diff --git a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2 b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
index fe695bbc6b..56339a01c4 100644
--- a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
+++ b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/files/usr.sbin.apache2
@@ -236,7 +236,6 @@
/var/www/securedrop/source_templates/use-tor-browser.html r,
/var/www/securedrop/source_templates/utils.html r,
/var/www/securedrop/source_templates/why-public-key.html r,
- /var/www/securedrop/static/.webassets-cache/** rw,
/var/www/securedrop/static/css/journalist.css r,
/var/www/securedrop/static/css/source.css r,
/var/www/securedrop/static/fonts/fa-brands-400.eot r,
@@ -254,8 +253,6 @@
/var/www/securedrop/static/fonts/fa-solid-900.ttf r,
/var/www/securedrop/static/fonts/fa-solid-900.woff r,
/var/www/securedrop/static/fonts/fa-solid-900.woff2 r,
- /var/www/securedrop/static/gen/journalist.js rw,
- /var/www/securedrop/static/gen/source.js rw,
/var/www/securedrop/static/i/check.png r,
/var/www/securedrop/static/i/checkbox.png r,
/var/www/securedrop/static/i/close.png r,
diff --git a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/tasks/main.yml b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/tasks/main.yml
index 74a65b5040..c309f2ea58 100644
--- a/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/tasks/main.yml
+++ b/install_files/ansible-base/roles/build-securedrop-app-code-deb-pkg/tasks/main.yml
@@ -104,8 +104,6 @@
state: directory
dest: "{{ item }}"
with_items:
- - "{{ securedrop_app_code_deb_dir }}/var/www/securedrop/static/gen"
- - "{{ securedrop_app_code_deb_dir }}/var/www/securedrop/static/.webassets-cache"
- "{{ securedrop_app_code_deb_dir }}/var/www/securedrop/.well-known/pki-validation"
- name: Build securedrop-app-code Debian package
diff --git a/install_files/securedrop-app-code/debian/postinst b/install_files/securedrop-app-code/debian/postinst
index de3465d023..878cedafa9 100644
--- a/install_files/securedrop-app-code/debian/postinst
+++ b/install_files/securedrop-app-code/debian/postinst
@@ -234,8 +234,9 @@ case "$1" in
# Restart apache so it loads with the apparmor profiles in enforce mode.
service apache2 restart
- # cleanup dynamically generated assets
- rm -fr /var/www/securedrop/static/gen/*
+ # remove previously dynamically-generated assets
+ rm -fr /var/www/securedrop/static/gen/
+ rm -fr /var/www/securedrop/static/.webassets-cache/
# Version migrations
diff --git a/molecule/builder-focal/tests/test_securedrop_deb_package.py b/molecule/builder-focal/tests/test_securedrop_deb_package.py
index eb8bc80c34..c5a426a13d 100644
--- a/molecule/builder-focal/tests/test_securedrop_deb_package.py
+++ b/molecule/builder-focal/tests/test_securedrop_deb_package.py
@@ -266,37 +266,25 @@ def test_securedrop_app_code_contains_mo_files(
def test_deb_package_contains_no_generated_assets(securedrop_app_code_contents: str):
"""
Ensures the `securedrop-app-code` package does not ship minified
- static assets, which are built automatically via Flask-Assets, and
- may be present in the source directory used to build from.
+ static assets previously built at runtime via Flask-Assets under /gen, and
+ which may be present in the source directory used to build from.
"""
- # static/gen/ directory should exist
- assert re.search(
- r"^.*\./var/www/securedrop" "/static/gen/$", securedrop_app_code_contents, re.M
- )
- # static/gen/ directory should be empty
+ # static/gen/ directory not should exist
assert not re.search(
- r"^.*\./var/www/securedrop" "/static/gen/.+$",
- securedrop_app_code_contents,
- re.M,
+ r"^.*\./var/www/securedrop" "/static/gen/$", securedrop_app_code_contents, re.M
)
- # static/.webassets-cache/ directory should exist
- assert re.search(
- r"^.*\./var/www/securedrop" "/static/.webassets-cache/$",
- securedrop_app_code_contents,
- re.M,
- )
- # static/.webassets-cache/ directory should be empty
+ # static/.webassets-cache/ directory should not exist
assert not re.search(
- r"^.*\./var/www/securedrop" "/static/.webassets-cache/.+$",
+ r"^.*\./var/www/securedrop" "/static/.webassets-cache/$",
securedrop_app_code_contents,
re.M,
)
- # no SASS files should exist; only the generated CSS files.
