external/aurweb
0
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/aurweb.git synced 2025-02-03 10:43:03 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
3480 commits 22 branches 129 tags 20 MiB
Commit graph

12 commits

Author SHA1 Message Date
Kevin Morris
15d016eb70
fix: secure access to comment edits to user who owns the comment 
Found along with the previous commit to be a security hole in our
implementation. This commit resolves an issue regarding comment editing.

Signed-off-by: Kevin Morris <kevr@0cost.org>
 2022-08-15 23:30:34 -07:00
Kevin Morris
7a52da5587
fix: guard POST keywords & allow co-maintainers to see keyword form 
This addresses a severe security issue, which is omitted from this
git message for obscurity purposes.

Otherwise, it allows co-maintainers to see the keyword form when
viewing a package they co-maintain.

Closes #378

Signed-off-by: Kevin Morris <kevr@0cost.org>
 2022-08-15 23:30:15 -07:00
Jelle van der Waa
0e82916b0a fix(python): don't show maintainer link for non logged in users 
Show a plain maintainer text for non logged in users like the submitted,
last packager.

Closes #373
 2022-08-10 19:04:59 +00:00
Leonidas Spyropoulos
1d6335363c fix: strip whitespace when parsing package keywords 
Remove all extra whitespace when parsing Keywords to ensure we don't add
empty keywords in the DB.

Closes: #332

Signed-off-by: Leonidas Spyropoulos <artafinde@archlinux.org>
 2022-08-02 17:06:36 +03:00
Jelle van der Waa
a509e40474 fix(python): use standard dict/list type annotation 
Since Python 3.9 list/dict can be used as type hint.
 2022-08-02 12:06:58 +00:00
Kevin Morris
708ade4dbf
fix: allow co-maintainers to [un]pin comments on a package 
Closes #279

Signed-off-by: Kevin Morris <kevr@0cost.org>
 2022-02-11 16:24:42 -08:00
Kevin Morris
50b726d739
fix: send notifications when users submit comments 
Closes #278

Signed-off-by: Kevin Morris <kevr@0cost.org>
 2022-02-11 00:43:50 -08:00
Kevin Morris
e777b7052e
fix: send out a FlagNotification when a package is flagged 
Signed-off-by: Kevin Morris <kevr@0cost.org>
 2022-02-05 04:40:25 -08:00
Kevin Morris
7618101b1b
fix: depend on OutOfDateTS for flag state 
It was found in the aur.al database that some records have
a non-null flagger, but are not flagged. Using the flagger
relationship, we were false redirecting away from the flag
page.

Signed-off-by: Kevin Morris <kevr@0cost.org>
 2022-02-05 03:47:16 -08:00
Kevin Morris
62388b4161
fix(package/pkgbase view): include comaintainers in Maintainer field 
Signed-off-by: Kevin Morris <kevr@0cost.org>
 2022-01-20 09:43:14 -08:00
Kevin Morris
7f6c23d4cb
housekeep: centralize datetime generation 
Signed-off-by: Kevin Morris <kevr@0cost.org>
 2022-01-18 07:31:04 -08:00
Kevin Morris
3e3706911c
change(python): move test_pkgbase tests to their own suite 
Signed-off-by: Kevin Morris <kevr@0cost.org>
 2022-01-15 21:43:23 -08:00