Release Zulip Server 7.0-beta1.

Deduplicated logic for calculating unread message counts and
stream counts for subscribed streams by refactoring `get_counts` to
use `get_stream_count` function for calculating unread message counts
for each subscribed stream.

.codespellignore

@@ -16,3 +16,12 @@ fpr
 alls
 nd
 ot
+womens
+vise
+falsy
+ro
+derails
+forin
+uper
+slac
+couldn

.eslintignore

@@ -4,11 +4,12 @@
 
 /docs/_build
 /static/generated
-/static/third
 /static/webpack-bundles
 /var/*
 !/var/puppeteer
 /var/puppeteer/*
 !/var/puppeteer/test_credentials.d.ts
+/web/generated
+/web/third
 /zulip-current-venv
 /zulip-py3-venv

.eslintrc.json

@@ -1,4 +1,5 @@
 {
+    "root": true,
     "env": {
         "es2020": true,
         "node": true
@@ -14,12 +15,15 @@
     ],
     "parser": "@babel/eslint-parser",
     "parserOptions": {
+        "requireConfigFile": false,
         "warnOnUnsupportedTypeScriptVersion": false,
         "sourceType": "unambiguous"
     },
     "plugins": ["formatjs", "no-jquery"],
     "settings": {
-        "additionalFunctionNames": ["$t", "$t_html"],
+        "formatjs": {
+            "additionalFunctionNames": ["$t", "$t_html"]
+        },
         "no-jquery": {
             "collectionReturningPlugins": {
                 "expectOne": "always"
@@ -47,14 +51,9 @@
         "import/first": "error",
         "import/newline-after-import": "error",
         "import/no-self-import": "error",
+        "import/no-unresolved": ["error", {"ignore": ["^date-fns-tz$|^js-cookie$|^katex$"]}],
         "import/no-useless-path-segments": "error",
-        "import/order": [
-            "error",
-            {
-                "alphabetize": {"order": "asc"},
-                "newlines-between": "always"
-            }
-        ],
+        "import/order": ["error", {"alphabetize": {"order": "asc"}, "newlines-between": "always"}],
         "import/unambiguous": "error",
         "lines-around-directive": "error",
         "new-cap": "error",
@@ -73,6 +72,7 @@
         "no-implied-eval": "error",
         "no-inner-declarations": "off",
         "no-iterator": "error",
+        "no-jquery/no-constructor-attributes": "error",
         "no-jquery/no-parse-html-literal": "error",
         "no-label-var": "error",
         "no-labels": "error",
@@ -93,19 +93,15 @@
         "no-undef-init": "error",
         "no-unneeded-ternary": ["error", {"defaultAssignment": false}],
         "no-unused-expressions": "error",
+        "no-unused-vars": ["error", {"ignoreRestSiblings": true}],
         "no-use-before-define": ["error", {"functions": false}],
         "no-useless-concat": "error",
         "no-useless-constructor": "error",
         "no-var": "error",
-        "object-shorthand": "error",
+        "object-shorthand": ["error", "always", {"avoidExplicitReturnArrows": true}],
         "one-var": ["error", "never"],
         "prefer-arrow-callback": "error",
-        "prefer-const": [
-            "error",
-            {
-                "ignoreReadBeforeAssign": true
-            }
-        ],
+        "prefer-const": ["error", {"ignoreReadBeforeAssign": true}],
         "radix": "error",
         "sort-imports": ["error", {"ignoreDeclarationSort": true}],
         "spaced-comment": ["error", "always", {"markers": ["/"]}],
@@ -114,36 +110,35 @@
         "unicorn/explicit-length-check": "off",
         "unicorn/filename-case": "off",
         "unicorn/no-await-expression-member": "off",
-        "unicorn/no-nested-ternary": "off",
+        "unicorn/no-negated-condition": "off",
         "unicorn/no-null": "off",
         "unicorn/no-process-exit": "off",
         "unicorn/no-useless-undefined": "off",
-        "unicorn/number-literal-case": "off",
         "unicorn/numeric-separators-style": "off",
         "unicorn/prefer-module": "off",
         "unicorn/prefer-node-protocol": "off",
-        "unicorn/prefer-spread": "off",
         "unicorn/prefer-ternary": "off",
+        "unicorn/prefer-top-level-await": "off",
         "unicorn/prevent-abbreviations": "off",
+        "unicorn/switch-case-braces": "off",
         "valid-typeof": ["error", {"requireStringLiterals": true}],
         "yoda": "error"
     },
     "overrides": [
         {
-            "files": ["frontend_tests/node_tests/**", "frontend_tests/zjsunit/**"],
+            "files": ["web/tests/**"],
             "rules": {
                 "no-jquery/no-selector-prop": "off"
             }
         },
         {
-            "files": ["frontend_tests/puppeteer_lib/**", "frontend_tests/puppeteer_tests/**"],
+            "files": ["web/e2e-tests/**"],
             "globals": {
-                "$": false,
                 "zulip_test": false
             }
         },
         {
-            "files": ["static/js/**"],
+            "files": ["web/src/**"],
             "globals": {
                 "StripeCheckout": false
             }
@@ -151,7 +146,9 @@
         {
             "files": ["**/*.ts"],
             "extends": [
+                "plugin:@typescript-eslint/recommended",
                 "plugin:@typescript-eslint/recommended-requiring-type-checking",
+                "plugin:@typescript-eslint/strict",
                 "plugin:import/typescript"
             ],
             "parserOptions": {
@@ -170,36 +167,29 @@
             "rules": {
                 // Disable base rule to avoid conflict
                 "no-duplicate-imports": "off",
-                "no-unused-vars": "off",
-                "no-useless-constructor": "off",
                 "no-use-before-define": "off",
 
-                "@typescript-eslint/array-type": "error",
-                "@typescript-eslint/consistent-type-assertions": "error",
+                "@typescript-eslint/consistent-type-definitions": ["error", "type"],
                 "@typescript-eslint/consistent-type-imports": "error",
                 "@typescript-eslint/explicit-function-return-type": [
                     "error",
                     {"allowExpressions": true}
                 ],
                 "@typescript-eslint/member-ordering": "error",
-                "@typescript-eslint/no-duplicate-imports": "off",
-                "@typescript-eslint/no-explicit-any": "off",
-                "@typescript-eslint/no-extraneous-class": "error",
+                "@typescript-eslint/no-duplicate-imports": "error",
                 "@typescript-eslint/no-non-null-assertion": "off",
                 "@typescript-eslint/no-parameter-properties": "error",
+                "@typescript-eslint/no-unnecessary-condition": "off",
                 "@typescript-eslint/no-unnecessary-qualifier": "error",
-                "@typescript-eslint/no-unused-vars": ["error", {"varsIgnorePattern": "^_"}],
                 "@typescript-eslint/no-unsafe-argument": "off",
                 "@typescript-eslint/no-unsafe-assignment": "off",
                 "@typescript-eslint/no-unsafe-call": "off",
                 "@typescript-eslint/no-unsafe-member-access": "off",
                 "@typescript-eslint/no-unsafe-return": "off",
-                "@typescript-eslint/no-use-before-define": "error",
-                "@typescript-eslint/no-useless-constructor": "error",
-                "@typescript-eslint/prefer-includes": "error",
-                "@typescript-eslint/prefer-string-starts-ends-with": "error",
+                "@typescript-eslint/no-unused-vars": ["error", {"ignoreRestSiblings": true}],
+                "@typescript-eslint/no-use-before-define": ["error", {"functions": false}],
                 "@typescript-eslint/promise-function-async": "error",
-                "@typescript-eslint/unified-signatures": "error",
+                "import/no-cycle": "error",
                 "no-undef": "error"
             }
         },
@@ -210,7 +200,7 @@
             }
         },
         {
-            "files": ["frontend_tests/**"],
+            "files": ["web/e2e-tests/**", "web/tests/**"],
             "globals": {
                 "CSS": false,
                 "document": false,
@@ -225,7 +215,7 @@
             }
         },
         {
-            "files": ["tools/debug-require.js"],
+            "files": ["web/debug-require.js"],
             "env": {
                 "browser": true,
                 "es2020": false
@@ -239,20 +229,27 @@
             }
         },
         {
-            "files": ["static/**"],
+            "files": ["web/shared/**", "web/src/**", "web/third/**"],
             "env": {
                 "browser": true,
                 "node": false
             },
+            "globals": {
+                "ZULIP_VERSION": false
+            },
             "rules": {
                 "no-console": "error"
             },
             "settings": {
-                "import/resolver": "webpack"
+                "import/resolver": {
+                    "webpack": {
+                        "config": "./web/webpack.config.ts"
+                    }
+                }
             }
         },
         {
-            "files": ["static/shared/**"],
+            "files": ["web/shared/**"],
             "env": {
                 "browser": false,
                 "shared-node-browser": true
@@ -263,9 +260,9 @@
                     {
                         "zones": [
                             {
-                                "target": "./static/shared",
+                                "target": "./web/shared",
                                 "from": ".",
-                                "except": ["./node_modules", "./static/shared"]
+                                "except": ["./node_modules", "./web/shared"]
                             }
                         ]
                     }

.github/pull_request_template.md

@@ -1,11 +1,43 @@
-<!-- What's this PR for?  (Just a link to an issue is fine.) -->
+<!-- Describe your pull request here.-->
 
-**Testing plan:** <!-- How have you tested? -->
+Fixes: <!-- Issue link, or clear description.-->
 
-**GIFs or screenshots:** <!-- If a UI change.  See:
-  https://zulip.readthedocs.io/en/latest/tutorials/screenshot-and-gif-software.html
-  -->
+<!-- If the PR makes UI changes, always include one or more still screenshots to demonstrate your changes. If it seems helpful, add a screen capture of the new functionality as well.
 
-<!-- Also be sure to make clear, coherent commits:
-  https://zulip.readthedocs.io/en/latest/contributing/version-control.html
-  -->
+Tooling tips: https://zulip.readthedocs.io/en/latest/tutorials/screenshot-and-gif-software.html
+-->
+
+**Screenshots and screen captures:**
+
+<details>
+<summary>Self-review checklist</summary>
+
+<!-- Prior to submitting a PR, follow our step-by-step guide to review your own code:
+https://zulip.readthedocs.io/en/latest/contributing/code-reviewing.html#how-to-review-code -->
+
+<!-- Once you create the PR, check off all the steps below that you have completed.
+If any of these steps are not relevant or you have not completed, leave them unchecked.-->
+
+- [ ] [Self-reviewed](https://zulip.readthedocs.io/en/latest/contributing/code-reviewing.html#how-to-review-code) the changes for clarity and maintainability
+      (variable names, code reuse, readability, etc.).
+
+Communicate decisions, questions, and potential concerns.
+
+- [ ] Explains differences from previous plans (e.g., issue description).
+- [ ] Highlights technical choices and bugs encountered.
+- [ ] Calls out remaining decisions and concerns.
+- [ ] Automated tests verify logic where appropriate.
+
+Individual commits are ready for review (see [commit discipline](https://zulip.readthedocs.io/en/latest/contributing/commit-discipline.html)).
+
+- [ ] Each commit is a coherent idea.
+- [ ] Commit message(s) explain reasoning and motivation for changes.
+
+Completed manual review and testing of the following:
+
+- [ ] Visual appearance of the changes.
+- [ ] Responsiveness and internationalization.
+- [ ] Strings and tooltips.
+- [ ] End-to-end functionality of buttons, interactions and flows.
+- [ ] Corner cases, error conditions, and easily imagined bugs.
+</details>

.github/workflows/cancel-previous-runs.yml

@@ -1,43 +0,0 @@
-name: Cancel previous runs
-on: [push, pull_request]
-
-defaults:
-  run:
-    shell: bash
-
-jobs:
-  cancel:
-    name: Cancel previous runs
-    runs-on: ubuntu-latest
-    timeout-minutes: 3
-
-    # Don't run this job for zulip/zulip pushes since we
-    # want to run those jobs.
-    if: ${{ github.event_name != 'push' || github.event.repository.full_name != 'zulip/zulip' }}
-
-    steps:
-      # We get workflow IDs from GitHub API so we don't have to maintain
-      # a hard-coded list of IDs which need to be updated when a workflow
-      # is added or removed. And, workflow IDs are different for other forks
-      # so this is required.
-      - name: Get workflow IDs.
-        id: workflow_ids
-        continue-on-error: true # Don't fail this job on failure
-        env:
-          # This is in <owner>/<repo> format e.g. zulip/zulip
-          REPOSITORY: ${{ github.repository }}
-        run: |
-          workflow_api_url=https://api.github.com/repos/$REPOSITORY/actions/workflows
-          curl -fL $workflow_api_url -o workflows.json
-
-          script="const {workflows} = require('./workflows'); \
-                  const ids = workflows.map(workflow => workflow.id); \
-                  console.log(ids.join(','));"
-          ids=$(node -e "$script")
-          echo "::set-output name=ids::$ids"
-
-      - uses: styfle/cancel-workflow-action@0.9.0
-        continue-on-error: true # Don't fail this job on failure
-        with:
-          workflow_id: ${{ steps.workflow_ids.outputs.ids }}
-          access_token: ${{ github.token }}

.github/workflows/codeql-analysis.yml

@@ -2,26 +2,39 @@ name: "Code scanning"
 
 on:
   push:
-    branches-ignore:
-      - dependabot/** # https://github.com/github/codeql-action/pull/435
-  pull_request: {}
+    branches: ["*.x", chat.zulip.org, main]
+    tags: ["*"]
+  pull_request:
+    branches: ["*.x", chat.zulip.org, main]
+  workflow_dispatch:
+
+concurrency:
+  group: "${{ github.workflow }}-${{ github.head_ref || github.run_id }}"
+  cancel-in-progress: true
+
+permissions:
+  contents: read
 
 jobs:
   CodeQL:
+    permissions:
+      actions: read # for github/codeql-action/init to get workflow details
+      contents: read # for actions/checkout to fetch code
+      security-events: write # for github/codeql-action/analyze to upload SARIF results
     if: ${{!github.event.repository.private}}
     runs-on: ubuntu-latest
 
     steps:
       - name: Check out repository
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v1
+        uses: github/codeql-action/init@v2
 
         # Override language selection by uncommenting this and choosing your languages
         # with:
         #   languages: go, javascript, csharp, python, cpp, java
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v1
+        uses: github/codeql-action/analyze@v2

.github/workflows/production-suite.yml

@@ -1,42 +1,52 @@
 name: Zulip production suite
 
 on:
-  push: {}
+  push:
+    branches: ["*.x", chat.zulip.org, main]
+    tags: ["*"]
   pull_request:
     paths:
       - .github/workflows/production-suite.yml
       - "**/migrations/**"
-      - babel.config.js
       - manage.py
-      - postcss.config.js
+      - pnpm-lock.yaml
       - puppet/**
       - requirements/**
       - scripts/**
-      - static/assets/**
-      - static/third/**
       - tools/**
-      - webpack.config.ts
-      - yarn.lock
+      - web/babel.config.js
+      - web/postcss.config.js
+      - web/third/**
+      - web/webpack.config.ts
       - zerver/worker/queue_processors.py
       - zerver/lib/push_notifications.py
       - zerver/decorator.py
       - zproject/**
+  workflow_dispatch:
+
+concurrency:
+  group: "${{ github.workflow }}-${{ github.head_ref || github.run_id }}"
+  cancel-in-progress: true
 
 defaults:
   run:
     shell: bash
 
+permissions:
+  contents: read
+
 jobs:
   production_build:
     # This job builds a release tarball from the current commit, which
     # will be used for all of the following install/upgrade tests.
-    name: Debian 10 production build
+    name: Ubuntu 20.04 production build
     runs-on: ubuntu-latest
 
     # Docker images are built from 'tools/ci/Dockerfile'; the comments at
     # the top explain how to build and upload these images.
-    # Debian 10 ships with Python 3.7.3.
-    container: zulip/ci:buster
+    # Ubuntu 20.04 ships with Python 3.8.10.
+    container: zulip/ci:focal
+
     steps:
       - name: Add required permissions
         run: |
@@ -54,50 +64,60 @@ jobs:
           # cache action to work. It is owned by root currently.
           sudo chmod -R 0777 /__w/_temp/
 
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - name: Create cache directories
         run: |
-          dirs=(/srv/zulip-{npm,venv,emoji}-cache)
+          dirs=(/srv/zulip-{venv,emoji}-cache)
           sudo mkdir -p "${dirs[@]}"
           sudo chown -R github "${dirs[@]}"
 
-      - name: Restore node_modules cache
-        uses: actions/cache@v2
+      - name: Restore pnpm store
+        uses: actions/cache@v3
         with:
-          path: /srv/zulip-npm-cache
-          key: v1-yarn-deps-buster-${{ hashFiles('package.json') }}-${{ hashFiles('yarn.lock') }}
-          restore-keys: v1-yarn-deps-buster
+          path: ~/.local/share/pnpm/store
+          key: v1-pnpm-store-focal-${{ hashFiles('pnpm-lock.yaml') }}
 
       - name: Restore python cache
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: /srv/zulip-venv-cache
-          key: v1-venv-buster-${{ hashFiles('requirements/dev.txt') }}
-          restore-keys: v1-venv-buster
+          key: v1-venv-focal-${{ hashFiles('requirements/dev.txt') }}
+          restore-keys: v1-venv-focal
 
       - name: Restore emoji cache
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: /srv/zulip-emoji-cache
-          key: v1-emoji-buster-${{ hashFiles('tools/setup/emoji/emoji_map.json') }}-${{ hashFiles('tools/setup/emoji/build_emoji') }}-${{ hashFiles('tools/setup/emoji/emoji_setup_utils.py') }}-${{ hashFiles('tools/setup/emoji/emoji_names.py') }}-${{ hashFiles('package.json') }}
-          restore-keys: v1-emoji-buster
+          key: v1-emoji-focal-${{ hashFiles('tools/setup/emoji/emoji_map.json') }}-${{ hashFiles('tools/setup/emoji/build_emoji') }}-${{ hashFiles('tools/setup/emoji/emoji_setup_utils.py') }}-${{ hashFiles('tools/setup/emoji/emoji_names.py') }}-${{ hashFiles('package.json') }}
+          restore-keys: v1-emoji-focal
 
       - name: Build production tarball
         run: ./tools/ci/production-build
 
       - name: Upload production build artifacts for install jobs
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: production-tarball
           path: /tmp/production-build
-          retention-days: 14
+          retention-days: 1
 
-      - name: Report status
-        if: failure()
-        env:
-          ZULIP_BOT_KEY: ${{ secrets.ZULIP_BOT_KEY }}
-        run: tools/ci/send-failure-message
+      - name: Generate failure report string
+        id: failure_report_string
+        if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
+        run: tools/ci/generate-failure-message >> $GITHUB_OUTPUT
+
+      - name: Report status to CZO
+        if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
+        uses: zulip/github-actions-zulip/send-message@v1
+        with:
+          api-key: ${{ secrets.ZULIP_BOT_KEY }}
+          email: "github-actions-bot@chat.zulip.org"
+          organization-url: "https://chat.zulip.org"
+          to: "automated testing"
+          topic: ${{ steps.failure_report_string.outputs.topic }}
+          type: "stream"
+          content: ${{ steps.failure_report_string.outputs.content }}
 
   production_install:
     # This job installs the server release tarball built above on a
@@ -106,23 +126,22 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
+        extra-args: [""]
         include:
           # Docker images are built from 'tools/ci/Dockerfile'; the comments at
           # the top explain how to build and upload these images.
           - docker_image: zulip/ci:focal
             name: Ubuntu 20.04 production install
             os: focal
-            extra_args: ""
 
-          - docker_image: zulip/ci:buster
-            name: Debian 10 production install with custom db name and user
-            os: buster
-            extra_args: --test-custom-db
+          - docker_image: zulip/ci:jammy
+            name: Ubuntu 22.04 production install
+            os: jammy
 
           - docker_image: zulip/ci:bullseye
-            name: Debian 11 production install
+            name: Debian 11 production install with custom db name and user
             os: bullseye
-            extra_args: ""
+            extra-args: --test-custom-db
 
     name: ${{ matrix.name  }}
     container:
@@ -133,7 +152,7 @@ jobs:
 
     steps:
       - name: Download built production tarball
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: production-tarball
           path: /tmp
@@ -151,25 +170,22 @@ jobs:
           chmod +x /tmp/production-pgroonga
           chmod +x /tmp/production-install
           chmod +x /tmp/production-verify
-          chmod +x /tmp/send-failure-message
+          chmod +x /tmp/generate-failure-message
 
       - name: Create cache directories
         run: |
-          dirs=(/srv/zulip-{npm,venv,emoji}-cache)
+          dirs=(/srv/zulip-{venv,emoji}-cache)
           sudo mkdir -p "${dirs[@]}"
           sudo chown -R github "${dirs[@]}"
 
