Commit Graph

2019 Commits

Author SHA1 Message Date
SiddharthVarshney 60010449d2 icon: Import a font-awesome 5 third party icon.
This is a prep commit for replacement of chevron
from sidebars.

This commit will add ellipsis-v icon in svg format downloaded
from font-awesome 5. This has to be done because font-awesome 4.7
(the version we are using) does not have this icon with
circular dots.

And font-awesome 5 as a whole doesn't make sense to upgrade to because
it's intentionally semi-crippled as part of their business plan.

Also include entry in THIRDYPARTY and Licence details.
2020-06-11 17:15:55 -07:00
Anders Kaseorg 365fe0b3d5 python: Sort imports with isort.
Fixes #2665.

Regenerated by tabbott with `lint --fix` after a rebase and change in
parameters.

Note from tabbott: In a few cases, this converts technical debt in the
form of unsorted imports into different technical debt in the form of
our largest files having very long, ugly import sequences at the
start.  I expect this change will increase pressure for us to split
those files, which isn't a bad thing.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-11 16:45:32 -07:00
Anders Kaseorg 69730a78cc python: Use trailing commas consistently.
Automatically generated by the following script, based on the output
of lint with flake8-comma:

import re
import sys

last_filename = None
last_row = None
lines = []

for msg in sys.stdin:
    m = re.match(
        r"\x1b\[35mflake8    \|\x1b\[0m \x1b\[1;31m(.+):(\d+):(\d+): (\w+)", msg
    )
    if m:
        filename, row_str, col_str, err = m.groups()
        row, col = int(row_str), int(col_str)

        if filename == last_filename:
            assert last_row != row
        else:
            if last_filename is not None:
                with open(last_filename, "w") as f:
                    f.writelines(lines)

            with open(filename) as f:
                lines = f.readlines()
            last_filename = filename
        last_row = row

        line = lines[row - 1]
        if err in ["C812", "C815"]:
            lines[row - 1] = line[: col - 1] + "," + line[col - 1 :]
        elif err in ["C819"]:
            assert line[col - 2] == ","
            lines[row - 1] = line[: col - 2] + line[col - 1 :].lstrip(" ")

if last_filename is not None:
    with open(last_filename, "w") as f:
        f.writelines(lines)

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-06-11 16:04:12 -07:00
Alex Vandiver 4fe0444108 puppet: Install wal-g, not wal-e. 2020-06-11 15:52:43 -07:00
Tim Abbott f0d8f60b66 help: Add basic documentation of organization owners. 2020-06-10 14:07:46 -07:00
Anders Kaseorg 3a15e4b51d settings: Extract most of test_settings to test_extra_settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:29:50 -07:00
Anders Kaseorg 5546762bd9 settings: Extract computed settings to computed_settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:29:50 -07:00
Anders Kaseorg c45962785c settings: Group {default,prod,dev}_settings as configured_settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:20:42 -07:00
Anders Kaseorg 9cb6a75da5 docs: Fix location of default settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:15:34 -07:00
Anders Kaseorg a7a207d5d9 docs: Add missing code markers to settings.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-09 22:15:34 -07:00
Dinesh dc90d54b08 auth: Add Sign in with Apple support.
This implementation overrides some of PSA's internal backend
functions to handle `state` value with redis as the standard
way doesn't work because of apple sending required details
in the form of POST request.

Includes a mixin test class that'll be useful for testing
Native auth flow.

Thanks to Mateusz Mandera for the idea of using redis and
other important work on this.

Documentation rewritten by tabbott.

Co-authored-by: Mateusz Mandera <mateusz.mandera@zulip.com>
2020-06-09 17:29:35 -07:00
Tim Abbott 5deaae14b3 docs: Update changelog.
This now covers most features that will be in the Zulip 2.2 release.
2020-06-09 00:32:07 -07:00
Tim Abbott 5154ddafca docs: Update production supported releases.
Now that we have production support for Ubuntu Focal, we update the
documentation to state our support for it.

(We also drop deprecated Xenial and Stretch from supported platforms).
2020-06-08 22:11:28 -07:00
Tim Abbott 7b8ba5ebd9 docs: Update most remaining references to zulipchat.com.
In some cases, the cleanest tweak is to replace references to the
domain with Zulip Cloud, the product.
2020-06-08 18:10:45 -07:00
Tim Abbott 71078adc50 docs: Update URLs to use https://zulip.com.
We're migrating to using the cleaner zulip.com domain, which involves
changing all of our links from ReadTheDocs and other places to point
to the cleaner URL.
2020-06-08 18:10:45 -07:00
Anders Kaseorg 08ddeca8a5 docs: Fix an incorrect use of i.e.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-08 16:28:05 -07:00
Anders Kaseorg 8e4f22c184 auth: Require algorithms setting for JWT auth.
Calling jwt.decode without an algorithms list raises a
DeprecationWarning.  This is for protecting against
symmetric/asymmetric key confusion attacks.

This is a backwards-incompatible configuration change.

