Drew DeVault
7c9bff2e86
Prohibit projects named . or ..
2021-06-12 11:54:06 -04:00
Sol Fisher Romanoff
4e7364de57
Update placement of "Markdown supported"
2021-05-19 09:47:55 -04:00
Drew DeVault
6b0a06ba73
webhooks: HTML escape user content
...
This sounds like an XSS vulnerability, but really the only thing you can
exploit prior to this is silly things like putting an <h1> into commit
messages. These details were already sanitized at a later part of the
code.
2021-05-17 09:48:02 -04:00
Drew DeVault
2ed2460598
project-nav.html: fix link macro for jinja2 3.0.0
2021-05-16 16:35:25 -04:00
Marco Sirabella
7822a639ec
Add pyyaml dependency
...
This is imported in hubsrht/services.py
2021-04-02 13:56:19 -04:00
Drew DeVault
af11d9ae79
Don't append to search for popular tags
2021-03-03 16:43:31 -05:00
Drew DeVault
610accc580
Add list of popular tags to project index
2021-03-03 14:48:58 -05:00
Drew DeVault
27b0dba424
blueprints.trackers: import abort from flask
2021-02-21 19:32:23 -05:00
Drew DeVault
dba925cf4d
webhooks: fix oversight in payload verification
2021-02-20 09:58:27 -05:00
Drew DeVault
641cd03056
Ignore webhooks from someone else's build
2021-02-20 09:53:43 -05:00
Drew DeVault
a9f9a49b05
.builds/alpine: upgrade to 3.13
2021-02-08 10:31:09 -05:00
Drew DeVault
f1fbf3bddb
builds: correct name of env variable
2021-02-03 14:35:03 -05:00
Alexey Yerin
d8bac6c67c
Export some env variables when submitting a build
...
This allows to detect if the build was started from a patch and for
example, skip deployment.
Example:
BUILD_SUBMITTER=hub.sr.ht
BUILD_REASON=patchset
PATCHSET_ID=19897
PATCHSET_URL=https://lists.sr.ht/~sircmpwn/sr.ht-dev/patches/19897
Ticket: ~sircmpwn/hub.sr.ht#70
2021-02-02 10:24:17 -05:00
Alexey Yerin
c86e3280d7
Show last five repos when trying to clone project
...
Repositories are sorted by latest update time, like on "sources" tab.
Ticket: https://todo.sr.ht/~sircmpwn/hub.sr.ht/61
2021-01-29 10:35:00 -05:00
Drew DeVault
945967d390
services: fix custom HTML readme display
2021-01-26 09:01:19 -05:00
Drew DeVault
b75ac04029
Tolerate # symbol in tag entry
2021-01-18 15:29:02 -05:00
Drew DeVault
31854be734
Syncronize nullable constraints with service policy
2021-01-18 15:24:59 -05:00
Drew DeVault
89738ae198
Forward errors from GQL to the UI
2021-01-11 09:32:08 -05:00
Drew DeVault
eb326ae6fb
todo.sr.ht: description is required
2021-01-11 09:29:38 -05:00
Denis Laxalde
4e5be22783
Make source repo unique by project
...
We add a unique constraint on source_repo table to prevent multiple
links of the same remote repository to a given project.
The UI already prevents duplicates (from ef585b6e
) but it seems better
to enforce this in the database model.
2021-01-11 09:10:59 -05:00
Drew DeVault
84e0598f4d
Raise exception on unexpected git.sr.ht response
2020-12-19 18:04:03 -05:00
Drew DeVault
f91f8055fa
Improve btn-white on dark mode
2020-12-16 10:18:15 -05:00
Nolan Prescott
64cd1e0443
Prefix README links to rendered pages
...
Relative links from project summaries resulted in raw pages rather
than rendered pages for both mercurial and git repositories.
