![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dreamwidth/dw-free] d9969a: Nerf an OP `#content ul li` rule in _page-layout-h...
Branch: refs/heads/code-tour
Home: https://github.com/dreamwidth/dw-free
Commit: d9969a713c52f02ea249637a3e826022a07572a8
https://github.com/dreamwidth/dw-free/commit/d9969a713c52f02ea249637a3e826022a07572a8
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2019-12-25 (Wed, 25 Dec 2019)
Changed paths:
M htdocs/scss/components/autocompletewithunknown.scss
M htdocs/scss/pages/entry/new.scss
M htdocs/scss/skins/_entry-styles.scss
M htdocs/scss/skins/_icons-page.scss
M htdocs/scss/skins/_page-layout-hacks.scss
Log Message:
-----------
Nerf an OP `#content ul li` rule in _page-layout-hacks.scss
Using an `#id` selector in a default rule makes a mess in components that need
to override it (`!important`, redundant IDs, etc.). But `id` is also a normal
attribute, and `[attribute] li` can be overridden by any subsequent `.component
li` rule.
This commit also removes a bunch of hacks to work around that rule's rowdiness.
Commit: bbcf17dc34701b7f5fb854f60cc75882e848b151
https://github.com/dreamwidth/dw-free/commit/bbcf17dc34701b7f5fb854f60cc75882e848b151
Author: Mark Smith <mark@dreamwidth.org>
Date: 2019-12-30 (Mon, 30 Dec 2019)
Changed paths:
M cgi-bin/DW/Task/SendEmail.pm
Log Message:
-----------
Allow skipping domains that are bouncing us, to keep our SES reputation up
Commit: 20997cfa0499ea98c67914fc569715b972561192
https://github.com/dreamwidth/dw-free/commit/20997cfa0499ea98c67914fc569715b972561192
Author: Mark Smith <mark@dreamwidth.org>
Date: 2019-12-30 (Mon, 30 Dec 2019)
Changed paths:
M cgi-bin/DW/Task/SendEmail.pm
Log Message:
-----------
Permanent failures in some cases, and reset SMTP connection
Commit: dc1510c63f8b4bea899791efbabdbb35d428141c
https://github.com/dreamwidth/dw-free/commit/dc1510c63f8b4bea899791efbabdbb35d428141c
Author: Kareila <kareila@dreamwidth.org>
Date: 2020-01-13 (Mon, 13 Jan 2020)
Changed paths:
M cgi-bin/LJ/Widget/ShopCart.pm
Log Message:
-----------
deployed in prod 2019-10-18
Commit: 094e440238501567818077211f5bae8fbd9a154d
https://github.com/dreamwidth/dw-free/commit/094e440238501567818077211f5bae8fbd9a154d
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-01-20 (Mon, 20 Jan 2020)
Changed paths:
M styles/summertime/layout.s2
Log Message:
-----------
Styles: Fix pervasive sideways slop in "summertime" layout
If you're going to add padding to a 100% wide object, you need to make sure it's
using border-box sizing; otherwise the width comes out to something like
`calc(100% + 8px)` and it overflows sideways.
Commit: fe5b1c7d7bb6667db828b1153790cc3ae301e824
https://github.com/dreamwidth/dw-free/commit/fe5b1c7d7bb6667db828b1153790cc3ae301e824
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-01-20 (Mon, 20 Jan 2020)
Changed paths:
M cgi-bin/LJ/CleanHTML.pm
M t/cleaner-ljtags.t
Log Message:
-----------
Fix backwards cut-tag expansion by removing ancient hack
Revert "http://bugs.dwscoalition.org/show_bug.cgi?id=2686"
This reverts commit 8e11293186c502e1e29888fa9202d86fa25ab4e6, with tidying.
Fu's original commit, ca. 2010, said:
> Nest the cuttag div in a span (inline element to still allow for inline cuts).
> Hack-y workaround to account for Firefox not refreshing the display when there
> is a :first-letter on the entry.
Said bug is long gone, but now the workaround triggers a different bug: adding
or removing `display: block` on a child of an inline element can make Firefox
choose an especially useless scroll anchor node. If you then add content that
changes the page height (like when expanding a cut tag), the irrelevant node
helpfully stays put, so you can keep looking at it while the content you
actually care about blasts off into space.