Fixes #15207.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-08 16:22:25 -07:00
Sharif Naas 29ef37d03b docs: Fix broken wording in testing/philosophy.md. 2020-06-08 11:13:32 -07:00
Sharif Naas 3b120220a7 docs: Reword sentence to be more concise while fixing broken wording.
The previous wording was slightly broken, but this commit changes the
wording beyond just fixing that issue, to be more concise.
2020-06-08 11:13:32 -07:00
Sharif Naas 37be21cebe docs: Improve readability of a sentence in testing/philosophy.md.
Previously, it was unnecessarily difficult to parse the sentence to
determine that "HTTP response" and "internal state of the server
following the request" are the coherent ideas. Even if length wasn't
an issue, e.g. "... and checking both the A and B are correct", the
sentence still feels a bit fragile without a "that".

Since the second phrase is indeed relatively long, and "internal state
of the server" is a reasonable guess for the second coherent idea, the
"the" helps to reset the reader's expectation about where the next
coherent idea starts, and ends.

Lastly, having "both" in front of the two phrases encourages an
assumption that they're shorter (which is especially problematic for
the second phrase), while having it at the end of the sentence helps
to anchor the end of the second phrase; this is especially true since
the absence of "both" before that point encourages an assumption that
you haven't finished reading yet, given that two things have been
mentioned.
2020-06-08 11:13:32 -07:00
Sharif Naas fb969de765 docs: Fix typos in testing/philosophy.md. 2020-06-08 11:13:32 -07:00
Sharif Naas 17afd460bc docs: Fix typos in contributing/code-style.md. 2020-06-08 11:13:32 -07:00
Anders Kaseorg ad24eef6ee circleci: Drop -python3.X suffixes from job names.
The workflow names should be sufficient.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-08 11:04:40 -07:00
Anders Kaseorg 1f565a9f41 timezone: Use standard library datetime.timezone.utc consistently.
datetime.timezone is available in Python ≥ 3.2.  This also lets us
remove a pytz dependency from the PostgreSQL scripts.

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-05 09:34:17 -07:00
Anders Kaseorg c618b3ae30 docs: Avoid deprecated app.add_stylesheet alias.
Fixes this warning:

/srv/zulip/docs/conf.py:337: RemovedInSphinx40Warning: The app.add_stylesheet() is deprecated. Please use app.add_css_file() instead.
  app.add_stylesheet('theme_overrides.css')  # path relative to _static

https://www.sphinx-doc.org/en/3.x/extdev/deprecated.html

Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-06-04 14:15:30 -07:00
Anders Kaseorg 4d04fa3118 compose: Rewrite Zoom video call integration to use OAuth.
This reimplements our Zoom video call integration to use an OAuth
application.  In addition to providing a cleaner setup experience,
especially on zulipchat.com where the server administrators can have
done the app registration already, it also fixes the limitation of the
previous integration that it could only have one call active at a time
when set up with typical Zoom API keys.

Fixes #11672.

Co-authored-by: Marco Burstein <marco@marco.how>
Co-authored-by: Tim Abbott <tabbott@zulipchat.com>
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2020-06-03 16:39:12 -07:00
Anders Kaseorg 7a53da7526 capitalization: Fix OAuth capitalization.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-06-03 16:39:12 -07:00
Sharif Naas 7e681c934c docs: Fix anchor link written in reference link syntax.
This has been broken since it was added in a rewrite in July 2019 in
c931e76cf2. An incomplete fix was
made a few days later in 871fd57f5e.
2020-06-01 18:31:05 -07:00
Sharif Naas 267c427677 docs: Fix broken and missing link references in Git guide.
These references broke in November 2017, when git-guide.md was split
into multiple files in fa3602b61f.
2020-06-01 18:31:05 -07:00
arpit551 d4958484a1 travis: Removed screen cast of Travis setup. 2020-06-01 14:12:11 -07:00
arpit551 8972bf6b7a doc: Updated CircleCI setup documentation.
Fixes #15095
2020-06-01 14:12:11 -07:00
Mateusz Mandera 96f466f635 docs: Fix typo in testing-with-node.md. 2020-05-28 18:55:40 +00:00
Tim Abbott 4d2b1673f8 docs: Replace support@zulipchat.com with support@zulip.com.
The new address is cleaner and shorter.
2020-05-28 08:14:30 +00:00
Mateusz Mandera 501e7c44dc docs: Add instructions for SAML with Okta/OneLogin in /help/.
Tweaked by tabbott to shift how this is organized.
2020-05-28 08:14:30 +00:00
sahil839 1db0775e6e tests: Use do_change_user_role in lint rules and test docs.
This commit changes test docs and lint rules to use do_change_user_role
instead of do_change_is_admin and do_change_is_guest.
2020-05-27 15:38:25 -07:00
Tim Abbott 86d4861c2d docs: Improve documentation for calling i18n functions. 2020-05-27 13:56:05 -07:00
YashRE42 669f482b0d icons: Switch from text-o to code-o for view source / edit topics.
This commit replaces fa-file-text-o with fa-file-code-o which is a
better signal for the "view source" action. It also deletes a single
line comment that had suggested the change once we moved into font
awesome 4, which Aditya Bansal <adi.bansal241996@gmail.com> helped
out in doing, first via
91962aa6ab and most recently via
75ae94e459 with several commits in
between.
2020-05-25 16:19:50 -07:00
Mateusz Mandera b66dc9de50 saml: Support IdP-initiated SSO. 2020-05-25 16:09:30 -07:00
Tim Abbott c192461c1b docs: Fix setup-advanced git clone instructions.
This should help ensure everyone uses the SSH key approach for Git
authentication; the HTTPS one is basically unusable as one has to
provide one's GitHub password after every command.
2020-05-21 13:05:59 -07:00
Tim Abbott 196d5b8c59 docs: Add a few introductory paragraphs to our code style doc. 2020-05-19 14:22:15 -07:00
Tim Abbott ccd306d3f4 docs: Improve code style commentary on testing. 2020-05-19 14:11:53 -07:00
Alex Vandiver 031260573f docs: Link to section on migrating local -> S3 storage.
This section at the top was clearly written before the documentation
at the bottom existed, and hasn't been updated to point to the
now-existent docs below.