-      - name: Restore node_modules cache
-        uses: actions/cache@v2
+      - name: Restore pnpm store
+        uses: actions/cache@v3
         with:
-          path: /srv/zulip-npm-cache
-          key: v1-yarn-deps-${{ matrix.os }}-${{ hashFiles('/tmp/package.json') }}-${{ hashFiles('/tmp/yarn.lock') }}
-          restore-keys: v1-yarn-deps-${{ matrix.os }}
+          path: ~/.local/share/pnpm/store
+          key: v1-pnpm-store-${{ matrix.os }}-${{ hashFiles('/tmp/pnpm-lock.yaml') }}
 
       - name: Install production
-        run: |
-          sudo service rabbitmq-server restart
-          sudo /tmp/production-install ${{ matrix.extra-args }}
+        run: sudo /tmp/production-install ${{ matrix.extra-args }}
 
       - name: Verify install
         run: sudo /tmp/production-verify ${{ matrix.extra-args }}
@@ -190,11 +206,22 @@ jobs:
         if: ${{ matrix.os == 'focal' }}
         run: sudo /tmp/production-verify ${{ matrix.extra-args }}
 
-      - name: Report status
-        if: failure()
-        env:
-          ZULIP_BOT_KEY: ${{ secrets.ZULIP_BOT_KEY }}
-        run: /tmp/send-failure-message
+      - name: Generate failure report string
+        id: failure_report_string
+        if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
+        run: /tmp/generate-failure-message >> $GITHUB_OUTPUT
+
+      - name: Report status to CZO
+        if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
+        uses: zulip/github-actions-zulip/send-message@v1
+        with:
+          api-key: ${{ secrets.ZULIP_BOT_KEY }}
+          email: "github-actions-bot@chat.zulip.org"
+          organization-url: "https://chat.zulip.org"
+          to: "automated testing"
+          topic: ${{ steps.failure_report_string.outputs.topic }}
+          type: "stream"
+          content: ${{ steps.failure_report_string.outputs.content }}
 
   production_upgrade:
     # The production upgrade job starts with a container with a
@@ -207,14 +234,19 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          # Docker images are built from 'tools/ci/Dockerfile'; the comments at
+          # Docker images are built from 'tools/ci/Dockerfile.prod'; the comments at
           # the top explain how to build and upload these images.
-          - docker_image: zulip/ci:buster-3.4
-            name: 3.4 Version Upgrade
-            os: buster
-
-          - docker_image: zulip/ci:bullseye-4.11
-            name: 4.11 Version Upgrade
+          - docker_image: zulip/ci:focal-3.2
+            name: 3.2 Version Upgrade
+            os: focal
+          - docker_image: zulip/ci:bullseye-4.2
+            name: 4.2 Version Upgrade
+            os: bullseye
+          - docker_image: zulip/ci:bullseye-5.0
+            name: 5.0 Version Upgrade
+            os: bullseye
+          - docker_image: zulip/ci:bullseye-6.0
+            name: 6.0 Version Upgrade
             os: bullseye
 
     name: ${{ matrix.name  }}
@@ -226,7 +258,7 @@ jobs:
 
     steps:
       - name: Download built production tarball
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: production-tarball
           path: /tmp
@@ -242,11 +274,11 @@ jobs:
           # of the tarball uploaded by the upload artifact fix those.
           chmod +x /tmp/production-upgrade
           chmod +x /tmp/production-verify
-          chmod +x /tmp/send-failure-message
+          chmod +x /tmp/generate-failure-message
 
       - name: Create cache directories
         run: |
-          dirs=(/srv/zulip-{npm,venv,emoji}-cache)
+          dirs=(/srv/zulip-{venv,emoji}-cache)
           sudo mkdir -p "${dirs[@]}"
           sudo chown -R github "${dirs[@]}"
 
@@ -259,8 +291,19 @@ jobs:
         # - name: Verify install
         #   run: sudo /tmp/production-verify
 
-      - name: Report status
-        if: failure()
-        env:
-          ZULIP_BOT_KEY: ${{ secrets.ZULIP_BOT_KEY }}
-        run: /tmp/send-failure-message
+      - name: Generate failure report string
+        id: failure_report_string
+        if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
+        run: /tmp/generate-failure-message >> $GITHUB_OUTPUT
+
+      - name: Report status to CZO
+        if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
+        uses: zulip/github-actions-zulip/send-message@v1
+        with:
+          api-key: ${{ secrets.ZULIP_BOT_KEY }}
+          email: "github-actions-bot@chat.zulip.org"
+          organization-url: "https://chat.zulip.org"
+          to: "automated testing"
+          topic: ${{ steps.failure_report_string.outputs.topic }}
+          type: "stream"
+          content: ${{ steps.failure_report_string.outputs.content }}

.github/workflows/update-oneclick-apps.yml

@@ -2,11 +2,14 @@ name: Update one click apps
 on:
   release:
     types: [published]
+permissions:
+  contents: read
+
 jobs:
   update-digitalocean-oneclick-app:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
       - name: Update DigitalOcean one click app
         env:
           DIGITALOCEAN_API_KEY: ${{ secrets.ONE_CLICK_ACTION_DIGITALOCEAN_API_KEY }}
@@ -19,6 +22,6 @@ jobs:
         run: |
           export PATH="$HOME/.local/bin:$PATH"
           git clone https://github.com/zulip/marketplace-partners
-          pip3 install python-digitalocean zulip fab-classic
+          pip3 install python-digitalocean zulip fab-classic PyNaCl
           echo $PATH
           python3 tools/oneclickapps/prepare_digital_ocean_one_click_app_release.py

.github/workflows/zulip-ci.yml

@@ -4,35 +4,48 @@
 
 name: Zulip CI
 
-on: [push, pull_request]
+on:
+  push:
+    branches: ["*.x", chat.zulip.org, main]
+    tags: ["*"]
+  pull_request:
+  workflow_dispatch:
+
+concurrency:
+  group: "${{ github.workflow }}-${{ github.head_ref || github.run_id }}"
+  cancel-in-progress: true
 
 defaults:
   run:
     shell: bash
 
+permissions:
+  contents: read
+
 jobs:
   tests:
     strategy:
       fail-fast: false
       matrix:
+        include_documentation_tests: [false]
+        include_frontend_tests: [false]
         include:
           # Base images are built using `tools/ci/Dockerfile.prod.template`.
           # The comments at the top explain how to build and upload these images.
-          # Debian 10 ships with Python 3.7.3.
-          - docker_image: zulip/ci:buster
-            name: Debian 10 Buster (Python 3.7, backend + frontend)
-            os: buster
-            include_frontend_tests: true
-          # Ubuntu 20.04 ships with Python 3.8.2.
+          # Ubuntu 20.04 ships with Python 3.8.10.
           - docker_image: zulip/ci:focal
-            name: Ubuntu 20.04 Focal (Python 3.8, backend)
+            name: Ubuntu 20.04 (Python 3.8, backend + frontend)
             os: focal
-            include_frontend_tests: false
+            include_frontend_tests: true
           # Debian 11 ships with Python 3.9.2.
           - docker_image: zulip/ci:bullseye
-            name: Debian 11 Bullseye (Python 3.9, backend)
+            name: Debian 11 (Python 3.9, backend + documentation)
             os: bullseye
-            include_frontend_tests: false
+            include_documentation_tests: true
+          # Ubuntu 22.04 ships with Python 3.10.4.
+          - docker_image: zulip/ci:jammy
+            name: Ubuntu 22.04 (Python 3.10, backend)
+            os: jammy
 
     runs-on: ubuntu-latest
     name: ${{ matrix.name }}
@@ -47,33 +60,32 @@ jobs:
       HOME: /home/github/
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
 
       - name: Create cache directories
         run: |
-          dirs=(/srv/zulip-{npm,venv,emoji}-cache)
+          dirs=(/srv/zulip-{venv,emoji}-cache)
           sudo mkdir -p "${dirs[@]}"
           sudo chown -R github "${dirs[@]}"
 
-      - name: Restore node_modules cache
-        uses: actions/cache@v2
+      - name: Restore pnpm store
+        uses: actions/cache@v3
         with:
-          path: /srv/zulip-npm-cache
-          key: v1-yarn-deps-${{ matrix.os }}-${{ hashFiles('package.json') }}-${{ hashFiles('yarn.lock') }}
-          restore-keys: v1-yarn-deps-${{ matrix.os }}
+          path: ~/.local/share/pnpm/store
+          key: v1-pnpm-store-${{ matrix.os }}-${{ hashFiles('pnpm-lock.yaml') }}
 
       - name: Restore python cache
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: /srv/zulip-venv-cache
           key: v1-venv-${{ matrix.os }}-${{ hashFiles('requirements/dev.txt') }}
           restore-keys: v1-venv-${{ matrix.os }}
 
       - name: Restore emoji cache
-        uses: actions/cache@v2
+        uses: actions/cache@v3
         with:
           path: /srv/zulip-emoji-cache
-          key: v1-emoji-${{ matrix.os }}-${{ hashFiles('tools/setup/emoji/emoji_map.json') }}-${{ hashFiles('tools/setup/emoji/build_emoji') }}-${{ hashFiles('tools/setup/emoji/emoji_setup_utils.py') }}-${{ hashFiles('tools/setup/emoji/emoji_names.py') }}-${{ hashFiles('package.json') }}
+          key: v1-emoji-${{ matrix.os }}-${{ hashFiles('tools/setup/emoji/emoji_map.json', 'tools/setup/emoji/build_emoji', 'tools/setup/emoji/emoji_setup_utils.py', 'tools/setup/emoji/emoji_names.py', 'package.json') }}
           restore-keys: v1-emoji-${{ matrix.os }}
 
       - name: Install dependencies
@@ -110,7 +122,7 @@ jobs:
       - name: Run backend tests
         run: |
           source tools/ci/activate-venv
-          ./tools/test-backend --coverage --include-webhooks --no-cov-cleanup --ban-console-output
+          ./tools/test-backend --coverage --xml-report --no-html-report --include-webhooks --no-cov-cleanup --ban-console-output
 
       - name: Run mypy
         run: |
@@ -124,8 +136,9 @@ jobs:
         run: |
           source tools/ci/activate-venv
 
-          # Currently our compiled requirements files will differ for different python versions
-          # so we will run test-locked-requirements only for Debian 10.
+          # Currently our compiled requirements files will differ for different
+          # Python versions, so we will run test-locked-requirements only on the
+          # platform with the oldest one.
           # ./tools/test-locked-requirements
           # ./tools/test-run-dev  # https://github.com/zulip/zulip/pull/14233
           #
@@ -136,15 +149,17 @@ jobs:
           ./tools/test-migrations
           ./tools/setup/optimize-svg --check
           ./tools/setup/generate_integration_bots_avatars.py --check-missing
+          ./tools/ci/check-executables
 
-          # Ban check-database-compatibility.py from transitively
+          # Ban check-database-compatibility from transitively
           # relying on static/generated, because it might not be
           # up-to-date at that point in upgrade-zulip-stage-2.
-          chmod 000 static/generated
-          ./scripts/lib/check-database-compatibility.py
-          chmod 755 static/generated
+          chmod 000 static/generated web/generated
+          ./scripts/lib/check-database-compatibility
+          chmod 755 static/generated web/generated
 
       - name: Run documentation and api tests
+        if: ${{ matrix.include_documentation_tests }}
         run: |
           source tools/ci/activate-venv
           # In CI, we only test links we control in test-documentation to avoid flakes
@@ -180,6 +195,10 @@ jobs:
           source tools/ci/activate-venv
           ./tools/test-js-with-puppeteer
 
+      - name: Check pnpm dedupe
+        if: ${{ matrix.include_frontend_tests }}
+        run: pnpm dedupe --check
+
       - name: Check for untracked files
         run: |
           source tools/ci/activate-venv
@@ -192,7 +211,7 @@ jobs:
           fi
 
       - name: Test locked requirements
-        if: ${{ matrix.os == 'buster' }}
+        if: ${{ matrix.os == 'focal' }}
         run: |
           . /srv/zulip-py3-venv/bin/activate && \
           ./tools/test-locked-requirements
@@ -202,25 +221,35 @@ jobs:
         # Only upload coverage when both frontend and backend
         # tests are run.
         if: ${{ matrix.include_frontend_tests }}
-        uses: codecov/codecov-action@v2
+        uses: codecov/codecov-action@v3
         with:
           files: var/coverage.xml,var/node-coverage/lcov.info
 
       - name: Store Puppeteer artifacts
         # Upload these on failure, as well
         if: ${{ always() && matrix.include_frontend_tests }}
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: puppeteer
           path: ./var/puppeteer
           retention-days: 60
 
       - name: Check development database build
-        if: ${{ matrix.os == 'focal' || matrix.os == 'bullseye' || matrix.os == 'jammy' }}
         run: ./tools/ci/setup-backend
 
-      - name: Report status
-        if: failure()
-        env:
-          ZULIP_BOT_KEY: ${{ secrets.ZULIP_BOT_KEY }}
-        run: tools/ci/send-failure-message
+      - name: Generate failure report string
+        id: failure_report_string
+        if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
+        run: tools/ci/generate-failure-message >> $GITHUB_OUTPUT
+
+      - name: Report status to CZO
+        if: ${{ failure() && github.repository == 'zulip/zulip' && github.event_name == 'push' }}
+        uses: zulip/github-actions-zulip/send-message@v1
+        with:
+          api-key: ${{ secrets.ZULIP_BOT_KEY }}
+          email: "github-actions-bot@chat.zulip.org"
+          organization-url: "https://chat.zulip.org"
+          to: "automated testing"
+          topic: ${{ steps.failure_report_string.outputs.topic }}
+          type: "stream"
+          content: ${{ steps.failure_report_string.outputs.content }}

.gitignore

@@ -33,6 +33,7 @@ package-lock.json
 !/var/puppeteer/test_credentials.d.ts
 
 /.dmypy.json
+/.ruff_cache
 
 # Generated i18n data
 /locale/en
@@ -43,11 +44,11 @@ package-lock.json
 # Static build
 *.mo
 npm-debug.log
+/.pnpm-store
 /node_modules
 /prod-static
 /staticfiles.json
 /webpack-stats-production.json
-/yarn-error.log
 zulip-git-version
 
 # Test / analysis tools

.gitlint

@@ -1,13 +1,13 @@
 [general]
 ignore=title-trailing-punctuation, body-min-length, body-is-missing
 
-extra-path=tools/lib/gitlint-rules.py
+extra-path=tools/lib/gitlint_rules.py
 
 [title-match-regex]
 regex=^(.+:\ )?[A-Z].+\.$
 
 [title-max-length]
-line-length=76
+line-length=72
 
 [body-max-line-length]
 line-length=76

.mailmap

@@ -12,6 +12,8 @@
 #     # shows raw names/emails, filtered by mapped name:
 #   $ git log --format='%an %ae' --author=$NAME | uniq -c
 
+Adam Benesh <Adam.Benesh@gmail.com> <Adam-Daniel.Benesh@t-systems.com>
+Adam Benesh <Adam.Benesh@gmail.com>
 Alex Vandiver <alexmv@zulip.com> <alex@chmrr.net>
 Alex Vandiver <alexmv@zulip.com> <github@chmrr.net>
 Allen Rabinovich <allenrabinovich@yahoo.com> <allenr@humbughq.com>
@@ -20,6 +22,10 @@ Alya Abbott <alya@zulip.com> <2090066+alya@users.noreply.github.com>
 Aman Agrawal <amanagr@zulip.com> <f2016561@pilani.bits-pilani.ac.in>
 Anders Kaseorg <anders@zulip.com> <anders@zulipchat.com>
 Anders Kaseorg <anders@zulip.com> <andersk@mit.edu>
+Aryan Shridhar <aryanshridhar7@gmail.com> <53977614+aryanshridhar@users.noreply.github.com>
+Aryan Shridhar <aryanshridhar7@gmail.com>
+aparna-bhatt <aparnabhatt2001@gmail.com> <86338542+aparna-bhatt@users.noreply.github.com>
+Ashwat Kumar Singh <ashwat.kumarsingh.met20@itbhu.ac.in>
 Austin Riba <austin@zulip.com> <austin@m51.io>
 BIKI DAS <bikid475@gmail.com>
 Brock Whittaker <brock@zulipchat.com> <bjwhitta@asu.edu>
@@ -28,6 +34,8 @@ Brock Whittaker <brock@zulipchat.com> <brock@zulipchat.org>
 Chris Bobbe <cbobbe@zulip.com> <cbobbe@zulipchat.com>
 Chris Bobbe <cbobbe@zulip.com> <csbobbe@gmail.com>
 Eeshan Garg <eeshan@zulip.com> <jerryguitarist@gmail.com>
+Eric Smith <erwsmith@gmail.com> <99841919+erwsmith@users.noreply.github.com>
+Ganesh Pawar <pawarg256@gmail.com> <58626718+ganpa3@users.noreply.github.com>
 Greg Price <greg@zulip.com> <gnprice@gmail.com>
 Greg Price <greg@zulip.com> <greg@zulipchat.com>
 Greg Price <greg@zulip.com> <price@mit.edu>
@@ -37,23 +45,35 @@ Jeff Arnold <jbarnold@gmail.com> <jbarnold@humbughq.com>
 Jeff Arnold <jbarnold@gmail.com> <jbarnold@zulip.com>
 Jessica McKellar <jesstess@mit.edu> <jesstess@humbughq.com>
 Jessica McKellar <jesstess@mit.edu> <jesstess@zulip.com>
+Julia Bichler <julia.bichler@tum.de> <74348920+juliaBichler01@users.noreply.github.com>
 Kevin Mehall <km@kevinmehall.net> <kevin@humbughq.com>
 Kevin Mehall <km@kevinmehall.net> <kevin@zulip.com>
 Kevin Scott <kevin.scott.98@gmail.com>
 Lauryn Menard <lauryn@zulip.com> <lauryn.menard@gmail.com>
+Lauryn Menard <lauryn@zulip.com> <63245456+laurynmm@users.noreply.github.com>
 Mateusz Mandera <mateusz.mandera@zulip.com> <mateusz.mandera@protonmail.com>
+Matt Keller <matt@zulip.com>
+Matt Keller <matt@zulip.com> <m@cognusion.com>
 m-e-l-u-h-a-n <purushottam.tiwari.cd.cse19@itbhu.ac.in>
+Noble Mittal <noblemittal@outlook.com> <62551163+beingnoble03@users.noreply.github.com>
 Palash Raghuwanshi <singhpalash0@gmail.com>
 Parth <mittalparth22@gmail.com>
+Priyam Seth <sethpriyam1@gmail.com> <b19188@students.iitmandi.ac.in>
 Ray Kraesig <rkraesig@zulip.com> <rkraesig@zulipchat.com>
+Reid Barton <rwbarton@gmail.com> <rwbarton@humbughq.com>
+Rein Zustand (rht) <rhtbot@protonmail.com>
 Rishi Gupta <rishig@zulipchat.com> <rishig+git@mit.edu>
 Rishi Gupta <rishig@zulipchat.com> <rishig@kandralabs.com>
 Rishi Gupta <rishig@zulipchat.com> <rishig@users.noreply.github.com>
-Reid Barton <rwbarton@gmail.com> <rwbarton@humbughq.com>
+Rishabh Maheshwari <b20063@students.iitmandi.ac.in>
+Rixant Rokaha <rixantrokaha@gmail.com>
+Rixant Rokaha <rixantrokaha@gmail.com> <rishantrokaha@gmail.com>
+Rixant Rokaha <rixantrokaha@gmail.com> <rrokaha@caldwell.edu>
 Sayam Samal <samal.sayam@gmail.com>
 Scott Feeney <scott@oceanbase.org> <scott@humbughq.com>
 Scott Feeney <scott@oceanbase.org> <scott@zulip.com>
 Shlok Patel <shlokcpatel2001@gmail.com>
+Somesh Ranjan <somesh.ranjan.met20@itbhu.ac.in> <77766761+somesh202@users.noreply.github.com>
 Steve Howell <showell@zulip.com> <showell30@yahoo.com>
 Steve Howell <showell@zulip.com> <showell@yahoo.com>
 Steve Howell <showell@zulip.com> <showell@zulipchat.com>
@@ -71,3 +91,12 @@ Sahil Batra <sahil@zulip.com> <sahilbatra839@gmail.com>
 Yash RE <33805964+YashRE42@users.noreply.github.com> <YashRE42@github.com>
 Yash RE <33805964+YashRE42@users.noreply.github.com>
 Yogesh Sirsat <yogeshsirsat56@gmail.com>
+Yogesh Sirsat <yogeshsirsat56@gmail.com> <41695888+yogesh-sirsat@users.noreply.github.com>
+Zeeshan Equbal <equbalzeeshan@gmail.com> <54993043+zee-bit@users.noreply.github.com>
+Zeeshan Equbal <equbalzeeshan@gmail.com>
+Zev Benjamin <zev@zulip.com> <zev@dropbox.com>
+Zev Benjamin <zev@zulip.com> <zev@humbughq.com>
+Zev Benjamin <zev@zulip.com> <zev@mit.edu>
+Zixuan James Li <p359101898@gmail.com>
+Zixuan James Li <p359101898@gmail.com> <39874143+PIG208@users.noreply.github.com>
+Zixuan James Li <p359101898@gmail.com> <359101898@qq.com>

