This is needed for the command to work in docker-zulip, where the zulip
user may not have write permissions to the parent directory of the
secrets file. By default, crudini creates a temporary file, which makes
the command fail under those conditions.
With --inplace, the secret file gets written to directly without
creation of temporary files.
(cherry picked from commit d89ab2694f)
Clients making requests to Zulip with a `Authorization: Basic ...` for
an upload in S3 pass along all of their request headers to the S3
backend -- causing errors of the form:
```xml
<?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>InvalidArgument</Code>
<Message>Only one auth mechanism allowed; only the X-Amz-Algorithm
query parameter, Signature query string parameter or the
Authorization header should be specified</Message>
<ArgumentName>Authorization</ArgumentName>
<ArgumentValue>Basic ...</ArgumentValue>
<RequestId>...</RequestId>
<HostId>...</HostId>
</Error>
```
Strip off all request headers which AWS reports that S3 may read[^1].
Fixes: #30180.
[^1]: https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html
(cherry picked from commit 549f4fe00b)
Gitter broke their older API as part of being integrated
into Matrix.
Their announcement blog says:
"Anything left using the Gitter APIs will need to be
updated to use the Matrix API"
This commit drops the legacy Gitter import tool and
we plan to build a new one for Matrix in future.
(cherry picked from commit b17a006bf0)
Building these libraries from source requires too much memory, and
causes OOMs on a host with 4GB of RAM when still running Zulip.
Building from source was enabled in `main` to work around
xmlsec/python-xmlsec#320, which does not occur with the xmlsec version
in the 8.x branch, as xmlsec/python-xmlsec#314 (incompatibilities with
Ubuntu 20.04) causes us to pin xmlsec<1.3.14.
As such, we switch back to using prebuilt wheels. The version
mismatch from xmlsec/python-xmlsec#320, if real, is not new, so this
exposes us to no more risk than before.
Previously, in DM disabled org messaging to bot was not working when
starting new conversation and adding bot as recipient because of not
updating on recipient change. And secondly, self messaging was not
allowed.
This commit ensures that the DM to bot and self are allowed irrespective
of dm restrictions.
tests: Verify DMs adhere to DM restriction policy.
Fixes#28412
Signed-off-by: sayyedarib <sayyedaribhussain4321@gmail.com>
(cherry picked from commit 5c993f0479)
The returns plugin hasn’t been updated for mypy ≥ 1.6. This
annotation is more limited in that it only supports a fixed number of
positional arguments and no keyword arguments, but is good enough for
our purposes.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
(cherry picked from commit d32d4434dd)
This timeout strategy using asynchronous exceptions has a number of
safety caveats (read the docstring!!) and should only be used in very
specific circumstances.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
(cherry picked from commit 72018cc26b)
zerver.lib.timeout abuses asynchronous exceptions, so it’s only safe
to use on CPU computations with no side effects.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
(cherry picked from commit da979bc65c)
zerver.lib.timeout abuses asynchronous exceptions, so it’s only safe
to use on CPU computations with no side effects.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
(cherry picked from commit 95a1481f99)
Testing for it in Python means that we have to worry about keeping the
`upgrade-zulip-stage-2` backwards-compatible with all versions of
Python which we could ever be upgrading from -- which is all of them.
Factor out the "supported operating systems" check, and share it
between upgrade and install codepaths.
(cherry picked from commit 7f4bc05f8e)
Previously, the sorting was broken due to
incorrect referencing of the property.
The code has been updated to use the "referrer_name"
property instead of "ref".
(cherry picked from commit 01e898252b)
The process of running Django's built-in database and config checks
can be very heavy-weight, potentially taking multiple seconds:
```
$ hyperfine './manage.py print_initial_password iago@zulip.com' './manage.py print_initial_password iago@zulip.com --skip-checks'
Benchmark 1: ./manage.py print_initial_password iago@zulip.com
Time (mean ± σ): 4.943 s ± 0.722 s [User: 4.434 s, System: 0.311 s]
Range (min … max): 4.415 s … 6.835 s 10 runs
Benchmark 2: ./manage.py print_initial_password iago@zulip.com --skip-checks
Time (mean ± σ): 1.786 s ± 0.113 s [User: 1.598 s, System: 0.162 s]
Range (min … max): 1.576 s … 1.999 s 10 runs
Summary
'./manage.py print_initial_password iago@zulip.com --skip-checks' ran
2.77 ± 0.44 times faster than './manage.py print_initial_password iago@zulip.com'
```
This extends the window during which nginx is forced to serve 502's to
clients. f5f6a3789b added an explicit `manage.py check` during
server restarts, and fa77be6e6c added one during upgrades; as such,
we expect that any check failures will already have been caught when
performing a restart or upgrade, and there is no point in running them
on process startup.
(cherry picked from commit 48b925931e)
Earlier, DM row remained highlighted when narrowed to different
part of left sidebar other than recent and inbox since on narrow
event, `handle_narrow_activate` wasn't properly handling unnarrow
events. It wasn't calling `update_private_messages` to update the
state of the DM list.
This commit fixes the behaviour by updating the state on narrowing
away from DM rows.
Fixes: zulip#27698.
Co-authored-by: Rinwaoluwa <peterodejobi9@gmail.com>
(cherry picked from commit 0708505acb)
Earlier when users narrowed to recents or inbox, message_list.current
was updating to last dm row selected for first few filter checks in
'narrow_state' which in turn would set active_user_ids to last dm
row selected. This resulted in DM highlight lingering.
The narrow_state.filter is supposed to return undefined when narrowed
to recents or inbox.
This commit fixes the behaviour by setting 'current' undefined before
filter checks on narrow.
Fixes part of #27698.
(cherry picked from commit 8c89725fcc)
The bots do not exist in the user table to look up their active
status, and attempting to import them into the analytics table will
result in duplicate rows.
(cherry picked from commit a7ec7e924e)
Using --rotate-key without write access to the secrets file is currently
quite painful, since you end up rotating your registration's secret with
no local record of it; so effectively you lose your registration and
need help from support. We should just prevent this failure mode.
(cherry picked from commit 89a22fb076)
9bd340957f changed the headers; while we no longer store the
changelog text in the Github release object, we should still output
the changelog to STDOUT correctly.
(cherry picked from commit db4e093ad7)
Fixes#28403
Uses redis to remember the last time push notifications were experienced
working. This needs to work across processes, so can't be done just in
memory.
As this is transient data that's fairly harmless to lose and thus
doesn't require the persistence benefits of the database, and we're
keeping a single "row", so don't need an entire new db table, we settle
on using redis instead of postgres. This is also consistent with how we
store other kinds of such transient data.
(cherry picked from commit 962ab13203)