Add the link, rather than directing to #production-help.
2020-05-19 14:08:44 -07:00
Alex Vandiver fb3f6bb68e docs: Reword `zulip_path` suggestion.
"declare the path with `zulip_path`" is opaque; be more explicit about
what should be done.
2020-05-19 14:07:12 -07:00
Alex Vandiver 310487c868 docs: Reformat timezone advice into bullet form. 2020-05-19 14:07:12 -07:00
Alex Vandiver 001334ed2d docs: Provide "right" example of using ids in sets. 2020-05-19 14:05:20 -07:00
Alex Vandiver d17baaf2af docs: Stop suggesting get_stream, which is anti-suggested.
Use of `get_stream` itself is explicitly suggested against by a
linter, in preference to the `access_stream_by_` methods; suggest
those here instead.
2020-05-19 14:05:20 -07:00
Alex Vandiver 9800392beb docs: Be more explicit about good prefetching patterns.
The problem is not the list comprehension, as the previous wording
implied, but rather the fact that data is needed from the linked
table.

Be explicit about _what_ in the QuerySet API is helpful for addressing
this -- namely, use of `select_related`.
2020-05-19 14:05:20 -07:00
Tim Abbott 9b9aa23f6a docs: Fix path for API code markdown extension. 2020-05-19 11:11:41 -07:00
Steve Howell ca0b8fd4b3 docs: Downplay actions.py a bit. 2020-05-17 21:32:38 -07:00
Steve Howell 2da81d9ab5 docs: Explain we don't use nginx in dev. 2020-05-17 21:29:28 -07:00
Steve Howell c8ce12bdd0 docs: Add missing comma. 2020-05-17 21:27:31 -07:00
Steve Howell c4208bf39b docs: Use modern stream narrow urls. 2020-05-17 21:27:31 -07:00
Steve Howell 86c3ba26ff docs: Update tornado line count. 2020-05-17 21:27:30 -07:00
Steve Howell 3cda5b61b1 docs: List four types of emojis. 2020-05-17 21:26:56 -07:00
Steve Howell 792e28056e docs: Use 5 seconds as our bar for null provisions. 2020-05-17 21:25:53 -07:00
Steve Howell c1dc7b99ea docs: Put backticks around `SourceMap`. 2020-05-17 21:25:53 -07:00
Steve Howell cdeeffb44b docs: Replace "fancy" with longstanding. 2020-05-17 21:25:53 -07:00
Steve Howell 6c4a471cc2 docs: Word cautioning advice more directly. 2020-05-17 21:25:53 -07:00
Steve Howell 23c2198da3 docs: Use string_id in header. 2020-05-17 21:25:53 -07:00
Steve Howell 35df5f35d8 docs: Keep manual-restore steps sequential. 2020-05-17 21:25:53 -07:00
Steve Howell 0267e5b145 docs: Mention zilencer in context.
We mention zilencer later in the docs, but I think it's
important to mention it specifically in the context of
management commands, too.
2020-05-17 21:25:53 -07:00
Steve Howell f8606eb68a docs: Alphabetize glossary. 2020-05-17 21:25:53 -07:00
Steve Howell 0b3d14a408 docs: Remove alpha status for ZulipTerminal. 2020-05-17 07:56:38 -04:00
Steve Howell b3c9676baf docs: Use full path for zulip.yaml.
Note that this section may actually be obsolete.
2020-05-17 07:56:38 -04:00
Steve Howell cc9e6a54c0 doc: Fix tense for "Include". 2020-05-17 07:56:38 -04:00
Puneeth Chaganti 614d4a3da8 docs: Add note about generating integrations bot avatar image. 2020-05-11 14:49:11 -07:00
Anders Kaseorg 8cdf2801f7 python: Convert more variable type annotations to Python 3.6 style.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-08 16:42:43 -07:00
Alex Vandiver 3a7a032ee2
docs: Remove unnecessary double-backticks in indented line.
These came in during the conversion from rST in 337155f280.
2020-05-05 21:28:00 -07:00
Tim Abbott 1c1c47b94a docs: Delete discussion of legacy push notifications signup.
This hasn't been used in months; it was only there in case of problems
with the rollout of the automated workflow, so it makes sense to
delete it now.
2020-05-05 15:59:35 -07:00
Vishnu Ks 9a8d0ca9fe docs: Recommend contact page over email wherever possible.
With a few tweaks from tabbott to preserve the enthusiasm for feedback
and de-emphasize twitter as a channel (we give better support
elsewhere).
2020-05-05 15:57:54 -07:00
Anders Kaseorg b094534319 THIRDPARTY: Add missing license texts for CC-BY-3.0, CC-BY-SA-4.0.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-02 10:07:55 -07:00
Anders Kaseorg 587ab554f7 THIRDPARTY: Use standard CC0 short name.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-02 10:07:55 -07:00
Anders Kaseorg dbee6b5622 THIRDPARTY: Fix short name references for Apache-2.0, BSD-2-Clause.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-02 10:07:55 -07:00
Anders Kaseorg e11f709054 THIRDPARTY: Update Format URL to https.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2020-05-02 10:07:55 -07:00
arpit551 a6df0b94dd doc: Updated docs for the job xenial-legacy. 2020-04-28 11:28:07 -07:00
Tim Abbott 28cb0aa81a docs: Use consistent spelling of CircleCI. 2020-04-28 11:26:58 -07:00
arpit551 16d41e59b5 doc: Update documentation replacing travis with CircleCI. 2020-04-28 11:24:54 -07:00
Tim Abbott 9566905b81 docs: Clarify nginx reverse proxy documentation.
Fixes #14740.
2020-04-26 10:51:39 -07:00
Anders Kaseorg 257a026f13 docs: Bump copyright year.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-23 16:04:54 -07:00
Rohitt Vashishtha 2825e6ad48 i18n: Support subexpressions of type (t "text") in Handlebars. 2020-04-22 17:57:16 -07:00
Anders Kaseorg fead14951c python: Convert assignment type annotations to Python 3.6 style.
This commit was split by tabbott; this piece covers the vast majority
of files in Zulip, but excludes scripts/, tools/, and puppet/ to help
ensure we at least show the right error messages for Xenial systems.

