kaberett: A sleeping koalasheep (Avatar: the Last Airbender), with the dreamwidth logo above. (dreamkoalasheep)
kaberett ([personal profile] kaberett) wrote in [site community profile] dw_dev2015-08-30 02:35 pm
Entry tags:

Code tour, 13th August-30th August

All live in last night's code push! A lot of these relate to developers only, and the rest are fairly low-profile so you might not notice them, but nonetheless this is what's been being worked on. :-)

Issue 1354: Update links in automated emails to point to HTTPS (pull request)
Category: HTTPS Everywhere v1
Patch by: [github.com profile] kaberett
Description: Notification e-mails were set to (almost) always go out with links to entries, threads, comments and the like using the HTTP protocol, not the more secure HTTPS. Dreamwidth is in the process of moving over to using HTTPS everywhere; now when the switch is flipped notification e-mails will reflect this. Additionally and furthermore, for reasons that surpass understanding, the code that determined whether notification e-mails linked to https://kaberett.dreamwidth.org or http://kaberett.dreamwidth.org was in a file that otherwise deals with journal layouts, rather than anywhere at all more sensible. It's moved house to the module that handles stuff to do with user account objects instead, where people might expect ever to find it.

Issue 1522: antispam: make spam report sortable (pull request)
Patch by: [github.com profile] kareila
Description: Adds the ability to sort spam reports by the date the spam was left, as well as by the date that it was reported. In the case of accounts that were compromised (e.g. via a leaked e-mail token...) and then resecured, it could be the case that spam left was only noticed and reported after the account was resecured. But if the spam was left before the account was resecured it's not a problem and doesn't indicate that security's been compromised again... and it's nice to be able to check this automatically instead of having to go through every report manually. And we like things that make Antispam's job easier, oh yes we do.

Issue 1527: DW-hosted image permissions interact poorly with custom access filters (pull request)
Patch by: [github.com profile] kareila
Description: Dreamwidth provides (still pretty basic) image hosting, and one of the reasons it's still very firmly in beta is that, as it turns out, weird stuff was going on with access levels. Problem the first: if you tried to upload an image with security "public" while your default security setting was "access lock", uploads would hang forever. Problem the second: if you had an image with visibility set to "access only" and you included it in a post to a custom access filter, you were the only person who could see it. Neither of those things is true any more!

Issue 1543: RTE fails with 'Error: invalid user or site' when trying to parse hyphenated github.com users (pull request)
Patch by: [github.com profile] kareila
Description: Github usernames use hyphens not underscores. Dreamwidth, or at least the RTE, assumed that usernames used underscores only and never hyphens - and therefore popped up an error if you tried to post via the RTE including a link to, say, [github.com profile] me-and (if you look at the last code tour it will become rapidly apparent why this was noticed...). This was a pity, and the RTE no longer assumes it knows better than target sites about which characters are permitted in usernames!

Issue 1551: Embedded fonts from Google blocked for being non-secure (pull request)
Category: HTTPS Everywhere v1
Patch by: [github.com profile] zorkian
Description: Dreamwidth was pulling Google fonts from the http not the https version of the Google URL, resulting in warnings on https pages that some content was http (and therefore less secure). All that was required to make the warnings go away was switching to using the https URLs by default... so that's what's now happening.

Issue 1553: fix failing test in wtf.t (pull request)
Patch by: [github.com profile] kareila
Description: Dev side! Tests are designed to demonstrate that you've not broken anything new and exciting by writing the bit of code you've just written, so it's good if they don't fail by default. This test now exhibit the desired behaviour so it's easier to tell whether things are working as they ought.

Issue 1558: fixes for atom-post.t and post.t (pull request)
Patch by: [github.com profile] kareila
Description: And another couple of fixes to tests!

7 total issues resolved
Contributors: [github.com profile] kaberett, [github.com profile] kareila, [github.com profile] zorkian

Post a comment in response:

Identity URL: 
Account name:
If you don't have an account you can create one now.
HTML doesn't work in the subject.


If you are unable to use this captcha for any reason, please contact us by email at support@dreamwidth.org

Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.