This patch is intended to match the behavior of git.sr.ht and hg.sr.ht
README rendering by passing the previous raw links as secondary link
prefixes (for rendering images) but otherwise link to rendered
resources.
related ticket: todo.sr.ht/~sircmpwn/hub.sr.ht/67
2020-12-08 08:49:05 -05:00
Drew DeVault
5c97b72d51
Replace more git.sr.ht requests with GraphQL
2020-12-03 11:46:55 -05:00
Drew DeVault
bd37e09523
Use GraphQL to fetch readmes from git.sr.ht
2020-12-03 08:33:47 -05:00
Drew DeVault
656739112e
Expand detail in get_manifests exception
2020-11-28 13:17:48 -05:00
Drew DeVault
de0182c2c1
services.py: check for missing repositories
2020-11-28 09:59:36 -05:00
Drew DeVault
9154800871
Make plaintext project summary transparent
2020-11-25 13:15:49 -05:00
Drew DeVault
074810fba5
Update wording on dashboard page
...
To encourage users to feel like a part of sr.ht
2020-11-20 11:35:01 -05:00
Thorben Günther
643ed4c9f8
Only show projects on first page of events
2020-11-17 10:03:40 -05:00
Drew DeVault
2220ddf633
Don't hide projects which didn't complete checklist
...
The UX here is pretty bad and at least a third of users are unaware that
they need to complete the checklist to publish their project.
2020-11-15 14:19:35 -05:00
Thorben Günther
502afdd0e1
Delete second declaration of create_tracker
2020-10-31 10:55:40 -04:00
Thorben Günther
8c5aef62b0
Fix subfolders in ".builds" breaking CI
...
Currently the gql API request will return an empty object for subfoders.
2020-10-31 10:53:22 -04:00
Antoine Kalmbach
1346dd4f34
Use -sS instead of --no-progress-meter when curling mbox downloads
...
Seems like curl in Debian images is too old to have support for
--no-progress-meter introduced in curl 7.67. This can be done in a
forward compatible way by using -sS.
-s will silence output in general, but -S (--show-error) will unsilence any errors.
2020-10-25 16:47:23 -04:00
Thorben Günther
ba9573e7da
Add `Edit account profile` button to hub profile
...
Also adds a link to /projects/create
2020-10-24 13:04:09 -04:00
Drew DeVault
a6579ef7f5
README: don't add empty pre tag for empty readme
2020-09-22 13:02:15 -04:00
Drew DeVault
96544a5d62
De-emphasize tags in project lists
2020-09-12 15:15:22 -04:00
Drew DeVault
3744bd5d47
Add link to tag best practices
2020-09-12 10:49:17 -04:00
Drew DeVault
8737b4881d
Make project tags optional
...
Didn't notice this in the original patchset
2020-09-12 09:57:41 -04:00
Drew DeVault
5b3555567f
Correct oversight on index page
2020-09-12 09:16:36 -04:00
наб
dc078f279f
Add project tags
...
Ref: ~sircmpwn/hub.sr.ht#19
2020-09-12 09:10:26 -04:00
наб
df5ddcc3cb
Test for & display invalid search errors on profile page, too
...
I was there indeed
2020-09-11 09:56:57 -04:00
Drew DeVault
134c1f27d6
Test for & display invalid search errors
...
Hi nab-was-here
2020-09-10 10:09:03 -04:00
наб
c212995eef
Allow project slugs to break
...
Ref: ~sircmpwn/sr.ht#245
2020-09-10 10:04:48 -04:00
наб
ff01082c30
Move {git,hg}_new_GET into common handler; use correct origin for /~u/p/{git,hg}/new
...
Ref: ~sircmpwn/hg.sr.ht/39
2020-09-07 11:35:05 -04:00
наб
9fc47d0bb4
Link resources directly if there's one of a kind
...
Ref: ~sircmpwn/hub.sr.ht#23
2020-09-07 10:36:23 -04:00
Drew DeVault
b1ff1910a3
Fix git.ensure_user_webhooks
...
Typo had the unensure function overwrite the ensure function, the end
result being that everyone's webhooks were removed -_-
2020-09-03 11:47:28 -04:00
Drew DeVault
c1044b390c
.builds/alpine.yml: increase specificity of sed
2020-09-01 17:17:54 -04:00
Drew DeVault
29e04b2105
sources: import abort
2020-08-30 16:04:24 -04:00
Drew DeVault
6b9d2e6d96
Use random selection of build manifests
2020-08-28 12:09:20 -04:00