.npmrc

@@ -0,0 +1 @@
+ignore-dep-scripts=true

.prettierignore

@@ -1,8 +1,11 @@
+pnpm-lock.yaml
+/api_docs/**/*.md
 /corporate/tests/stripe_fixtures
+/help/**/*.md
 /locale
-/static/third
 /templates/**/*.md
 /tools/setup/emoji/emoji_map.json
+/web/third
 /zerver/tests/fixtures
 /zerver/webhooks/*/doc.md
 /zerver/webhooks/*/fixtures

.readthedocs.yaml

@@ -0,0 +1,15 @@
+# https://docs.readthedocs.io/en/stable/config-file/v2.html
+version: 2
+
+build:
+  os: ubuntu-22.04
+  tools:
+    python: "3.10"
+
+sphinx:
+  configuration: docs/conf.py
+  fail_on_warning: true
+
+python:
+  install:
+    - requirements: requirements/docs.txt

.tx/config

@@ -1,32 +1,39 @@
+# Migrated from transifex-client format with `tx migrate`
+#
+# See https://developers.transifex.com/docs/using-the-client which hints at
+# this format, but in general, the headings are in the format of:
+#
+# [o:<org>:p:<project>:r:<resource>]
+
 [main]
 host = https://www.transifex.com
 lang_map = zh-Hans: zh_Hans, zh-Hant: zh_Hant
 
-[zulip.djangopo]
+[o:zulip:p:zulip:r:djangopo]
 file_filter = locale/<lang>/LC_MESSAGES/django.po
 source_file = locale/en/LC_MESSAGES/django.po
 source_lang = en
 type = PO
 
-[zulip.translationsjson]
-file_filter = locale/<lang>/translations.json
-source_file = locale/en/translations.json
-source_lang = en
-type = KEYVALUEJSON
-
-[zulip.mobile]
+[o:zulip:p:zulip:r:mobile]
 file_filter = locale/<lang>/mobile.json
 source_file = locale/en/mobile.json
 source_lang = en
 type = KEYVALUEJSON
 
-[zulip-test.djangopo]
+[o:zulip:p:zulip:r:translationsjson]
+file_filter = locale/<lang>/translations.json
+source_file = locale/en/translations.json
+source_lang = en
+type = KEYVALUEJSON
+
+[o:zulip:p:zulip-test:r:djangopo]
 file_filter = locale/<lang>/LC_MESSAGES/django.po
 source_file = locale/en/LC_MESSAGES/django.po
 source_lang = en
 type = PO
 
-[zulip-test.translationsjson]
+[o:zulip:p:zulip-test:r:translationsjson]
 file_filter = locale/<lang>/translations.json
 source_file = locale/en/translations.json
 source_lang = en

.yarnrc

@@ -1 +0,0 @@
-ignore-scripts true

CODE_OF_CONDUCT.md

@@ -102,3 +102,71 @@ This Code of Conduct is adapted from the
 under a
 [Creative Commons BY-SA](https://creativecommons.org/licenses/by-sa/4.0/)
 license.
+
+## Moderating the Zulip community
+
+Anyone can help moderate the Zulip community by helping make sure that folks are
+aware of the [community guidelines](https://zulip.com/development-community/)
+and this Code of Conduct, and that we maintain a positive and respectful
+atmosphere.
+
+Here are some guidelines for you how can help:
+
+- Be friendly! Welcoming folks, thanking them for their feedback, ideas and effort,
+  and just trying to keep the atmosphere warm make the whole community function
+  more smoothly. New participants who feel accepted, listened to and respected
+  are likely to treat others the same way.
+
+- Be familiar with the [community
+  guidelines](https://zulip.com/development-community/), and cite them liberally
+  when a user violates them. Be polite but firm. Some examples:
+
+  - @user please note that there is no need to @-mention @\_**Tim Abbott** when
+    you ask a question. As noted in the [guidelines for this
+    community](https://zulip.com/development-community/):
+
+    > Use @-mentions sparingly… there is generally no need to @-mention a
+    > core contributor unless you need their timely attention.
+
+  - @user, please keep in mind the following [community
+    guideline](https://zulip.com/development-community/):
+
+    > Don’t ask the same question in multiple places. Moderators read every
+    > public stream, and make sure every question gets a reply.
+
+    I’ve gone ahead and moved the other copy of this message to this thread.
+
+  - If asked a question in a PM that is better discussed in a public stream:
+    > Hi @user! Please start by reviewing
+    > https://zulip.com/development-community/#community-norms to learn how to
+    > get help in this community.
+
+- Users sometimes think chat.zulip.org is a testing instance. When this happens,
+  kindly direct them to use the **#test here** stream.
+
+- If you see a message that’s posted in the wrong place, go ahead and move it if
+  you have permissions to do so, even if you don’t plan to respond to it.
+  Leaving the “Send automated notice to new topic” option enabled helps make it
+  clear what happened to the person who sent the message.
+
+  If you are responding to a message that's been moved, mention the user in your
+  reply, so that the mention serves as a notification of the new location for
+  their conversation.
+
+- If a user is posting spam, please report it to an administrator. They will:
+
+  - Change the user's name to `<name> (spammer)` and deactivate them.
+  - Delete any spam messages they posted in public streams.
+
+- We care very much about maintaining a respectful tone in our community. If you
+  see someone being mean or rude, point out that their tone is inappropriate,
+  and ask them to communicate their perspective in a respectful way in the
+  future. If you don’t feel comfortable doing so yourself, feel free to ask a
+  member of Zulip's core team to take care of the situation.
+
+- Try to assume the best intentions from others (given the range of
+  possibilities presented by their visible behavior), and stick with a friendly
+  and positive tone even when someone‘s behavior is poor or disrespectful.
+  Everyone has bad days and stressful situations that can result in them
+  behaving not their best, and while we should be firm about our community
+  rules, we should also enforce them with kindness.

CONTRIBUTING.md

@@ -1,17 +1,36 @@
-# Contributing to Zulip
+# Contributing guide
 
 Welcome to the Zulip community!
 
-## Community
+## Zulip development community
 
-The
-[Zulip community server](https://zulip.com/development-community/)
-is the primary communication forum for the Zulip community. It is a good
-place to start whether you have a question, are a new contributor, are a new
-user, or anything else. Please review our
-[community norms](https://zulip.com/development-community/#community-norms)
-before posting. The Zulip community is also governed by a
-[code of conduct](https://zulip.readthedocs.io/en/latest/code-of-conduct.html).
+The primary communication forum for the Zulip community is the Zulip
+server hosted at [chat.zulip.org](https://chat.zulip.org/):
+
+- **Users** and **administrators** of Zulip organizations stop by to
+  ask questions, offer feedback, and participate in product design
+  discussions.
+- **Contributors to the project**, including the **core Zulip
+  development team**, discuss ongoing and future projects, brainstorm
+  ideas, and generally help each other out.
+
+Everyone is welcome to [sign up](https://chat.zulip.org/) and
+participate — we love hearing from our users! Public streams in the
+community receive thousands of messages a week. We recommend signing
+up using the special invite links for
+[users](https://chat.zulip.org/join/t5crtoe62bpcxyisiyglmtvb/),
+[self-hosters](https://chat.zulip.org/join/wnhv3jzm6afa4raenedanfno/)
+and
+[contributors](https://chat.zulip.org/join/npzwak7vpmaknrhxthna3c7p/)
+to get a curated list of initial stream subscriptions.
+
+To learn how to get started participating in the community, including [community
+norms](https://zulip.com/development-community/#community-norms) and [where to
+post](https://zulip.com/development-community/#where-do-i-send-my-message),
+check out our [Zulip development community
+guide](https://zulip.com/development-community/). The Zulip community is
+governed by a [code of
+conduct](https://zulip.readthedocs.io/en/latest/code-of-conduct.html).
 
 ## Ways to contribute
 
@@ -39,6 +58,9 @@ don't require touching the codebase at all. For example, you can:
 - [Report issues](#reporting-issues), including both feature requests and
   bug reports.
 - [Give feedback](#user-feedback) if you are evaluating or using Zulip.
+- [Participate
+  thoughtfully](https://zulip.readthedocs.io/en/latest/contributing/design-discussions.html)
+  in design discussions.
 - [Sponsor Zulip](https://github.com/sponsors/zulip) through the GitHub sponsors program.
 - [Translate](https://zulip.readthedocs.io/en/latest/translating/translating.html)
   Zulip into your language.
@@ -54,12 +76,13 @@ to help.
 
 - First, make an account on the
   [Zulip community server](https://zulip.com/development-community/),
-  paying special attention to the community norms. If you'd like, introduce
-  yourself in
+  paying special attention to the
+  [community norms](https://zulip.com/development-community/#community-norms).
+  If you'd like, introduce yourself in
   [#new members](https://chat.zulip.org/#narrow/stream/95-new-members), using
   your name as the topic. Bonus: tell us about your first impressions of
-  Zulip, and anything that felt confusing/broken as you started using the
-  product.
+  Zulip, and anything that felt confusing/broken or interesting/helpful as you
+  started using the product.
 - Read [What makes a great Zulip contributor](#what-makes-a-great-zulip-contributor).
 - [Install the development environment](https://zulip.readthedocs.io/en/latest/development/overview.html),
   getting help in
@@ -124,14 +147,6 @@ Note that you are _not_ claiming an issue while you are iterating through steps
 1-4. _Before you claim an issue_, you should be confident that you will be able to
 tackle it effectively.
 
-If the lists of issues are overwhelming, you can post in
-[#new members](https://chat.zulip.org/#narrow/stream/95-new-members) with a
-bit about your background and interests, and we'll help you out. The most
-important thing to say is whether you're looking for a backend (Python),
-frontend (JavaScript and TypeScript), mobile (React Native), desktop (Electron),
-documentation (English) or visual design (JavaScript/TypeScript + CSS) issue, and a
-bit about your programming experience and available time.
-
 Additional tips for the [main server and web app
 repository](https://github.com/zulip/zulip/issues?q=is%3Aopen+is%3Aissue+label%3A%22help+wanted%22):
 
@@ -148,15 +163,21 @@ repository](https://github.com/zulip/zulip/issues?q=is%3Aopen+is%3Aissue+label%3
 
 ### Claiming an issue
 
-#### In the main server and web app repository
+#### In the main server/web app repository and Zulip Terminal repository
 
-After making sure the issue is tagged with a [help
+The Zulip server/web app repository
+([`zulip/zulip`](https://github.com/zulip/zulip/)) and the Zulip Terminal
+repository ([`zulip/zulip-terminal`](https://github.com/zulip/zulip-terminal/))
+are set up with a GitHub workflow bot called
+[Zulipbot](https://github.com/zulip/zulipbot), which manages issues and pull
+requests in order to create a better workflow for Zulip contributors.
+
+To claim an issue in these repositories, simply post a comment that says
+`@zulipbot claim` to the issue thread. If the issue is tagged with a [help
 wanted](https://github.com/zulip/zulip/issues?q=is%3Aopen+is%3Aissue+label%3A%22help+wanted%22)
-label, post a comment with `@zulipbot claim` to the issue thread.
-[Zulipbot](https://github.com/zulip/zulipbot) is a GitHub workflow bot; it will
-assign you to the issue and label the issue as "in progress".
+label, Zulipbot will immediately assign the issue to you.
 
-New contributors can only claim one issue until their first pull request is
+Note that new contributors can only claim one issue until their first pull request is
 merged. This is to encourage folks to finish ongoing work before starting
 something new. If you would like to pick up a new issue while waiting for review
 on an almost-ready pull request, you can post a comment to this effect on the
@@ -164,8 +185,11 @@ issue you're interested in.
 
 #### In other Zulip repositories
 
-There is no bot for other repositories, so you can simply post a comment saying
-that you'd like to work on the issue.
+There is no bot for other Zulip repositories
+([`zulip/zulip-mobile`](https://github.com/zulip/zulip-mobile/), etc.). If
+you are interested in claiming an issue in one of these repositories, simply
+post a comment on the issue thread saying that you'd like to work on it. There
+is no need to @-mention the issue creator in your comment.
 
 Please follow the same guidelines as described above: find an issue labeled
 "help wanted", and only pick up one issue at a time to start with.
@@ -184,7 +208,7 @@ stream](https://chat.zulip.org/#narrow/stream/101-design) in the [Zulip
 development community](https://zulip.com/development-community/)
 
 For more advice, see [What makes a great Zulip
-contributor?](https://zulip.readthedocs.io/en/latest/overview/contributing.html#what-makes-a-great-zulip-contributor)
+contributor?](#what-makes-a-great-zulip-contributor)
 below.
 
 ### Submitting a pull request
@@ -197,8 +221,13 @@ yourself will help your PRs be merged faster, and folks will appreciate the
 quality and professionalism of your work.
 
 Then, submit your changes. Carefully reading our [Git guide][git-guide], and in
-particular the section on [making a pull request][git-guide-make-pr],
-will help avoid many common mistakes.
+particular the section on [making a pull request][git-guide-make-pr], will help
+avoid many common mistakes. If any part of your contribution is from someone
+else (code snippets, images, sounds, or any other copyrightable work, modified
+or unmodified), be sure to review the instructions on how to [properly
+attribute][licensing] the work.
+
+[licensing]: https://zulip.readthedocs.io/en/latest/contributing/licensing.html#contributing-someone-else-s-work
 
 Once you are satisfied with the quality of your PR, follow the
 [guidelines on asking for a code
@@ -211,13 +240,14 @@ and follow up with next steps.
 It's OK if your first issue takes you a while; that's normal! You'll be
 able to work a lot faster as you build experience.
 
-If it helps your workflow, you can submit a work-in-progress pull
-request before your work is ready for review. Simply prefix the title
-of work in progress pull requests with `[WIP]`, and then remove the
-prefix when you think it's time for someone else to review your work.
+If it helps your workflow, you can submit your pull request marked as
+a [draft][github-help-draft-pr] while you're still working on it, and
+then mark it ready when you think it's time for someone else to review
+your work.
 
 [git-guide]: https://zulip.readthedocs.io/en/latest/git/
 [git-guide-make-pr]: https://zulip.readthedocs.io/en/latest/git/pull-requests.html
+[github-help-draft-pr]: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests#draft-pull-requests
 
 ### Stages of a pull request
 
@@ -248,7 +278,7 @@ Your pull request will likely go through several stages of review.
    progress on the PR by getting more frequent feedback. A project maintainer
    may leave a comment asking someone with expertise in the area you're working
    on to review your work.
-5. Final code review and integration for server and webapp PRs is generally done
+5. Final code review and integration for server and web app PRs is generally done
    by `@timabbott`.
 
 #### How to help move the review process forward
@@ -261,7 +291,7 @@ The key to keeping your review moving through the review process is to:
 - Make it as easy as possible to review the changes you made.
 
 In order to do this, when you believe you have addressed the previous round of
-feedback on your PR as best you can, post an comment asking reviewers to take
+feedback on your PR as best you can, post a comment asking reviewers to take
 another look. Your comment should make it easy to understand what has been done
 and what remains by:
 
@@ -303,12 +333,23 @@ labels.
   have a new feature you'd like to add, you can start a conversation [in our
   development community](https://zulip.com/development-community/#where-do-i-send-my-message)
   explaining the feature idea and the problem that you're hoping to solve.
+- **I'm waiting for the next round of review on my PR. Can I pick up
+  another issue in the meantime?** Someone's first Zulip PR often
+  requires quite a bit of iteration, so please [make sure your pull
+  request is reviewable][reviewable-pull-requests] and go through at
+  least one round of feedback from others before picking up a second
+  issue. After that, sure! If
+  [Zulipbot](https://github.com/zulip/zulipbot) does not allow you to
+  claim an issue, you can post a comment describing the status of your
+  other work on the issue you're interested in, and asking for the
+  issue to be assigned to you. Note that addressing feedback on
+  in-progress PRs should always take priority over starting a new PR.
 - **I think my PR is done, but it hasn't been merged yet. What's going on?**
   1. **Double-check that you have addressed all the feedback**, including any comments
      on [Git commit
-     discipline](https://zulip.readthedocs.io/en/latest/contributing/version-control.html#commit-discipline).
+     discipline](https://zulip.readthedocs.io/en/latest/contributing/commit-discipline.html).
   2. If all the feedback has been addressed, did you [leave a
-     comment](https://zulip.readthedocs.io/en/latest/overview/contributing.html#how-to-help-move-the-review-process-forward)
+     comment](#how-to-help-move-the-review-process-forward)
      explaining that you have done so and **requesting another review**? If not,
      it may not be clear to project maintainers or reviewers that your PR is
      ready for another look.
@@ -324,26 +365,28 @@ labels.
      occasionally take a few weeks for a PR in the final stages of the review
      process to be merged.
 
+[reviewable-pull-requests]: https://zulip.readthedocs.io/en/latest/contributing/reviewable-prs.html
+
 ## What makes a great Zulip contributor?
 
 Zulip has a lot of experience working with new contributors. In our
 experience, these are the best predictors of success:
 
-- Posting good questions. It's very hard to answer a general question like, "How
-  do I do this issue?" When asking for help, explain
-  your current understanding, including what you've done or tried so far and where
+- [Asking great questions][great-questions]. It's very hard to answer a general
+  question like, "How do I do this issue?" When asking for help, explain your
+  current understanding, including what you've done or tried so far and where
   you got stuck. Post tracebacks or other error messages if appropriate. For
-  more information, check out the ["Getting help" section of our community
-  guidelines](https://zulip.com/development-community/#getting-help) and
-  [this essay][good-questions-blog] for some good advice.
+  more advice, check out [our guide][great-questions]!
 - Learning and practicing
-  [Git commit discipline](https://zulip.readthedocs.io/en/latest/contributing/version-control.html#commit-discipline).
+  [Git commit discipline](https://zulip.readthedocs.io/en/latest/contributing/commit-discipline.html).
 - Submitting carefully tested code. See our [detailed guide on how to review
   code](https://zulip.readthedocs.io/en/latest/contributing/code-reviewing.html#how-to-review-code)
   (yours or someone else's).
 - Posting
   [screenshots or GIFs](https://zulip.readthedocs.io/en/latest/tutorials/screenshot-and-gif-software.html)
   for frontend changes.
+- Working to [make your pull requests easy to
+  review](https://zulip.readthedocs.io/en/latest/contributing/reviewable-prs.html).
 - Clearly describing what you have implemented and why. For example, if your
   implementation differs from the issue description in some way or is a partial
   step towards the requirements described in the issue, be sure to call
@@ -354,10 +397,7 @@ experience, these are the best predictors of success:
 - Being helpful and friendly on the [Zulip community
   server](https://zulip.com/development-community/).
 
-[good-questions-blog]: https://jvns.ca/blog/good-questions/
-
-These are also the main criteria we use to select candidates for all
-of our outreach programs.
+[great-questions]: https://zulip.readthedocs.io/en/latest/contributing/asking-great-questions.html
 
 ## Reporting issues
 
@@ -409,67 +449,20 @@ by emailing [support@zulip.com](mailto:support@zulip.com).
 
 ## Outreach programs
 
-Zulip participates in [Google Summer of Code
-(GSoC)](https://developers.google.com/open-source/gsoc/) every year.
-In the past, we've also participated in
-[Outreachy](https://www.outreachy.org/), [Google
-Code-In](https://developers.google.com/open-source/gci/), and hosted
-summer interns from Harvard, MIT, and Stanford.
+Zulip regularly participates in [Google Summer of Code
+(GSoC)](https://developers.google.com/open-source/gsoc/) and
+[Outreachy](https://www.outreachy.org/). We have been a GSoC mentoring
+organization since 2016, and we accept 15-20 GSoC participants each summer. In
+the past, we’ve also participated in [Google
+Code-In](https://developers.google.com/open-source/gci/), and hosted summer
+interns from Harvard, MIT, and Stanford.
 