Anyway, Firefox is _technically_ doing a wrong thing here. (See
https://bugzilla.mozilla.org/show_bug.cgi?id=1608995 for details; interestingly,
the root cause also explains why that hack originally worked!) But since putting
block elements in an inline container is counterproductive in the first place,
it's kind of a "Doctor, it hurts when I kick this wall" bug.
Commit: 025697a6807dcd36b1a7665352e642c3720ec879
https://github.com/dreamwidth/dw-free/commit/025697a6807dcd36b1a7665352e642c3720ec879
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-01-20 (Mon, 20 Jan 2020)
Changed paths:
M styles/goldleaf/layout.s2
Log Message:
-----------
Styles: Update a rule targeting .cuttag_container
This span was removed, but also .cuttag-action is a better choice anyway
because it targets the closing cut tag as well as the opening one.
Commit: 3a44eaefb45f1b5efddfd1549598303e006a00a8
https://github.com/dreamwidth/dw-free/commit/3a44eaefb45f1b5efddfd1549598303e006a00a8
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-01-20 (Mon, 20 Jan 2020)
Changed paths:
M cgi-bin/DW/Task/SendEmail.pm
Log Message:
-----------
Tidy to appease Travis
Commit: cff31921335e566dd46b5df4acaceb8b0679cb88
https://github.com/dreamwidth/dw-free/commit/cff31921335e566dd46b5df4acaceb8b0679cb88
Author: Mark Smith <mark@dreamwidth.org>
Date: 2020-02-06 (Thu, 06 Feb 2020)
Changed paths:
M etc/docker/worker/scripts/startup-prod.sh
Log Message:
-----------
Don't let failed workers sit around forever
Commit: 2b5401eb8f61a8260312d9fcd57a19c6886413c6
https://github.com/dreamwidth/dw-free/commit/2b5401eb8f61a8260312d9fcd57a19c6886413c6
Author: Mark Smith <mark@dreamwidth.org>
Date: 2020-02-06 (Thu, 06 Feb 2020)
Changed paths:
M etc/kubernetes/web/web.yaml
Log Message:
-----------
deploy web 2020.02.05.01
Commit: 8177ed01cf8f0e392e58a5b2a572efc936578412
https://github.com/dreamwidth/dw-free/commit/8177ed01cf8f0e392e58a5b2a572efc936578412
Author: Ruth <momijizukamori@gmail.com>
Date: 2020-04-12 (Sun, 12 Apr 2020)
Changed paths:
M cgi-bin/DW/Controller/Entry.pm
M cgi-bin/DW/Controller/MassPrivacy.pm
M cgi-bin/LJ/Auth.pm
M cgi-bin/LJ/Protocol.pm
M cgi-bin/LJ/Talk.pm
M cgi-bin/LJ/Web.pm
M cgi-bin/LJ/Widget/Login.pm
R htdocs/js/components/jquery.hash-password.js
R htdocs/js/login-jquery.js
R htdocs/js/login.js
M htdocs/login.bml
M htdocs/mobile/login.bml
M htdocs/update.bml
M schemes/common.tt
R views/dev/tests/login.html
R views/dev/tests/login.js
M views/entry/login.tt
M views/journal/controlstrip.tt
M views/login.tt
Log Message:
-----------
Remove MD5 challenge/response login
Commit: a37fc56de9e8cb7eaca0a8c0ee9b5d00f802e45e
https://github.com/dreamwidth/dw-free/commit/a37fc56de9e8cb7eaca0a8c0ee9b5d00f802e45e
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-04-20 (Mon, 20 Apr 2020)
Changed paths:
M cgi-bin/DW/External/User.pm
M cgi-bin/LJ/User/Display.pm
Log Message:
-----------
Cleanup: Make return values of ljuser functions more legible
Commit: 5dde9b2cdca1f1aa8c58a869277160f7afd8d8a0
https://github.com/dreamwidth/dw-free/commit/5dde9b2cdca1f1aa8c58a869277160f7afd8d8a0
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-04-20 (Mon, 20 Apr 2020)
Changed paths:
M cgi-bin/LJ/CleanHTML.pm
Log Message:
-----------
Cleanup: Consolidate usertag options handling in html cleaner
- Only pass relevant options to the wrappers and the usertag functions, instead
of relaying the whole pile of cleaner options.