We can likely further refine the remaining pieces with some testing.

Generated by com2ann, with whitespace fixes and various manual fixes
for runtime issues:

-    invoiced_through: Optional[LicenseLedger] = models.ForeignKey(
+    invoiced_through: Optional["LicenseLedger"] = models.ForeignKey(

-_apns_client: Optional[APNsClient] = None
+_apns_client: Optional["APNsClient"] = None

-    notifications_stream: Optional[Stream] = models.ForeignKey('Stream', related_name='+', null=True, blank=True, on_delete=CASCADE)
-    signup_notifications_stream: Optional[Stream] = models.ForeignKey('Stream', related_name='+', null=True, blank=True, on_delete=CASCADE)
+    notifications_stream: Optional["Stream"] = models.ForeignKey('Stream', related_name='+', null=True, blank=True, on_delete=CASCADE)
+    signup_notifications_stream: Optional["Stream"] = models.ForeignKey('Stream', related_name='+', null=True, blank=True, on_delete=CASCADE)

-    author: Optional[UserProfile] = models.ForeignKey('UserProfile', blank=True, null=True, on_delete=CASCADE)
+    author: Optional["UserProfile"] = models.ForeignKey('UserProfile', blank=True, null=True, on_delete=CASCADE)

-    bot_owner: Optional[UserProfile] = models.ForeignKey('self', null=True, on_delete=models.SET_NULL)
+    bot_owner: Optional["UserProfile"] = models.ForeignKey('self', null=True, on_delete=models.SET_NULL)

-    default_sending_stream: Optional[Stream] = models.ForeignKey('zerver.Stream', null=True, related_name='+', on_delete=CASCADE)
-    default_events_register_stream: Optional[Stream] = models.ForeignKey('zerver.Stream', null=True, related_name='+', on_delete=CASCADE)
+    default_sending_stream: Optional["Stream"] = models.ForeignKey('zerver.Stream', null=True, related_name='+', on_delete=CASCADE)
+    default_events_register_stream: Optional["Stream"] = models.ForeignKey('zerver.Stream', null=True, related_name='+', on_delete=CASCADE)

-descriptors_by_handler_id: Dict[int, ClientDescriptor] = {}
+descriptors_by_handler_id: Dict[int, "ClientDescriptor"] = {}

-worker_classes: Dict[str, Type[QueueProcessingWorker]] = {}
-queues: Dict[str, Dict[str, Type[QueueProcessingWorker]]] = {}
+worker_classes: Dict[str, Type["QueueProcessingWorker"]] = {}
+queues: Dict[str, Dict[str, Type["QueueProcessingWorker"]]] = {}

-AUTH_LDAP_REVERSE_EMAIL_SEARCH: Optional[LDAPSearch] = None
+AUTH_LDAP_REVERSE_EMAIL_SEARCH: Optional["LDAPSearch"] = None

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-22 11:02:32 -07:00
Anders Kaseorg f8c95cda51 mypy: Add specific codes to type: ignore annotations.
https://mypy.readthedocs.io/en/stable/error_codes.html

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-22 10:46:33 -07:00
Steve Howell 54151bb548 db tools: Rename do-destroy-*database.
The new tools now have more concise, more parallel names:

    - rebuild-dev-database
    - rebuild-test-database

The actual implementations are still pretty different:

rebuild-dev-database:
    mostly delegates to 5 management scripts

rebuild-test-database:
    is a very thin wrapper for generate-fixtures

We'll try to clean that up a bit soon.
2020-04-22 09:24:42 -07:00
Aman Agrawal 59c2b6dcc7 release-checklist: Replace Xenial with Focal. 2020-04-21 15:03:14 -07:00
Aman Agrawal 79acd5ae40 docs: Remove development Xenial and Stretch support. 2020-04-21 15:01:31 -07:00
Aman Agrawal c87d58bb4f docs/wsl: Add recommendations for developing using wsl. 2020-04-20 23:21:45 -07:00
Aman Agrawal b13beb5ea8 circleci: Remove Xenial build as we are deprecating Xenial.
Docs updated to reflect the change.
2020-04-19 11:38:49 -07:00
Anders Kaseorg f506b05667 docs: Remove obsolete claims about Blueslip wrapping things.
These are obsolete since e0a18d3394
(#12737).