-While each third-party program has its own rules and requirements, the
-Zulip community's approaches all of these programs with these ideas in
-mind:
-
-- We try to make the application process as valuable for the applicant as
-  possible. Expect high-quality code reviews, a supportive community, and
-  publicly viewable patches you can link to from your resume, regardless of
-  whether you are selected.
-- To apply, you'll have to submit at least one pull request to a Zulip
-  repository. Most students accepted to one of our programs have
-  several merged pull requests (including at least one larger PR) by
-  the time of the application deadline.
-- The main criteria we use is quality of your best contributions, and
-  the bullets listed at
-  [What makes a great Zulip contributor](#what-makes-a-great-zulip-contributor).
-  Because we focus on evaluating your best work, it doesn't hurt your
-  application to makes mistakes in your first few PRs as long as your
-  work improves.
-
-Most of our outreach program participants end up sticking around the
-project long-term, and many have become core team members, maintaining
-important parts of the project. We hope you apply!
-
-### Google Summer of Code
-
-The largest outreach program Zulip participates in is GSoC (14
-students in 2017; 11 in 2018; 17 in 2019; 18 in 2020; 18 in 2021). While we
-don't control how
-many slots Google allocates to Zulip, we hope to mentor a similar
-number of students in future summers. Check out our [blog
-post](https://blog.zulip.com/2021/09/30/google-summer-of-code-2021/) to learn
-about the GSoC 2021 experience and our participants' accomplishments.
-
-If you're reading this well before the application deadline and want
-to make your application strong, we recommend getting involved in the
-community and fixing issues in Zulip now. Having good contributions
-and building a reputation for doing good work is the best way to have
-a strong application.
-
-Our [GSoC program page][gsoc-guide] has lots more details on how
-Zulip does GSoC, as well as project ideas. Note, however, that the project idea
-list is maintained only during the GSoC application period, so if
-you're looking at some other time of year, the project list is likely
-out-of-date.
-
-In some years, we have also run a Zulip Summer of Code (ZSoC)
-program for students who we wanted to accept into GSoC but did not have an
-official slot for. Student expectations are the
-same as with GSoC, and ZSoC has no separate application process; your
-GSoC application is your ZSoC application. If we'd like to select you
-for ZSoC, we'll contact you when the GSoC results are announced.
-
-[gsoc-guide]: https://zulip.readthedocs.io/en/latest/contributing/gsoc.html
-[gsoc-faq]: https://developers.google.com/open-source/gsoc/faq
+Check out our [outreach programs
+overview](https://zulip.readthedocs.io/en/latest/outreach/overview.html) to learn
+more about participating in an outreach program with Zulip. Most of our program
+participants end up sticking around the project long-term, and many have become
+core team members, maintaining important parts of the project. We hope you
+apply!
 
 ## Stay connected
 

Dockerfile-postgresql

@@ -1,15 +1,25 @@
-# To build run `docker build -f Dockerfile-postgresql .` from the root of the
-# zulip repo.
+# This is a multiarch Dockerfile.  See https://docs.docker.com/desktop/multi-arch/
+#
+# To set up the first time:
+#     docker buildx create --name multiarch --use
+#
+# To build:
+#     docker buildx build --platform linux/amd64,linux/arm64 \
+#       -f ./Dockerfile-postgresql -t zulip/zulip-postgresql:14 --push .
 
 # Currently the PostgreSQL images do not support automatic upgrading of
 # the on-disk data in volumes. So the base image can not currently be upgraded
 # without users needing a manual pgdump and restore.
 
+# https://hub.docker.com/r/groonga/pgroonga/tags
+ARG PGROONGA_VERSION=latest
+ARG POSTGRESQL_VERSION=14
+FROM groonga/pgroonga:$PGROONGA_VERSION-alpine-$POSTGRESQL_VERSION-slim
+
 # Install hunspell, Zulip stop words, and run Zulip database
 # init.
-FROM groonga/pgroonga:latest-alpine-10-slim
 RUN apk add -U --no-cache hunspell-en
-RUN ln -sf /usr/share/hunspell/en_US.dic /usr/local/share/postgresql/tsearch_data/en_us.dict && ln -sf /usr/share/hunspell/en_US.aff /usr/local/share/postgresql/tsearch_data/en_us.affix 
+RUN ln -sf /usr/share/hunspell/en_US.dic /usr/local/share/postgresql/tsearch_data/en_us.dict && ln -sf /usr/share/hunspell/en_US.aff /usr/local/share/postgresql/tsearch_data/en_us.affix
 COPY puppet/zulip/files/postgresql/zulip_english.stop /usr/local/share/postgresql/tsearch_data/zulip_english.stop
 COPY scripts/setup/create-db.sql /docker-entrypoint-initdb.d/zulip-create-db.sql
 COPY scripts/setup/create-pgroonga.sql /docker-entrypoint-initdb.d/zulip-create-pgroonga.sql

README.md

@@ -17,6 +17,7 @@ Come find us on the [development community chat](https://zulip.com/development-c
 [![GitHub Actions build status](https://github.com/zulip/zulip/actions/workflows/zulip-ci.yml/badge.svg)](https://github.com/zulip/zulip/actions/workflows/zulip-ci.yml?query=branch%3Amain)
 [![coverage status](https://img.shields.io/codecov/c/github/zulip/zulip/main.svg)](https://codecov.io/gh/zulip/zulip)
 [![Mypy coverage](https://img.shields.io/badge/mypy-100%25-green.svg)][mypy-coverage]
+[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/charliermarsh/ruff/main/assets/badge/v1.json)](https://github.com/charliermarsh/ruff)
 [![code style: black](https://img.shields.io/badge/code%20style-black-000000.svg)](https://github.com/psf/black)
 [![code style: prettier](https://img.shields.io/badge/code_style-prettier-ff69b4.svg)](https://github.com/prettier/prettier)
 [![GitHub release](https://img.shields.io/github/release/zulip/zulip.svg)](https://github.com/zulip/zulip/releases/latest)
@@ -33,16 +34,17 @@ Come find us on the [development community chat](https://zulip.com/development-c
 ## Getting started
 
 - **Contributing code**. Check out our [guide for new
-  contributors](https://zulip.readthedocs.io/en/latest/overview/contributing.html)
-  to get started. We have invested into making Zulip’s code uniquely readable,
-  well tested, and easy to modify. Beyond that, we have written an extraordinary
-  150K words of documentation on how to contribute to Zulip.
+  contributors](https://zulip.readthedocs.io/en/latest/contributing/contributing.html)
+  to get started. We have invested in making Zulip’s code highly
+  readable, thoughtfully tested, and easy to modify. Beyond that, we
+  have written an extraordinary 150K words of documentation for Zulip
+  contributors.
 
 - **Contributing non-code**. [Report an
-  issue](https://zulip.readthedocs.io/en/latest/overview/contributing.html#reporting-issues),
+  issue](https://zulip.readthedocs.io/en/latest/contributing/contributing.html#reporting-issues),
   [translate](https://zulip.readthedocs.io/en/latest/translating/translating.html)
   Zulip into your language, or [give us
-  feedback](https://zulip.readthedocs.io/en/latest/overview/contributing.html#user-feedback).
+  feedback](https://zulip.readthedocs.io/en/latest/contributing/contributing.html#user-feedback).
   We'd love to hear from you, whether you've been using Zulip for years, or are just
   trying it out for the first time.
 
@@ -51,7 +53,7 @@ Come find us on the [development community chat](https://zulip.com/development-c
   recommend reading about Zulip's [unique
   approach](https://zulip.com/why-zulip/) to organizing conversations.
 
-- **Running a Zulip server**. Self host Zulip directly on Ubuntu or Debian
+- **Running a Zulip server**. Self-host Zulip directly on Ubuntu or Debian
   Linux, in [Docker](https://github.com/zulip/docker-zulip), or with prebuilt
   images for [Digital Ocean](https://marketplace.digitalocean.com/apps/zulip) and
   [Render](https://render.com/docs/deploy-zulip).
@@ -64,14 +66,14 @@ Come find us on the [development community chat](https://zulip.com/development-c
   projects](https://zulip.com/for/open-source/).
 
 - **Participating in [outreach
-  programs](https://zulip.readthedocs.io/en/latest/overview/contributing.html#outreach-programs)**
+  programs](https://zulip.readthedocs.io/en/latest/contributing/contributing.html#outreach-programs)**
   like [Google Summer of Code](https://developers.google.com/open-source/gsoc/)
   and [Outreachy](https://www.outreachy.org/).
 
 - **Supporting Zulip**. Advocate for your organization to use Zulip, become a
   [sponsor](https://github.com/sponsors/zulip), write a review in the mobile app
   stores, or [help others find
-  Zulip](https://zulip.readthedocs.io/en/latest/overview/contributing.html#help-others-find-zulip).
+  Zulip](https://zulip.readthedocs.io/en/latest/contributing/contributing.html#help-others-find-zulip).
 
 You may also be interested in reading our [blog](https://blog.zulip.org/), and
 following us on [Twitter](https://twitter.com/zulip) and

Vagrantfile

@@ -12,11 +12,13 @@ Vagrant.configure("2") do |config|
   vm_num_cpus = "2"
   vm_memory = "2048"
 
-  debian_mirror = ""
+  ubuntu_mirror = ""
   vboxadd_version = nil
 
+  config.vm.box = "bento/ubuntu-20.04"
+
   config.vm.synced_folder ".", "/vagrant", disabled: true
-  config.vm.synced_folder ".", "/srv/zulip"
+  config.vm.synced_folder ".", "/srv/zulip", docker_consistency: "z"
 
   vagrant_config_file = ENV["HOME"] + "/.zulip-vagrant-config"
   if File.file?(vagrant_config_file)
@@ -32,7 +34,7 @@ Vagrant.configure("2") do |config|
       when "HOST_IP_ADDR"; host_ip_addr = value
       when "GUEST_CPUS"; vm_num_cpus = value
       when "GUEST_MEMORY_MB"; vm_memory = value
-      when "DEBIAN_MIRROR"; debian_mirror = value
+      when "UBUNTU_MIRROR"; ubuntu_mirror = value
       when "VBOXADD_VERSION"; vboxadd_version = value
       end
     end
@@ -61,23 +63,23 @@ Vagrant.configure("2") do |config|
   config.vm.network "forwarded_port", guest: 9994, host: host_port + 3, host_ip: host_ip_addr
   # Specify Docker provider before VirtualBox provider so it's preferred.
   config.vm.provider "docker" do |d, override|
+    override.vm.box = nil
     d.build_dir = File.join(__dir__, "tools", "setup", "dev-vagrant-docker")
     d.build_args = ["--build-arg", "VAGRANT_UID=#{Process.uid}"]
-    if !debian_mirror.empty?
-      d.build_args += ["--build-arg", "DEBIAN_MIRROR=#{debian_mirror}"]
+    if !ubuntu_mirror.empty?
+      d.build_args += ["--build-arg", "UBUNTU_MIRROR=#{ubuntu_mirror}"]
     end
     d.has_ssh = true
     d.create_args = ["--ulimit", "nofile=1024:65536"]
   end
 
   config.vm.provider "virtualbox" do |vb, override|
-    override.vm.box = "bento/debian-10"
     # It's possible we can get away with just 1.5GB; more testing needed
     vb.memory = vm_memory
     vb.cpus = vm_num_cpus
 
     if !vboxadd_version.nil?
-      override.vbguest.installer = Class.new(VagrantVbguest::Installers::Debian) do
+      override.vbguest.installer = Class.new(VagrantVbguest::Installers::Ubuntu) do
         define_method(:host_version) do |reload = false|
           VagrantVbguest::Version(vboxadd_version)
         end
@@ -88,14 +90,12 @@ Vagrant.configure("2") do |config|
   end
 
   config.vm.provider "hyperv" do |h, override|
-    override.vm.box = "bento/debian-10"
     h.memory = vm_memory
     h.maxmemory = vm_memory
     h.cpus = vm_num_cpus
   end
 
   config.vm.provider "parallels" do |prl, override|
-    override.vm.box = "bento/debian-10"
     prl.memory = vm_memory
     prl.cpus = vm_num_cpus
   end
@@ -104,5 +104,5 @@ Vagrant.configure("2") do |config|
     # We want provision to be run with the permissions of the vagrant user.
     privileged: false,
     path: "tools/setup/vagrant-provision",
-    env: { "DEBIAN_MIRROR" => debian_mirror }
+    env: { "UBUNTU_MIRROR" => ubuntu_mirror }
 end

analytics/lib/counts.py

@@ -62,7 +62,7 @@ class CountStat:
         else:
             self.interval = self.time_increment
 
-    def __str__(self) -> str:
+    def __repr__(self) -> str:
         return f"<CountStat: {self.property}>"
 
     def last_successful_fill(self) -> Optional[datetime]:
@@ -206,7 +206,7 @@ def do_aggregate_to_summary_table(
     # Aggregate into RealmCount
     output_table = stat.data_collector.output_table
     if realm is not None:
-        realm_clause = SQL("AND zerver_realm.id = {}").format(Literal(realm.id))
+        realm_clause: Composable = SQL("AND zerver_realm.id = {}").format(Literal(realm.id))
     else:
         realm_clause = SQL("")
 
@@ -288,7 +288,8 @@ def do_aggregate_to_summary_table(
 
 ## Utility functions called from outside counts.py ##
 
-# called from zerver/lib/actions.py; should not throw any errors
+
+# called from zerver.actions; should not throw any errors
 def do_increment_logging_stat(
     zerver_object: Union[Realm, UserProfile, Stream],
     stat: CountStat,
@@ -357,7 +358,7 @@ def do_pull_by_sql_query(
 ) -> int:
     if group_by is None:
         subgroup: Composable = SQL("NULL")
-        group_by_clause = SQL("")
+        group_by_clause: Composable = SQL("")
     else:
         subgroup = Identifier(group_by[0]._meta.db_table, group_by[1])
         group_by_clause = SQL(", {}").format(subgroup)
@@ -443,7 +444,7 @@ def do_pull_minutes_active(
 
 def count_message_by_user_query(realm: Optional[Realm]) -> QueryFn:
     if realm is None:
-        realm_clause = SQL("")
+        realm_clause: Composable = SQL("")
     else:
         realm_clause = SQL("zerver_userprofile.realm_id = {} AND").format(Literal(realm.id))
     return lambda kwargs: SQL(
@@ -470,7 +471,7 @@ def count_message_by_user_query(realm: Optional[Realm]) -> QueryFn:
 # Note: ignores the group_by / group_by_clause.
 def count_message_type_by_user_query(realm: Optional[Realm]) -> QueryFn:
     if realm is None:
-        realm_clause = SQL("")
+        realm_clause: Composable = SQL("")
     else:
         realm_clause = SQL("zerver_userprofile.realm_id = {} AND").format(Literal(realm.id))
     return lambda kwargs: SQL(
@@ -519,7 +520,7 @@ def count_message_type_by_user_query(realm: Optional[Realm]) -> QueryFn:
 # table, consider writing a new query for efficiency.
 def count_message_by_stream_query(realm: Optional[Realm]) -> QueryFn:
     if realm is None:
-        realm_clause = SQL("")
+        realm_clause: Composable = SQL("")
     else:
         realm_clause = SQL("zerver_stream.realm_id = {} AND").format(Literal(realm.id))
     return lambda kwargs: SQL(
@@ -553,7 +554,7 @@ def count_message_by_stream_query(realm: Optional[Realm]) -> QueryFn:
 # currently the only stat that uses this.
 def count_user_by_realm_query(realm: Optional[Realm]) -> QueryFn:
     if realm is None:
-        realm_clause = SQL("")
+        realm_clause: Composable = SQL("")
     else:
         realm_clause = SQL("zerver_userprofile.realm_id = {} AND").format(Literal(realm.id))
     return lambda kwargs: SQL(
@@ -583,7 +584,7 @@ def count_user_by_realm_query(realm: Optional[Realm]) -> QueryFn:
 # In particular, it's important to ensure that migrations don't cause that to happen.
 def check_realmauditlog_by_user_query(realm: Optional[Realm]) -> QueryFn:
     if realm is None:
-        realm_clause = SQL("")
+        realm_clause: Composable = SQL("")
     else:
         realm_clause = SQL("realm_id = {} AND").format(Literal(realm.id))
     return lambda kwargs: SQL(
@@ -623,7 +624,7 @@ def check_realmauditlog_by_user_query(realm: Optional[Realm]) -> QueryFn:
 
 def check_useractivityinterval_by_user_query(realm: Optional[Realm]) -> QueryFn:
     if realm is None:
-        realm_clause = SQL("")
+        realm_clause: Composable = SQL("")
     else:
         realm_clause = SQL("zerver_userprofile.realm_id = {} AND").format(Literal(realm.id))
     return lambda kwargs: SQL(
@@ -647,7 +648,7 @@ def check_useractivityinterval_by_user_query(realm: Optional[Realm]) -> QueryFn:
 
 def count_realm_active_humans_query(realm: Optional[Realm]) -> QueryFn:
     if realm is None:
-        realm_clause = SQL("")
+        realm_clause: Composable = SQL("")
     else:
         realm_clause = SQL("realm_id = {} AND").format(Literal(realm.id))
     return lambda kwargs: SQL(

analytics/management/commands/check_analytics_state.py

@@ -8,7 +8,7 @@ from django.utils.timezone import now as timezone_now
 
 from analytics.lib.counts import COUNT_STATS, CountStat
 from analytics.models import installation_epoch
-from zerver.lib.timestamp import TimeZoneNotUTCException, floor_to_day, floor_to_hour, verify_UTC
+from zerver.lib.timestamp import TimeZoneNotUTCError, floor_to_day, floor_to_hour, verify_UTC
 from zerver.models import Realm
 
 states = {
@@ -48,7 +48,7 @@ class Command(BaseCommand):
                 last_fill = installation_epoch()
             try:
                 verify_UTC(last_fill)
-            except TimeZoneNotUTCException:
+            except TimeZoneNotUTCError:
                 return {"status": 2, "message": f"FillState not in UTC for {property}"}
 
             if stat.frequency == CountStat.DAY:

analytics/management/commands/populate_analytics_db.py

@@ -1,7 +1,8 @@
+import os
 from datetime import timedelta
 from typing import Any, Dict, List, Mapping, Type, Union
-from unittest import mock
 
+from django.core.files.uploadedfile import UploadedFile
 from django.core.management.base import BaseCommand
 from django.utils.timezone import now as timezone_now
 
@@ -16,11 +17,14 @@ from analytics.models import (
     StreamCount,
     UserCount,
 )
-from zerver.lib.actions import do_change_user_role, do_create_realm
+from zerver.actions.create_realm import do_create_realm
+from zerver.actions.users import do_change_user_role
 from zerver.lib.create_user import create_user
+from zerver.lib.storage import static_path
 from zerver.lib.stream_color import STREAM_ASSIGNMENT_COLORS
 from zerver.lib.timestamp import floor_to_day
-from zerver.models import Client, Realm, Recipient, Stream, Subscription, UserProfile
+from zerver.lib.upload import upload_message_attachment_from_request
+from zerver.models import Client, Realm, Recipient, Stream, Subscription, UserGroup, UserProfile
 
 
 class Command(BaseCommand):
@@ -78,16 +82,35 @@ class Command(BaseCommand):
             string_id="analytics", name="Analytics", date_created=installation_time
         )
 
-        with mock.patch("zerver.lib.create_user.timezone_now", return_value=installation_time):
-            shylock = create_user(
-                "shylock@analytics.ds",
-                "Shylock",
-                realm,
-                full_name="Shylock",
-                role=UserProfile.ROLE_REALM_OWNER,
-            )
+        shylock = create_user(
+            "shylock@analytics.ds",
+            "Shylock",
+            realm,
+            full_name="Shylock",
+            role=UserProfile.ROLE_REALM_OWNER,
+            force_date_joined=installation_time,
+        )
         do_change_user_role(shylock, UserProfile.ROLE_REALM_OWNER, acting_user=None)
-        stream = Stream.objects.create(name="all", realm=realm, date_created=installation_time)
+
+        # Create guest user for set_guest_users_statistic.
+        create_user(
+            "bassanio@analytics.ds",
+            "Bassanio",
+            realm,
+            full_name="Bassanio",
+            role=UserProfile.ROLE_GUEST,
+            force_date_joined=installation_time,
+        )
+
+        administrators_user_group = UserGroup.objects.get(
+            name=UserGroup.ADMINISTRATORS_GROUP_NAME, realm=realm, is_system_group=True
+        )
+        stream = Stream.objects.create(
+            name="all",
+            realm=realm,
+            date_created=installation_time,
+            can_remove_subscribers_group=administrators_user_group,
+        )
         recipient = Recipient.objects.create(type_id=stream.id, type=Recipient.STREAM)
         stream.recipient = recipient
         stream.save(update_fields=["recipient"])
@@ -104,6 +127,13 @@ class Command(BaseCommand):
         ]
         Subscription.objects.bulk_create(subs)
 