- Relatedly, stop storing that "inside a link" flag in the cleaner opts.
- Found one last spot that was calling ljuser directly instead of using the
wrapper function!
Commit: 403dc5d656008a8e31b45579693e7f1070a56de6
https://github.com/dreamwidth/dw-free/commit/403dc5d656008a8e31b45579693e7f1070a56de6
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-04-20 (Mon, 20 Apr 2020)
Changed paths:
M cgi-bin/LJ/CleanHTML.pm
Log Message:
-----------
HTML cleaner: new preserve_lj_tags_for option to keep users and cuts
This can be either a falsy value or a site hostname. (Or I guess it could be
"1", if you don't care about the user tags.) If passed to `clean` or
`clean_event`, it changes the following tag behaviors:
- `[Unknown site tag]` and `[Unknown site tag]` -- if the "site" attribute is present and it matches the
`preserve_lj_tags_for` hostname, print a native `![[profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
user` tag instead
of a decorative span. (This also affects `[Bad username or site: user @ site]` mentions.)
- `` and `` -- print a normalized `` tag. If
any cuts are still open at the end, explicitly close them to make sure the
crosspost footer displays properly.
This will be useful in the crossposter.
Commit: 1978d87be096574d045178cf3022cdcc76c3266d
https://github.com/dreamwidth/dw-free/commit/1978d87be096574d045178cf3022cdcc76c3266d
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-04-20 (Mon, 20 Apr 2020)
Changed paths:
M cgi-bin/DW/External/XPostProtocol/LJXMLRPC.pm
Log Message:
-----------
Crossposter: Fix bustage, de-dupe, rule all formatting with an iron fist
The LJ-alike crossposter broke during the original "better markdown" patch, and
tbh a minimal fix seemed harder than just going scorched earth on it.
So now we're just running `LJ::CleanHTML::clean_event` on the text (preserving
user/cut tags) and force-setting `opt_preformatted` at the destination. Which
hopefully gains us the following:
- Maintainers don't have to Know Things about how LJ autoformatting works.
- Crossposter doesn't have to Know Things about how to distinguish and handle
our various formatting dialects. That can all live 100% in the cleaner.
- Markdown works in crossposts again.
- `mentions` now work consistently in crossposts.
This commit also axes the crossposter's whole second-pass HTML parser, since the
cleaner can just handle all that during the first pass now.
(And whither the `` tag? Not relevant anymore, since it only affects autoformatting and we just processed all the autoformatting out before sending the crosspost over.) Commit: 473227bb9205fe9dca0c495397ab7a7d19c1ef02 https://github.com/dreamwidth/dw-free/commit/473227bb9205fe9dca0c495397ab7a7d19c1ef02 Author: Nick Fagerlund <nick.fagerlund@gmail.com> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/LJ/CleanHTML.pm Log Message: ----------- Remove some dead code This can never run. I eventually tracked it to a Brad commit from 2006. https://github.com/apparentlymart/livejournal/commit/fa26ab6325e2b321430bc29736fdfe53f44a3811 Commit: 5cc786dee0fd82f80eab42c8cf8cf8a99f7bad77 https://github.com/dreamwidth/dw-free/commit/5cc786dee0fd82f80eab42c8cf8cf8a99f7bad77 Author: Nick Fagerlund <nick.fagerlund@gmail.com> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/LJ/CleanHTML.pm Log Message: ----------- Remember to escape the cut text attribute Commit: 94990c69cb440eaf6d006f3179f1f56e39e684dc https://github.com/dreamwidth/dw-free/commit/94990c69cb440eaf6d006f3179f1f56e39e684dc Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M bin/renameuser.pl A bin/upgrading/d10-passwords.pl M bin/upgrading/update-db-general.pl M cgi-bin/DW/Auth.pm M cgi-bin/DW/Controller/ChangeEmail.pm M cgi-bin/DW/Controller/Settings.pm M cgi-bin/DW/User/Rename.pm M cgi-bin/LJ/Auth.pm M cgi-bin/LJ/Console/Command/ResetPassword.pm M cgi-bin/LJ/CreatePage.pm M cgi-bin/LJ/Global/Defaults.pm M cgi-bin/LJ/Setting/EmailPosting.pm M cgi-bin/LJ/User/Login.pm M doc/dependencies-cpanm M htdocs/admin/impersonate.bml M htdocs/lostinfo.bml M htdocs/manage/emailpost.bml Log Message: ----------- Feature: bcrypted passwords This implements using properly bcrypted passwords with unique salts, per best practices. This change has a couple of sharp edges: 1) ATOM posting and digest-auth will break. Unclear how impactful this is or what we should consider doing (if anything) about it. 2) Renames used to verify that the accounts being merged shared a password. We think that having validated email accounts that match is good enough, though. 