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-18 22:37:37 -07:00
Ray Kraesig 8b72de1d4d version control: Add note about paragraph formatting.
We've been getting a number of submissions lately that haven't used
blank lines in between paragraphs, so add that to our style guide.
2020-04-18 13:37:33 -07:00
Aman Agrawal 09d6beecbe docs/wsl: Clone in ~/zulip to avoid permission issues. 2020-04-18 12:25:27 -07:00
Aman Agrawal bf2aec3ff3 docs/wsl: Correct name for rabbitmq conf file. 2020-04-18 12:25:27 -07:00
Steve Howell 7eb6d32d59 provision: Let build_emoji build its own cache.
We no longer need to maintain duplicate code
related to where we set up the emoji
cache directory.

And we no longer need two extra steps for
people doing advanced (i.e. manual) setup.

There was no clear benefit to having provision
build the cache directory for `build_emoji`,
when it was easy to make `build_emoji` more
self-sufficient.  The `build_emoji` tool
was already importing the library that has
`run_as_root`, and it was already responsible
for 99% of the create-directory kind of tasks.

(We always call `build_emoji` unconditionally from
`provision`, so there's no rationale in terms
of avoiding startup time or something.)

ASIDE:

Its not completely clear to me why we need
to put this directory in "/srv", instead of
somewhere more local (like we already do for
Travis), but maybe it's just to be like
its siblings in "/srv":

    node_modules
    yarn.lock
    zulip-emoji-cache
    zulip-npm-cache
    zulip-py3-venv
    zulip-thumbor-venv
    zulip-venv-cache
    zulip-yarn

I guess the caches that we keep in var are
dev-only, although I think some of what's under
`zulip-emoji-cache` is also dev-only in nature?

    ./var/webpack-cache
    ./var/mypy-cache

In `docs/subsystems/emoji.md` we say this:

```
The `build_emoji` tool generates the set of files under
`static/generated/emoji` (or really, it generates the
`/srv/zulip-emoji-cache/<sha1>/emoji` tree, and
`static/generated/emoji` is a symlink to that tree;we do this in
order to cache old versions to make provisioning and production
deployments super fast in the common case that we haven't changed the
emoji tooling). [...]
```

I don't really understand that rationale for the development
case, since `static/generated` is as much ignored by `git` as
'/srv' is, without the complications of needing `sudo` to create it.

And in production, I'm not sure how much time we're really saving,
as it takes me about 1.4s to fully rebuild the cache in dev, not to
mention we're taking on upgrade risk by sharing files between versions.
2020-04-17 09:53:26 -07:00
Puneeth Chaganti 05101b4f5a docs: Add a note on manually generating integration screenshots. 2020-04-17 09:41:55 -07:00
Puneeth Chaganti d2eaf799e6 docs: Recommend using generate-integration-docs-screenshot. 2020-04-17 09:41:55 -07:00
Tim Abbott 20ac4e1fba docs: Update changelog for Zulip 2.1.4 release. 2020-04-16 16:20:58 -07:00
Tim Abbott 1219a2e854 docs: Deprecate support for Xenial and Stretch.
Also make sure our documentation for upgrading is reasonable for
Stretch => Buster.

Our reasoning for deprecating support for these releases is as follows:

* Ubuntu 16.04 Xenial reached desktop EOL last year; and will reach
  EOL on the server in about a year.

* Debian Stretch will each EOL in 2020 (the precise date is unclear in
  Debian's documentation, but based on past precedent it's in the next
  few months, perhaps July 2020).
  https://wiki.debian.org/DebianReleases#Production_Releases

* Both Ubuntu 16.04 and Debian Stretch use Python 3.5 as the system
  Python, which will reach EOL in September 2020 (and we're already
  seeing various third-party dependencies that we use drop support for
  them).

* While there is LTS support for these older releases, it's not clear it's
  going to be worth the added engineering effort for us to maintain EOL
  releases of the base OSes that we support.

* We (now) have clear upgrade instructions for moving to Debian Buster
  and Ubuntu 18.04.
2020-04-16 15:36:18 -07:00
Anders Kaseorg b1e7d8b51d settings: Harden session and CSRF cookies with __Host- prefix.
This defends against cross-origin session fixation attacks.  Renaming
the cookies means this one-time upgrade will have the unfortunate side
effect of logging everyone out, but they’ll get more secure sessions
in return.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-12 11:55:55 -07:00
Aman Agrawal c792abebc0 docs: Fix broken link to WSL 2 doc. 2020-04-12 11:03:27 -07:00
Aman Agrawal ca0154c425 dev-docs-setup: Add installation instructions for WSL 2.
Instructions were added by doing the setup on Ubuntu 18.04 WSL 2.

While the setup should be similar for other distributions supported by
our `./tools/provision` script inside WSL, it has not been tested.

