Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PR-506 - merge #102

Open
wants to merge 29 commits into
base: release
Choose a base branch
from
Open

PR-506 - merge #102

wants to merge 29 commits into from

Conversation

github-actions[bot]
Copy link

@github-actions github-actions bot commented Apr 9, 2023

main/PR-506 merge is open

epicfaace and others added 29 commits February 12, 2023 22:06
@epicfaace
Fix typo in people.html
0424ddc
@kvchitrapu
Update rel-pr-open.yml
31df5d9 
1. add on-demand workflow run for testing purposes.
2. remove `staging` dependency for basic tests
@shreevatsa
Fix typo in installation.rst (start-docker -> docker-start)
2e264e1 
Use what's in the Makefile.
@dependabot
Bump docker/build-push-action from 3.2.0 to 4.0.0 (ambuda-org#445)
b74e8c8 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 3.2.0 to 4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://github-redirect.dependabot.com/docker/buildx/issues/1533">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>Revert disable provenance by default if not set by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://github-redirect.dependabot.com/docker/build-push-action/pull/784">docker/build-push-action#784</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v3.3.1...v4.0.0">https://github.com/docker/build-push-action/compare/v3.3.1...v4.0.0</a></p>
<h2>v3.3.1</h2>
<ul>
<li>Disable provenance by default if not set by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/781">#781</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v3.3.0...v3.3.1">https://github.com/docker/build-push-action/compare/v3.3.0...v3.3.1</a></p>
<h2>v3.3.0</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://github-redirect.dependabot.com/docker/buildx/issues/1533">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>Add <code>attests</code>, <code>provenance</code> and
<code>sbom</code> inputs by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/746">#746</a>
<a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/759">#759</a>)</li>
<li>Log GitHub Actions runtime token access controls by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/707">#707</a>)</li>
<li>Examples moved to <a
href="https://docs.docker.com/build/ci/github-actions/examples/">docs
website</a> by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/718">#718</a>)</li>
<li>Bump minimatch from 3.0.4 to 3.1.2 (<a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/732">#732</a>)</li>
<li>Bump csv-parse from 5.3.0 to 5.3.3 (<a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/729">#729</a>)</li>
<li>Bump json5 from 2.2.0 to 2.2.3 (<a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/749">#749</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v3.2.0...v3.3.0">https://github.com/docker/build-push-action/compare/v3.2.0...v3.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/build-push-action/commit/3b5e8027fcad23fda98b2e3ac259d8d67585f671"><code>3b5e802</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/784">#784</a>
from crazy-max/enable-provenance</li>
<li><a
href="https://github.com/docker/build-push-action/commit/02d3266a89e5dfed960723e6127886a5adc7eb2f"><code>02d3266</code></a>
update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/f403dafe18abeb00b9d5976ab285a9f457520f29"><code>f403daf</code></a>
revert disable provenance by default if not set</li>
<li><a
href="https://github.com/docker/build-push-action/commit/1104d471370f9806843c095c1db02b5a90c5f8b6"><code>1104d47</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/781">#781</a>
from crazy-max/disable-provenance</li>
<li><a
href="https://github.com/docker/build-push-action/commit/838bf90c88a4d6a02272e7afa2e4e2227b96f2dc"><code>838bf90</code></a>
update generated content</li>
<li><a
href="https://github.com/docker/build-push-action/commit/337a09d182ee8c86aa958168dc985219e49e4b3b"><code>337a09d</code></a>
disable provenance by default if not set</li>
<li><a
href="https://github.com/docker/build-push-action/commit/37abcedcc1da61a57767b7588cb9d03eb57e28b3"><code>37abced</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/760">#760</a>
from crazy-max/test-envs</li>
<li><a
href="https://github.com/docker/build-push-action/commit/67109bc4b2230dc1ac72d54058d11285dc26bd87"><code>67109bc</code></a>
test: move envs to jest config</li>
<li><a
href="https://github.com/docker/build-push-action/commit/d1b0eb0a29d50896608d0b3a0fd3c012fef617d8"><code>d1b0eb0</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/docker/build-push-action/issues/759">#759</a>
from crazy-max/fix-provenance-input</li>
<li><a
href="https://github.com/docker/build-push-action/commit/a0635fe7cdb196c0c076b004dfdc1cab820ef1d4"><code>a0635fe</code></a>
update generated content</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/v3.2.0...v4.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=3.2.0&new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@kvchitrapu
Add Docker setup for pushing to release branch
52d970a 
Purely a build pipeline PR. No changes in the app code.

