| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This should take care of the chrono advisory which has finally become
actionable.
Change-Id: I0c290c10893d2b112bc17281a96c760b62dff02f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6831
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Upstream nixpkgs removed a lot of aliases this time, so we needed to do
the following transformations. It's a real shame that aliases only
really become discoverable easily when they are removed.
* runCommandNoCC -> runCommand
* gmailieer -> lieer
We also need to work around the fact that home-manager hasn't catched
on to this rename.
* mysql -> mariadb
* pkgconfig -> pkg-config
This also affects our Nix fork which needs to be bumped.
* prometheus_client -> prometheus-client
* rxvt_unicode -> rxvt-unicode-unwrapped
* nix-review -> nixpkgs-review
* oauth2_proxy -> oauth2-proxy
Additionally, some Go-related builders decided to drop support for
passing the sha256 hash in directly, so we need to use the generic hash
arguments.
Change-Id: I84aaa225ef18962937f8616a9ff064822f0d5dc3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6792
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: flokli <flokli@flokli.de>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: wpcarro <wpcarro@gmail.com>
|
|
Change-Id: Iacc521dfdd4b4a2d5cef3920cf8189bcce35a488
|
|
... in reverse order (i.e., newer posts listed first)
Change-Id: I126f9943bb53cf220b22e856318246bced90f1ec
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6583
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Think I introduced this while reformatting ...
Change-Id: Id874f4832ebe2fb2a6aa997ab23fee2775e2bbf7
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6579
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
These otherwise look the same as the rest of a post, which is a bit
confusing.
Change-Id: I66ac7256fa379b9f9510de1e2b236c7206219d27
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6561
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I161b1585bd04ad43fb3e320fd0277c7ed64547f9
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6578
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Thanks to Danny Sichel for helping us out with this!
Change-Id: I95416d824fcf0e43316e4c0c014c210aeea3c18d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6575
Tested-by: BuildkiteCI
Reviewed-by: eta <tvl@eta.st>
|
|
Suggested by zimbatm.
Change-Id: I5979cf820943dd44c8a759f226b340c37f9b0446
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6572
Tested-by: BuildkiteCI
Reviewed-by: eta <tvl@eta.st>
|
|
Anyone is free to pen a post for tvl.fyi if they want, so being able
to attribute the author might be useful.
This wasn't originally a feature because I wrote //web/blog only for
tazj.in initially.
Change-Id: Ibc50b53f92113a82a53ce40bb5defa18e926cc10
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6560
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: I2cf57abb0f8c21c3893e68ce2c6fb92a2c0d3ee6
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6559
Reviewed-by: flokli <flokli@flokli.de>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
This adds an initial version of the post which we can play with for
further layouting. The post is marked as `draft`, so it will become
available at the direct link, but have a banner on it telling people
not to share it yet.
Change-Id: Idac69e56bee027c2b566f50ef123b54aff6ebc3e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6538
Tested-by: BuildkiteCI
Reviewed-by: flokli <flokli@flokli.de>
|
|
Change-Id: I691e87c6b596fcc7028717a5a22d5619bd87a089
Reviewed-on: https://cl.tvl.fyi/c/depot/+/6121
Reviewed-by: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
|
|
It occured to me yesterday that with the config inside of the module
it is kind of difficult to test cgit locally.
This moves it back to a separate location (//web/cgit-tvl) and makes
the most important things configurable via overrides.
Change-Id: I9b0f4c60b75c31441e1718e63b5b55aba3100aae
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5893
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Fixes: b/54
Change-Id: I5ae6c8aa2a4448554a8ba4cb41185ada1ecf8cb0
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5784
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I30c83f93006eed63c20440faf7118c8d22c1a239
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5783
Reviewed-by: grfn <grfn@gws.fyi>
Autosubmit: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
Because of math being upsetting, we were adding 4 padding characters to
an already-properly-padded base64 string, which broke tazjin.
This also breaks this function out into panettone.util, and adds a test
for it.
Change-Id: I7bc8a440ad9d0917272dd9f2e341081ea14693da
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5782
Autosubmit: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
Tested-by: BuildkiteCI
|
|
The JWT spec apparently specifies that base64 strings in jwts aren't to
be padded - but the common lisp base64 library doesn't know how to
decode unpadded base64 (it signals a condition in that case). This adds
the extra padding characters (a number of `=` characters such that the
length of the string is a multiple of 4) using some FORMAT wizardry (?).
Change-Id: Ic6b66f05db2699bf1f93f870f5dd614c37eccc2d
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5781
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: grfn <grfn@gws.fyi>
|
|
Instead of directly connecting to LDAP and attempting to bind
usernames/password, authenticate users through an OAuth2 flow to
Keycloak.
This has the advantage of reusing the same SSO we already have for
Gerrit, Buildkite, ...