Polished by tabbott.
2020-04-11 12:16:29 -07:00
Tim Abbott 59937ec9fa scripts: Rename inline-email-css to inline_email_css.py.
This is a preparatory step for making it a module that we can import
and call from other code.
2020-04-10 15:29:47 -07:00
Anders Kaseorg c734bbd95d python: Modernize legacy Python 2 syntax with pyupgrade.
Generated by `pyupgrade --py3-plus --keep-percent-format` on all our
Python code except `zthumbor` and `zulip-ec2-configure-interfaces`,
followed by manual indentation fixes.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-09 16:43:22 -07:00
Vishnu KS 449f7e2d4b team: Generate team page data using cron job.
This eliminates the contributors data as a possible source of
flakiness when installing Zulip from Git.

Fixes #14351.
2020-04-08 12:52:31 -07:00
Vishnu KS 8415a1472a tools: Rename update-authors-json to fetch-contributor-data. 2020-04-08 12:40:00 -07:00
Tim Abbott 3983bf21ac docs: Update changelog for 2.1.3 release. 2020-04-01 14:01:45 -07:00
Anders Kaseorg 4f748fb627 markdown: Stop setting target="_blank".
This setting is being overridden by the frontend since the last
commit, and the security model is clearer and more robust if we don't
make it appear as though the markdown processor is handling this
issue.

Co-authored-by: Tim Abbott <tabbott@zulipchat.com>
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-04-01 14:01:45 -07:00
Tim Abbott 724fcc74e8 help: Improve documentation on importing exported organizations.
This should help avoid confusion where some users used the Zulip
backup tool, not the import tool, to try to import their backups.
2020-03-30 13:25:03 -07:00
thoemie 7a48bec189 docs: Document EMAIL_USE_SSL for smtp providers on port 465.
I found the solution by simply trying out EMAIL_USE_SSL and it
worked. I had problems with sending emails (did not work at all, there
wasn't even a connection going on - I checked with tcpdump. Then I
found this: To use port 465, you need to call
smtplib.SMTP_SSL(). Currently, it looks like Django only uses
smtplib.SMTP() (source: https://code.djangoproject.com/ticket/9575).

Fixes #14350.
2020-03-27 00:25:49 -07:00
Anders Kaseorg 7ff9b22500 docs: Convert many http URLs to https.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-03-26 21:35:32 -07:00
arpit551 589889ac76 docs: Added Focal support in development documentation.
Update the documentation to communicate Focal is supported in the development.
2020-03-25 16:09:59 -07:00
shubhamgupta2956 6ab1908214 settings: Reword setting name in settings menu.
Rewords "User list on left sidebar in narrow windows" in settings menu
to "Show user list on left sidebar in narrow windows".
2020-03-24 10:47:00 -07:00
Mateusz Mandera eb0216c5a8 middleware: Log <user.id>@subdomain instead of subdomain/<user.id>.
It was decided that the new format is preferable.
2020-03-24 10:25:01 -07:00
Mateusz Mandera 2b51b3c6c5 middleware: Also log request subdomain when logging "unauth" request.
This returns us to a consistent logging format regardless of whether
the request is authenticated.

We also update some log examples in docs to be consistent with the new
style.
2020-03-22 18:32:04 -07:00
Ryan Rehman f764108cc7 docs: Update link to Handlebars Block Helpers.
This also removes an unused link.
2020-03-22 11:29:27 -07:00
Steve Howell 4888a2c7f9 node tests: Remove module-pattern info in docs.
The example here wasn't useful or accurate any
more.
2020-03-22 10:56:32 -07:00
Steve Howell 5b853cb2e5 node tests: Fix typo for directory in docs. 2020-03-22 10:56:32 -07:00
Steve Howell 25d2e2e122 Rename get_realm_persons() to get_realm_users().
The function's name was misleading, since it includes
any bots in your realm.
2020-03-22 10:55:11 -07:00
Steve Howell 4f98e31853 node tests: Add note about general.js to docs. 2020-03-21 17:59:40 -04:00
Tim Abbott fcd0a116b4 docs: Clarify how to test API endpoints. 2020-03-20 14:09:37 -07:00
Mateusz Mandera f9db77c400 docs: Updated links to python-social-auth docs.
The URL seems to have changed.
2020-03-20 08:54:37 -04:00
Mateusz Mandera 65f7231dd3 docs: Refresh docs on updating python requirements.
Those docs were outdated and no longer represantative of how things
work. upgrade-python-dependencies and unupgradable.json are no longer a
thing, so the entire paragraph about them should be removed.
Then the requirements/README.md file is refreshed a bit to be more
accurate.
2020-03-18 12:14:31 -07:00
Puneeth Chaganti 1a994821fc
docs: Create bin directory before fetching rmate file to it.
Running the curl command when the directory is not present causes it to fail.
2020-03-17 17:14:04 -07:00
Vishnu KS a48845c8fb tests: Create new test mode for generating stripe fixtures. 2020-03-17 16:46:56 -07:00
Stefan Weil c220b971ae
docs: Fix some typos in documentation (most of them found and fixed by codespell).
Signed-off-by: Stefan Weil <sw@weilnetz.de>
2020-03-17 05:57:10 -07:00
Rike-Benjamin Schuppner bb49a60bd5
docs: Fix type in authentication methods. 2020-03-15 17:55:08 -07:00
Tim Abbott 93438d965d docs: Update a few GSoC project ideas.
There are more updates like this coming in the next few days.
2020-03-04 16:48:58 -08:00
Yashwant 849adc8fa4 docs: Fix last date for gsoc proposal submission. 2020-03-04 15:06:37 -08:00
Yashwant 02c7131a64 Fixed last date of proposal submission GSOC 2020-03-04 15:06:34 -08:00
Tim Abbott 6c74af4c06 docs: Document our stable release branches.
The experiment with the published 2.1.x tpye branches has been going
well, so we should document the feature.
2020-02-29 11:50:44 -08:00
Steve Howell 504ec9d489 typing: Remove recipient-related complexity.
For historical reasons we were creating Recipient
objects at some point in the typing-notifications
codepath.  Now we just work with UserProfiles.
This removes some queries, as indicated by
the change to `len(queries)` in a couple of the
tests.

