Try to fix https://github.com/tosdr/edit.tosdr.org/issues/1156 #1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Without the explicit commit create_all fails because the UUID extension is not present.
Bumps [hypothesis](https://github.com/HypothesisWorks/hypothesis) from 6.97.1 to 6.97.3. - [Release notes](https://github.com/HypothesisWorks/hypothesis/releases) - [Commits](HypothesisWorks/hypothesis@hypothesis-python-6.97.1...hypothesis-python-6.97.3) --- updated-dependencies: - dependency-name: hypothesis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [newrelic](https://github.com/newrelic/newrelic-python-agent) from 9.5.0 to 9.6.0. - [Release notes](https://github.com/newrelic/newrelic-python-agent/releases) - [Commits](newrelic/newrelic-python-agent@v9.5.0...v9.6.0) --- updated-dependencies: - dependency-name: newrelic dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [black](https://github.com/psf/black) from 23.12.1 to 24.1.1. - [Release notes](https://github.com/psf/black/releases) - [Changelog](https://github.com/psf/black/blob/main/CHANGES.md) - [Commits](psf/black@23.12.1...24.1.1) --- updated-dependencies: - dependency-name: black dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
So that it gets updates from Dependabot.
Bumps [@babel/core](https://github.com/babel/babel/tree/HEAD/packages/babel-core) from 7.23.7 to 7.23.9. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-core) --- updated-dependencies: - dependency-name: "@babel/core" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [autoprefixer](https://github.com/postcss/autoprefixer) from 10.4.16 to 10.4.17. - [Release notes](https://github.com/postcss/autoprefixer/releases) - [Changelog](https://github.com/postcss/autoprefixer/blob/main/CHANGELOG.md) - [Commits](postcss/autoprefixer@10.4.16...10.4.17) --- updated-dependencies: - dependency-name: autoprefixer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [postcss](https://github.com/postcss/postcss) from 8.4.32 to 8.4.33. - [Release notes](https://github.com/postcss/postcss/releases) - [Changelog](https://github.com/postcss/postcss/blob/main/CHANGELOG.md) - [Commits](postcss/postcss@8.4.32...8.4.33) --- updated-dependencies: - dependency-name: postcss dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [rollup](https://github.com/rollup/rollup) from 4.9.2 to 4.9.6. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](rollup/rollup@v4.9.2...v4.9.6) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [chai](https://github.com/chaijs/chai) from 5.0.0 to 5.0.3. - [Release notes](https://github.com/chaijs/chai/releases) - [Changelog](https://github.com/chaijs/chai/blob/main/History.md) - [Commits](chaijs/chai@v5.0.0...v5.0.3) --- updated-dependencies: - dependency-name: chai dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sass](https://github.com/sass/dart-sass) from 1.69.6 to 1.70.0. - [Release notes](https://github.com/sass/dart-sass/releases) - [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md) - [Commits](sass/dart-sass@1.69.6...1.70.0) --- updated-dependencies: - dependency-name: sass dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env) from 7.23.7 to 7.23.9. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.23.9/packages/babel-preset-env) --- updated-dependencies: - dependency-name: "@babel/preset-env" dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [prettier](https://github.com/prettier/prettier) from 3.1.1 to 3.2.4. - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.1.1...3.2.4) --- updated-dependencies: - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [certifi](https://github.com/certifi/python-certifi) from 2023.11.17 to 2024.2.2. - [Commits](certifi/python-certifi@2023.11.17...2024.02.02) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pytz](https://github.com/stub42/pytz) from 2023.4 to 2024.1. - [Release notes](https://github.com/stub42/pytz/releases) - [Commits](stub42/pytz@release_2023.4...release_2024.1) --- updated-dependencies: - dependency-name: pytz dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.39.2 to 1.40.0. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@1.39.2...1.40.0) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [hypothesis](https://github.com/HypothesisWorks/hypothesis) from 6.97.3 to 6.97.4. - [Release notes](https://github.com/HypothesisWorks/hypothesis/releases) - [Commits](HypothesisWorks/hypothesis@hypothesis-python-6.97.3...hypothesis-python-6.97.4) --- updated-dependencies: - dependency-name: hypothesis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.4.4 to 8.0.0. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](pytest-dev/pytest@7.4.4...8.0.0) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
mark.usefixtures doesn't have any effect, removing it see: https://docs.pytest.org/en/stable/deprecations.html#applying-a-mark-to-a-fixture-function
Bumps [python-slugify](https://github.com/un33k/python-slugify) from 8.0.1 to 8.0.3. - [Changelog](https://github.com/un33k/python-slugify/blob/master/CHANGELOG.md) - [Commits](un33k/python-slugify@v8.0.1...v8.0.3) --- updated-dependencies: - dependency-name: python-slugify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [cryptography](https://github.com/pyca/cryptography) from 41.0.7 to 42.0.0. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@41.0.7...42.0.0) --- updated-dependencies: - dependency-name: cryptography dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
Index priority and enqueued_at, these are the columns we use to sort by all queries to this table.