3) Probably some bugs, I've only tested that I can still log in/out, haven't gone wild testing every flow. The implementation leverages our dversion system so that users can be on the 'old style' passwords and we can upgrade them when we are confident and ready to roll. Commit: a9677720af773474832a30d00173224848e48072 https://github.com/dreamwidth/dw-free/commit/a9677720af773474832a30d00173224848e48072 Author: Ruth <momijizukamori@gmail.com> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/DW/Auth.pm Log Message: ----------- Switch feeds to use Basic auth Commit: afc1247aed076f648f631eac668515de62d1f658 https://github.com/dreamwidth/dw-free/commit/afc1247aed076f648f631eac668515de62d1f658 Author: Ruth <momijizukamori@gmail.com> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/DW/Auth.pm M cgi-bin/DW/Controller/Create.pm M cgi-bin/DW/Controller/Entry.pm M cgi-bin/DW/Controller/MassPrivacy.pm M cgi-bin/DW/Controller/Settings.pm M cgi-bin/LJ/CreatePage.pm M cgi-bin/LJ/Global/Defaults.pm M cgi-bin/LJ/Talk.pm M cgi-bin/LJ/Widget/Login.pm M htdocs/update.bml M views/create/account.tt M views/create/account.tt.text M views/editprivacy.tt M views/entry/login.tt M views/journal/talkform.tt M views/login.tt M views/settings/changepassword.tt M views/settings/changepassword.tt.text Log Message: ----------- Change password max length to 72 This is the maximum supported by bcrypted passwords, so let's go with that so users have more flexibility. Commit: 3b1871662eac2d4b98f06504b0f0bb7197519fe7 https://github.com/dreamwidth/dw-free/commit/3b1871662eac2d4b98f06504b0f0bb7197519fe7 Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M bin/upgrading/update-db-general.pl M cgi-bin/LJ/User/Login.pm M doc/dependencies-cpanm Log Message: ----------- Move to using Authen::Passphrase modules, much cleaner Commit: f79df15f04f5e27935c31b6cceae4abe5fd24058 https://github.com/dreamwidth/dw-free/commit/f79df15f04f5e27935c31b6cceae4abe5fd24058 Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/LJ/User/Login.pm Log Message: ----------- Tidy Commit: 0782eccbc45739d1457db7ec52a74d53cc26b535 https://github.com/dreamwidth/dw-free/commit/0782eccbc45739d1457db7ec52a74d53cc26b535 Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-21 (Tue, 21 Apr 2020) Changed paths: M cgi-bin/DW/Task/ESN/FilterSubs.pm M cgi-bin/DW/Task/ESN/FindSubsByCluster.pm M cgi-bin/DW/TaskQueue.pm A cgi-bin/DW/TaskQueue/LocalDisk.pm A cgi-bin/DW/TaskQueue/SQS.pm Log Message: ----------- Add local TaskQueue This makes TaskQueue behave like BlobStore and use abstract backends. The primary one is DW::TaskQueue::SQS but there is now also a new one DW::TaskQueue::LocalDisk that is invoked if you're a development server and haven't set up SQS. This should allow developers to use the task system without having to think about it too hard, but you'll still have to run workers like production if you want to use them. TODO: make it synchronous? Commit: 639b63bd5115bbdae28d3d53dd77f855b0d2c463 https://github.com/dreamwidth/dw-free/commit/639b63bd5115bbdae28d3d53dd77f855b0d2c463 Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-21 (Tue, 21 Apr 2020) Changed paths: M cgi-bin/DW/TaskQueue/LocalDisk.pm Log Message: ----------- Tidy Compare: https://github.com/dreamwidth/dw-free/compare/d6e7c904c2ac...639b63bd5115
Home: https://github.com/dreamwidth/dw-free
Commit: d9969a713c52f02ea249637a3e826022a07572a8
https://github.com/dreamwidth/dw-free/commit/d9969a713c52f02ea249637a3e826022a07572a8
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2019-12-25 (Wed, 25 Dec 2019)
Changed paths:
M htdocs/scss/components/autocompletewithunknown.scss
M htdocs/scss/pages/entry/new.scss
M htdocs/scss/skins/_entry-styles.scss
M htdocs/scss/skins/_icons-page.scss
M htdocs/scss/skins/_page-layout-hacks.scss
Log Message:
-----------
Nerf an OP `#content ul li` rule in _page-layout-hacks.scss
Using an `#id` selector in a default rule makes a mess in components that need
to override it (`!important`, redundant IDs, etc.). But `id` is also a normal
attribute, and `[attribute] li` can be overridden by any subsequent `.component
li` rule.