+        # Create an attachment in the database for set_storage_space_used_statistic.
+        IMAGE_FILE_PATH = static_path("images/test-images/checkbox.png")
+        file_info = os.stat(IMAGE_FILE_PATH)
+        file_size = file_info.st_size
+        with open(IMAGE_FILE_PATH, "rb") as fp:
+            upload_message_attachment_from_request(UploadedFile(fp), shylock, file_size)
+
         FixtureData = Mapping[Union[str, int, None], List[int]]
 
         def insert_fixture_data(

analytics/migrations/0001_initial.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("zerver", "0030_realm_org_type"),
         migrations.swappable_dependency(settings.AUTH_USER_MODEL),

analytics/migrations/0002_remove_huddlecount.py

@@ -2,7 +2,6 @@ from django.db import migrations
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0001_initial"),
     ]

analytics/migrations/0003_fillstate.py

@@ -2,7 +2,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0002_remove_huddlecount"),
     ]

analytics/migrations/0004_add_subgroup.py

@@ -2,7 +2,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0003_fillstate"),
     ]

analytics/migrations/0005_alter_field_size.py

@@ -2,7 +2,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0004_add_subgroup"),
     ]

analytics/migrations/0006_add_subgroup_to_unique_constraints.py

@@ -2,7 +2,6 @@ from django.db import migrations
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0005_alter_field_size"),
     ]

analytics/migrations/0007_remove_interval.py

@@ -3,7 +3,6 @@ from django.db import migrations
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0006_add_subgroup_to_unique_constraints"),
     ]

analytics/migrations/0008_add_count_indexes.py

@@ -3,7 +3,6 @@ from django.db import migrations
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("zerver", "0050_userprofile_avatar_version"),
         ("analytics", "0007_remove_interval"),

analytics/migrations/0009_remove_messages_to_stream_stat.py

@@ -1,10 +1,10 @@
 from django.db import migrations
-from django.db.backends.postgresql.schema import DatabaseSchemaEditor
+from django.db.backends.base.schema import BaseDatabaseSchemaEditor
 from django.db.migrations.state import StateApps
 
 
 def delete_messages_sent_to_stream_stat(
-    apps: StateApps, schema_editor: DatabaseSchemaEditor
+    apps: StateApps, schema_editor: BaseDatabaseSchemaEditor
 ) -> None:
     UserCount = apps.get_model("analytics", "UserCount")
     StreamCount = apps.get_model("analytics", "StreamCount")
@@ -21,7 +21,6 @@ def delete_messages_sent_to_stream_stat(
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0008_add_count_indexes"),
     ]

analytics/migrations/0010_clear_messages_sent_values.py

@@ -1,10 +1,10 @@
 from django.db import migrations
-from django.db.backends.postgresql.schema import DatabaseSchemaEditor
+from django.db.backends.base.schema import BaseDatabaseSchemaEditor
 from django.db.migrations.state import StateApps
 
 
 def clear_message_sent_by_message_type_values(
-    apps: StateApps, schema_editor: DatabaseSchemaEditor
+    apps: StateApps, schema_editor: BaseDatabaseSchemaEditor
 ) -> None:
     UserCount = apps.get_model("analytics", "UserCount")
     StreamCount = apps.get_model("analytics", "StreamCount")
@@ -21,7 +21,6 @@ def clear_message_sent_by_message_type_values(
 
 
 class Migration(migrations.Migration):
-
     dependencies = [("analytics", "0009_remove_messages_to_stream_stat")]
 
     operations = [

analytics/migrations/0011_clear_analytics_tables.py

@@ -1,9 +1,9 @@
 from django.db import migrations
-from django.db.backends.postgresql.schema import DatabaseSchemaEditor
+from django.db.backends.base.schema import BaseDatabaseSchemaEditor
 from django.db.migrations.state import StateApps
 
 
-def clear_analytics_tables(apps: StateApps, schema_editor: DatabaseSchemaEditor) -> None:
+def clear_analytics_tables(apps: StateApps, schema_editor: BaseDatabaseSchemaEditor) -> None:
     UserCount = apps.get_model("analytics", "UserCount")
     StreamCount = apps.get_model("analytics", "StreamCount")
     RealmCount = apps.get_model("analytics", "RealmCount")
@@ -18,7 +18,6 @@ def clear_analytics_tables(apps: StateApps, schema_editor: DatabaseSchemaEditor)
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0010_clear_messages_sent_values"),
     ]

analytics/migrations/0012_add_on_delete.py

@@ -5,7 +5,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0011_clear_analytics_tables"),
     ]

analytics/migrations/0013_remove_anomaly.py

@@ -4,7 +4,6 @@ from django.db import migrations
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0012_add_on_delete"),
     ]

analytics/migrations/0014_remove_fillstate_last_modified.py

@@ -4,7 +4,6 @@ from django.db import migrations
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0013_remove_anomaly"),
     ]

analytics/migrations/0015_clear_duplicate_counts.py

@@ -1,10 +1,10 @@
 from django.db import migrations
-from django.db.backends.postgresql.schema import DatabaseSchemaEditor
+from django.db.backends.base.schema import BaseDatabaseSchemaEditor
 from django.db.migrations.state import StateApps
 from django.db.models import Count, Sum
 
 
-def clear_duplicate_counts(apps: StateApps, schema_editor: DatabaseSchemaEditor) -> None:
+def clear_duplicate_counts(apps: StateApps, schema_editor: BaseDatabaseSchemaEditor) -> None:
     """This is a preparatory migration for our Analytics tables.
 
     The backstory is that Django's unique_together indexes do not properly
@@ -55,7 +55,6 @@ def clear_duplicate_counts(apps: StateApps, schema_editor: DatabaseSchemaEditor)
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0014_remove_fillstate_last_modified"),
     ]

analytics/migrations/0016_unique_constraint_when_subgroup_null.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("analytics", "0015_clear_duplicate_counts"),
     ]

analytics/models.py

@@ -1,5 +1,4 @@
 import datetime
-from typing import Optional
 
 from django.db import models
 from django.db.models import Q, UniqueConstraint
@@ -9,16 +8,16 @@ from zerver.models import Realm, Stream, UserProfile
 
 
 class FillState(models.Model):
-    property: str = models.CharField(max_length=40, unique=True)
-    end_time: datetime.datetime = models.DateTimeField()
+    property = models.CharField(max_length=40, unique=True)
+    end_time = models.DateTimeField()
 
     # Valid states are {DONE, STARTED}
     DONE = 1
     STARTED = 2
-    state: int = models.PositiveSmallIntegerField()
+    state = models.PositiveSmallIntegerField()
 
     def __str__(self) -> str:
-        return f"<FillState: {self.property} {self.end_time} {self.state}>"
+        return f"{self.property} {self.end_time} {self.state}"
 
 
 # The earliest/starting end_time in FillState
@@ -34,10 +33,10 @@ class BaseCount(models.Model):
     # Note: When inheriting from BaseCount, you may want to rearrange
     # the order of the columns in the migration to make sure they
     # match how you'd like the table to be arranged.
-    property: str = models.CharField(max_length=32)
-    subgroup: Optional[str] = models.CharField(max_length=16, null=True)
-    end_time: datetime.datetime = models.DateTimeField()
-    value: int = models.BigIntegerField()
+    property = models.CharField(max_length=32)
+    subgroup = models.CharField(max_length=16, null=True)
+    end_time = models.DateTimeField()
+    value = models.BigIntegerField()
 
     class Meta:
         abstract = True
@@ -60,7 +59,7 @@ class InstallationCount(BaseCount):
         ]
 
     def __str__(self) -> str:
-        return f"<InstallationCount: {self.property} {self.subgroup} {self.value}>"
+        return f"{self.property} {self.subgroup} {self.value}"
 
 
 class RealmCount(BaseCount):
@@ -83,7 +82,7 @@ class RealmCount(BaseCount):
         index_together = ["property", "end_time"]
 
     def __str__(self) -> str:
-        return f"<RealmCount: {self.realm} {self.property} {self.subgroup} {self.value}>"
+        return f"{self.realm!r} {self.property} {self.subgroup} {self.value}"
 
 
 class UserCount(BaseCount):
@@ -109,7 +108,7 @@ class UserCount(BaseCount):
         index_together = ["property", "realm", "end_time"]
 
     def __str__(self) -> str:
-        return f"<UserCount: {self.user} {self.property} {self.subgroup} {self.value}>"
+        return f"{self.user!r} {self.property} {self.subgroup} {self.value}"
 
 
 class StreamCount(BaseCount):
@@ -135,6 +134,4 @@ class StreamCount(BaseCount):
         index_together = ["property", "realm", "end_time"]
 
     def __str__(self) -> str:
-        return (
-            f"<StreamCount: {self.stream} {self.property} {self.subgroup} {self.value} {self.id}>"
-        )
+        return f"{self.stream!r} {self.property} {self.subgroup} {self.value} {self.id}"

analytics/tests/test_activity_views.py

@@ -3,7 +3,6 @@ from unittest import mock
 from django.utils.timezone import now as timezone_now
 
 from zerver.lib.test_classes import ZulipTestCase
-from zerver.lib.test_helpers import queries_captured
 from zerver.models import Client, UserActivity, UserProfile, flush_per_request_caches
 
 
@@ -33,23 +32,17 @@ class ActivityTest(ZulipTestCase):
         user_profile.save(update_fields=["is_staff"])
 
         flush_per_request_caches()
-        with queries_captured() as queries:
+        with self.assert_database_query_count(18):
             result = self.client_get("/activity")
             self.assertEqual(result.status_code, 200)
 
-        self.assert_length(queries, 19)
-
         flush_per_request_caches()
-        with queries_captured() as queries:
+        with self.assert_database_query_count(8):
             result = self.client_get("/realm_activity/zulip/")
             self.assertEqual(result.status_code, 200)
 
-        self.assert_length(queries, 8)
-
         iago = self.example_user("iago")
         flush_per_request_caches()
-        with queries_captured() as queries:
+        with self.assert_database_query_count(5):
             result = self.client_get(f"/user_activity/{iago.id}/")
             self.assertEqual(result.status_code, 200)
-
-        self.assert_length(queries, 5)

analytics/tests/test_counts.py

@@ -32,24 +32,28 @@ from analytics.models import (
     UserCount,
     installation_epoch,
 )
-from zerver.lib.actions import (
+from zerver.actions.create_realm import do_create_realm
+from zerver.actions.create_user import (
     do_activate_mirror_dummy_user,
-    do_create_realm,
     do_create_user,
-    do_deactivate_user,
-    do_invite_users,
-    do_mark_all_as_read,
-    do_mark_stream_messages_as_read,
     do_reactivate_user,
+)
+from zerver.actions.invites import (
+    do_invite_users,
     do_resend_user_invite_email,
     do_revoke_user_invite,
-    do_update_message_flags,
-    update_user_activity_interval,
 )
+from zerver.actions.message_flags import (
+    do_mark_all_as_read,
+    do_mark_stream_messages_as_read,
+    do_update_message_flags,
+)
+from zerver.actions.user_activity import update_user_activity_interval
+from zerver.actions.users import do_deactivate_user
 from zerver.lib.create_user import create_user
 from zerver.lib.exceptions import InvitationError
 from zerver.lib.test_classes import ZulipTestCase
-from zerver.lib.timestamp import TimeZoneNotUTCException, floor_to_day
+from zerver.lib.timestamp import TimeZoneNotUTCError, floor_to_day
 from zerver.lib.topic import DB_TOPIC_NAME
 from zerver.lib.utils import assert_is_not_none
 from zerver.models import (
@@ -62,9 +66,11 @@ from zerver.models import (
     Recipient,
     Stream,
     UserActivityInterval,
+    UserGroup,
     UserProfile,
     get_client,
     get_user,
+    is_cross_realm_bot_email,
 )
 
 
@@ -80,10 +86,13 @@ class AnalyticsTestCase(ZulipTestCase):
         self.default_realm = do_create_realm(
             string_id="realmtest", name="Realm Test", date_created=self.TIME_ZERO - 2 * self.DAY
         )
+        self.administrators_user_group = UserGroup.objects.get(
+            name=UserGroup.ADMINISTRATORS_GROUP_NAME, realm=self.default_realm, is_system_group=True
+        )
 
         # used to generate unique names in self.create_*
         self.name_counter = 100
-        # used as defaults in self.assertCountEquals
+        # used as defaults in self.assert_table_count
         self.current_property: Optional[str] = None
 
     # Lightweight creation of users, streams, and messages
@@ -121,6 +130,7 @@ class AnalyticsTestCase(ZulipTestCase):
             "name": f"stream name {self.name_counter}",
             "realm": self.default_realm,
             "date_created": self.TIME_LAST_HOUR,
+            "can_remove_subscribers_group": self.administrators_user_group,
         }
         for key, value in defaults.items():
             kwargs[key] = kwargs.get(key, value)
@@ -149,13 +159,18 @@ class AnalyticsTestCase(ZulipTestCase):
             "content": "hi",
             "date_sent": self.TIME_LAST_HOUR,
             "sending_client": get_client("website"),
+            "realm_id": sender.realm_id,
         }
+        # For simplicity, this helper doesn't support creating cross-realm messages
+        # since it'd require adding an additional realm argument.
+        assert not is_cross_realm_bot_email(sender.delivery_email)
+
         for key, value in defaults.items():
             kwargs[key] = kwargs.get(key, value)
         return Message.objects.create(**kwargs)
 
     # kwargs should only ever be a UserProfile or Stream.
-    def assertCountEquals(
+    def assert_table_count(
         self,
         table: Type[BaseCount],
         value: int,
@@ -212,14 +227,13 @@ class AnalyticsTestCase(ZulipTestCase):
                 kwargs[arg_keys[i]] = values[i]
             for key, value in defaults.items():
                 kwargs[key] = kwargs.get(key, value)
-            if table is not InstallationCount:
-                if "realm" not in kwargs:
-                    if "user" in kwargs:
-                        kwargs["realm"] = kwargs["user"].realm
-                    elif "stream" in kwargs:
-                        kwargs["realm"] = kwargs["stream"].realm
-                    else:
-                        kwargs["realm"] = self.default_realm
+            if table is not InstallationCount and "realm" not in kwargs:
+                if "user" in kwargs:
+                    kwargs["realm"] = kwargs["user"].realm
+                elif "stream" in kwargs:
+                    kwargs["realm"] = kwargs["stream"].realm
+                else:
+                    kwargs["realm"] = self.default_realm
             self.assertEqual(table.objects.filter(**kwargs).count(), 1)
         self.assert_length(arg_values, table.objects.count())
 
@@ -275,7 +289,7 @@ class TestProcessCountStat(AnalyticsTestCase):
         stat = self.make_dummy_count_stat("test stat")
         with self.assertRaises(ValueError):
             process_count_stat(stat, installation_epoch() + 65 * self.MINUTE)
-        with self.assertRaises(TimeZoneNotUTCException):
+        with self.assertRaises(TimeZoneNotUTCError):
             process_count_stat(stat, installation_epoch().replace(tzinfo=None))
 
     # This tests the LoggingCountStat branch of the code in do_delete_counts_at_hour.
@@ -759,9 +773,9 @@ class TestCountStats(AnalyticsTestCase):
 
         do_fill_count_stat_at_hour(stat, self.TIME_ZERO)
 
-        self.assertCountEquals(UserCount, 1, subgroup="private_message")
-        self.assertCountEquals(UserCount, 1, subgroup="huddle_message")
-        self.assertCountEquals(UserCount, 1, subgroup="public_stream")
+        self.assert_table_count(UserCount, 1, subgroup="private_message")
+        self.assert_table_count(UserCount, 1, subgroup="huddle_message")
+        self.assert_table_count(UserCount, 1, subgroup="public_stream")
 
     def test_messages_sent_by_client(self) -> None:
         stat = COUNT_STATS["messages_sent:client:day"]
@@ -1367,47 +1381,49 @@ class TestLoggingCountStats(AnalyticsTestCase):
         user = self.create_user(email="first@domain.tld")
         stream, _ = self.create_stream_with_recipient()
 
-        invite_expires_in_days = 2
-        do_invite_users(
-            user,
-            ["user1@domain.tld", "user2@domain.tld"],
-            [stream],
-            invite_expires_in_days=invite_expires_in_days,
-        )
+        invite_expires_in_minutes = 2 * 24 * 60
+        with mock.patch("zerver.actions.invites.too_many_recent_realm_invites", return_value=False):
+            do_invite_users(
+                user,
+                ["user1@domain.tld", "user2@domain.tld"],
+                [stream],
+                invite_expires_in_minutes=invite_expires_in_minutes,
+            )
         assertInviteCountEquals(2)
 
         # We currently send emails when re-inviting users that haven't
         # turned into accounts, so count them towards the total
-        do_invite_users(
-            user,
-            ["user1@domain.tld", "user2@domain.tld"],
-            [stream],
-            invite_expires_in_days=invite_expires_in_days,
-        )
+        with mock.patch("zerver.actions.invites.too_many_recent_realm_invites", return_value=False):
+            do_invite_users(
+                user,
+                ["user1@domain.tld", "user2@domain.tld"],
+                [stream],
+                invite_expires_in_minutes=invite_expires_in_minutes,
+            )
         assertInviteCountEquals(4)
 
         # Test mix of good and malformed invite emails
-        try:
+        with self.assertRaises(InvitationError), mock.patch(
+            "zerver.actions.invites.too_many_recent_realm_invites", return_value=False
+        ):
             do_invite_users(
                 user,
                 ["user3@domain.tld", "malformed"],
                 [stream],
-                invite_expires_in_days=invite_expires_in_days,
+                invite_expires_in_minutes=invite_expires_in_minutes,
             )
-        except InvitationError:
-            pass
         assertInviteCountEquals(4)
 
         # Test inviting existing users
-        try:
+        with self.assertRaises(InvitationError), mock.patch(
+            "zerver.actions.invites.too_many_recent_realm_invites", return_value=False
+        ):
             do_invite_users(
                 user,
                 ["first@domain.tld", "user4@domain.tld"],
                 [stream],
-                invite_expires_in_days=invite_expires_in_days,
+                invite_expires_in_minutes=invite_expires_in_minutes,
             )
-        except InvitationError:
-            pass
         assertInviteCountEquals(5)
 
         # Revoking invite should not give you credit
@@ -1417,7 +1433,8 @@ class TestLoggingCountStats(AnalyticsTestCase):
         assertInviteCountEquals(5)
 
         # Resending invite should cost you
-        do_resend_user_invite_email(assert_is_not_none(PreregistrationUser.objects.first()))
+        with mock.patch("zerver.actions.invites.too_many_recent_realm_invites", return_value=False):
+            do_resend_user_invite_email(assert_is_not_none(PreregistrationUser.objects.first()))
         assertInviteCountEquals(6)
 
     def test_messages_read_hour(self) -> None:

analytics/tests/test_stats_views.py

@@ -124,8 +124,7 @@ class TestGetChartData(ZulipTestCase):
         stat = COUNT_STATS["active_users_audit:is_bot:day"]
         self.insert_data(stat, ["false"], [])
         result = self.client_get("/json/analytics/chart_data", {"chart_name": "number_of_humans"})
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(
             data,
             {
@@ -148,8 +147,7 @@ class TestGetChartData(ZulipTestCase):
         result = self.client_get(
             "/json/analytics/chart_data", {"chart_name": "messages_sent_over_time"}
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(
             data,
             {
@@ -171,8 +169,7 @@ class TestGetChartData(ZulipTestCase):
         result = self.client_get(
             "/json/analytics/chart_data", {"chart_name": "messages_sent_by_message_type"}
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(
             data,
             {
@@ -182,20 +179,20 @@ class TestGetChartData(ZulipTestCase):
                 "everyone": {
                     "Public streams": self.data(100),
                     "Private streams": self.data(0),
-                    "Private messages": self.data(101),
-                    "Group private messages": self.data(0),
+                    "Direct messages": self.data(101),
+                    "Group direct messages": self.data(0),
                 },
                 "user": {
                     "Public streams": self.data(200),
                     "Private streams": self.data(201),
-                    "Private messages": self.data(0),
-                    "Group private messages": self.data(0),
+                    "Direct messages": self.data(0),
+                    "Group direct messages": self.data(0),
                 },
                 "display_order": [
-                    "Private messages",
+                    "Direct messages",
                     "Public streams",
                     "Private streams",
-                    "Group private messages",
+                    "Group direct messages",
                 ],
                 "result": "success",
             },
@@ -215,8 +212,7 @@ class TestGetChartData(ZulipTestCase):
         result = self.client_get(
             "/json/analytics/chart_data", {"chart_name": "messages_sent_by_client"}
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(
             data,
             {
@@ -240,8 +236,7 @@ class TestGetChartData(ZulipTestCase):
         result = self.client_get(
             "/json/analytics/chart_data", {"chart_name": "messages_read_over_time"}
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(
             data,
             {
@@ -262,8 +257,7 @@ class TestGetChartData(ZulipTestCase):
             state=FillState.DONE,
         )
         result = self.client_get("/json/analytics/chart_data", {"chart_name": "number_of_humans"})
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(data["everyone"], {"_1day": [0], "_15day": [0], "all_time": [0]})
         self.assertFalse("user" in data)
 
@@ -275,8 +269,7 @@ class TestGetChartData(ZulipTestCase):
         result = self.client_get(
             "/json/analytics/chart_data", {"chart_name": "messages_sent_over_time"}
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(data["everyone"], {"human": [0], "bot": [0]})
         self.assertEqual(data["user"], {"human": [0], "bot": [0]})
 
@@ -288,15 +281,14 @@ class TestGetChartData(ZulipTestCase):
         result = self.client_get(
             "/json/analytics/chart_data", {"chart_name": "messages_sent_by_message_type"}
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(
             data["everyone"],
             {
                 "Public streams": [0],
                 "Private streams": [0],
-                "Private messages": [0],
-                "Group private messages": [0],
+                "Direct messages": [0],
+                "Group direct messages": [0],
             },
         )
         self.assertEqual(
@@ -304,8 +296,8 @@ class TestGetChartData(ZulipTestCase):
             {
                 "Public streams": [0],
                 "Private streams": [0],
-                "Private messages": [0],
-                "Group private messages": [0],
+                "Direct messages": [0],
+                "Group direct messages": [0],
             },
         )
 
