_key_reqtok', r.text) +assert_in('api_key_reqtok_12345', r.text) def test_authorize_invalid(self): -self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key_reqtok'}, status=401) +self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key_reqtok_12345'}, status=401) def test_do_authorize_no(self): user = M.User.by_username('test-admin') ctok = M.OAuthConsumerToken( -api_key='api_key', +api_key='api_key_api_key_12345', user_id=user._id, description='ctok_desc', ) M.OAuthRequestToken( -api_key='api_key_reqtok', +api_key='api_key_reqtok_12345', consumer_token_id=ctok._id, callback='oob', user_id=user._id, ) ThreadLocalORMSession.flush_all() self.app.post('/rest/oauth/do_authorize', - params={'no': '1', 'oauth_token': 'api_key_reqtok'}) -assert_is_none(M.OAuthRequestToken.query.get(api_key='api_key_reqtok')) + params={'no': '1', 'oauth_token': 'api_key_reqtok_12345'}) + assert_is_none(M.OAuthRequestToken.query.get(api_key='api_key_reqtok_12345')) def test_do_authorize_oob(self): user = M.User.by_username('test-admin') ctok = M.OAuthConsumerToken( -api_key='api_key', +api_key='api_key_api_key_12345', user_id=user._id, description='ctok_desc', ) M.OAuthRequestToken( -api_key='api_key_reqtok
[allura] 06/07: [#8461] switch from python-oauth2 to oauthlib
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8461 in repository https://gitbox.apache.org/repos/asf/allura.git commit 2f3fae6b90cd950fd81884cb8f3e45a9aeb0faeb Author: Dave Brondsema AuthorDate: Thu Sep 8 11:33:55 2022 -0400 [#8461] switch from python-oauth2 to oauthlib --- Allura/allura/controllers/rest.py | 289 ++--- Allura/allura/model/oauth.py | 39 ++- .../allura/scripts/create_oauth1_dummy_tokens.py | 37 +++ Allura/allura/tests/functional/test_auth.py| 82 +++--- Allura/allura/websetup/bootstrap.py| 5 + AlluraTest/alluratest/controller.py| 6 +- AlluraTest/alluratest/validation.py| 2 +- requirements.in| 5 +- requirements.txt | 10 +- 9 files changed, 306 insertions(+), 169 deletions(-) diff --git a/Allura/allura/controllers/rest.py b/Allura/allura/controllers/rest.py index 5bf4c786c..5121972da 100644 --- a/Allura/allura/controllers/rest.py +++ b/Allura/allura/controllers/rest.py @@ -18,9 +18,10 @@ """REST Controller""" import json import logging -from six.moves.urllib.parse import unquote +from urllib.parse import unquote, urlparse, parse_qs -import oauth2 as oauth +import oauthlib.oauth1 +import oauthlib.common from paste.util.converters import asbool from webob import exc import tg @@ -118,14 +119,136 @@ class RestController: return NeighborhoodRestController(neighborhood), remainder +class Oauth1Validator(oauthlib.oauth1.RequestValidator): + +def validate_client_key(self, client_key: str, request: oauthlib.common.Request) -> bool: +return M.OAuthConsumerToken.query.get(api_key=client_key) is not None + +def get_client_secret(self, client_key, request): +return M.OAuthConsumerToken.query.get(api_key=client_key).secret_key # NoneType error? you need dummy_oauths() + +def save_request_token(self, token: dict, request: oauthlib.common.Request) -> None: +consumer_token = M.OAuthConsumerToken.query.get(api_key=request.client_key) +req_token = M.OAuthRequestToken( +api_key=token['oauth_token'], +secret_key=token['oauth_token_secret'], +consumer_token_id=consumer_token._id, +callback=request.oauth_params.get('oauth_callback', 'oob'), +) +session(req_token).flush() +log.info('Saving new request token with key: %s', req_token.api_key) + +def verify_request_token(self, token: str, request: oauthlib.common.Request) -> bool: +return M.OAuthRequestToken.query.get(api_key=token) is not None + +def validate_request_token(self, client_key: str, token: str, request: oauthlib.common.Request) -> bool: +req_tok = M.OAuthRequestToken.query.get(api_key=token) +if not req_tok: +return False +return oauthlib.common.safe_string_equals(req_tok.consumer_token.api_key, client_key) + +def