Activity for Apache Allura™
-
Dave Brondsema committed [719ec4] on Git
Set up default protection ruleset for default and release branches
-
The Apache Software Foundation committed [9a70e5] on Git
Set up default protection ruleset for default and release branches
-
Set up default protection ruleset for default and release branches
-
The Apache Software Foundation committed [e479a0] on Website Repo
Set up default protection ruleset for default and release branches
-
Carlos Cruz committed [0c3a6d] on Git
[#8606] Implement field level encryption for EmailAddress email field
-
[#8606] Add encrypted field for email from the EmailAddress model
-
Implement field level encryption for the email field from the EmailAddress model
-
Kenton Taylor committed [6754e9] on Git
[#8603] check multifactor login mode
-
[#8603] validate URLs on clone tasks too (e.g. if task delayed from form usage, and DNS changes)
-
[#8603] use Markup in SxsOutputGenerator
-
[#8603] NonPrivateUrl checks all host=>IP resolutions not just one
-
[#8603] escape regexes in tag search
-
[#8603] only permit local access to /auth/repo_permissions
-
[#8603] use _verify_return_to in pwd_expired_change
-
[#8603] change AlluraUserProperty User reference so that ShortUrl doesn't error strangely on shorturl.create_user = c.user._id (tests were always passing too, weird)
-
[#8603] add @require_post to a few endpoints
-
[#8603] test to know forgeblog/main.py setattr loop is ok
-
[#8603] urlopen_allow_internal_hostnames setting should work for webhook and importer forms
-
[#8603] use NonPrivateUrl on webhooks (does allow for IP addrs now also)
-
[#8603] disable trac importers by default
-
[#8603] don't follow redirects on trac import
-
Dillon Walls committed [11d6ad] on Git
fixup! [#8605] Use C.UTF-8 locale instead of en_US.UTF-8 for SVN export
-
[#8605] Use C.UTF-8 locale instead of en_US.UTF-8 for SVN export
-
dw/8605
-
Remove locale en_US.UTF-8 dependency
-
[#8603] check multifactor login mode
-
Daniel Castillo committed [6a886d] on Git
[#11526] form-action from self to base_url
-
Guillermo Cruz committed [640a28] on Git
bumping urllib3 2.6.3 -> 2.7.0 and gitpython 3.1.47 -> 3.1.50
-
[#8604] Update transient anonymous user property to not use encrypted field
-
Remove dead ProjectUserSelect code
-
[#8604] Implement field level encryption for User's display_name_field
-
[#8604] Add the display_name_encrypted field to the User class
-
[#8604] Add the display_name_encrypted field to the User class
-
[#8604] Add the display_name_encrypted field to the User class
-
Implement field level encryption for the User's display name
-
[#8603] validate URLs on clone tasks too (e.g. if task delayed from form usage, and DNS changes)
-
[#8603] use Markup in SxsOutputGenerator
-
[#8603] NonPrivateUrl checks all host=>IP resolutions not just one
-
[#8603] escape regexes in tag search
-
[#8603] only permit local access to /auth/repo_permissions
-
[#8603] use _verify_return_to in pwd_expired_change
-
[#8603] change AlluraUserProperty User reference so that ShortUrl doesn't error strangely on shorturl.create_user = c.user._id (tests were always passing too, weird)
-
[#8603] add @require_post to a few endpoints
-
[#8603] test to know forgeblog/main.py setattr loop is ok
-
[#8603] urlopen_allow_internal_hostnames setting should work for webhook and importer forms
-
[#8603] use NonPrivateUrl on webhooks (does allow for IP addrs now also)
-
[#8603] disable trac importers by default
-
[#8603] don't follow redirects on trac import
-
Little mongo script to report server-side on who's subscribed to a tool: db.mailbox.find({project_id: pid, app_config_id: ac_id}).forEach(function(m){ user = m.user_id ? db.user.findOne(m.user_id) : null; username = user ? user.username : '<no user>'; print(username, m.artifact_title, m.artifact_url); }); And to see everything a user is subscribed to: db.mailbox.find({user_id: uid}).forEach(function(m){ url = ''; if (m.artifact_url) { url = m.artifact_url; } else { p = db.project.findOne({_id: m.project_id});...
-
email auth verification by link
-
looks good, merged. There are a few more improvements we could make, but this is a considerable step in the right direction.
-
[#8601] avoid flash samesite cookie issues by showing error on the page directly
-
[#8601] Do email verification for untrusted logins even if they did multifactor (protects against MITM attacks)
-
[#8601] use full domain in link for plaintext mail version to be better
-
[#8601] update precommit hook for .md.jinja2 and update hook to published version now
-
[#8601] consistent file extension for mail templates
-
[#8601] remove very old and not helpful showbrowser() on test assertion failures
-
[#8601] use link instead of code for email auth, and longer code
-
[#8602] increment bugfix_rev to invalidate template cache
-
[#8602] do not treat periods in text as external urls to be displayed as warnings
-
tweak show domain on external links
-
[#8602] increment bugfix_rev to invalidate template cache
-
fixup! [#8602] do not treat periods in text as external urls to be displayed as warnings
-
[#8601] avoid flash samesite cookie issues by showing error on the page directly
-
[#11283] Remove plaintext author username field from from_username query
-
Remove reference to plaintext author username field in Snapshot's from_username method
-
encrypt snapshot author nested fields
-
Encrypt snapshot author nested fields
-
[#8602] do not treat periods in text as external urls to be displayed as warnings
-
tweak show domain on external links
-
bump gitpython 3.1.46 -> 3.1.47
-
Remove dead ProjectUserSelect code
-
[#11102] Implement field level encryption for User's display_name_field
-
[#11102] Add the display_name_encrypted field to the User class
-
remove pygments optimization no longer needed
-
add limit option to convert_encrypted_field.py
-
Fix convert plaintext to encrypted script to support nested fields
-
Fix convert_encrypted_field for nested field attributes
-
Python Packages Upgrade
-
merged!
-
[#8601] Do email verification for untrusted logins even if they did multifactor (protects against MITM attacks)
-
[#8601] use full domain in link for plaintext mail version to be better
-
[#8601] update precommit hook for .md.jinja2 and update hook to published version now
-
[#8601] consistent file extension for mail templates
-
[#8601] remove very old and not helpful showbrowser() on test assertion failures
-
[#8601] use link instead of code for email auth, and longer code
-
email auth verification by link
-
db/8601
-
email auth verification by link
-
[#8600] Upgrade lxml 6.0.4 -> 6.1.0
-
[#8600] Upgrade boto3 1.42.89 -> no upgrade
-
[#8600] Upgrade setuptools 81.0.0 -> no upgrade
-
[#8600] Upgrade pre_commit 4.5.1 -> no upgrade
-
[#8600] Upgrade gunicorn 25.3.0 -> no upgrade