@@ -317,8 +309,7 @@ class TestGetChartData(ZulipTestCase):
         result = self.client_get(
             "/json/analytics/chart_data", {"chart_name": "messages_sent_by_client"}
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(data["everyone"], {})
         self.assertEqual(data["user"], {})
 
@@ -340,8 +331,7 @@ class TestGetChartData(ZulipTestCase):
                 "end": end_time_timestamps[2],
             },
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(data["end_times"], end_time_timestamps[1:3])
         self.assertEqual(
             data["everyone"], {"_1day": [0, 100], "_15day": [0, 100], "all_time": [0, 100]}
@@ -369,8 +359,7 @@ class TestGetChartData(ZulipTestCase):
         result = self.client_get(
             "/json/analytics/chart_data", {"chart_name": "number_of_humans", "min_length": 2}
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         self.assertEqual(
             data["end_times"], [datetime_to_timestamp(dt) for dt in self.end_times_day]
         )
@@ -382,8 +371,7 @@ class TestGetChartData(ZulipTestCase):
         result = self.client_get(
             "/json/analytics/chart_data", {"chart_name": "number_of_humans", "min_length": 5}
         )
-        self.assert_json_success(result)
-        data = result.json()
+        data = self.assert_json_success(result)
         end_times = [
             ceiling_to_day(self.realm.date_created) + timedelta(days=i) for i in range(-1, 4)
         ]
@@ -621,6 +609,7 @@ class TestMapArrays(ZulipTestCase):
             "SomethingRandom": [4, 5, 6],
             "ZulipGitHubWebhook": [7, 7, 9],
             "ZulipAndroid": [64, 63, 65],
+            "ZulipTerminal": [9, 10, 11],
         }
         result = rewrite_client_arrays(a)
         self.assertEqual(
@@ -630,10 +619,11 @@ class TestMapArrays(ZulipTestCase):
                 "Old iOS app": [1, 2, 3],
                 "Desktop app": [2, 5, 7],
                 "Mobile app": [1, 5, 7],
-                "Website": [1, 2, 3],
+                "Web app": [1, 2, 3],
                 "Python API": [2, 4, 6],
                 "SomethingRandom": [4, 5, 6],
                 "GitHub webhook": [7, 7, 9],
                 "Old Android app": [64, 63, 65],
+                "Terminal app": [9, 10, 11],
             },
         )

analytics/tests/test_support_views.py

@@ -1,19 +1,17 @@
 from datetime import datetime, timedelta, timezone
+from typing import TYPE_CHECKING, Optional
 from unittest import mock
 
 import orjson
-from django.http import HttpResponse
 from django.utils.timezone import now as timezone_now
 
 from corporate.lib.stripe import add_months, update_sponsorship_status
 from corporate.models import Customer, CustomerPlan, LicenseLedger, get_customer_by_realm
-from zerver.lib.actions import (
-    do_create_multiuse_invite_link,
-    do_send_realm_reactivation_email,
-    do_set_realm_property,
-)
+from zerver.actions.invites import do_create_multiuse_invite_link
+from zerver.actions.realm_settings import do_change_realm_org_type, do_send_realm_reactivation_email
+from zerver.actions.user_settings import do_change_user_setting
 from zerver.lib.test_classes import ZulipTestCase
-from zerver.lib.test_helpers import reset_emails_in_zulip_realm
+from zerver.lib.test_helpers import reset_email_visibility_to_everyone_in_zulip_realm
 from zerver.models import (
     MultiuseInvite,
     PreregistrationUser,
@@ -24,13 +22,20 @@ from zerver.models import (
     get_realm,
 )
 
+if TYPE_CHECKING:
+    from django.test.client import _MonkeyPatchedWSGIResponse as TestHttpResponse
+
 
 class TestSupportEndpoint(ZulipTestCase):
     def test_search(self) -> None:
-        reset_emails_in_zulip_realm()
+        reset_email_visibility_to_everyone_in_zulip_realm()
+        lear_user = self.lear_user("king")
+        lear_user.is_staff = True
+        lear_user.save(update_fields=["is_staff"])
+        lear_realm = get_realm("lear")
 
         def assert_user_details_in_html_response(
-            html_response: HttpResponse, full_name: str, email: str, role: str
+            html_response: "TestHttpResponse", full_name: str, email: str, role: str
         ) -> None:
             self.assert_in_success_response(
                 [
@@ -43,7 +48,22 @@ class TestSupportEndpoint(ZulipTestCase):
                 html_response,
             )
 
-        def check_hamlet_user_query_result(result: HttpResponse) -> None:
+        def create_invitation(
+            stream: str, invitee_email: str, realm: Optional[Realm] = None
+        ) -> None:
+            invite_expires_in_minutes = 10 * 24 * 60
+            self.client_post(
+                "/json/invites",
+                {
+                    "invitee_emails": [invitee_email],
+                    "stream_ids": orjson.dumps([self.get_stream_id(stream, realm)]).decode(),
+                    "invite_expires_in_minutes": invite_expires_in_minutes,
+                    "invite_as": PreregistrationUser.INVITE_AS["MEMBER"],
+                },
+                subdomain=realm.string_id if realm is not None else "zulip",
+            )
+
+        def check_hamlet_user_query_result(result: "TestHttpResponse") -> None:
             assert_user_details_in_html_response(
                 result, "King Hamlet", self.example_email("hamlet"), "Member"
             )
@@ -59,17 +79,22 @@ class TestSupportEndpoint(ZulipTestCase):
                 result,
             )
 
-        def check_othello_user_query_result(result: HttpResponse) -> None:
+        def check_lear_user_query_result(result: "TestHttpResponse") -> None:
+            assert_user_details_in_html_response(
+                result, lear_user.full_name, lear_user.email, "Member"
+            )
+
+        def check_othello_user_query_result(result: "TestHttpResponse") -> None:
             assert_user_details_in_html_response(
                 result, "Othello, the Moor of Venice", self.example_email("othello"), "Member"
             )
 
-        def check_polonius_user_query_result(result: HttpResponse) -> None:
+        def check_polonius_user_query_result(result: "TestHttpResponse") -> None:
             assert_user_details_in_html_response(
                 result, "Polonius", self.example_email("polonius"), "Guest"
             )
 
-        def check_zulip_realm_query_result(result: HttpResponse) -> None:
+        def check_zulip_realm_query_result(result: "TestHttpResponse") -> None:
             zulip_realm = get_realm("zulip")
             first_human_user = zulip_realm.get_first_human_user()
             assert first_human_user is not None
@@ -90,8 +115,7 @@ class TestSupportEndpoint(ZulipTestCase):
                 result,
             )
 
-        def check_lear_realm_query_result(result: HttpResponse) -> None:
-            lear_realm = get_realm("lear")
+        def check_lear_realm_query_result(result: "TestHttpResponse") -> None:
             self.assert_in_success_response(
                 [
                     f'<input type="hidden" name="realm_id" value="{lear_realm.id}"',
@@ -116,7 +140,7 @@ class TestSupportEndpoint(ZulipTestCase):
             )
 
         def check_preregistration_user_query_result(
-            result: HttpResponse, email: str, invite: bool = False
+            result: "TestHttpResponse", email: str, invite: bool = False
         ) -> None:
             self.assert_in_success_response(
                 [
@@ -130,7 +154,7 @@ class TestSupportEndpoint(ZulipTestCase):
                 self.assert_in_success_response(
                     [
                         "<b>Expires in</b>: 1\xa0week, 3\xa0days",
-                        "<b>Status</b>: Link has never been clicked",
+                        "<b>Status</b>: Link has not been used",
                     ],
                     result,
                 )
@@ -140,12 +164,12 @@ class TestSupportEndpoint(ZulipTestCase):
                 self.assert_in_success_response(
                     [
                         "<b>Expires in</b>: 1\xa0day",
-                        "<b>Status</b>: Link has never been clicked",
+                        "<b>Status</b>: Link has not been used",
                     ],
                     result,
                 )
 
-        def check_realm_creation_query_result(result: HttpResponse, email: str) -> None:
+        def check_realm_creation_query_result(result: "TestHttpResponse", email: str) -> None:
             self.assert_in_success_response(
                 [
                     '<span class="label">preregistration user</span>\n',
@@ -156,7 +180,7 @@ class TestSupportEndpoint(ZulipTestCase):
                 result,
             )
 
-        def check_multiuse_invite_link_query_result(result: HttpResponse) -> None:
+        def check_multiuse_invite_link_query_result(result: "TestHttpResponse") -> None:
             self.assert_in_success_response(
                 [
                     '<span class="label">multiuse invite</span>\n',
@@ -166,7 +190,7 @@ class TestSupportEndpoint(ZulipTestCase):
                 result,
             )
 
-        def check_realm_reactivation_link_query_result(result: HttpResponse) -> None:
+        def check_realm_reactivation_link_query_result(result: "TestHttpResponse") -> None:
             self.assert_in_success_response(
                 [
                     '<span class="label">realm reactivation</span>\n',
@@ -176,6 +200,13 @@ class TestSupportEndpoint(ZulipTestCase):
                 result,
             )
 
+        def get_check_query_result(
+            query: str, count: int, subdomain: str = "zulip"
+        ) -> "TestHttpResponse":
+            result = self.client_get("/activity/support", {"q": query}, subdomain=subdomain)
+            self.assertEqual(result.content.decode().count("support-query-result"), count)
+            return result
+
         self.login("cordelia")
 
         result = self.client_get("/activity/support")
@@ -184,14 +215,14 @@ class TestSupportEndpoint(ZulipTestCase):
 
         self.login("iago")
 
-        do_set_realm_property(
-            get_realm("zulip"),
+        do_change_user_setting(
+            self.example_user("hamlet"),
             "email_address_visibility",
-            Realm.EMAIL_ADDRESS_VISIBILITY_NOBODY,
+            UserProfile.EMAIL_ADDRESS_VISIBILITY_NOBODY,
             acting_user=None,
         )
 
-        customer = Customer.objects.create(realm=get_realm("lear"), stripe_customer_id="cus_123")
+        customer = Customer.objects.create(realm=lear_realm, stripe_customer_id="cus_123")
         now = datetime(2016, 1, 2, tzinfo=timezone.utc)
         plan = CustomerPlan.objects.create(
             customer=customer,
@@ -214,39 +245,43 @@ class TestSupportEndpoint(ZulipTestCase):
             ['<input type="text" name="q" class="input-xxlarge search-query"'], result
         )
 
-        result = self.client_get("/activity/support", {"q": self.example_email("hamlet")})
+        result = get_check_query_result(self.example_email("hamlet"), 1)
         check_hamlet_user_query_result(result)
         check_zulip_realm_query_result(result)
 
-        result = self.client_get("/activity/support", {"q": self.example_email("polonius")})
+        result = get_check_query_result(lear_user.email, 1)
+        check_lear_user_query_result(result)
+        check_lear_realm_query_result(result)
+
+        result = get_check_query_result(self.example_email("polonius"), 1)
         check_polonius_user_query_result(result)
         check_zulip_realm_query_result(result)
 
-        result = self.client_get("/activity/support", {"q": "lear"})
+        result = get_check_query_result("lear", 1)
         check_lear_realm_query_result(result)
 
-        result = self.client_get("/activity/support", {"q": "http://lear.testserver"})
+        result = get_check_query_result("http://lear.testserver", 1)
         check_lear_realm_query_result(result)
 
         with self.settings(REALM_HOSTS={"zulip": "localhost"}):
-            result = self.client_get("/activity/support", {"q": "http://localhost"})
+            result = get_check_query_result("http://localhost", 1)
             check_zulip_realm_query_result(result)
 
-        result = self.client_get("/activity/support", {"q": "hamlet@zulip.com, lear"})
+        result = get_check_query_result("hamlet@zulip.com, lear", 2)
         check_hamlet_user_query_result(result)
         check_zulip_realm_query_result(result)
         check_lear_realm_query_result(result)
 
-        result = self.client_get("/activity/support", {"q": "King hamlet,lear"})
+        result = get_check_query_result("King hamlet,lear", 2)
         check_hamlet_user_query_result(result)
         check_zulip_realm_query_result(result)
         check_lear_realm_query_result(result)
 
-        result = self.client_get("/activity/support", {"q": "Othello, the Moor of Venice"})
+        result = get_check_query_result("Othello, the Moor of Venice", 1)
         check_othello_user_query_result(result)
         check_zulip_realm_query_result(result)
 
-        result = self.client_get("/activity/support", {"q": "lear, Hamlet <hamlet@zulip.com>"})
+        result = get_check_query_result("lear, Hamlet <hamlet@zulip.com>", 2)
         check_hamlet_user_query_result(result)
         check_zulip_realm_query_result(result)
         check_lear_realm_query_result(result)
@@ -257,50 +292,76 @@ class TestSupportEndpoint(ZulipTestCase):
         ):
             self.client_post("/accounts/home/", {"email": self.nonreg_email("test")})
             self.login("iago")
-            result = self.client_get("/activity/support", {"q": self.nonreg_email("test")})
+            result = get_check_query_result(self.nonreg_email("test"), 1)
             check_preregistration_user_query_result(result, self.nonreg_email("test"))
             check_zulip_realm_query_result(result)
 
-            invite_expires_in_days = 10
-            stream_ids = [self.get_stream_id("Denmark")]
-            invitee_emails = [self.nonreg_email("test1")]
-            self.client_post(
-                "/json/invites",
-                {
-                    "invitee_emails": invitee_emails,
-                    "stream_ids": orjson.dumps(stream_ids).decode(),
-                    "invite_expires_in_days": invite_expires_in_days,
-                    "invite_as": PreregistrationUser.INVITE_AS["MEMBER"],
-                },
-            )
-            result = self.client_get("/activity/support", {"q": self.nonreg_email("test1")})
+            create_invitation("Denmark", self.nonreg_email("test1"))
+            result = get_check_query_result(self.nonreg_email("test1"), 1)
             check_preregistration_user_query_result(result, self.nonreg_email("test1"), invite=True)
             check_zulip_realm_query_result(result)
 
             email = self.nonreg_email("alice")
-            self.client_post("/new/", {"email": email})
-            result = self.client_get("/activity/support", {"q": email})
+            self.submit_realm_creation_form(
+                email, realm_subdomain="zuliptest", realm_name="Zulip test"
+            )
+            result = get_check_query_result(email, 1)
             check_realm_creation_query_result(result, email)
 
+            invite_expires_in_minutes = 10 * 24 * 60
             do_create_multiuse_invite_link(
                 self.example_user("hamlet"),
                 invited_as=1,
-                invite_expires_in_days=invite_expires_in_days,
+                invite_expires_in_minutes=invite_expires_in_minutes,
             )
-            result = self.client_get("/activity/support", {"q": "zulip"})
+            result = get_check_query_result("zulip", 2)
             check_multiuse_invite_link_query_result(result)
             check_zulip_realm_query_result(result)
             MultiuseInvite.objects.all().delete()
 
             do_send_realm_reactivation_email(get_realm("zulip"), acting_user=None)
-            result = self.client_get("/activity/support", {"q": "zulip"})
+            result = get_check_query_result("zulip", 2)
             check_realm_reactivation_link_query_result(result)
             check_zulip_realm_query_result(result)
 
+            lear_nonreg_email = "newguy@lear.org"
+            self.client_post("/accounts/home/", {"email": lear_nonreg_email}, subdomain="lear")
+            result = get_check_query_result(lear_nonreg_email, 1)
+            check_preregistration_user_query_result(result, lear_nonreg_email)
+            check_lear_realm_query_result(result)
+
+            self.login_user(lear_user)
+            create_invitation("general", "newguy2@lear.org", lear_realm)
+            result = get_check_query_result("newguy2@lear.org", 1, lear_realm.string_id)
+            check_preregistration_user_query_result(result, "newguy2@lear.org", invite=True)
+            check_lear_realm_query_result(result)
+
     def test_get_org_type_display_name(self) -> None:
         self.assertEqual(get_org_type_display_name(Realm.ORG_TYPES["business"]["id"]), "Business")
         self.assertEqual(get_org_type_display_name(883), "")
 
+    def test_unspecified_org_type_correctly_displayed(self) -> None:
+        """
+        Unspecified org type is special in that it is marked to not be shown
+        on the registration page (because organitions are not meant to be able to choose it),
+        but should be correctly shown at the /support/ endpoint.
+        """
+        realm = get_realm("zulip")
+
+        do_change_realm_org_type(realm, 0, acting_user=None)
+        self.assertEqual(realm.org_type, 0)
+
+        self.login("iago")
+
+        result = self.client_get("/activity/support", {"q": "zulip"}, subdomain="zulip")
+        self.assert_in_success_response(
+            [
+                f'<input type="hidden" name="realm_id" value="{realm.id}"',
+                '<option value="0" selected>',
+            ],
+            result,
+        )
+
     @mock.patch("analytics.views.support.update_billing_method_of_current_plan")
     def test_change_billing_method(self, m: mock.Mock) -> None:
         cordelia = self.example_user("cordelia")
@@ -566,7 +627,7 @@ class TestSupportEndpoint(ZulipTestCase):
                 "/activity/support",
                 {
                     "realm_id": f"{iago.realm_id}",
-                    "downgrade_method": "downgrade_at_billing_cycle_end",
+                    "modify_plan": "downgrade_at_billing_cycle_end",
                 },
             )
             m.assert_called_once_with(get_realm("zulip"))
@@ -581,7 +642,7 @@ class TestSupportEndpoint(ZulipTestCase):
                 "/activity/support",
                 {
                     "realm_id": f"{iago.realm_id}",
-                    "downgrade_method": "downgrade_now_without_additional_licenses",
+                    "modify_plan": "downgrade_now_without_additional_licenses",
                 },
             )
             m.assert_called_once_with(get_realm("zulip"))
@@ -597,7 +658,7 @@ class TestSupportEndpoint(ZulipTestCase):
                     "/activity/support",
                     {
                         "realm_id": f"{iago.realm_id}",
-                        "downgrade_method": "downgrade_now_void_open_invoices",
+                        "modify_plan": "downgrade_now_void_open_invoices",
                     },
                 )
                 m1.assert_called_once_with(get_realm("zulip"))
@@ -606,6 +667,17 @@ class TestSupportEndpoint(ZulipTestCase):
                     ["zulip downgraded and voided 1 open invoices"], result
                 )
 
+        with mock.patch("analytics.views.support.switch_realm_from_standard_to_plus_plan") as m:
+            result = self.client_post(
+                "/activity/support",
+                {
+                    "realm_id": f"{iago.realm_id}",
+                    "modify_plan": "upgrade_to_plus",
+                },
+            )
+            m.assert_called_once_with(get_realm("zulip"))
+            self.assert_in_success_response(["zulip upgraded to Plus"], result)
+
     def test_scrub_realm(self) -> None:
         cordelia = self.example_user("cordelia")
         lear_realm = get_realm("lear")

analytics/views/activity_common.py

@@ -1,17 +1,24 @@
 import re
+import sys
 from datetime import datetime
-from html import escape
-from typing import Any, Dict, List, Optional, Sequence
+from typing import Any, Collection, Dict, List, Optional, Sequence
+from urllib.parse import urlencode
 
-import pytz
 from django.conf import settings
 from django.db.backends.utils import CursorWrapper
-from django.db.models.query import QuerySet
 from django.template import loader
 from django.urls import reverse
-from markupsafe import Markup as mark_safe
+from markupsafe import Markup
 
-eastern_tz = pytz.timezone("US/Eastern")
+from zerver.lib.url_encoding import append_url_query_string
+from zerver.models import UserActivity, get_realm
+
+if sys.version_info < (3, 9):  # nocoverage
+    from backports import zoneinfo
+else:  # nocoverage
+    import zoneinfo
+
+eastern_tz = zoneinfo.ZoneInfo("America/New_York")
 
 
 if settings.BILLING_ENABLED:
@@ -21,7 +28,6 @@ if settings.BILLING_ENABLED:
 def make_table(
     title: str, cols: Sequence[str], rows: Sequence[Any], has_row_class: bool = False
 ) -> str:
-
     if not has_row_class:
 
         def fix_row(row: Any) -> Dict[str, Any]:
@@ -40,7 +46,7 @@ def make_table(
 
 
 def dictfetchall(cursor: CursorWrapper) -> List[Dict[str, Any]]:
-    "Returns all rows from a cursor as a dict"
+    """Returns all rows from a cursor as a dict"""
     desc = cursor.description
     return [dict(zip((col[0] for col in desc), row)) for row in cursor.fetchall()]
 
@@ -52,45 +58,55 @@ def format_date_for_activity_reports(date: Optional[datetime]) -> str:
         return ""
 