The one subtle thing that changes here is huddles.
If user 10 sends a typing notification that they
are talking to users 20 and 30, there might not
actually be a huddle for users 10/20/30, but
we were actually creating huddles on the fly!
There is no need to create huddles just for
typing notifications, since we don't even
share huddle ids with our clients.  The clients
just infer the huddles.

Some of the code that gets killed off here as
somewhat "collateral damage" is some
defensive code related to formerly supporting streams
in typing indicators.  The support for streams
was killed off almost as soon as we released
the feature, and the codepath is pretty clearly
user-centric at this point.
2020-02-28 12:46:20 -08:00
Steve Howell b26f2dcd4b typing: Deprecate emails in typing endpoint.
The only clients that should use the typing
indicators endpoint are our internal clients,
and they should send a JSON-formatted list
of user_ids.

Unfortunately, we still have some older versions
of mobile that still send emails.

In this commit we fix non-user-facing things
like docs and tests to promote the user_ids
interface that has existed since about version
2.0 of the server.

One annoyance is that we documented the
typing endpoint with emails, instead of the
more modern user_ids, which may have delayed
mobile converting to user_ids (and which
certainly caused confusion).  It's trivial
to update the docs, but we need to short
circuit one assertion in the openapi tests.

We also clean up the test structure for the
typing tests:

    TypingHappyPathTest.test_start_to_another_user
    TypingHappyPathTest.test_start_to_multiple_recipients
    TypingHappyPathTest.test_start_to_self
    TypingHappyPathTest.test_start_to_single_recipient
    TypingHappyPathTest.test_stop_to_another_user
    TypingHappyPathTest.test_stop_to_self

    TypingValidateOperatorTest.test_invalid_parameter
    TypingValidateOperatorTest.test_missing_parameter

    TypingValidateUsersTest.test_argument_to_is_not_valid_json
    TypingValidateUsersTest.test_bogus_user_id
    TypingValidateUsersTest.test_empty_array
    TypingValidateUsersTest.test_missing_recipient

    TypingValidationHelpersTest.test_recipient_for_user_ids
    TypingValidationHelpersTest.test_recipient_for_user_ids_non_existent_id

    TypingLegacyMobileSupportTest.test_legacy_email_interface
2020-02-28 12:39:36 -08:00
Tim Abbott fb087c317b docs: Fix changelog typo. 2020-02-27 12:21:30 -08:00
Vaibhav Raj Singh 7822964f28 docs: Replace casperjs.org links.
As CasperJS is deprecated, their website has gone down. Replaced the
broken links with their Wayback Machine counterparts.
2020-02-27 11:03:31 -08:00
Tim Abbott b775becc68 docs: Change our security contact to security@.
This has for a while been our only active Google Groups mailing list,
and given that folks will guess security@ as our security contact, we
might as well just standardize on that.

Also tweak some ambiguous text; it wouldn't be appropriate for us to
issue a CVE for e.g. an operational issue only affecting us.
2020-02-26 16:35:29 -08:00
Anders Kaseorg 687553a661 setup_path_on_import: Replace with setup_path function.
isort 5 knows not to reorder imports across function calls, so this
will stop isort from breaking our code.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-25 15:40:21 -08:00
Tim Abbott 0479843063 docs: Update link to Handlebars Block Helpers. 2020-02-25 11:48:43 -08:00
Steve Howell 59b047c862 docs: Tweak commit message guidelines.
- I fixed a typo with "lowerecase"
- I elaborated on the prefix before elaborating
  on the rest of the message (i.e. went in correct
  order).
- I split out the provision example (since we
  talk about it some depth).
- I added more positive examples.
- I removed the distracting italics around the
  good commit messages.
- I moved the "gather_subscriptions" commit to
  the bottom of the list, since we elaborate
  on that below the list.
2020-02-24 17:56:36 -08:00
Mateusz Mandera 83722275f2 docs: Rename "Testing and writing tests" section to "Testing overview".
The section doesn't really explain anything about actually writing
tests, so "Testing overview" seems like a more fitting name.
2020-02-20 17:21:20 -05:00
Mateusz Mandera 7814f52d45 docs: Replace links to Django 1.11 docs with 2.2 links. 2020-02-19 11:51:18 -08:00
Tim Abbott b1608a51db docs: Update changelog with changes since last release.
This includes an experiment of having a draft of the 2.1.3 changelog,
which is helpful in avoiding duplication with the 2.2.0 changelog for
items we're planning to backport.
2020-02-19 11:50:47 -08:00
Vishnu KS 5bab2a3762 upload: Replace jQuery filedrop with Uppy. 2020-02-13 16:43:19 -08:00
rht 41e3db81be dependencies: Upgrade to Django 2.2.10.
Django 2.2.x is the next LTS release after Django 1.11.x; I expect
we'll be on it for a while, as Django 3.x won't have an LTS release
series out for a while.

