Age | Commit message (Collapse) | Author | Files | Lines |
|
I think this may be representative of reality, but I forgot :D
Change-Id: I6aaeb959a44b3a5cdbbaea1d99b3034a7db05ba6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9498
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Posts can now specify (optionally) tagfilter=true/false to toggle
escaping of HTML tags.
Change-Id: Ie4a1a45028570fc166fdffba708bf9d0e0c6ae81
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9277
Tested-by: BuildkiteCI
Reviewed-by: Mark Shevchenko <markshevchenko@gmail.com>
|
|
* web/pwcrypt: bump wasm-bindgen
* corp/tvixbolt: bump wasm-bindgen
* corp/rih/frontend: bump wasm-bindgen
* corp/predlozhnik: bump wasm-bindgen
* 3p/overlays: set hiPrio on nixpkgs-review package
There is some upstream bug causing a conflict with the ZSH
completion files generated by home-manager.
Change-Id: Ibe5de5564d3214d48469abe175cbebe5356acf74
Reviewed-on: https://cl.tvl.fyi/c/depot/+/9046
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
This allows pinning the name of the sparse tree derivation, which
stops the continous rebuilding of tvix-store-proto dependents.
I've opted to let the function take an attribute set instead and
refactored the call sites appropriately.
Change-Id: I3e57785094b1adbfffa24caf9f1c3384844fa200
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8965
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
The entry list is now much more condensed. It's maybe a little *too*
condensed, but already closer to what I'm looking for.
Note: A new "note" post type has snuck in and can now be used for
random musings or comments on previous entries. Notes do not show up
in the Atom feed.
Change-Id: I920c0c7650937474b8a5f30cba78416554d523ce
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8806
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This generates the format expected in `//ops/users`.
Note that as of this commit I have not actually tested whether the
generated hashes work, as OpenLDAP doesn't ship with a tool to do that
and I have to actually use it, spin up an LDAP server and bind to it.
The plan is to host this at something like `tvl.fyi/signup`. There is
no plan to automatically submit the generated stuff to the repo,
people still have to email us (and display their street cred).
Note that currently the generated hashes have slightly different
parameters than what //tools/hash-password creates. This might not
matter, but it's probably still a good idea to try and explicitly set
Argon2 parameters.
Change-Id: Ic162afbf7fb0e05ca6efc131b3bb0a4187e28029
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8776
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
Change-Id: I3cdacc1429f86e044fc77c9b68477d577a0f67c7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/8779
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This landing page explains how to use the public-inbox.
Change-Id: I37d74decad5173ab35051970593f1d28001af2b4
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7645
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
This might shorten the list of known CVEs ...
Change-Id: Ibe06317f0916f9d889c64e6bf694b737338cf54c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7495
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
|
|
This was broken in my blog for way too long.
Change-Id: I03c45c666d67006a4608a4b19d6167ab692e321d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5905
Reviewed-by: wpcarro <wpcarro@gmail.com>
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: wpcarro <wpcarro@gmail.com>
Tested-by: BuildkiteCI
|
|
... until I get my self-hosting situation dealt with.
Signed-off-by: Adam Joseph <adam@westernsemico.com>
Change-Id: I44764862f754286249b90278f3932c1470e8214c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7146
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Change-Id: Iaf21baa512c4ef3f9c6e56745ae524f9a943f5f5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7106
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
Tested-by: BuildkiteCI
|
|
Change-Id: I77cd2686891a166860d6720930743667e667043e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7105
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
|
|
* add an explicit `tvix` node to track who arrived here through
Tvix-related means
* remove nodes that aren't actually relevant or informative for how
people got to TVL (e.g. `anon1` or `lgbtslack`).
* remove some people that have been missing for a long time and are
probably not coming back
Change-Id: I110180daa3c3c8f48593000b9e8d7cd4cf32b741
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7104
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: ezemtsov <eugene.zemtsov@gmail.com>
|
|
Signed-off-by: Adam Joseph <adam@westernsemico.com>
Change-Id: I5d58ba2eb756c981ab86f741888024822ab65da6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7100
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Change-Id: Ibd8dfe38b5863fd2a02aa20558089f059c1cb1b5
Reviewed-on: https://cl.tvl.fyi/c/depot/+/7102
Autosubmit: j4m3s <james.landrein@gmail.com>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
The text was a little cramped, which made the font hard to read. If
one gives it a little more breathing space, it gets easier to digest.
I couldn’t check the change locally, since `-A web.tvl` doesn’t
reference the static assets (it hardlinks to `static.tvl.su` from what
I can see). I only tested it directly in the browser css editor and
then added the values I found here.