invalidate_request_token(self, client_key: str, request_token: str, request: oauthlib.common.Request) -> None: +M.OAuthRequestToken.query.remove({'api_key': request_token}) + +def validate_verifier(self, client_key: str, token: str, verifier: str, request: oauthlib.common.Request) -> bool: +req_tok = M.OAuthRequestToken.query.get(api_key=token) +return oauthlib.common.safe_string_equals(req_tok.validation_pin, verifier) # NoneType error? you need dummy_oauths() + +def save_verifier(self, token: str, verifier: dict, request: oauthlib.common.Request) -> None: +req_tok = M.OAuthRequestToken.query.get(api_key=token) +req_tok.validation_pin = verifier['oauth_verifier'] +session(req_tok).flush(req_tok) + +def get_redirect_uri(self, token: str, request: oauthlib.common.Request) -> str: +return M.OAuthRequestToken.query.get(api_key=token).callback + +def get_request_token_secret(self, client_key: str, token: str, request: oauthlib.common.Request) -> str: +return M.OAuthRequestToken.query.get(api_key=token).secret_key # NoneType error? you need dummy_oauths() + +def save_access_token(self, token: dict, request: oauthlib.common.Request) -> None: +consumer_token = M.OAuthConsumerToken.query.get(api_key=request.client_key) +request_token = M.OAuthRequestToken.query.get(api_key=request.resource_owner_key) +tok = M.OAuthAccessToken( +api_key=token['oauth_token'], +secret_key=token['oauth_token_secret'], +consumer_token_id=consumer_token._id, +request_token_id=request_token._id, +user_id=request_token.user_id, +) +session(tok).flush(tok) + +def validate_access_token(self, client_key: str, token: str, request: oauthlib.common.Request) -
[allura] 02/07: [#8461] update oauth lib in docs & wiki-copy.py examples
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8461 in repository https://gitbox.apache.org/repos/asf/allura.git commit c9974e663b1b85b6cd1918d4b95df867c2a3c6fa Author: Dave Brondsema AuthorDate: Wed Sep 7 15:41:07 2022 -0400 [#8461] update oauth lib in docs & wiki-copy.py examples --- Allura/docs/api-rest/docs.md | 52 ++- scripts/wiki-copy.py | 74 +--- 2 files changed, 44 insertions(+), 82 deletions(-) diff --git a/Allura/docs/api-rest/docs.md b/Allura/docs/api-rest/docs.md index fb2b605d4..425ae8912 100755 --- a/Allura/docs/api-rest/docs.md +++ b/Allura/docs/api-rest/docs.md @@ -82,32 +82,24 @@ Python code example to create a new ticket: ### OAuth 1.0 Application Authorization (Third-Party Apps) -If you want your application to be able to use the API on behalf of another user, that user must authorize your application to act on their behalf. This is usually accomplished by obtaining a request token and directing the user authorize the request. The following is an example of how one would authorize an application in Python using the python-oauth2 library. First, run `pip install oauth2` and `pip install certifi`. +If you want your application to be able to use the API on behalf of another user, that user must authorize your application to act on their behalf. This is usually accomplished by obtaining a request token and directing the user authorize the request. The following is an example of how one would authorize an application in Python using the requests_oauthlib library. First, run `pip install requests_oauthlib` -import oauth2 as oauth # misleading package name, oauth2 implements OAuth 1.0 spec -import certifi -from urllib.parse import parse_qs, parse_qsl, urlencode +from requests_oauthlib import OAuth1Session import webbrowser CONSUMER_KEY = '' CONSUMER_SECRET = '' -REQUEST_TOKEN_URL = 'https://sourceforge.net/rest/oauth/request_token' -AUTHORIZE_URL = 'https://sourceforge.net/rest/oauth/authorize' -ACCESS_TOKEN_URL = 'https://sourceforge.net/rest/oauth/access_token' +REQUEST_TOKEN_URL = 'https://forge-allura.apache.org/rest/oauth/request_token' +AUTHORIZE_URL = 