However, much of panettone's functionality makes assumptions about
LDAP being used. As a result there are some warts introduced by
this (for now):
* Since LDAP DNs are used as primary keys for users, we have to
construct fake DNs based on LDAP usernames
It might be sensible to migrate this to the UUIDs used by Keycloak
eventually.
* LDAP is part of the serving path for issues (for fetching user
information), however panettone no longer has a way to fetch
arbitrary user information unless it is persisted in its database.
To work around this, we construct a "fake" user based only on its
DN (i.e. only the username is going to be "correct") and use that to
serve issues.
* Email notifications no longer work (panettone can not access email
addresses)
Some of these need to be worked around by persisting some of that
information in the panettone database instead, as we don't want to
give the service the ability to access arbitrary user information
anymore.
We can probably do this with the user settings feature that already
exists and populate it on launch, but as of this commit email and
displayName functionality is simply broken.
Change-Id: Id32bf5e09d67f0f1e883024c6e013eb342f03b05
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5772
Reviewed-by: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
|
|
Upcoming changes to the authentication model may mean that user
objects do not have an email address attached.
Change-Id: I4fddb810f723c790d243f779714ca7f189a02aeb
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5770
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
Change-Id: Id2786ae93d9bc45ce98834fb4c444510b1beb22f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5474
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I949d71648e82aaed2f1f571c4c537f0a1c075225
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5473
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I16dfe9295866afdd62802b6c35be66646f3f26c8
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5446
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Don't render the <ol class="issue-history"> when we have nothing to put
in it, which is the case when there's no issue history and the user is
not logged in. This avoids an awkward-looking double bottom border on
issues with no comments for unauthenticated users.
Change-Id: I1c6aac40e4ba93e9428a0da589c67582b1589c17
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5445
Autosubmit: grfn <grfn@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
Change-Id: I447bc95b60a7dca912ca75e118c075e52f8c8ebe
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5402
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: wpcarro <wpcarro@gmail.com>
|
|
The ancient `//web/cgit-taz` path stems from the time I had
code.tazj.in serving my initial version of the depot.
I've been meaning to clean this up for forever, so here we go.
Note that this leaves the git-serving module in a strange state where
it only deals with josh. I'll rename it accordingly.
Change-Id: I47ed1e9d90958299b5440a18a1b9075274754e33
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5294
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Instead of managing Postgres connections on our own, use the
`with-connection` postmodern function with pooling enabled as a route
decorator.
This should resolve at least some of the issues from b/113 with
leaking connections, and an unreported issue with connections being
reused while transactions are in progress.
Change-Id: I1ed68667a3240900de1ae69df37d2d3018caf204
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5198
Tested-by: BuildkiteCI
Reviewed-by: eta <tvl@eta.st>
Autosubmit: tazjin <tazjin@tvl.su>
|
|
Change-Id: Iab7e00cc26a4f9727d3ab98691ef379921a33052
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5240
Tested-by: BuildkiteCI
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: grfn <grfn@gws.fyi>
Reviewed-by: tazjin <tazjin@tvl.su>
|
|
unbind & close the stream of newly created LDAP connections after
auth, which might prevent some of the resource leaking we've got going
on
i did actually verify in sly that this still works. yay.
Change-Id: I92c8ca20de642585ae4c24aa455d051ee6e44a87
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5193
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
* //3p/nix: probably not worth investing time into this anymore
* //users/sterni/emacs: The emoji problem disappeared by itself with a
newer emacs version, however a different one remains…
* //web/panettone: If we ever want to change the behavior, we should
just decide the behavior statically instead of using conditions and
restarts, as we only call it in one place, so making different
decisions depending on call sites is not really a use case we have.
Change-Id: Iff9d439ce356db41ce34d690fb7b6a01822022fa
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5223
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
|
|
Any other cgit configuration in depot would need this script wrapper as
well.
Change-Id: Ifa04e1c9de9c925eb3f60c5d3854221ae02ef06c
Reviewed-on: https://cl.tvl.fyi/c/depot/+/5206
Tested-by: BuildkiteCI
Reviewed-by: tazjin <tazjin@tvl.su>
Autosubmit: sterni <sternenseemann@systemli.org>
|
|
This CL can be used to compare the style of nixpkgs-fmt against other
formatters (nixpkgs, alejandra).