This commit also removes a bunch of hacks to work around that rule's rowdiness.
Commit: bbcf17dc34701b7f5fb854f60cc75882e848b151
https://github.com/dreamwidth/dw-free/commit/bbcf17dc34701b7f5fb854f60cc75882e848b151
Author: Mark Smith <mark@dreamwidth.org>
Date: 2019-12-30 (Mon, 30 Dec 2019)
Changed paths:
M cgi-bin/DW/Task/SendEmail.pm
Log Message:
-----------
Allow skipping domains that are bouncing us, to keep our SES reputation up
Commit: 20997cfa0499ea98c67914fc569715b972561192
https://github.com/dreamwidth/dw-free/commit/20997cfa0499ea98c67914fc569715b972561192
Author: Mark Smith <mark@dreamwidth.org>
Date: 2019-12-30 (Mon, 30 Dec 2019)
Changed paths:
M cgi-bin/DW/Task/SendEmail.pm
Log Message:
-----------
Permanent failures in some cases, and reset SMTP connection
Commit: dc1510c63f8b4bea899791efbabdbb35d428141c
https://github.com/dreamwidth/dw-free/commit/dc1510c63f8b4bea899791efbabdbb35d428141c
Author: Kareila <kareila@dreamwidth.org>
Date: 2020-01-13 (Mon, 13 Jan 2020)
Changed paths:
M cgi-bin/LJ/Widget/ShopCart.pm
Log Message:
-----------
deployed in prod 2019-10-18
Commit: 094e440238501567818077211f5bae8fbd9a154d
https://github.com/dreamwidth/dw-free/commit/094e440238501567818077211f5bae8fbd9a154d
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-01-20 (Mon, 20 Jan 2020)
Changed paths:
M styles/summertime/layout.s2
Log Message:
-----------
Styles: Fix pervasive sideways slop in "summertime" layout
If you're going to add padding to a 100% wide object, you need to make sure it's
using border-box sizing; otherwise the width comes out to something like
`calc(100% + 8px)` and it overflows sideways.
Commit: fe5b1c7d7bb6667db828b1153790cc3ae301e824
https://github.com/dreamwidth/dw-free/commit/fe5b1c7d7bb6667db828b1153790cc3ae301e824
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-01-20 (Mon, 20 Jan 2020)
Changed paths:
M cgi-bin/LJ/CleanHTML.pm
M t/cleaner-ljtags.t
Log Message:
-----------
Fix backwards cut-tag expansion by removing ancient hack
Revert "http://bugs.dwscoalition.org/show_bug.cgi?id=2686"
This reverts commit 8e11293186c502e1e29888fa9202d86fa25ab4e6, with tidying.
Fu's original commit, ca. 2010, said:
> Nest the cuttag div in a span (inline element to still allow for inline cuts).
> Hack-y workaround to account for Firefox not refreshing the display when there
> is a :first-letter on the entry.
Said bug is long gone, but now the workaround triggers a different bug: adding
or removing `display: block` on a child of an inline element can make Firefox
choose an especially useless scroll anchor node. If you then add content that
changes the page height (like when expanding a cut tag), the irrelevant node
helpfully stays put, so you can keep looking at it while the content you
actually care about blasts off into space.
Anyway, Firefox is _technically_ doing a wrong thing here. (See
https://bugzilla.mozilla.org/show_bug.cgi?id=1608995 for details; interestingly,
the root cause also explains why that hack originally worked!) But since putting
block elements in an inline container is counterproductive in the first place,
it's kind of a "Doctor, it hurts when I kick this wall" bug.