'https://forge-allura.apache.org/rest/oauth/authorize' +ACCESS_TOKEN_URL = 'https://forge-allura.apache.org/rest/oauth/access_token' -consumer = oauth.Consumer(CONSUMER_KEY, CONSUMER_SECRET) -client = oauth.Client(consumer) -client.ca_certs = certifi.where() +oauth = OAuth1Session(CONSUMER_KEY, client_secret=CONSUMER_SECRET) # Step 1: Get a request token. This is a temporary token that is used for # having the user authorize an access token and to sign the request to obtain # said access token. -resp, content = client.request(REQUEST_TOKEN_URL, 'GET') -if resp['status'] != '200': -raise Exception("Invalid response %s." % resp['status']) - -request_token = dict(parse_qsl(content.decode('utf-8'))) +request_token = oauth.fetch_request_token(REQUEST_TOKEN_URL) # these are intermediate tokens and not needed later # print("Request Token:") @@ -119,7 +111,7 @@ If you want your application to be able to use the API on behalf of another user # redirect. In a web application you would redirect the user to the URL # below, specifying the additional parameter oauth_callback=. -webbrowser.open("%s?oauth_token=%s" % (AUTHORIZE_URL, request_token['oauth_token'])) +webbrowser.open(oauth.authorization_url(AUTHORIZE_URL, request_token['oauth_token'])) # Since we didn't specify a callback, the user must now enter the PIN displayed in # their browser. If you had specified a callback URL, it would have been called with @@ -131,13 +123,7 @@ If you want your application to be able to use the API on behalf of another user # request token to sign this request. After this is done you throw away the # request token and use the access token returned. You should store this # access token somewhere safe, like a database, for future use. -token = oauth.Token(request_token[b'oauth_token'].decode(), request_token[b'oauth_token_secret'].decode()) -token.set_verifier(oauth_verifier) -client = oauth.Client(consumer, token) -client.ca_certs = certifi.where() - -resp, content = client.request(ACCESS_TOKEN_URL, "GET") -access_token = dict(parse_qsl(content.decode('utf-8'))) +access_token = oauth.fetch_access_token(ACCESS_TOKEN_URL, oauth_verifier) print("Access Token:") print("- oauth_token= %s" % access_token['oauth_token']) @@ -149,10 +135,7 @@ If you want your application to be able to use the API on behalf of another user You can then use your access token with
[allura] 05/07: [#8461] index (unique) on OAuthConsumerToken.api_key
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8461 in repository https://gitbox.apache.org/repos/asf/allura.git commit 385be59f88c37ea7fa03f1f89ec2f5247520e2fc Author: Dave Brondsema AuthorDate: Thu Sep 8 11:31:44 2022 -0400 [#8461] index (unique) on OAuthConsumerToken.api_key --- Allura/allura/model/oauth.py | 5 - 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Allura/allura/model/oauth.py b/Allura/allura/model/oauth.py index a5e390ff0..72f31f7e6 100644 --- a/Allura/allura/model/oauth.py +++ b/Allura/allura/model/oauth.py @@ -72,7 +72,10 @@ class OAuthConsumerToken(OAuthToken): class __mongometa__: polymorphic_identity = 'consumer' name = 'oauth_consumer_token' -unique_indexes = [('name', 'user_id')] +unique_indexes = [ +('name', 'user_id'), +('api_key',), +] query: 'Query[OAuthConsumerToken]'
[allura] branch db/8461 created (now ae26886d4)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/8461 in repository https://gitbox.apache.org/repos/asf/allura.git at ae26886d4 [#8461] include oauth_callback in our example clients, to match spec This branch includes the following new commits: new 50a05541e [#8461] convert oauth tests to not mock the oauth library, use requests_oauthlib as a helper to build requests instead new c9974e663 [#8461] update oauth lib in docs & wiki-copy.py examples new a91a0aa14 [#8461] distinguish "api_key" used for consumer tokens vs request tokens, in tests new 54a934985 [#8461] update test values (to be ok with oauthlib validations) new 385be59f8 [#8461] index (unique) on OAuthConsumerToken.api_key new 2f3fae6b9 [#8461] switch from python-oauth2 to oauthlib new ae26886d4 [#8461] include oauth_callback in our example clients, to match spec The 7 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] 03/07: [#8461] distinguish "api_key" used for consumer tokens vs request tokens, in tests