Change-Id: I87c6abff6bcb546b02ead15ad0405f81e01b6d9e
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4397
Tested-by: BuildkiteCI
Reviewed-by: sterni <sternenseemann@systemli.org>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Reviewed-by: wpcarro <wpcarro@gmail.com>
Reviewed-by: Profpatsch <mail@profpatsch.de>
Reviewed-by: kanepyork <rikingcoding@gmail.com>
Reviewed-by: tazjin <tazjin@tvl.su>
Reviewed-by: cynthia <cynthia@tvl.fyi>
Reviewed-by: edef <edef@edef.eu>
Reviewed-by: eta <tvl@eta.st>
Reviewed-by: grfn <grfn@gws.fyi>
|
|
(who:html-mode) needs to be set at macro expansion time to properly take
effect which wasn't the case before, but is ensured now by
:compile-toplevel. :load-toplevel ensures that who inside the repl will
behave the same.
Since the :html5 behavior is now actually used, we need to adjust some
of the test cases to account for the different :html5 escaping mode.
Change-Id: I4dfe1d2db38da6a2486fde86596f7e5f50ed8b9f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4885
Tested-by: BuildkiteCI
Reviewed-by: grfn <grfn@gws.fyi>
|
|
We have a new channel visitor who joined via Matrix and pointed this
out. Apparently hackint reestablished the Matrix bridge.
Change-Id: I25ec7fdc5c1b68a9b0bc92b6c19ffe12ecb93c5f
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4864
Tested-by: BuildkiteCI
Autosubmit: tazjin <tazjin@tvl.su>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
Change-Id: I4a79204e50cf519dce729e5c86bc397b82715008
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4758
Tested-by: BuildkiteCI
Autosubmit: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
|
|
also import yants functions explicitly
Change-Id: Idd16d130a95efc30216cb54051c7193a42978003
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4689
Tested-by: BuildkiteCI
Reviewed-by: zseri <zseri.devel@ytrizja.de>
Reviewed-by: lukegb <lukegb@tvl.fyi>
Autosubmit: zseri <zseri.devel@ytrizja.de>
|
|
Easier to link to for the sock people.
Change-Id: I5ea5c20ca98e3a4eb7eac41fdcf2e81b026786db
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4522
Reviewed-by: tazjin <mail@tazj.in>
Autosubmit: tazjin <mail@tazj.in>
Tested-by: BuildkiteCI
|
|
Postmodern changed[0] how users customize the way lisp values get exported
to SQL - now, in addition to defining methods of
`cl-postgres:to-sql-string`, we have to pass `:col-export` and
`:col-import` args to the field itself in the dao class.
I'm not *entirely* sure why both are necessary, but without both this
doesn't work.
[0]: https://github.com/marijnh/Postmodern/blob/v1.33.1/CHANGELOG.md#changelog-v-1331
Change-Id: Iae8fb63c34fb6c79b9dfa350129032aab5cd2233
Reviewed-on: https://cl.tvl.fyi/c/depot/+/4383
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: grfn <grfn@gws.fyi>
|
|
... the idea being that this might lead to some people from the Moscow
Nix community to reach out, which would be beneficial for me in terms
of having some IRL people to bounce ideas around with.
Change-Id: Ib41f54609e9ec9d7fdafbf7024fb5df7034afd87
|
|
Change-Id: I6f69507c75436e882f2248430eb894b1310bfca8
|
|
Change-Id: I16c565ac1194cec44382b77f1c65c5ff569fdcca
|
|
Change-Id: Ic0ee18466fbaca1a374e7489be640f49571eb9c5
|
|
Change-Id: I76c9c2c5cc82c7d0f59f907b6f1abee92a92cbf7
|
|
This incorporates feedback from sterni from cl/4052 and chipb on IRC.
Change-Id: I0547d130dcd578746d5183c563be4b1d042cb5f8
|
|
Change-Id: I8bec643267785c6d3523380a2a17ab5e9213b51c
|
|
This post is intended to just let people know about the existence of
Tvix, tell them a bit about the background and how to follow along.
Change-Id: Ib5194d3aa385a0e30b4768ba28cb063784f6e0a3
|
|
Change-Id: I8720d49f8f3f4010f57a53e763a4f246bf4eb3d8
|
|
This function is also generally useful for readTree consumers that
have the concept of subtargets.
Change-Id: Ic7fc03380dec6953fb288763a28e50ab3624d233
|
|
This should help when debugging template generated derivations.
Change-Id: I9958a7e67c8442c5ad97da2a9d3622a0556b6a1a
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3861
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
|
The string context of drvPath apparently causes a derivation to
_directly_ reference the whole dependency closure of the derivation
drvPath belongs to. This not only is unnecessary in this case (since we
are using drvHash to construct HTTP URLs which are primarily contigent
on the deployed configuration and not the shape of the nix store), but
also creates a very confusing derivation (e. g. web.tvl's index.html
would *directly* reference pandoc).
Change-Id: I6e9900e9e35fbd639061e53322e4ccb3fbb7e7ec
Reviewed-on: https://cl.tvl.fyi/c/depot/+/3862
Tested-by: BuildkiteCI
Reviewed-by: tazjin <mail@tazj.in>
|