Change-Id: Ic3cb78b2ed0f37e1c55ba70027fec2c62b43a52f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4055
Autosubmit: Profpatsch <mail@profpatsch.de>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
This should take care of the chrono advisory which has finally become
actionable.
Change-Id: I0c290c10893d2b112bc17281a96c760b62dff02f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6831
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Upstream nixpkgs removed a lot of aliases this time, so we needed to do
the following transformations. It's a real shame that aliases only
really become discoverable easily when they are removed.
* runCommandNoCC -> runCommand
* gmailieer -> lieer
We also need to work around the fact that home-manager hasn't catched
on to this rename.
* mysql -> mariadb
* pkgconfig -> pkg-config
This also affects our Nix fork which needs to be bumped.
* prometheus_client -> prometheus-client
* rxvt_unicode -> rxvt-unicode-unwrapped
* nix-review -> nixpkgs-review
* oauth2_proxy -> oauth2-proxy
Additionally, some Go-related builders decided to drop support for
passing the sha256 hash in directly, so we need to use the generic hash
arguments.
Change-Id: I84aaa225ef18962937f8616a9ff064822f0d5dc3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6792
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: wpcarro <wpcarro@gmail.com>
|
|
Change-Id: Iacc521dfdd4b4a2d5cef3920cf8189bcce35a488
|
|
... in reverse order (i.e., newer posts listed first)
Change-Id: I126f9943bb53cf220b22e856318246bced90f1ec
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6583
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Think I introduced this while reformatting ...
Change-Id: Id874f4832ebe2fb2a6aa997ab23fee2775e2bbf7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6579
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
These otherwise look the same as the rest of a post, which is a bit
confusing.
Change-Id: I66ac7256fa379b9f9510de1e2b236c7206219d27
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6561
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I161b1585bd04ad43fb3e320fd0277c7ed64547f9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6578
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Thanks to Danny Sichel for helping us out with this!
Change-Id: I95416d824fcf0e43316e4c0c014c210aeea3c18d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6575
Tested-by: BuildkiteCI
Reviewed-by: eta <tvl@eta.st>
|
|
Suggested by zimbatm.
Change-Id: I5979cf820943dd44c8a759f226b340c37f9b0446
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6572
Tested-by: BuildkiteCI
Reviewed-by: eta <tvl@eta.st>
|
|
Anyone is free to pen a post for tvl.fyi if they want, so being able
to attribute the author might be useful.
This wasn't originally a feature because I wrote //web/blog only for
tazj.in initially.
Change-Id: Ibc50b53f92113a82a53ce40bb5defa18e926cc10
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6560
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: I2cf57abb0f8c21c3893e68ce2c6fb92a2c0d3ee6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6559
Reviewed-by: flokli <flokli@flokli.de>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This adds an initial version of the post which we can play with for
further layouting. The post is marked as `draft`, so it will become
available at the direct link, but have a banner on it telling people
not to share it yet.
Change-Id: Idac69e56bee027c2b566f50ef123b54aff6ebc3e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6538
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
Change-Id: I691e87c6b596fcc7028717a5a22d5619bd87a089
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6121
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
It occured to me yesterday that with the config inside of the module
it is kind of difficult to test cgit locally.
This moves it back to a separate location (//web/cgit-tvl) and makes
the most important things configurable via overrides.
Change-Id: I9b0f4c60b75c31441e1718e63b5b55aba3100aae
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5893
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Fixes: b/54
Change-Id: I5ae6c8aa2a4448554a8ba4cb41185ada1ecf8cb0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5784
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I30c83f93006eed63c20440faf7118c8d22c1a239
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5783
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Because of math being upsetting, we were adding 4 padding characters to
an already-properly-padded base64 string, which broke tazjin.
This also breaks this function out into panettone.util, and adds a test
for it.
Change-Id: I7bc8a440ad9d0917272dd9f2e341081ea14693da
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5782
Autosubmit: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
The JWT spec apparently specifies that base64 strings in jwts aren't to
be padded - but the common lisp base64 library doesn't know how to
decode unpadded base64 (it signals a condition in that case). This adds
the extra padding characters (a number of `=` characters such that the
length of the string is a multiple of 4) using some FORMAT wizardry (?).
Change-Id: Ic6b66f05db2699bf1f93f870f5dd614c37eccc2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5781
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: grfn <grfn@gws.fyi>
|
|
Instead of directly connecting to LDAP and attempting to bind
usernames/password, authenticate users through an OAuth2 flow to
Keycloak.
