This project is mirrored from https://:*****@gitlab.archlinux.org/archlinux/aurweb.git.
Pull mirroring updated .
- 02 Feb, 2020 11 commits
-
-
First, this gets rid of the deprecation warnings Python displayed. Second, this fixes the case where a link contained a pair of underscores, which used to be interpreted as an emphasis because the linkify processor ran after the emphasis processor. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
When an FS#123 is part of a code block, it must not be converted into a link. FS#123 may also appear inside an URL, in which case regular linkifaction of URLs must take precedence. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Fixes a few edge cases: - URLs within code blocks used to get redundant <> added, breaking bash code snippets like `curl https://...` into `curl <https://...>`. - Links written with markdown's <https://...> syntax also used to get an extra pair of brackets. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Turn the git-commits markdown processor into an inline processor, which is smart enough not to convert Git hashes contained in code blocks or links. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Addresses FS#64983. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Support secondary email addresses that can be used to recover an account in case access to the primary email address is lost. Reset keys for an account are always sent to both the primary and the backup email address. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
In addition to supporting email addresses in the reset key form, also support user names. The reset key is then sent to the email address in the user's profile. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 30 Jan, 2020 8 commits
-
-
Lukas Fleischer authored
-
Lukas Fleischer authored
Since commits daee20c6 (Require current password when setting a new one, 2020-01-30) and 8fc8898f (Require password when deleting an account, 2020-01-30), changing a password and deleting an account require the current password. Extend this to all other profile changes. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Further reduce the attack surface in case of a stolen session ID. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
When changing the password of an account, instead of asking for the old password of the account, ask for the password of the currently logged in user. This allows privileged users to edit other accounts without knowing their passwords. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Rollback an accidental change that sneaked into commit daee20c6 (Require current password when setting a new one, 2020-01-30). Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Since commit eeaa1c3a (Separate text from footer in notification emails, 2020-01-04), information about unsubscribing from notifications is added in a signature block. Fix the test cases accordingly. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Since commit eeaa1c3a (Separate text from footer in notification emails, 2020-01-04), information about unsubscribing from notifications is added in a signature block. However, the code to format the email body trimmed the RFC 3676 signature delimiter, replacing "-- " by "--". Fix this by adding a special case for signature delimiters. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Prevent from easily taking over an account by changing the password with a stolen session ID. Fixes FS#65325. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 06 Jan, 2020 1 commit
-
-
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 11 Dec, 2019 1 commit
-
-
Lukas Fleischer authored
The Git repository URLs are not meant to be visited using a web browser. Copy the link to the clipboard instead. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 24 Nov, 2019 1 commit
-
-
Lukas Fleischer authored
The SQLite schema is generated automatically from the main schema and used in the test suite. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 23 Nov, 2019 5 commits
-
-
Lukas Fleischer authored
Since commit a66c7fa6 (notify.py: Use a/an correctly when sending request notifications, 2019-08-09), the body of notification emails sent when filing orphan requests refers to "an orphan request" instead of "a orphan request". Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
We support multiple database backends. Don't require Python modules for all backends to be installed. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Verify that the update hook exists and is executable before running Git to prevent from broken repositories when permissions are broken. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 02 Nov, 2019 1 commit
-
-
Lukas Fleischer authored
There's no need to use permanent storage for rate limiting information; try to keep it in memory if caching is enabled. From experiments with our live setup, this reduces the number of INSERT/DELETE operations per second from 15 to almost 0. Disk writes on the server hosting the AUR are reduced by 90% (from ~3MB/s to ~300kB/s). Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 01 Nov, 2019 1 commit
-
-
Lukas Fleischer authored
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 27 Oct, 2019 1 commit
-
-
Lukas Fleischer authored
Limit the display to two decimal points for packages with a popularity of at least 0.2. Suggested-by:
Allan McRae <allan@archlinux.org> Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 19 Oct, 2019 3 commits
-
-
Lukas Fleischer authored
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 09 Oct, 2019 1 commit
-
-
Lukas Fleischer authored
Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 07 Oct, 2019 2 commits
-
-
Lukas Fleischer authored
The TTL for package details can be much longer than for generic values since they never change. Note that when an update is pushed via Git, all packages belonging to that package base are deleted and new packages are created. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Cache more package details if the global caching mechanism is enabled. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 06 Oct, 2019 2 commits
-
-
Lukas Fleischer authored
Cache the results of the extended fields computation if the global caching mechanism is enabled. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
The package provider and dependency queries are quite CPU-intensive and usually yield rather small result sets. Cache these values if the global caching mechanism is enabled. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
- 05 Oct, 2019 2 commits
-
-
Lukas Fleischer authored
With the previous implementation, unlucky users could have their CAPTCHA be invalidated by a single account creation while filling out their account registration form. Make this more robust by allowing up to five account registrations before rejecting a CAPTCHA salt. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-
Lukas Fleischer authored
Add a CAPTCHA to protect against automated account creation. The CAPTCHA changes whenever three new accounts are registered. Signed-off-by:
Lukas Fleischer <lfleischer@archlinux.org>
-