 
-def user_activity_link(email: str, user_profile_id: int) -> mark_safe:
+def user_activity_link(email: str, user_profile_id: int) -> Markup:
     from analytics.views.user_activity import get_user_activity
 
     url = reverse(get_user_activity, kwargs=dict(user_profile_id=user_profile_id))
-    email_link = f'<a href="{escape(url)}">{escape(email)}</a>'
-    return mark_safe(email_link)
+    return Markup('<a href="{url}">{email}</a>').format(url=url, email=email)
 
 
-def realm_activity_link(realm_str: str) -> mark_safe:
+def realm_activity_link(realm_str: str) -> Markup:
     from analytics.views.realm_activity import get_realm_activity
 
     url = reverse(get_realm_activity, kwargs=dict(realm_str=realm_str))
-    realm_link = f'<a href="{escape(url)}">{escape(realm_str)}</a>'
-    return mark_safe(realm_link)
+    return Markup('<a href="{url}">{realm_str}</a>').format(url=url, realm_str=realm_str)
 
 
-def realm_stats_link(realm_str: str) -> mark_safe:
+def realm_stats_link(realm_str: str) -> Markup:
     from analytics.views.stats import stats_for_realm
 
     url = reverse(stats_for_realm, kwargs=dict(realm_str=realm_str))
-    stats_link = f'<a href="{escape(url)}"><i class="fa fa-pie-chart"></i>{escape(realm_str)}</a>'
-    return mark_safe(stats_link)
+    return Markup('<a href="{url}"><i class="fa fa-pie-chart"></i></a>').format(url=url)
 
 
-def remote_installation_stats_link(server_id: int, hostname: str) -> mark_safe:
+def realm_support_link(realm_str: str) -> Markup:
+    support_url = reverse("support")
+    query = urlencode({"q": realm_str})
+    url = append_url_query_string(support_url, query)
+    return Markup('<a href="{url}">{realm_str}</a>').format(url=url, realm_str=realm_str)
+
+
+def realm_url_link(realm_str: str) -> Markup:
+    url = get_realm(realm_str).uri
+    return Markup('<a href="{url}"><i class="fa fa-home"></i></a>').format(url=url)
+
+
+def remote_installation_stats_link(server_id: int, hostname: str) -> Markup:
     from analytics.views.stats import stats_for_remote_installation
 
     url = reverse(stats_for_remote_installation, kwargs=dict(remote_server_id=server_id))
-    stats_link = f'<a href="{escape(url)}"><i class="fa fa-pie-chart"></i>{escape(hostname)}</a>'
-    return mark_safe(stats_link)
+    return Markup('<a href="{url}"><i class="fa fa-pie-chart"></i>{hostname}</a>').format(
+        url=url, hostname=hostname
+    )
 
 
-def get_user_activity_summary(records: List[QuerySet]) -> Dict[str, Any]:
+def get_user_activity_summary(records: Collection[UserActivity]) -> Dict[str, Any]:
     #: The type annotation used above is clearly overly permissive.
     #: We should perhaps use TypedDict to clearly lay out the schema
     #: for the user activity summary.
     summary: Dict[str, Any] = {}
 
-    def update(action: str, record: QuerySet) -> None:
+    def update(action: str, record: UserActivity) -> None:
         if action not in summary:
             summary[action] = dict(
                 count=record.count,
@@ -104,8 +120,9 @@ def get_user_activity_summary(records: List[QuerySet]) -> Dict[str, Any]:
             )
 
     if records:
-        summary["name"] = records[0].user_profile.full_name
-        summary["user_profile_id"] = records[0].user_profile.id
+        first_record = next(iter(records))
+        summary["name"] = first_record.user_profile.full_name
+        summary["user_profile_id"] = first_record.user_profile.id
 
     for record in records:
         client = record.client.name

analytics/views/installation_activity.py

@@ -1,6 +1,7 @@
 import itertools
 import time
 from collections import defaultdict
+from contextlib import suppress
 from datetime import datetime, timedelta
 from typing import Callable, Dict, List, Optional, Sequence, Tuple, Union
 
@@ -10,7 +11,7 @@ from django.http import HttpRequest, HttpResponse
 from django.shortcuts import render
 from django.template import loader
 from django.utils.timezone import now as timezone_now
-from markupsafe import Markup as mark_safe
+from markupsafe import Markup
 from psycopg2.sql import SQL, Composable, Literal
 
 from analytics.lib.counts import COUNT_STATS
@@ -20,13 +21,15 @@ from analytics.views.activity_common import (
     make_table,
     realm_activity_link,
     realm_stats_link,
+    realm_support_link,
+    realm_url_link,
     remote_installation_stats_link,
 )
 from analytics.views.support import get_plan_name
 from zerver.decorator import require_server_admin
 from zerver.lib.request import has_request_variables
 from zerver.lib.timestamp import timestamp_to_datetime
-from zerver.models import Realm, UserActivityInterval, UserProfile, get_org_type_display_name
+from zerver.models import Realm, UserActivityInterval, get_org_type_display_name
 
 if settings.BILLING_ENABLED:
     from corporate.lib.stripe import (
@@ -35,7 +38,7 @@ if settings.BILLING_ENABLED:
     )
 
 
-def get_realm_day_counts() -> Dict[str, Dict[str, str]]:
+def get_realm_day_counts() -> Dict[str, Dict[str, Markup]]:
     query = SQL(
         """
         select
@@ -75,7 +78,7 @@ def get_realm_day_counts() -> Dict[str, Dict[str, str]]:
         min_cnt = min(raw_cnts[1:])
         max_cnt = max(raw_cnts[1:])
 
-        def format_count(cnt: int, style: Optional[str] = None) -> str:
+        def format_count(cnt: int, style: Optional[str] = None) -> Markup:
             if style is not None:
                 good_bad = style
             elif cnt == min_cnt:
@@ -85,9 +88,11 @@ def get_realm_day_counts() -> Dict[str, Dict[str, str]]:
             else:
                 good_bad = "neutral"
 
-            return f'<td class="number {good_bad}">{cnt}</td>'
+            return Markup('<td class="number {good_bad}">{cnt}</td>').format(
+                good_bad=good_bad, cnt=cnt
+            )
 
-        cnts = format_count(raw_cnts[0], "neutral") + "".join(map(format_count, raw_cnts[1:]))
+        cnts = format_count(raw_cnts[0], "neutral") + Markup().join(map(format_count, raw_cnts[1:]))
         result[string_id] = dict(cnts=cnts)
 
     return result
@@ -187,19 +192,10 @@ def realm_summary_table(realm_minutes: Dict[str, float]) -> str:
     rows = dictfetchall(cursor)
     cursor.close()
 
-    # Fetch all the realm administrator users
-    realm_owners: Dict[str, List[str]] = defaultdict(list)
-    for up in UserProfile.objects.select_related("realm").filter(
-        role=UserProfile.ROLE_REALM_OWNER,
-        is_active=True,
-    ):
-        realm_owners[up.realm.string_id].append(up.delivery_email)
-
     for row in rows:
         row["date_created_day"] = row["date_created"].strftime("%Y-%m-%d")
         row["age_days"] = int((now - row["date_created"]).total_seconds() / 86400)
         row["is_new"] = row["age_days"] < 12 * 7
-        row["realm_owner_emails"] = ", ".join(realm_owners[row["string_id"]])
 
     # get messages sent per day
     counts = get_realm_day_counts()
@@ -248,14 +244,14 @@ def realm_summary_table(realm_minutes: Dict[str, float]) -> str:
         hours = minutes / 60.0
         total_hours += hours
         row["hours"] = str(int(hours))
-        try:
+        with suppress(Exception):
             row["hours_per_user"] = "{:.1f}".format(hours / row["dau_count"])
-        except Exception:
-            pass
 
     # formatting
     for row in rows:
+        row["realm_url"] = realm_url_link(row["string_id"])
         row["stats_link"] = realm_stats_link(row["string_id"])
+        row["support_link"] = realm_support_link(row["string_id"])
         row["string_id"] = realm_activity_link(row["string_id"])
 
     # Count active sites
@@ -281,9 +277,10 @@ def realm_summary_table(realm_minutes: Dict[str, float]) -> str:
         org_type_string="",
         effective_rate="",
         arr=total_arr,
+        realm_url="",
         stats_link="",
+        support_link="",
         date_created_day="",
-        realm_owner_emails="",
         dau_count=total_dau_count,
         user_profile_count=total_user_profile_count,
         bot_count=total_bot_count,
@@ -298,18 +295,19 @@ def realm_summary_table(realm_minutes: Dict[str, float]) -> str:
         dict(
             rows=rows,
             num_active_sites=num_active_sites,
-            utctime=now.strftime("%Y-%m-%d %H:%MZ"),
+            utctime=now.strftime("%Y-%m-%d %H:%M %Z"),
             billing_enabled=settings.BILLING_ENABLED,
         ),
     )
     return content
 
 
-def user_activity_intervals() -> Tuple[mark_safe, Dict[str, float]]:
+def user_activity_intervals() -> Tuple[Markup, Dict[str, float]]:
     day_end = timestamp_to_datetime(time.time())
     day_start = day_end - timedelta(hours=24)
 
-    output = "Per-user online duration for the last 24 hours:\n"
+    output = Markup()
+    output += "Per-user online duration for the last 24 hours:\n"
     total_duration = timedelta(0)
 
     all_intervals = (
@@ -340,7 +338,7 @@ def user_activity_intervals() -> Tuple[mark_safe, Dict[str, float]]:
 
     for string_id, realm_intervals in itertools.groupby(all_intervals, by_string_id):
         realm_duration = timedelta(0)
-        output += f"<hr>{string_id}\n"
+        output += Markup("<hr>") + f"{string_id}\n"
         for email, intervals in itertools.groupby(realm_intervals, by_email):
             duration = timedelta(0)
             for interval in intervals:
@@ -357,7 +355,7 @@ def user_activity_intervals() -> Tuple[mark_safe, Dict[str, float]]:
     output += f"\nTotal duration:                      {total_duration}\n"
     output += f"\nTotal duration in minutes:           {total_duration.total_seconds() / 60.}\n"
     output += f"Total duration amortized to a month: {total_duration.total_seconds() * 30. / 60.}"
-    content = mark_safe("<pre>" + output + "</pre>")
+    content = Markup("<pre>{}</pre>").format(output)
     return content, realm_minutes
 
 
@@ -372,7 +370,7 @@ def ad_hoc_queries() -> List[Dict[str, str]]:
         cursor.close()
 
         def fix_rows(
-            i: int, fixup_func: Union[Callable[[str], mark_safe], Callable[[datetime], str]]
+            i: int, fixup_func: Union[Callable[[str], Markup], Callable[[datetime], str]]
         ) -> None:
             for row in rows:
                 row[i] = fixup_func(row[i])
@@ -410,7 +408,7 @@ def ad_hoc_queries() -> List[Dict[str, str]]:
     for mobile_type in ["Android", "ZulipiOS"]:
         title = f"{mobile_type} usage"
 
-        query = SQL(
+        query: Composable = SQL(
             """
             select
                 realm.string_id,

analytics/views/realm_activity.py

@@ -3,7 +3,7 @@ from datetime import datetime
 from typing import Any, Dict, List, Optional, Set, Tuple
 
 from django.db import connection
-from django.db.models.query import QuerySet
+from django.db.models import QuerySet
 from django.http import HttpRequest, HttpResponse, HttpResponseNotFound
 from django.shortcuts import render
 from django.utils.timezone import now as timezone_now
@@ -13,13 +13,14 @@ from analytics.views.activity_common import (
     format_date_for_activity_reports,
     get_user_activity_summary,
     make_table,
+    realm_stats_link,
     user_activity_link,
 )
 from zerver.decorator import require_server_admin
 from zerver.models import Realm, UserActivity
 
 
-def get_user_activity_records_for_realm(realm: str, is_bot: bool) -> QuerySet:
+def get_user_activity_records_for_realm(realm: str, is_bot: bool) -> QuerySet[UserActivity]:
     fields = [
         "user_profile__full_name",
         "user_profile__delivery_email",
@@ -40,11 +41,11 @@ def get_user_activity_records_for_realm(realm: str, is_bot: bool) -> QuerySet:
 
 
 def realm_user_summary_table(
-    all_records: List[QuerySet], admin_emails: Set[str]
+    all_records: QuerySet[UserActivity], admin_emails: Set[str]
 ) -> Tuple[Dict[str, Any], str]:
     user_records = {}
 
-    def by_email(record: QuerySet) -> str:
+    def by_email(record: UserActivity) -> str:
         return record.user_profile.delivery_email
 
     for email, records in itertools.groupby(all_records, by_email):
@@ -236,7 +237,7 @@ def get_realm_activity(request: HttpRequest, realm_str: str) -> HttpResponse:
     admin_emails = {admin.delivery_email for admin in admins}
 
     for is_bot, page_title in [(False, "Humans"), (True, "Bots")]:
-        all_records = list(get_user_activity_records_for_realm(realm_str, is_bot))
+        all_records = get_user_activity_records_for_realm(realm_str, is_bot)
 
         user_records, content = realm_user_summary_table(all_records, admin_emails)
         all_user_records.update(user_records)
@@ -252,8 +253,10 @@ def get_realm_activity(request: HttpRequest, realm_str: str) -> HttpResponse:
     data += [(page_title, content)]
 
     title = realm_str
+    realm_stats = realm_stats_link(realm_str)
+
     return render(
         request,
         "analytics/activity.html",
-        context=dict(data=data, realm_link=None, title=title),
+        context=dict(data=data, realm_stats_link=realm_stats, title=title),
     )

analytics/views/stats.py

@@ -1,10 +1,10 @@
 import logging
 from collections import defaultdict
 from datetime import datetime, timedelta, timezone
-from typing import Any, Dict, List, Optional, Tuple, Type, Union, cast
+from typing import Any, Dict, List, Optional, Tuple, Type, TypeVar, Union, cast
 
 from django.conf import settings
-from django.db.models.query import QuerySet
+from django.db.models import QuerySet
 from django.http import HttpRequest, HttpResponse, HttpResponseNotFound
 from django.shortcuts import render
 from django.utils import translation
@@ -49,16 +49,36 @@ def is_analytics_ready(realm: Realm) -> bool:
 def render_stats(
     request: HttpRequest,
     data_url_suffix: str,
-    target_name: str,
+    realm: Optional[Realm],
+    *,
+    title: Optional[str] = None,
     for_installation: bool = False,
     remote: bool = False,
     analytics_ready: bool = True,
 ) -> HttpResponse:
     assert request.user.is_authenticated
+
+    if realm is not None:
+        # Same query to get guest user count as in get_seat_count in corporate/lib/stripe.py.
+        guest_users = UserProfile.objects.filter(
+            realm=realm, is_active=True, is_bot=False, role=UserProfile.ROLE_GUEST
+        ).count()
+        space_used = realm.currently_used_upload_space_bytes()
+        if title:
+            pass
+        else:
+            title = realm.name or realm.string_id
+    else:
+        assert title
+        guest_users = None
+        space_used = None
+
     page_params = dict(
         data_url_suffix=data_url_suffix,
         for_installation=for_installation,
         remote=remote,
+        upload_space_used=space_used,
+        guest_users=guest_users,
     )
 
     request_language = get_and_set_request_language(
@@ -73,7 +93,9 @@ def render_stats(
         request,
         "analytics/stats.html",
         context=dict(
-            target_name=target_name, page_params=page_params, analytics_ready=analytics_ready
+            target_name=title,
+            page_params=page_params,
+            analytics_ready=analytics_ready,
         ),
     )
 
@@ -86,9 +108,7 @@ def stats(request: HttpRequest) -> HttpResponse:
         # TODO: Make @zulip_login_required pass the UserProfile so we
         # can use @require_member_or_admin
         raise JsonableError(_("Not allowed for guest users"))
-    return render_stats(
-        request, "", realm.name or realm.string_id, analytics_ready=is_analytics_ready(realm)
-    )
+    return render_stats(request, "", realm, analytics_ready=is_analytics_ready(realm))
 
 
 @require_server_admin
@@ -102,7 +122,7 @@ def stats_for_realm(request: HttpRequest, realm_str: str) -> HttpResponse:
     return render_stats(
         request,
         f"/realm/{realm_str}",
-        realm.name or realm.string_id,
+        realm,
         analytics_ready=is_analytics_ready(realm),
     )
 
@@ -117,27 +137,29 @@ def stats_for_remote_realm(
     return render_stats(
         request,
         f"/remote/{server.id}/realm/{remote_realm_id}",
-        f"Realm {remote_realm_id} on server {server.hostname}",
+        None,
+        title=f"Realm {remote_realm_id} on server {server.hostname}",
     )
 
 
 @require_server_admin_api
 @has_request_variables
 def get_chart_data_for_realm(
-    request: HttpRequest, user_profile: UserProfile, realm_str: str, **kwargs: Any
+    request: HttpRequest, /, user_profile: UserProfile, realm_str: str, **kwargs: Any
 ) -> HttpResponse:
     try:
         realm = get_realm(realm_str)
     except Realm.DoesNotExist:
         raise JsonableError(_("Invalid organization"))
 
-    return get_chart_data(request=request, user_profile=user_profile, realm=realm, **kwargs)
+    return get_chart_data(request, user_profile, realm=realm, **kwargs)
 
 
 @require_server_admin_api
 @has_request_variables
 def get_chart_data_for_remote_realm(
     request: HttpRequest,
+    /,
     user_profile: UserProfile,
     remote_server_id: int,
     remote_realm_id: int,
@@ -146,8 +168,8 @@ def get_chart_data_for_remote_realm(
     assert settings.ZILENCER_ENABLED
     server = RemoteZulipServer.objects.get(id=remote_server_id)
     return get_chart_data(
-        request=request,
-        user_profile=user_profile,
+        request,
+        user_profile,
         server=server,
         remote=True,
         remote_realm_id=int(remote_realm_id),
@@ -157,7 +179,8 @@ def get_chart_data_for_remote_realm(
 
 @require_server_admin
 def stats_for_installation(request: HttpRequest) -> HttpResponse:
-    return render_stats(request, "/installation", "installation", True)
+    assert request.user.is_authenticated
+    return render_stats(request, "/installation", None, title="installation", for_installation=True)
 
 
 @require_server_admin
@@ -167,26 +190,26 @@ def stats_for_remote_installation(request: HttpRequest, remote_server_id: int) -
     return render_stats(
         request,
         f"/remote/{server.id}/installation",
-        f"remote installation {server.hostname}",
-        True,
-        True,
+        None,
+        title=f"remote installation {server.hostname}",
+        for_installation=True,
+        remote=True,
     )
 
 
 @require_server_admin_api
 @has_request_variables
 def get_chart_data_for_installation(
-    request: HttpRequest, user_profile: UserProfile, chart_name: str = REQ(), **kwargs: Any
+    request: HttpRequest, /, user_profile: UserProfile, chart_name: str = REQ(), **kwargs: Any
 ) -> HttpResponse:
-    return get_chart_data(
-        request=request, user_profile=user_profile, for_installation=True, **kwargs
-    )
+    return get_chart_data(request, user_profile, for_installation=True, **kwargs)
 
 
 @require_server_admin_api
 @has_request_variables
 def get_chart_data_for_remote_installation(
     request: HttpRequest,
+    /,
     user_profile: UserProfile,
     remote_server_id: int,
     chart_name: str = REQ(),
@@ -195,8 +218,8 @@ def get_chart_data_for_remote_installation(
     assert settings.ZILENCER_ENABLED
     server = RemoteZulipServer.objects.get(id=remote_server_id)
     return get_chart_data(
-        request=request,
-        user_profile=user_profile,
+        request,
+        user_profile,
         for_installation=True,
         remote=True,
         server=server,
@@ -270,8 +293,8 @@ def get_chart_data(
             stats[0]: {
                 "public_stream": _("Public streams"),
                 "private_stream": _("Private streams"),
-                "private_message": _("Private messages"),
-                "huddle_message": _("Group private messages"),
+                "private_message": _("Direct messages"),
+                "huddle_message": _("Group direct messages"),
             }
         }
         labels_sort_function = lambda data: sort_by_totals(data["everyone"])
@@ -436,30 +459,35 @@ def sort_client_labels(data: Dict[str, Dict[str, List[int]]]) -> List[str]:
     return [label for label, sort_value in sorted(label_sort_values.items(), key=lambda x: x[1])]
 