Here are the changes:
1. Periodically checks `main` branch for changes
2. Creates PR on `releases` base (target) branch
3. Deploys built image on staging (droplet setup WIP)

Changes to the repository:
1. Create a `releases` branch
2. Create `staging` environment
3. Give `staging` access to `'releases` branch
4. `releases` branch should be able to push docker images to `ghcr.io`

Github `ambuda` repo needs these `Setttings` changes to get to a working
staging setup.
@kvchitrapu
[proofing] Add partial work for search+replace
10cf5fd 
## Tests

1. built container with make docker-start
2. checked Texts, Dictionaries, and Proofing pages.
3. tested `proofing > project > edit > search` page
4. tested `proofing > project > edit > search and replace` page

## To do

1. Test actual `search and replace`. I could not find a pre-existing
text in db to test this feature.
2. add support in translation files
@kvchitrapu
Add validators for username, password, and email
ab55dbe 
1. username validator checks for spaces and upper bound on length is 64.
2. a password validator puts 256 as an upper bound on length. Otherwise,
to avert any memory overruns by a malicious user or due to an
unintentional error.
3. email address validator puts 254 as an upper bound on length.  
4. username and email addresses are now case insensitive

## Tests
### Postitive testcases
1. signin works
2. register works

### Negative testcases
1. check sign-in with a username containing spaces fails
2. check sign-in with 124 characters username
3. check sign-in with 4 and 257 character length passwords
@kvchitrapu
[proofing] add search and replace
515b046 
Search and replace a string works. May need stylesheet changes to pretty
it up. Completes ambuda-org#455.

Closed ambuda-org#407. Created a new clean branch and as the base branch for ambuda-org#470
pulled an existing commit.

## Tests

See screenshots on PR ambuda-org#476.
@akprasad
Revise onboarding process
c8b4e74
@akprasad
[admin] Add pagination
19c09e6 
Without this, the admin interface is broken. Along the way, I slightly
cleaned up the model edit form.
@akprasad
Switch to Ruff for Python linting
d9f32ae 
Ruff is a new all-in-one Python linter that combines several previous
tools and implements them more quickly. This PR switches to Ruff and
cleans up various parts of the code that Ruff has flagged.
@dependabot
Bump typescript from 4.8.2 to 5.0.2
04e7062
@akprasad
[admin] Add various tweaks to admin interface
aa59e43 
- show usernames instead of user IDs and text slugs instead of text IDs
- block deleting users through the admin interface
- make some small CSS/template changes
- decrease test coverage threshold to 77% temporarily
@akprasad
Increase test coverage to 82%
09f3712 
This commit adds various tests so that our code stays above our 80%
coverage bar.

Other changes:
- Add partial tests for seed scripts and `checks.py`
- Standardize user credentials for users in unit tests
@akprasad
[proofing] Tweak sidebar and tab UI
10d7f7a 
- Show sidebars on tool pages (search, replace, OCR)
- Change `replace` permissions to p2, since it can be easily abused
- Show admin tab on project pages
- Show admin tab on user pages
- Add more unit tests
@akprasad
[proofing] Partially clean up search/replace UX
b0c479f 
This is mainly a CSS/HTML change. A follow-up PR will extend these
changes to the "preview" page.
@kvchitrapu
Update Babel package
5c83907 
Upgrade the Babel package to version ^2.12 in response to the Python
version upgrade. Fixes ambuda-org#483.
@akprasad
Remove various transitive deps
9d2bfda
@akprasad
Clean up implicit deps
c2054d8
@akprasad
readd pytest-cov
29f1e89
@akprasad
Upgrade poetry version
db4139d
@akprasad
Update to 1.4.1 everywhere
fbefd60
@akprasad
Remove more
2eec0b7
@kvchitrapu
remove requirements.txt
f98d457
@kvchitrapu
removed requirements.txt
4d5cf9b
@kvchitrapu
use poetry
24862e1
@kvchitrapu
use poetry
113501c
@kvchitrapu
first install poetry binary before python setup
a6db174
@kvchitrapu
first install poetry binary before python setup in py-tests
324064e
@kvchitrapu kvchitrapu temporarily deployed to staging April 9, 2023 03:17 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 14:37 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 15:16 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 15:38 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 16:21 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 16:38 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 17:14 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 17:37 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 18:20 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 18:38 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 19:12 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 19:38 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 20:16 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 20:37 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 21:14 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 21:38 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 22:15 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 22:38 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 23:17 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu temporarily deployed to staging June 4, 2023 23:37 — with GitHub Actions Inactive
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 13:26 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 13:39 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 15:23 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 15:39 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 17:16 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 17:39 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 18:26 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 20:40 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 21:18 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 21:38 — with GitHub Actions Abandoned
@kvchitrapu kvchitrapu requested a deployment to staging June 9, 2023 23:18 — with GitHub Actions Abandoned
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@kvchitrapu @epicfaace @shreevatsa @akprasad