+ # no SASS files should exist.
assert not re.search("^.*sass$", securedrop_app_code_contents, re.M)
- # no .map files should exist; only the generated CSS files.
+ # no .map files should exist.
assert not re.search("^.*css.map$", securedrop_app_code_contents, re.M)
diff --git a/securedrop/.dockerignore b/securedrop/.dockerignore
index b45886e18e..b907eebeb1 100644
--- a/securedrop/.dockerignore
+++ b/securedrop/.dockerignore
@@ -1,6 +1,4 @@
**/__pycache__
**/*.pyc
.sass-cache
-static/gen
-static/.webassets-cache
tests/log/*
diff --git a/securedrop/.rsync-filter b/securedrop/.rsync-filter
index d7316504ad..bb4d6f2c16 100644
--- a/securedrop/.rsync-filter
+++ b/securedrop/.rsync-filter
@@ -28,10 +28,8 @@ include source_app/*.py
include source_templates/
include source_templates/*.html
include static/
-include static/.webassets-cache/
include static/fonts/
include static/fonts/**
-include static/gen/
include static/i/
exclude static/i/custom_logo.png
include static/i/**
diff --git a/securedrop/babel.cfg b/securedrop/babel.cfg
index 23f80e245c..52ae100b04 100644
--- a/securedrop/babel.cfg
+++ b/securedrop/babel.cfg
@@ -9,4 +9,4 @@ silent=False
[jinja2: */*.html]
silent=False
-extensions=jinja2.ext.autoescape,jinja2.ext.with_,webassets.ext.jinja2.AssetsExtension,jinja2.ext.do
+extensions=jinja2.ext.autoescape,jinja2.ext.with_,jinja2.ext.do
diff --git a/securedrop/journalist_app/__init__.py b/securedrop/journalist_app/__init__.py
index e14dfaf560..1f1149ec7c 100644
--- a/securedrop/journalist_app/__init__.py
+++ b/securedrop/journalist_app/__init__.py
@@ -5,7 +5,6 @@
from flask import (Flask, session, redirect, url_for, flash, g, request,
render_template, json)
-from flask_assets import Environment
from flask_babel import gettext
from flask_wtf.csrf import CSRFProtect, CSRFError
from os import path
@@ -64,7 +63,6 @@ def create_app(config: 'SDConfig') -> Flask:
app.session_interface = JournalistInterfaceSessionInterface()
csrf = CSRFProtect(app)
- Environment(app)
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['SQLALCHEMY_DATABASE_URI'] = config.DATABASE_URI
diff --git a/securedrop/journalist_templates/base.html b/securedrop/journalist_templates/base.html
index e09d60abef..94ee56a61d 100644
--- a/securedrop/journalist_templates/base.html
+++ b/securedrop/journalist_templates/base.html
@@ -10,9 +10,7 @@
- {% assets filters="jsmin", output="gen/journalist.js", "js/journalist.js" %}
-
- {% endassets %}
+
{% block extrahead %}{% endblock %}
diff --git a/securedrop/requirements/python3/securedrop-app-code-requirements.in b/securedrop/requirements/python3/securedrop-app-code-requirements.in