This has the advantage of reusing the same SSO we already have for
Gerrit, Buildkite, ...
However, much of panettone's functionality makes assumptions about
LDAP being used. As a result there are some warts introduced by
this (for now):
* Since LDAP DNs are used as primary keys for users, we have to
construct fake DNs based on LDAP usernames
It might be sensible to migrate this to the UUIDs used by Keycloak
eventually.
* LDAP is part of the serving path for issues (for fetching user
information), however panettone no longer has a way to fetch
arbitrary user information unless it is persisted in its database.
To work around this, we construct a "fake" user based only on its
DN (i.e. only the username is going to be "correct") and use that to
serve issues.
* Email notifications no longer work (panettone can not access email
addresses)
Some of these need to be worked around by persisting some of that
information in the panettone database instead, as we don't want to
give the service the ability to access arbitrary user information
anymore.
We can probably do this with the user settings feature that already
exists and populate it on launch, but as of this commit email and
displayName functionality is simply broken.
Change-Id: Id32bf5e09d67f0f1e883024c6e013eb342f03b05
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5772
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Upcoming changes to the authentication model may mean that user
objects do not have an email address attached.
Change-Id: I4fddb810f723c790d243f779714ca7f189a02aeb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5770
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: Id2786ae93d9bc45ce98834fb4c444510b1beb22f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5474
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I949d71648e82aaed2f1f571c4c537f0a1c075225
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5473
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I16dfe9295866afdd62802b6c35be66646f3f26c8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5446
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Don't render the <ol class="issue-history"> when we have nothing to put
in it, which is the case when there's no issue history and the user is
not logged in. This avoids an awkward-looking double bottom border on
issues with no comments for unauthenticated users.
Change-Id: I1c6aac40e4ba93e9428a0da589c67582b1589c17
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5445
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I447bc95b60a7dca912ca75e118c075e52f8c8ebe
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5402
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: wpcarro <wpcarro@gmail.com>
|
|
The ancient `//web/cgit-taz` path stems from the time I had
code.tazj.in serving my initial version of the depot.
I've been meaning to clean this up for forever, so here we go.
Note that this leaves the git-serving module in a strange state where
it only deals with josh. I'll rename it accordingly.
Change-Id: I47ed1e9d90958299b5440a18a1b9075274754e33
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5294
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Instead of managing Postgres connections on our own, use the
`with-connection` postmodern function with pooling enabled as a route
decorator.
This should resolve at least some of the issues from b/113 with
leaking connections, and an unreported issue with connections being
reused while transactions are in progress.
Change-Id: I1ed68667a3240900de1ae69df37d2d3018caf204
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5198
Tested-by: BuildkiteCI
Reviewed-by: eta <tvl@eta.st>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: Iab7e00cc26a4f9727d3ab98691ef379921a33052
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5240
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
unbind & close the stream of newly created LDAP connections after
auth, which might prevent some of the resource leaking we've got going
on
i did actually verify in sly that this still works. yay.
Change-Id: I92c8ca20de642585ae4c24aa455d051ee6e44a87
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5193
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
* //3p/nix: probably not worth investing time into this anymore
* //users/sterni/emacs: The emoji problem disappeared by itself with a
newer emacs version, however a different one remains…
* //web/panettone: If we ever want to change the behavior, we should
just decide the behavior statically instead of using conditions and
restarts, as we only call it in one place, so making different
decisions depending on call sites is not really a use case we have.
Change-Id: Iff9d439ce356db41ce34d690fb7b6a01822022fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5223
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
|
|
Any other cgit configuration in depot would need this script wrapper as
well.
Change-Id: Ifa04e1c9de9c925eb3f60c5d3854221ae02ef06c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5206
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
|
|
This CL can be used to compare the style of nixpkgs-fmt against other
formatters (nixpkgs, alejandra).
Change-Id: I87c6abff6bcb546b02ead15ad0405f81e01b6d9e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4397
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: wpcarro <wpcarro@gmail.com>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: cynthia <cynthia@tvl.fyi>
Reviewed-by: edef <edef@edef.eu>
Reviewed-by: eta <tvl@eta.st>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
(who:html-mode) needs to be set at macro expansion time to properly take
effect which wasn't the case before, but is ensured now by
:compile-toplevel. :load-toplevel ensures that who inside the repl will
behave the same.
Since the :html5 behavior is now actually used, we need to adjust some
of the test cases to account for the different :html5 escaping mode.
Change-Id: I4dfe1d2db38da6a2486fde86596f7e5f50ed8b9f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4885
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|