Commit: 025697a6807dcd36b1a7665352e642c3720ec879
https://github.com/dreamwidth/dw-free/commit/025697a6807dcd36b1a7665352e642c3720ec879
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-01-20 (Mon, 20 Jan 2020)
Changed paths:
M styles/goldleaf/layout.s2
Log Message:
-----------
Styles: Update a rule targeting .cuttag_container
This span was removed, but also .cuttag-action is a better choice anyway
because it targets the closing cut tag as well as the opening one.
Commit: 3a44eaefb45f1b5efddfd1549598303e006a00a8
https://github.com/dreamwidth/dw-free/commit/3a44eaefb45f1b5efddfd1549598303e006a00a8
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-01-20 (Mon, 20 Jan 2020)
Changed paths:
M cgi-bin/DW/Task/SendEmail.pm
Log Message:
-----------
Tidy to appease Travis
Commit: cff31921335e566dd46b5df4acaceb8b0679cb88
https://github.com/dreamwidth/dw-free/commit/cff31921335e566dd46b5df4acaceb8b0679cb88
Author: Mark Smith <mark@dreamwidth.org>
Date: 2020-02-06 (Thu, 06 Feb 2020)
Changed paths:
M etc/docker/worker/scripts/startup-prod.sh
Log Message:
-----------
Don't let failed workers sit around forever
Commit: 2b5401eb8f61a8260312d9fcd57a19c6886413c6
https://github.com/dreamwidth/dw-free/commit/2b5401eb8f61a8260312d9fcd57a19c6886413c6
Author: Mark Smith <mark@dreamwidth.org>
Date: 2020-02-06 (Thu, 06 Feb 2020)
Changed paths:
M etc/kubernetes/web/web.yaml
Log Message:
-----------
deploy web 2020.02.05.01
Commit: 8177ed01cf8f0e392e58a5b2a572efc936578412
https://github.com/dreamwidth/dw-free/commit/8177ed01cf8f0e392e58a5b2a572efc936578412
Author: Ruth <momijizukamori@gmail.com>
Date: 2020-04-12 (Sun, 12 Apr 2020)
Changed paths:
M cgi-bin/DW/Controller/Entry.pm
M cgi-bin/DW/Controller/MassPrivacy.pm
M cgi-bin/LJ/Auth.pm
M cgi-bin/LJ/Protocol.pm
M cgi-bin/LJ/Talk.pm
M cgi-bin/LJ/Web.pm
M cgi-bin/LJ/Widget/Login.pm
R htdocs/js/components/jquery.hash-password.js
R htdocs/js/login-jquery.js
R htdocs/js/login.js
M htdocs/login.bml
M htdocs/mobile/login.bml
M htdocs/update.bml
M schemes/common.tt
R views/dev/tests/login.html
R views/dev/tests/login.js
M views/entry/login.tt
M views/journal/controlstrip.tt
M views/login.tt
Log Message:
-----------
Remove MD5 challenge/response login
Commit: a37fc56de9e8cb7eaca0a8c0ee9b5d00f802e45e
https://github.com/dreamwidth/dw-free/commit/a37fc56de9e8cb7eaca0a8c0ee9b5d00f802e45e
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-04-20 (Mon, 20 Apr 2020)
Changed paths:
M cgi-bin/DW/External/User.pm
M cgi-bin/LJ/User/Display.pm
Log Message:
-----------
Cleanup: Make return values of ljuser functions more legible
Commit: 5dde9b2cdca1f1aa8c58a869277160f7afd8d8a0
https://github.com/dreamwidth/dw-free/commit/5dde9b2cdca1f1aa8c58a869277160f7afd8d8a0
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-04-20 (Mon, 20 Apr 2020)
Changed paths:
M cgi-bin/LJ/CleanHTML.pm
Log Message:
-----------
Cleanup: Consolidate usertag options handling in html cleaner
- Only pass relevant options to the wrappers and the usertag functions, instead
of relaying the whole pile of cleaner options.
- Relatedly, stop storing that "inside a link" flag in the cleaner opts.
- Found one last spot that was calling ljuser directly instead of using the
wrapper function!