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/8461 in repository https://gitbox.apache.org/repos/asf/allura.git commit a91a0aa14315e60e75d3799e48f2c107e7e83f90 Author: Dave Brondsema AuthorDate: Wed Sep 7 14:15:43 2022 -0400 [#8461] distinguish "api_key" used for consumer tokens vs request tokens, in tests --- Allura/allura/tests/functional/test_auth.py | 38 ++--- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/Allura/allura/tests/functional/test_auth.py b/Allura/allura/tests/functional/test_auth.py index 1d15220d5..a2b936f46 100644 --- a/Allura/allura/tests/functional/test_auth.py +++ b/Allura/allura/tests/functional/test_auth.py @@ -1915,18 +1915,18 @@ class TestOAuth(TestController): description='ctok_desc', ) M.OAuthRequestToken( -api_key='api_key', +api_key='api_key_reqtok', consumer_token_id=ctok._id, callback='oob', user_id=user._id, ) ThreadLocalORMSession.flush_all() -r = self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key'}) +r = self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key_reqtok'}) assert_in('ctok_desc', r.text) -assert_in('api_key', r.text) +assert_in('api_key_reqtok', r.text) def test_authorize_invalid(self): -self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key'}, status=401) +self.app.post('/rest/oauth/authorize', params={'oauth_token': 'api_key_reqtok'}, status=401) def test_do_authorize_no(self): user = M.User.by_username('test-admin') @@ -1936,15 +1936,15 @@ class TestOAuth(TestController): description='ctok_desc', ) M.OAuthRequestToken( -api_key='api_key', +api_key='api_key_reqtok', consumer_token_id=ctok._id, callback='oob', user_id=user._id, ) ThreadLocalORMSession.flush_all() self.app.post('/rest/oauth/do_authorize', - params={'no': '1', 'oauth_token': 'api_key'}) -assert_is_none(M.OAuthRequestToken.query.get(api_key='api_key')) + params={'no': '1', 'oauth_token': 'api_key_reqtok'}) +assert_is_none(M.OAuthRequestToken.query.get(api_key='api_key_reqtok')) def test_do_authorize_oob(self): user = M.User.by_username('test-admin') @@ -1954,13 +1954,13 @@ class TestOAuth(TestController): description='ctok_desc', ) M.OAuthRequestToken( -api_key='api_key', +api_key='api_key_reqtok', consumer_token_id=ctok._id, callback='oob', user_id=user._id, ) ThreadLocalORMSession.flush_all() -r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key'}) +r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key_reqtok'}) assert_is_not_none(r.html.find(text=re.compile('^PIN: '))) def test_do_authorize_cb(self): @@ -1971,14 +1971,14 @@ class TestOAuth(TestController): description='ctok_desc', ) M.OAuthRequestToken( -api_key='api_key', +api_key='api_key_reqtok', consumer_token_id=ctok._id, callback='http://my.domain.com/callback', user_id=user._id, ) ThreadLocalORMSession.flush_all() -r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key'}) -assert r.location.startswith('http://my.domain.com/callback?oauth_token=api_key_verifier=') +r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key_reqtok'}) +assert r.location.startswith('http://my.domain.com/callback?oauth_token=api_key_reqtok_verifier=') def test_do_authorize_cb_params(self): user = M.User.by_username('test-admin') @@ -1988,14 +1988,14 @@ class TestOAuth(TestController): description='ctok_desc', ) M.OAuthRequestToken( -api_key='api_key', +api_key='api_key_reqtok', consumer_token_id=ctok._id, callback='http://my.domain.com/callback?myparam=foo', user_id=user._id, ) ThreadLocalORMSession.flush_all() -r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key'}) -assert r.location.startswith('http://my.domain.com/callback?myparam=foo_token=api_key_verifier=') +r = self.app.post('/rest/oauth/do_authorize', params={'yes': '1', 'oauth_token': 'api_key_reqtok'}) +assert r.location.startswith('http://my.domain.com/callback?myparam=foo_token=api_key_reqtok_verifier=')