Because of upstream API changes in Django, this commit includes
several changes beyond requirements and:

* urls: django.urls.resolvers.RegexURLPattern has been replaced by
  django.urls.resolvers.URLPattern; affects OpenAPI code and related
  features which re-parse Django's internals.
  https://code.djangoproject.com/ticket/28593
* test_runner: Change number to suffix. Django changed the name in this
  ticket: https://code.djangoproject.com/ticket/28578
* Delete now-unnecessary SameSite cookie code (it's now the default).
* forms: urlsafe_base64_encode returns string in Django 2.2.
  https://docs.djangoproject.com/en/2.2/ref/utils/#django.utils.http.urlsafe_base64_encode
* upload: Django's File.size property replaces _get_size().
  https://docs.djangoproject.com/en/2.2/_modules/django/core/files/base/
* process_queue: Migrate to new autoreload API.
* test_messages: Add an extra query caused by .refresh_from_db() losing
  the .select_related() on the Realm object.
* session: Sync SessionHostDomainMiddleware with Django 2.2.

There's a lot more we can do to take advantage of the new release;
this is tracked in #11341.

Many changes by Tim Abbott, Umair Waheed, and Mateusz Mandera squashed
are squashed into this commit.

Fixes #10835.
2020-02-13 16:27:26 -08:00
Anders Kaseorg d7d8632525 pygments_data: Replace JS module with JSON module.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-12 10:09:12 -08:00
Anders Kaseorg e257253e64 emoji_codes: Replace JS module with JSON module.
webpack optimizes JSON modules using JSON.parse("{…}"), which is
faster than the normal JavaScript parser.

Update the backend to use emoji_codes.json too instead of the three
separate JSON files.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-12 10:09:12 -08:00
Chris Bobbe 973c6a3061 docs/contributing/version-control: Link to docs/git/fixing-commits.
For help with using `git rebase -i`.
2020-02-12 09:53:25 -08:00
Tim Abbott 4a36ed6cb2 docs: Advertise support for GitLab authentication. 2020-02-11 14:13:39 -08:00
Dinesh 4304d5f8db auth: Add support for GitLab authentication.
With some tweaks by tabbott to the documentation and comments.

Fixes #13694.
2020-02-11 13:54:17 -08:00
Anders Kaseorg 4c1453df68 code-style: Modernize some ancient JavaScript advice.
Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-10 14:08:12 -08:00
Anders Kaseorg 4948240619 js: Convert _.filter(a, …) to a.filter(…).
And convert the corresponding function expressions to arrow style
while we’re here.

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-10 14:08:12 -08:00
Anders Kaseorg 719546641f js: Convert a.indexOf(…) !== -1 to a.includes(…).
Babel polyfills this for us for Internet Explorer.

import * as babelParser from "recast/parsers/babel";
import * as recast from "recast";
import * as tsParser from "recast/parsers/typescript";
import { builders as b, namedTypes as n } from "ast-types";
import K from "ast-types/gen/kinds";
import fs from "fs";
import path from "path";
import process from "process";

const checkExpression = (node: n.Node): node is K.ExpressionKind =>
  n.Expression.check(node);

for (const file of process.argv.slice(2)) {
  console.log("Parsing", file);
  const ast = recast.parse(fs.readFileSync(file, { encoding: "utf8" }), {
    parser: path.extname(file) === ".ts" ? tsParser : babelParser,
  });
  let changed = false;

  recast.visit(ast, {
    visitBinaryExpression(path) {
      const { operator, left, right } = path.node;
      if (
        n.CallExpression.check(left) &&
        n.MemberExpression.check(left.callee) &&
        !left.callee.computed &&
        n.Identifier.check(left.callee.property) &&
        left.callee.property.name === "indexOf" &&
        left.arguments.length === 1 &&
        checkExpression(left.arguments[0]) &&
        ((["===", "!==", "==", "!=", ">", "<="].includes(operator) &&
          n.UnaryExpression.check(right) &&
          right.operator == "-" &&
          n.Literal.check(right.argument) &&
          right.argument.value === 1) ||
          ([">=", "<"].includes(operator) &&
            n.Literal.check(right) &&
            right.value === 0))
      ) {
        const test = b.callExpression(
          b.memberExpression(left.callee.object, b.identifier("includes")),
          [left.arguments[0]]
        );
        path.replace(
          ["!==", "!=", ">", ">="].includes(operator)
            ? test
            : b.unaryExpression("!", test)
        );
        changed = true;
      }
      this.traverse(path);
    },
  });

  if (changed) {
    console.log("Writing", file);
    fs.writeFileSync(file, recast.print(ast).code, { encoding: "utf8" });
  }
}

Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2020-02-10 14:08:12 -08:00
Tim Abbott 14e0322dda docs: Fix small issues in architecture overview.
Typos and removing now-inaccurate discussion of the incoming email
integration as a use case for redis.
2020-02-06 15:03:10 -08:00