Commit: 403dc5d656008a8e31b45579693e7f1070a56de6
https://github.com/dreamwidth/dw-free/commit/403dc5d656008a8e31b45579693e7f1070a56de6
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-04-20 (Mon, 20 Apr 2020)
Changed paths:
M cgi-bin/LJ/CleanHTML.pm
Log Message:
-----------
HTML cleaner: new preserve_lj_tags_for option to keep users and cuts
This can be either a falsy value or a site hostname. (Or I guess it could be
"1", if you don't care about the user tags.) If passed to `clean` or
`clean_event`, it changes the following tag behaviors:
- `[Unknown site tag]` and `[Unknown site tag]` -- if the "site" attribute is present and it matches the
`preserve_lj_tags_for` hostname, print a native `
user` tag insteadof a decorative span. (This also affects `[Bad username or site: user @ site]` mentions.)
- `` and `` -- print a normalized `` tag. If
any cuts are still open at the end, explicitly close them to make sure the
crosspost footer displays properly.
This will be useful in the crossposter.
Commit: 1978d87be096574d045178cf3022cdcc76c3266d
https://github.com/dreamwidth/dw-free/commit/1978d87be096574d045178cf3022cdcc76c3266d
Author: Nick Fagerlund <nick.fagerlund@gmail.com>
Date: 2020-04-20 (Mon, 20 Apr 2020)
Changed paths:
M cgi-bin/DW/External/XPostProtocol/LJXMLRPC.pm
Log Message:
-----------
Crossposter: Fix bustage, de-dupe, rule all formatting with an iron fist
The LJ-alike crossposter broke during the original "better markdown" patch, and
tbh a minimal fix seemed harder than just going scorched earth on it.
So now we're just running `LJ::CleanHTML::clean_event` on the text (preserving
user/cut tags) and force-setting `opt_preformatted` at the destination. Which
hopefully gains us the following:
- Maintainers don't have to Know Things about how LJ autoformatting works.
- Crossposter doesn't have to Know Things about how to distinguish and handle
our various formatting dialects. That can all live 100% in the cleaner.
- Markdown works in crossposts again.
- `
mentions` now work consistently in crossposts.This commit also axes the crossposter's whole second-pass HTML parser, since the
cleaner can just handle all that during the first pass now.
(And whither the `` tag? Not relevant anymore, since it only affects autoformatting and we just processed all the autoformatting out before sending the crosspost over.) Commit: 473227bb9205fe9dca0c495397ab7a7d19c1ef02 https://github.com/dreamwidth/dw-free/commit/473227bb9205fe9dca0c495397ab7a7d19c1ef02 Author: Nick Fagerlund <nick.fagerlund@gmail.com> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/LJ/CleanHTML.pm Log Message: ----------- Remove some dead code This can never run. I eventually tracked it to a Brad commit from 2006. https://github.com/apparentlymart/livejournal/commit/fa26ab6325e2b321430bc29736fdfe53f44a3811 Commit: 5cc786dee0fd82f80eab42c8cf8cf8a99f7bad77 https://github.com/dreamwidth/dw-free/commit/5cc786dee0fd82f80eab42c8cf8cf8a99f7bad77 Author: Nick Fagerlund <nick.fagerlund@gmail.com> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/LJ/CleanHTML.pm Log Message: ----------- Remember to escape the cut text attribute Commit: 94990c69cb440eaf6d006f3179f1f56e39e684dc https://github.com/dreamwidth/dw-free/commit/94990c69cb440eaf6d006f3179f1f56e39e684dc Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M bin/renameuser.pl A bin/upgrading/d10-passwords.pl M bin/upgrading/update-db-general.pl M cgi-bin/DW/Auth.pm M cgi-bin/DW/Controller/ChangeEmail.pm M cgi-bin/DW/Controller/Settings.pm M cgi-bin/DW/User/Rename.pm M cgi-bin/LJ/Auth.pm M cgi-bin/LJ/Console/Command/ResetPassword.pm M cgi-bin/LJ/CreatePage.pm M cgi-bin/LJ/Global/Defaults.pm M cgi-bin/LJ/Setting/EmailPosting.pm M cgi-bin/LJ/User/Login.pm M doc/dependencies-cpanm M htdocs/admin/impersonate.bml M htdocs/lostinfo.bml M htdocs/manage/emailpost.bml Log Message: ----------- Feature: bcrypted passwords This implements using properly bcrypted passwords with unique salts, per best practices. This change has a couple of sharp edges: 1) ATOM posting and digest-auth will break. Unclear how impactful this is or what we should consider doing (if anything) about it. 2) Renames used to verify that the accounts being merged shared a password. We think that having validated email accounts that match is good enough, though. 