This button only shows up on mobile (or small screens) and will appear
after the user has scrolled down at least two viewport-heights. The
Intersection Observer API is used to detect this with an invisible
"buffer" div, instead of attaching to scroll events.
Nothing too significant in here, but it rearranges some of the theme
initialization a little more, including making sure that each theme sets
a number of "essential" colors. It also moves the default theme out into
its own file, instead of having it at the bottom of _theme_base.scss for
no particular reason.
Previously, PHP syntax highlighting worked only inside <?php ... ?>
block.
Pygments can disable this behavior, but we have to pass an argument when
creating the PhpLexer to do it.
HTTPException hits all HTTP codes, including redirections, which was
breaking the tild.es shortener. Using HTTPError instead will only cover
the 4xx and 5xx codes, which is what we want.
Previously the site would give an unstyled web-server error on a lot of
errors (such as trying to visit the page for a username that doesn't
exist). This just adds a generic error page, but we'll want to add some
more specialized ones for certain errors.
Most people are coming to the register page through the register links
that people give them as an invite (and it isn't even linked from
anywhere on the site itself). There's no need to show the warning about
the site being invite-only if they've got a code, so we'll only show it
if people happen across this page by typing in the url manually or
something similar.
This also makes the warning a little more prominent by changing it to a
toast instead of just colored text.
This is mostly for logged-out users, we don't need the votes to stand
out so much for them. I think it's fine for logged-in too though, so
let's just try it for both initially.
This is messy in a few ways and needs some reworking, but should be fine
for testing and initial enabling public visibility. An invite is still
required for registration, and the registration page isn't even
currently linked anywhere since people should usually get a registration
link as the invite.
May roll this back and/or do follow-up commits if it makes the site
break.
Using GET for logging out isn't a very good idea, and can result in
external sites being able to log users out by including things like
<img src="https://tildes.net/logout">
This changes it to require a POST, and uses a form with its submit
button re-styled to look like the other text links in the menu.
Previously, the little "Exemplary" badge was only being shown to people
that can view the reasons (generally, the comment author and admins).
The only indication to other users that the comment had been labeled as
Exemplary was the colored left border. This adds the label to the top
for all users, including a count if there are multiple.
I've been reading a little about PostgreSQL transaction ID wraparound
today, and how it's knocked multiple companies out of commission for
days to get it resolved. It should have almost no chance of happening on
Tildes for years, but this will let me set up some monitoring for it
now, while I'm thinking about it.
For more info:
https://blog.sentry.io/2015/07/23/transaction-id-wraparound-in-postgres.html
I didn't like that the previous change made it possible to *always* have
leading/trailing whitespace around a username. For example, it made it
so that you could go to "/user/ Deimos" and still see my user page
because of the leading space being trimmed. This makes it so that you
have to manually set a flag in the UserSchema context to enable the
trimming, and then only does that on the login view.
This is mostly for when people are logging in. Mobile keyboards
especially like to add a space after the username, which previously
would cause an error unless they manually deleted the trailing space.
I don't think the extra precision is very meaningful on topics in
listings (especially now that it changes to absolute dates after a
week), so we can reduce that and it will make things look a bit less
cluttered.
This tests rearranging the info shown on link topics in listings a
little, including no longer showing the name of the submitter of links
in listings at all. The domain (previously shown after the title in
parentheses) is moved into the space previously showing the submitter's
name, and we start showing the word count for link topics in that space
when we have it (which is most of the time).
The script that cleans up old deleted data wipes out the title of
deleted topics (along with most of the other data), but this breaks the
little headers on a user page that say which topic a comment was in.
This just adds a "<deleted topic>" marker in place of the title.
This should probably be generalized out to other locations eventually
too, but this is probably the most prominent place it will be needed.
Until now, users have only been able to view the full posting history of
themselves (with pagination only being available on your own user page).
This extends the view_history permission to all logged-in users, so
everyone logged into an account will be able to see the full history of
any user.
Youtube scraping broke earlier on a crazy duration of "P30W2DT8H2M32S"
(30 weeks?!), so I updated the parsing a little to be able to handle
that, and also not crash the consumer if it hits a duration that it
can't handle.
A lot of the code in common between this and the EmbedlyScraper should
probably be generalized out to a base class soon, but let's make sure
this works first.
I hate almost everything about this, but it seems to work fine overall.
Pagination is still restricted to users themselves currently, so you can
only page back through history and switch to topics or comments only on
yourself. This won't stay like this for much longer though.
Required telling prospector to ignore some abstract methods inside
wrapt's ObjectProxy - they're not truly abstract, but will raise
NotImplementedError if they're called, so I guess pylint detects those
as abstract.
The monitoring server needs Redis, but not the separate server that's
used for the breached-passwords bloom filter in dev/prod. This splits
that server out to its own state, so that it doesn't need to be set up
on the monitoring server.
Deimos
Bauke
Petr Stastny