[allura] 01/01: bump ming to latest version
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch db/ming_0.12.1 in repository https://gitbox.apache.org/repos/asf/allura.git commit 7eec8b1a34904bbf7e0de0e07cebb2b951f62f55 Author: Dave Brondsema AuthorDate: Tue Sep 13 15:20:40 2022 + bump ming to latest version --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 1b49cf600..f8f681776 100644 --- a/requirements.txt +++ b/requirements.txt @@ -87,7 +87,7 @@ markupsafe==2.1.0 # jinja2 # turbogears2 # webhelpers2 -ming==0.12.0 +ming==0.12.1 # via -r requirements.in mock==4.0.3 # via -r requirements.in
[allura] branch db/ming_0.12.1 created (now 7eec8b1a3)
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a change to branch db/ming_0.12.1 in repository https://gitbox.apache.org/repos/asf/allura.git at 7eec8b1a3 bump ming to latest version This branch includes the following new commits: new 7eec8b1a3 bump ming to latest version The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference.
[allura] branch master updated: [#8460] add new smtpclient method send_raw which sends pre-formatted email content
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new 69eb40e26 [#8460] add new smtpclient method send_raw which sends pre-formatted email content 69eb40e26 is described below commit 69eb40e26aa181810109641c0556d02376e93247 Author: Dillon Walls AuthorDate: Wed Sep 7 14:37:47 2022 + [#8460] add new smtpclient method send_raw which sends pre-formatted email content --- Allura/allura/lib/mail_util.py | 8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/Allura/allura/lib/mail_util.py b/Allura/allura/lib/mail_util.py index 374cb25ef..2caef5c26 100644 --- a/Allura/allura/lib/mail_util.py +++ b/Allura/allura/lib/mail_util.py @@ -301,11 +301,15 @@ class SMTPClient: log.warning('No valid addrs in %s, so not sending mail', list(map(str, addrs))) return + +self.send_raw(config.return_path, smtp_addrs, content) + +def send_raw(self, addr_from, smtp_addrs, content): if not self._client: self._connect() try: self._client.sendmail( -config.return_path, +addr_from, smtp_addrs, content) need_retry = False @@ -322,7 +326,7 @@ class SMTPClient: # maybe could sleep? or if we're in a task, reschedule it somehow? self._connect() self._client.sendmail( -config.return_path, +addr_from, smtp_addrs, content)
[allura] branch master updated: Fixes sticky notifications
This is an automated email from the ASF dual-hosted git repository. brondsem pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/allura.git The following commit(s) were added to refs/heads/master by this push: new f1b7db697 Fixes sticky notifications f1b7db697 is described below commit f1b7db6971e2c35df019348455a33568929425c9 Author: Kenton Taylor AuthorDate: Thu Sep 8 18:23:27 2022 + Fixes sticky notifications --- Allura/allura/public/nf/js/jquery.notify.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Allura/allura/public/nf/js/jquery.notify.js b/Allura/allura/public/nf/js/jquery.notify.js index 27eb3886d..7e81ff58f 100644 --- a/Allura/allura/public/nf/js/jquery.notify.js +++ b/Allura/allura/public/nf/js/jquery.notify.js @@ -78,7 +78,7 @@ $msg.removeClass(o.newClass).addClass(o.activeClass); $msg.each(function() { var self = this; -if (!$(self).hasClass(o.stickyClass) || !$(self).hasClass(o.persistentClass)) { +if (!$(self).hasClass(o.stickyClass) && !$(self).hasClass(o.persistentClass)) { var timer = $(self).attr('data-timer') || o.timer; setTimeout(function() { closer($(self), o);