3) Probably some bugs, I've only tested that I can still log in/out, haven't gone wild testing every flow. The implementation leverages our dversion system so that users can be on the 'old style' passwords and we can upgrade them when we are confident and ready to roll. Commit: a9677720af773474832a30d00173224848e48072 https://github.com/dreamwidth/dw-free/commit/a9677720af773474832a30d00173224848e48072 Author: Ruth <momijizukamori@gmail.com> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/DW/Auth.pm Log Message: ----------- Switch feeds to use Basic auth Commit: afc1247aed076f648f631eac668515de62d1f658 https://github.com/dreamwidth/dw-free/commit/afc1247aed076f648f631eac668515de62d1f658 Author: Ruth <momijizukamori@gmail.com> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/DW/Auth.pm M cgi-bin/DW/Controller/Create.pm M cgi-bin/DW/Controller/Entry.pm M cgi-bin/DW/Controller/MassPrivacy.pm M cgi-bin/DW/Controller/Settings.pm M cgi-bin/LJ/CreatePage.pm M cgi-bin/LJ/Global/Defaults.pm M cgi-bin/LJ/Talk.pm M cgi-bin/LJ/Widget/Login.pm M htdocs/update.bml M views/create/account.tt M views/create/account.tt.text M views/editprivacy.tt M views/entry/login.tt M views/journal/talkform.tt M views/login.tt M views/settings/changepassword.tt M views/settings/changepassword.tt.text Log Message: ----------- Change password max length to 72 This is the maximum supported by bcrypted passwords, so let's go with that so users have more flexibility. Commit: 3b1871662eac2d4b98f06504b0f0bb7197519fe7 https://github.com/dreamwidth/dw-free/commit/3b1871662eac2d4b98f06504b0f0bb7197519fe7 Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M bin/upgrading/update-db-general.pl M cgi-bin/LJ/User/Login.pm M doc/dependencies-cpanm Log Message: ----------- Move to using Authen::Passphrase modules, much cleaner Commit: f79df15f04f5e27935c31b6cceae4abe5fd24058 https://github.com/dreamwidth/dw-free/commit/f79df15f04f5e27935c31b6cceae4abe5fd24058 Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-20 (Mon, 20 Apr 2020) Changed paths: M cgi-bin/LJ/User/Login.pm Log Message: ----------- Tidy Commit: 0782eccbc45739d1457db7ec52a74d53cc26b535 https://github.com/dreamwidth/dw-free/commit/0782eccbc45739d1457db7ec52a74d53cc26b535 Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-21 (Tue, 21 Apr 2020) Changed paths: M cgi-bin/DW/Task/ESN/FilterSubs.pm M cgi-bin/DW/Task/ESN/FindSubsByCluster.pm M cgi-bin/DW/TaskQueue.pm A cgi-bin/DW/TaskQueue/LocalDisk.pm A cgi-bin/DW/TaskQueue/SQS.pm Log Message: ----------- Add local TaskQueue This makes TaskQueue behave like BlobStore and use abstract backends. The primary one is DW::TaskQueue::SQS but there is now also a new one DW::TaskQueue::LocalDisk that is invoked if you're a development server and haven't set up SQS. This should allow developers to use the task system without having to think about it too hard, but you'll still have to run workers like production if you want to use them. TODO: make it synchronous? Commit: 639b63bd5115bbdae28d3d53dd77f855b0d2c463 https://github.com/dreamwidth/dw-free/commit/639b63bd5115bbdae28d3d53dd77f855b0d2c463 Author: Mark Smith <mark@dreamwidth.org> Date: 2020-04-21 (Tue, 21 Apr 2020) Changed paths: M cgi-bin/DW/TaskQueue/LocalDisk.pm Log Message: ----------- Tidy Compare: https://github.com/dreamwidth/dw-free/compare/d6e7c904c2ac...639b63bd5115