Automatically restarting workers should alleviate any issues from memory leaks. Setting the values also on the local config so we see them happening locally to.
Bumps [pyramid-jinja2](https://github.com/Pylons/pyramid_jinja2) from 2.10 to 2.10.1. - [Changelog](https://github.com/Pylons/pyramid_jinja2/blob/main/CHANGES.rst) - [Commits](Pylons/pyramid_jinja2@2.10...2.10.1) --- updated-dependencies: - dependency-name: pyramid-jinja2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Add a DB migration to add `ON DELETE CASCADE` to the `user_group.group_id` column's foreign key to `group.id`.
This just means you don't have to manually delete a group's memberships before deleting a group, you can just delete the group and all its memberships will be automatically deleted with it.
Remove the CLI command for deleting a user: this interacts awkwardly with recording deletions in a table because there's no authenticated user to record as the requester of the deletion. There could be various solutions to this but no one uses this CLI command anyway so let's just delete it.
Prevent users who've been marked as deleted (but still exist in the DB, for now) from authenticating with auth clients, cookies, `HTTP_X_FORWARDED_USER` headers, or bearer tokens.
Bumps [coverage](https://github.com/nedbat/coveragepy) from 7.5.1 to 7.5.2. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](nedbat/coveragepy@7.5.1...7.5.2) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [hypothesis](https://github.com/HypothesisWorks/hypothesis) from 6.102.4 to 6.102.6. - [Release notes](https://github.com/HypothesisWorks/hypothesis/releases) - [Commits](HypothesisWorks/hypothesis@hypothesis-python-6.102.4...hypothesis-python-6.102.6) --- updated-dependencies: - dependency-name: hypothesis dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [zope-interface](https://github.com/zopefoundation/zope.interface) from 6.4 to 6.4.post2. - [Changelog](https://github.com/zopefoundation/zope.interface/blob/master/CHANGES.rst) - [Commits](zopefoundation/zope.interface@6.4...6.4.post2) --- updated-dependencies: - dependency-name: zope-interface dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 2.2.0 to 2.3.1. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](getsentry/sentry-python@2.2.0...2.3.1) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Not sure how this was passing coverage before but it's not now.
michielbdejong
added a commit
to tosdr/edit.tosdr.org
that referenced
this pull request
Jun 3, 2024
|
Wait, I don't think this is the best way to do it. I'll try to rebase hypothesis/h@main...tosdr:h:phoenix-integration on the latest upstream main instead. |
michielbdejong
force-pushed
the
do-staging
branch
from
610d36a to
570b941
Compare
make user-defined network from db implements custom filtering for user service customized auth to work with phoenix fixes bug in non-incognito browsers creates user in h at moment of auth if it does not exist canonical determination of authority Create .gitlab-ci.yml Add proxy prefix Add hypothesis base url to assets fetches user based on default authority, not hard-coded authority hack to authenticate user a second time when building session replaces request.authenticated_userid client expects userid, not username resolves root session issue in security policy, removes hack solution in session model dynamically manages tosdr url via store for dev env (to-do : staging, prod) adds tosdr base domain to client settings removes print statement fixes error that is interpreting every h request as api request Update .gitlab-ci.yml exposes es with a network queries annotations in es based on strict uri determines asset path based on env forces username compliance for tosdr users created in h Build stable image relies on phoenix docker-compose for db, es
michielbdejong
force-pushed
the
do-staging
branch
from
570b941 to
af28a98
Compare
|
Fixed! I squashed the whole phoenix-integration branch into a single commit and was able to rebase that onto the upstream main branch. Closing this PR now. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
there are some problems with the version of pip-tools that gets installed with tosdr/edit.tosdr.org#1157 as documented in
tosdr/edit.tosdr.org#1156 and this is a workaround for that.