index 246e0b63df..1ae19d861d 100644
--- a/securedrop/requirements/python3/securedrop-app-code-requirements.in
+++ b/securedrop/requirements/python3/securedrop-app-code-requirements.in
@@ -6,13 +6,11 @@ cffi>=1.14.2
# This version needs Rust for compilation.
cryptography>=3.4.7
-Flask-Assets
Flask-Babel>=1.0.0
Flask-SQLAlchemy
Flask-WTF>=1.0.0
Flask>=2.0.2
Jinja2>=3.0.0
-jsmin
markupsafe>=2.0
mod_wsgi
passlib
diff --git a/securedrop/requirements/python3/securedrop-app-code-requirements.txt b/securedrop/requirements/python3/securedrop-app-code-requirements.txt
index cb5920a431..929e02ac37 100644
--- a/securedrop/requirements/python3/securedrop-app-code-requirements.txt
+++ b/securedrop/requirements/python3/securedrop-app-code-requirements.txt
@@ -105,9 +105,6 @@ cryptography==3.4.7 \
--hash=sha256:eb8cc2afe8b05acbd84a43905832ec78e7b3873fb124ca190f574dca7389a87d \
--hash=sha256:ee77aa129f481be46f8d92a1a7db57269a2f23052d5f2433b4621bb457081cc9
# via -r requirements/python3/securedrop-app-code-requirements.in
-flask-assets==0.12 \
- --hash=sha256:6031527b89fb3509d1581d932affa5a79dd348cfffb58d0aef99a43461d47847
- # via -r requirements/python3/securedrop-app-code-requirements.in
flask-babel==2.0.0 \
--hash=sha256:e6820a052a8d344e178cdd36dd4bb8aea09b4bda3d5f9fa9f008df2c7f2f5468 \
--hash=sha256:f9faf45cdb2e1a32ea2ec14403587d4295108f35017a7821a2b1acb8cfd9257d
@@ -125,7 +122,6 @@ flask==2.0.2 \
--hash=sha256:cb90f62f1d8e4dc4621f52106613488b5ba826b2e1e10a33eac92f723093ab6a
# via
# -r requirements/python3/securedrop-app-code-requirements.in
- # flask-assets
# flask-babel
# flask-sqlalchemy
# flask-wtf
@@ -142,9 +138,6 @@ jinja2==3.0.2 \
# -r requirements/python3/securedrop-app-code-requirements.in
# flask
# flask-babel
-jsmin==2.2.2 \
- --hash=sha256:b6df99b2cd1c75d9d342e4335b535789b8da9107ec748212706ef7bbe5c2553b
- # via -r requirements/python3/securedrop-app-code-requirements.in
mako==1.0.7 \
--hash=sha256:4e02fde57bd4abb5ec400181e4c314f56ac3e49ba4fb8b0d50bba18cb27d25ae
# via alembic
@@ -299,9 +292,6 @@ sqlalchemy==1.3.3 \
# -r requirements/python3/securedrop-app-code-requirements.in
# alembic
# flask-sqlalchemy
-webassets==0.12.1 \
- --hash=sha256:e7d9c8887343123fd5b32309b33167428cb1318cdda97ece12d0907fd69d38db
- # via flask-assets
werkzeug==2.0.2 \
--hash=sha256:63d3dc1cf60e7b7e35e97fa9861f7397283b75d765afcaefd993d6046899de8f \
--hash=sha256:aa2bb6fc8dee8d6c504c0ac1e7f5f7dc5810a9903e793b6f715a9f015bdadb9a
diff --git a/securedrop/source_app/__init__.py b/securedrop/source_app/__init__.py
index 8573dbf816..e982856886 100644
--- a/securedrop/source_app/__init__.py
+++ b/securedrop/source_app/__init__.py
@@ -6,7 +6,6 @@
import werkzeug
from flask import (Flask, render_template, request, g, session, redirect, url_for)
from flask_babel import gettext
-from flask_assets import Environment
from flask_wtf.csrf import CSRFProtect, CSRFError
from os import path
from typing import Tuple
@@ -70,9 +69,6 @@ def setup_i18n() -> None:
def handle_csrf_error(e: CSRFError) -> werkzeug.Response:
return clear_session_and_redirect_to_logged_out_page(flask_session=session)
- assets = Environment(app)
- app.config['assets'] = assets
-
app.jinja_env.trim_blocks = True
app.jinja_env.lstrip_blocks = True
app.jinja_env.globals['version'] = version.__version__
diff --git a/securedrop/source_templates/index.html b/securedrop/source_templates/index.html
index 55a5a5aac3..75c00f1009 100644
--- a/securedrop/source_templates/index.html
+++ b/securedrop/source_templates/index.html
@@ -14,9 +14,7 @@
- {% assets filters="jsmin", output="gen/source.js", "js/source.js" %}
-
- {% endassets %}
+