Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
45,932 Commits 28 Branches 142 Tags 694 MiB
Python 61.2%
TypeScript 15.8%
JavaScript 11.2%
HTML 4%
CSS 3.9%
Other 3.8%
Go to file
Mateusz Mandera 4102816240 upload: Pass the target realm to create_attachment. 
The target realm was not being passed to create_attachment in
upload_message_file implementations. This was a bug in the edge-case of
cross-realm messages - in particular, causing a bug in the email
gateway:
When an email with an attachment is sent, the message is mirrored to
Zulip with Email Gateway Bot as the message sender and uploader of the
attachment. Due to the realm not being passed to create_attachment, the
Attachment would get created with .realm being the system bot realm,
making the attachment inaccessible under some conditions due to failing
the following condition check (that's expected to pass, provided that
the .realm is set correctly):
```
    if (
        attachment.is_realm_public
        and attachment.realm == user_profile.realm
        and user_profile.can_access_public_streams()
    ):
        # Any user in the realm can access realm-public files
        return True
```
 		2022-01-27 17:23:44 -08:00
.github ci: Cache with the OS name, not the job name. 2022-01-24 14:29:49 -08:00
.tx
.vscode vscode: Recommend remote development extension. 2021-11-03 16:03:46 -07:00
analytics python: Replace deprecated jinja2.utils.Markup with markupsafe.Markup. 2022-01-13 14:22:48 -08:00
confirmation lint: Enforce consistent style of using transaction.atomic decorator. 2021-12-12 11:15:33 -08:00
corporate mypy: Add types-stripe. 2022-01-23 22:47:30 -08:00
docs docs: Suggest running reindex-textual-data in the venv manually. 2022-01-26 11:56:30 -08:00
frontend_tests search suggestions: Find older topics. 2022-01-27 10:19:07 -08:00
locale i18n: Update translation data from Transifex. 2021-12-03 16:04:23 -08:00
pgroonga pgroonga: Remove unnecessary code from first migration. 2021-05-28 09:42:33 -07:00
puppet CVE-2021-43799: Write rabbitmq configuration before starting. 2022-01-25 01:48:05 +00:00
requirements requirements: Downgrade libcst. 2022-01-25 19:43:03 -08:00
scripts start-server: Start auxiliary services, if they exist. 2022-01-26 12:39:54 -08:00
static search suggestions: Add comment about server history. 2022-01-27 10:19:07 -08:00
stubs/taint mypy: Add types-stripe. 2022-01-23 22:47:30 -08:00
templates api: Update `update_message` event required fields. 2022-01-26 13:11:26 -08:00
tools install-shfmt: Upgrade shfmt from 3.4.1 to 3.4.2. 2022-01-24 15:55:38 -08:00
var/puppeteer puppeteer_tests: Port to TypeScript. 2021-02-22 16:03:10 -08:00
zerver upload: Pass the target realm to create_attachment. 2022-01-27 17:23:44 -08:00
zilencer zilencer: Add endpoint for deactivating remote server registration. 2022-01-21 14:57:04 -08:00
zproject docs: Uncapitalize the name for nginx. 2022-01-25 11:17:51 -08:00
.browserslistrc browserslist: Drop 0.2% usage threshold to 0.15%. 2020-09-28 10:57:49 -07:00
.codecov.yml
.codespellignore CI: Add Codespell linter. 2021-10-27 16:49:30 -07:00
.editorconfig editorconfig: Restore indent_size = 2 for Markdown. 2021-08-20 23:14:37 -07:00
.eslintignore requirements: Remove Thumbor. 2021-05-06 20:07:32 -07:00
.eslintrc.json dependencies: Upgrade JavaScript dependencies. 2021-12-03 14:33:53 -08:00
.gitattributes git: Suppress diffs by default on giant Stripe API fixtures 2021-12-06 11:36:49 -08:00
.gitignore editor: Add `.vscode/extensions.json` file. 2021-10-29 15:47:44 -07:00
.gitlint lint: Re-enable imperative-mood checking. 2021-02-23 14:54:07 -08:00
.mailmap mailmap: Add mailmap entry for Yash RE. 2022-01-11 09:15:49 -08:00
.npmignore
.prettierignore prettier: Exclude backend-processed Markdown files. 2021-08-20 23:14:37 -07:00
.pyre_configuration pysa: Update .pyre_configuration to point to typeshed. 2020-09-22 15:44:47 -07:00
.sonarcloud.properties tools: Configure Zulip to be scannable by SonarCloud. 2020-06-24 12:41:17 -07:00
.yarnrc
CODE_OF_CONDUCT.md docs: Apply bullet style changes from Prettier. 2021-09-08 12:06:24 -07:00
CONTRIBUTING.md CONTRIBUTING: Update GSoC guide link. 2022-01-19 11:39:51 -08:00
Dockerfile-postgresql docs: Standardize on PostgreSQL, not Postgres. 2020-10-28 11:55:16 -07:00
LICENSE license: Move copyright notice from LICENSE to NOTICE. 2021-02-05 09:28:12 -08:00
NOTICE docs: Bump copyright year. 2021-02-05 09:28:15 -08:00
README.md portico: Update contributor count from 700 to 1000. 2022-01-24 12:41:49 -08:00
SECURITY.md SECURITY.md: Reorder and make clearer how to subscribe to announcements. 2022-01-07 15:56:26 -08:00
Vagrantfile Remove Ubuntu 18.04 support. 2022-01-21 17:26:14 -08:00
babel.config.js dependencies: Upgrade JavaScript dependencies. 2022-01-24 15:55:38 -08:00
manage.py manage: Restore `changepassword` back to documented_commands. 2021-06-18 09:11:01 -07:00
package.json dependencies: Upgrade JavaScript dependencies. 2022-01-24 15:55:38 -08:00
postcss.config.js css: Replace "night-mode-block" with "dark-theme-block". 2021-11-26 22:03:29 -08:00
prettier.config.js prettier: Disable embedded language formatting for Markdown. 2021-08-20 23:14:37 -07:00
pyproject.toml mypy: Add types-beautifulsoup4. 2022-01-23 23:39:40 -08:00
setup.cfg pycodestyle: Improve comments documenting excludes. 2021-02-12 13:11:25 -08:00
stylelint.config.js yarn: Add package which allows creating css mixins. 2021-12-09 18:15:18 -08:00
tsconfig.json tsconfig: Enable noImplicitOverride. 2021-09-13 10:10:34 -07:00
version.py api: Update `update_message` event required fields. 2022-01-26 13:11:26 -08:00
webpack.config.ts webpack: Remove LoaderOptionsPlugin. 2021-10-17 07:13:57 -07:00
yarn.lock dependencies: Upgrade JavaScript dependencies. 2022-01-24 15:55:38 -08:00

README.md

Zulip overview

Zulip is an open-source team collaboration tool with unique topic-based threading that combines the best of email and chat to make remote work productive and delightful. Fortune 500 companies, leading open source projects, and thousands of other organizations use Zulip every day. Zulip is the only modern team chat app that is designed for both live and asynchronous conversations.

Zulip is built by a distributed community of developers from all around the world, with 74+ people who have each contributed 100+ commits. With over 1000 contributors merging over 500 commits a month, Zulip is the largest and fastest growing open source team chat project.

GitHub Actions build status coverage status Mypy coverage code style: black code style: prettier GitHub release docs Zulip chat Twitter GitHub Sponsors

Getting started

Click on the appropriate link below. If nothing seems to apply, join us on the Zulip community server and tell us what's up!

You might be interested in:

You may also be interested in reading our blog or following us on Twitter. Zulip is distributed under the Apache 2.0 license.