 
-def table_filtered_to_id(table: Type[BaseCount], key_id: int) -> QuerySet:
+CountT = TypeVar("CountT", bound=BaseCount)
+
+
+def table_filtered_to_id(table: Type[CountT], key_id: int) -> QuerySet[CountT]:
     if table == RealmCount:
-        return RealmCount.objects.filter(realm_id=key_id)
+        return table.objects.filter(realm_id=key_id)
     elif table == UserCount:
-        return UserCount.objects.filter(user_id=key_id)
+        return table.objects.filter(user_id=key_id)
     elif table == StreamCount:
-        return StreamCount.objects.filter(stream_id=key_id)
+        return table.objects.filter(stream_id=key_id)
     elif table == InstallationCount:
-        return InstallationCount.objects.all()
+        return table.objects.all()
     elif settings.ZILENCER_ENABLED and table == RemoteInstallationCount:
-        return RemoteInstallationCount.objects.filter(server_id=key_id)
+        return table.objects.filter(server_id=key_id)
     elif settings.ZILENCER_ENABLED and table == RemoteRealmCount:
-        return RemoteRealmCount.objects.filter(realm_id=key_id)
+        return table.objects.filter(realm_id=key_id)
     else:
         raise AssertionError(f"Unknown table: {table}")
 
 
 def client_label_map(name: str) -> str:
     if name == "website":
-        return "Website"
+        return "Web app"
     if name.startswith("desktop app"):
         return "Old desktop app"
     if name == "ZulipElectron":
         return "Desktop app"
+    if name == "ZulipTerminal":
+        return "Terminal app"
     if name == "ZulipAndroid":
         return "Old Android app"
     if name == "ZulipiOS":

analytics/views/support.py

@@ -1,7 +1,9 @@
 import urllib
+from contextlib import suppress
+from dataclasses import dataclass
 from datetime import timedelta
 from decimal import Decimal
-from typing import Any, Dict, List, Optional
+from typing import Any, Dict, Iterable, List, Optional
 from urllib.parse import urlencode
 
 from django.conf import settings
@@ -15,17 +17,17 @@ from django.utils.timezone import now as timezone_now
 from django.utils.translation import gettext as _
 
 from confirmation.models import Confirmation, confirmation_url
-from confirmation.settings import STATUS_ACTIVE
-from zerver.decorator import require_server_admin
-from zerver.forms import check_subdomain_available
-from zerver.lib.actions import (
+from confirmation.settings import STATUS_USED
+from zerver.actions.create_realm import do_change_realm_subdomain
+from zerver.actions.realm_settings import (
     do_change_realm_org_type,
     do_change_realm_plan_type,
-    do_change_realm_subdomain,
     do_deactivate_realm,
     do_scrub_realm,
     do_send_realm_reactivation_email,
 )
+from zerver.decorator import require_server_admin
+from zerver.forms import check_subdomain_available
 from zerver.lib.exceptions import JsonableError
 from zerver.lib.realm_icon import realm_icon_url
 from zerver.lib.request import REQ, has_request_variables
@@ -33,8 +35,10 @@ from zerver.lib.subdomains import get_subdomain_from_hostname
 from zerver.lib.validator import check_bool, check_string_in, to_decimal, to_non_negative_int
 from zerver.models import (
     MultiuseInvite,
+    PreregistrationRealm,
     PreregistrationUser,
     Realm,
+    RealmReactivationStatus,
     UserProfile,
     get_org_type_display_name,
     get_realm,
@@ -50,11 +54,17 @@ if settings.BILLING_ENABLED:
         get_discount_for_realm,
         get_latest_seat_count,
         make_end_of_cycle_updates_if_needed,
+        switch_realm_from_standard_to_plus_plan,
         update_billing_method_of_current_plan,
         update_sponsorship_status,
         void_all_open_invoices,
     )
-    from corporate.models import get_current_plan_by_realm, get_customer_by_realm
+    from corporate.models import (
+        Customer,
+        CustomerPlan,
+        get_current_plan_by_realm,
+        get_customer_by_realm,
+    )
 
 
 def get_plan_name(plan_type: int) -> str:
@@ -68,7 +78,7 @@ def get_plan_name(plan_type: int) -> str:
 
 
 def get_confirmations(
-    types: List[int], object_ids: List[int], hostname: Optional[str] = None
+    types: List[int], object_ids: Iterable[int], hostname: Optional[str] = None
 ) -> List[Dict[str, Any]]:
     lowest_datetime = timezone_now() - timedelta(days=30)
     confirmations = Confirmation.objects.filter(
@@ -84,10 +94,10 @@ def get_confirmations(
 
         assert content_object is not None
         if hasattr(content_object, "status"):
-            if content_object.status == STATUS_ACTIVE:
-                link_status = "Link has been clicked"
+            if content_object.status == STATUS_USED:
+                link_status = "Link has been used"
             else:
-                link_status = "Link has never been clicked"
+                link_status = "Link has not been used"
         else:
             link_status = ""
 
@@ -112,10 +122,11 @@ def get_confirmations(
     return confirmation_dicts
 
 
-VALID_DOWNGRADE_METHODS = [
+VALID_MODIFY_PLAN_METHODS = [
     "downgrade_at_billing_cycle_end",
     "downgrade_now_without_additional_licenses",
     "downgrade_now_void_open_invoices",
+    "upgrade_to_plus",
 ]
 
 VALID_STATUS_VALUES = [
@@ -129,6 +140,14 @@ VALID_BILLING_METHODS = [
 ]
 
 
+@dataclass
+class PlanData:
+    customer: Optional["Customer"] = None
+    current_plan: Optional["CustomerPlan"] = None
+    licenses: Optional[int] = None
+    licenses_used: Optional[int] = None
+
+
 @require_server_admin
 @has_request_variables
 def support(
@@ -142,11 +161,11 @@ def support(
         default=None, str_validator=check_string_in(VALID_BILLING_METHODS)
     ),
     sponsorship_pending: Optional[bool] = REQ(default=None, json_validator=check_bool),
-    approve_sponsorship: Optional[bool] = REQ(default=None, json_validator=check_bool),
-    downgrade_method: Optional[str] = REQ(
-        default=None, str_validator=check_string_in(VALID_DOWNGRADE_METHODS)
+    approve_sponsorship: bool = REQ(default=False, json_validator=check_bool),
+    modify_plan: Optional[str] = REQ(
+        default=None, str_validator=check_string_in(VALID_MODIFY_PLAN_METHODS)
     ),
-    scrub_realm: Optional[bool] = REQ(default=None, json_validator=check_bool),
+    scrub_realm: bool = REQ(default=False, json_validator=check_bool),
     query: Optional[str] = REQ("q", default=None),
     org_type: Optional[int] = REQ(default=None, converter=to_non_negative_int),
 ) -> HttpResponse:
@@ -165,6 +184,7 @@ def support(
         if len(keys) != 2:
             raise JsonableError(_("Invalid parameters"))
 
+        assert realm_id is not None
         realm = Realm.objects.get(id=realm_id)
 
         acting_user = request.user
@@ -233,23 +253,26 @@ def support(
         elif approve_sponsorship:
             do_approve_sponsorship(realm, acting_user=acting_user)
             context["success_message"] = f"Sponsorship approved for {realm.string_id}"
-        elif downgrade_method is not None:
-            if downgrade_method == "downgrade_at_billing_cycle_end":
+        elif modify_plan is not None:
+            if modify_plan == "downgrade_at_billing_cycle_end":
                 downgrade_at_the_end_of_billing_cycle(realm)
                 context[
                     "success_message"
                 ] = f"{realm.string_id} marked for downgrade at the end of billing cycle"
-            elif downgrade_method == "downgrade_now_without_additional_licenses":
+            elif modify_plan == "downgrade_now_without_additional_licenses":
                 downgrade_now_without_creating_additional_invoices(realm)
                 context[
                     "success_message"
                 ] = f"{realm.string_id} downgraded without creating additional invoices"
-            elif downgrade_method == "downgrade_now_void_open_invoices":
+            elif modify_plan == "downgrade_now_void_open_invoices":
                 downgrade_now_without_creating_additional_invoices(realm)
                 voided_invoices_count = void_all_open_invoices(realm)
                 context[
                     "success_message"
                 ] = f"{realm.string_id} downgraded and voided {voided_invoices_count} open invoices"
+            elif modify_plan == "upgrade_to_plus":
+                switch_realm_from_standard_to_plus_plan(realm)
+                context["success_message"] = f"{realm.string_id} upgraded to Plus"
         elif scrub_realm:
             do_scrub_realm(realm, acting_user=acting_user)
             context["success_message"] = f"{realm.string_id} scrubbed."
@@ -269,29 +292,11 @@ def support(
                 if parse_result.port:
                     hostname = f"{hostname}:{parse_result.port}"
                 subdomain = get_subdomain_from_hostname(hostname)
-                try:
+                with suppress(Realm.DoesNotExist):
                     realms.add(get_realm(subdomain))
-                except Realm.DoesNotExist:
-                    pass
             except ValidationError:
                 users.update(UserProfile.objects.filter(full_name__iexact=key_word))
 
-        for realm in realms:
-            realm.customer = get_customer_by_realm(realm)
-
-            current_plan = get_current_plan_by_realm(realm)
-            if current_plan is not None:
-                new_plan, last_ledger_entry = make_end_of_cycle_updates_if_needed(
-                    current_plan, timezone_now()
-                )
-                if last_ledger_entry is not None:
-                    if new_plan is not None:
-                        realm.current_plan = new_plan
-                    else:
-                        realm.current_plan = current_plan
-                    realm.current_plan.licenses = last_ledger_entry.licenses
-                    realm.current_plan.licenses_used = get_latest_seat_count(realm)
-
         # full_names can have , in them
         users.update(UserProfile.objects.filter(full_name__iexact=query))
 
@@ -300,22 +305,69 @@ def support(
 
         confirmations: List[Dict[str, Any]] = []
 
-        preregistration_users = PreregistrationUser.objects.filter(email__in=key_words)
+        preregistration_user_ids = [
+            user.id for user in PreregistrationUser.objects.filter(email__in=key_words)
+        ]
         confirmations += get_confirmations(
-            [Confirmation.USER_REGISTRATION, Confirmation.INVITATION, Confirmation.REALM_CREATION],
-            preregistration_users,
+            [Confirmation.USER_REGISTRATION, Confirmation.INVITATION],
+            preregistration_user_ids,
             hostname=request.get_host(),
         )
 
-        multiuse_invites = MultiuseInvite.objects.filter(realm__in=realms)
-        confirmations += get_confirmations([Confirmation.MULTIUSE_INVITE], multiuse_invites)
-
+        preregistration_realm_ids = [
+            user.id for user in PreregistrationRealm.objects.filter(email__in=key_words)
+        ]
         confirmations += get_confirmations(
-            [Confirmation.REALM_REACTIVATION], [realm.id for realm in realms]
+            [Confirmation.REALM_CREATION],
+            preregistration_realm_ids,
+            hostname=request.get_host(),
+        )
+
+        multiuse_invite_ids = [
+            invite.id for invite in MultiuseInvite.objects.filter(realm__in=realms)
+        ]
+        confirmations += get_confirmations([Confirmation.MULTIUSE_INVITE], multiuse_invite_ids)
+
+        realm_reactivation_status_objects = RealmReactivationStatus.objects.filter(realm__in=realms)
+        confirmations += get_confirmations(
+            [Confirmation.REALM_REACTIVATION], [obj.id for obj in realm_reactivation_status_objects]
         )
 
         context["confirmations"] = confirmations
 
+        # We want a union of all realms that might appear in the search result,
+        # but not necessary as a separate result item.
+        # Therefore, we do not modify the realms object in the context.
+        all_realms = realms.union(
+            [
+                confirmation["object"].realm
+                for confirmation in confirmations
+                # For confirmations, we only display realm details when the type is USER_REGISTRATION
+                # or INVITATION.
+                if confirmation["type"] in (Confirmation.USER_REGISTRATION, Confirmation.INVITATION)
+            ]
+            + [user.realm for user in users]
+        )
+        plan_data: Dict[int, PlanData] = {}
+        for realm in all_realms:
+            current_plan = get_current_plan_by_realm(realm)
+            plan_data[realm.id] = PlanData(
+                customer=get_customer_by_realm(realm),
+                current_plan=current_plan,
+            )
+            if current_plan is not None:
+                new_plan, last_ledger_entry = make_end_of_cycle_updates_if_needed(
+                    current_plan, timezone_now()
+                )
+                if last_ledger_entry is not None:
+                    if new_plan is not None:
+                        plan_data[realm.id].current_plan = new_plan
+                    else:
+                        plan_data[realm.id].current_plan = current_plan
+                    plan_data[realm.id].licenses = last_ledger_entry.licenses
+                    plan_data[realm.id].licenses_used = get_latest_seat_count(realm)
+        context["plan_data"] = plan_data
+
     def get_realm_owner_emails_as_string(realm: Realm) -> str:
         return ", ".join(
             realm.get_human_owner_users()

analytics/views/user_activity.py

@@ -1,7 +1,7 @@
 from typing import Any, Dict, List, Tuple
 
 from django.conf import settings
-from django.db.models.query import QuerySet
+from django.db.models import QuerySet
 from django.http import HttpRequest, HttpResponse
 from django.shortcuts import render
 
@@ -17,7 +17,9 @@ if settings.BILLING_ENABLED:
     pass
 
 
-def get_user_activity_records(user_profile: UserProfile) -> List[QuerySet]:
+def get_user_activity_records(
+    user_profile: UserProfile,
+) -> QuerySet[UserActivity]:
     fields = [
         "user_profile__full_name",
         "query",
@@ -34,7 +36,7 @@ def get_user_activity_records(user_profile: UserProfile) -> List[QuerySet]:
     return records
 
 
-def raw_user_activity_table(records: List[QuerySet]) -> str:
+def raw_user_activity_table(records: QuerySet[UserActivity]) -> str:
     cols = [
         "query",
         "client",
@@ -42,7 +44,7 @@ def raw_user_activity_table(records: List[QuerySet]) -> str:
         "last_visit",
     ]
 
-    def row(record: QuerySet) -> List[Any]:
+    def row(record: UserActivity) -> List[Any]:
         return [
             record.query,
             record.client.name,

api_docs/api-doc-template.md

@@ -1,6 +1,4 @@
-{generate_api_title(API_ENDPOINT_NAME)}
-
-{generate_api_description(API_ENDPOINT_NAME)}
+{generate_api_header(API_ENDPOINT_NAME)}
 
 ## Usage examples
 
@@ -28,6 +26,6 @@
 
 {generate_response_description(API_ENDPOINT_NAME)}
 
-#### Example response
+#### Example response(s)
 
 {generate_code_example|API_ENDPOINT_NAME|fixture}

api_docs/api-keys.md

@@ -19,8 +19,8 @@ Anyone with your API key can impersonate you, so be doubly careful with it.
 
 1. Under **API key**, click **Show/change your API key**.
 
-1. Enter your password, and click **Get API key**. If you never had a
-   password, click **Never had one? Forgotten it?** and follow the
+1. Enter your password, and click **Get API key**. If you don't know your
+   password, click **reset it** and follow the
    instructions from there.
 
 1. Copy your API key.

api_docs/construct-narrow.md

@@ -0,0 +1,103 @@
+# Construct a narrow
+
+A **narrow** is a set of filters for Zulip messages, that can be based
+on many different factors (like sender, stream, topic, search
+keywords, etc.). Narrows are used in various places in the the Zulip
+API (most importantly, in the API for fetching messages).
+
+It is simplest to explain the algorithm for encoding a search as a
+narrow using a single example. Consider the following search query
+(written as it would be entered in the Zulip web app's search box).
+It filters for messages sent to stream `announce`, not sent by
+`iago@zulip.com`, and containing the words `cool` and `sunglasses`:
+
+```
+stream:announce -sender:iago@zulip.com cool sunglasses
+```
+
+This query would be JSON-encoded for use in the Zulip API using JSON
+as a list of simple objects, as follows:
+
+```json
+[
+    {
+        "operator": "stream",
+        "operand": "announce"
+    },
+    {
+        "operator": "sender",
+        "operand": "iago@zulip.com",
+        "negated": true
+    },
+    {
+        "operator": "search",
+        "operand": "cool sunglasses"
+    }
+]
+```
+
+The Zulip help center article on [searching for messages](/help/search-for-messages)
+documents the majority of the search/narrow options supported by the
+Zulip API.
+
+Note that many narrows, including all that lack a `stream` or `streams`
+operator, search the current user's personal message history. See
+[searching shared history](/help/search-for-messages#searching-shared-history)
+for details.
+
+**Changes**: In Zulip 7.0 (feature level 177), support was added
+for three filters related to direct messages: `is:dm`, `dm` and
+`dm-including`. The `dm` operator replaced and deprecated the
+`pm-with` operator. The `is:dm` filter replaced and deprecated
+the `is:private` filter. The `dm-including` operator replaced and
+deprecated the `group-pm-with` operator.
+
+The `dm-including` and `group-pm-with` operators return slightly
+different results. For example, `dm-including:1234` returns all
+direct messages (1-on-1 and group) that include the current user
+and the user with the unique user ID of `1234`. On the other hand,
+`group-pm-with:1234` returned only group direct messages that included
+the current user and the user with the unique user ID of `1234`.
+
+Both `dm` and `is:dm` are aliases of `pm-with` and `is:private`
+respectively, and return the same exact results that the deprecated
+filters did.
+
+## Narrows that use IDs
+
+The `near` and `id` operators, documented in the help center, use message
+IDs for their operands.
+
+* `near:12345`: Search messages around the message with ID `12345`.
+* `id:12345`: Search for only message with ID `12345`.
+
+There are a few additional narrow/search options (new in Zulip 2.1)
+that use either stream IDs or user IDs that are not documented in the
+help center because they are primarily useful to API clients:
+
+* `stream:1234`: Search messages sent to the stream with ID `1234`.
+* `sender:1234`: Search messages sent by user ID `1234`.
+* `dm:1234`: Search the direct message conversation between
+  you and user ID `1234`.
+* `dm:1234,5678`: Search the direct message conversation between
+  you, user ID `1234`, and user ID `5678`.
+* `dm-including:1234`: Search all direct messages (1-on-1 and group)
+  that include you and user ID `1234`.
+
+The operands for these search options must be encoded either as an
+integer ID or a JSON list of integer IDs. For example, to query
+messages sent by a user 1234 to a PM thread with yourself, user 1234,
+and user 5678, the correct JSON-encoded query is:
+
+```json
+[
+    {
+        "operator": "dm",
+        "operand": [1234, 5678]
+    },
+    {
+        "operator": "sender",
+        "operand": 1234
+    }
+]
+```

api_docs/create-or-update-scheduled-messages.md

@@ -0,0 +1,67 @@
+{generate_api_header(/scheduled_messages:post)}
+
+## Usage examples
+
+{start_tabs}
+
+{generate_code_example(python)|/scheduled_messages:post|example}
+
+{generate_code_example(javascript)|/scheduled_messages:post|example}
+
+{tab|curl}
+
+``` curl
+# Create a scheduled stream message
+curl -X POST {{ api_url }}/v1/scheduled_messages \
+    -u BOT_EMAIL_ADDRESS:BOT_API_KEY \
+    --data-urlencode type=stream \
+    --data-urlencode to=9 \
+    --data-urlencode topic=Hello \
+    --data-urlencode 'content=Thank you for' \
+    --data-urlencode scheduled_delivery_timestamp=3165826990
+
+# Update a scheduled stream message
+curl -X POST {{ api_url }}/v1/scheduled_messages \
+    -u BOT_EMAIL_ADDRESS:BOT_API_KEY \
+    --data-urlencode type=stream \
+    --data-urlencode to=9 \
+    --data-urlencode 'topic=Welcome aboard' \
+    --data-urlencode 'content=Thank you for the help!' \
+    --data-urlencode scheduled_delivery_timestamp=3165856990 \
+    --data-urlencode scheduled_message_id=1
+
+# Create a scheduled direct message
+curl -X POST {{ api_url }}/v1/messages \
+    -u BOT_EMAIL_ADDRESS:BOT_API_KEY \
+    --data-urlencode type=direct \
+    --data-urlencode 'to=[9, 10]' \
+    --data-urlencode 'content=Can we meet tomorrow?' \
+    --data-urlencode scheduled_delivery_timestamp=3165826990
+
+# Update a scheduled direct message
+curl -X POST {{ api_url }}/v1/messages \
+    -u BOT_EMAIL_ADDRESS:BOT_API_KEY \
+    --data-urlencode type=direct \
+    --data-urlencode 'to=[9, 10, 11]' \
+    --data-urlencode 'content=Can we meet tomorrow?' \
+    --data-urlencode scheduled_delivery_timestamp=3165856990 \
+    --data-urlencode scheduled_message_id=2
+```
+
+{end_tabs}
+
+## Parameters
+
+{generate_api_arguments_table|zulip.yaml|/scheduled_messages:post}
+
+{generate_parameter_description(/scheduled_messages:post)}
+
+## Response
+
+{generate_return_values_table|zulip.yaml|/scheduled_messages:post}
+
+{generate_response_description(/scheduled_messages:post)}
+
+#### Example response(s)
+
+{generate_code_example|/scheduled_messages:post|fixture}

api_docs/http-headers.md

@@ -0,0 +1,80 @@
+# HTTP headers
+
+This page documents the HTTP headers used by the Zulip API.
+
+Most important is that API clients authenticate to the server using
+HTTP Basic authentication. If you're using the official [Python or
+JavaScript bindings](/api/installation-instructions), this is taken
+care of when you configure said bindings.
+
+Otherwise, see the `curl` example on each endpoint's documentation
+page, which details the request format.
+
+Documented below are additional HTTP headers and header conventions
+generally used by Zulip:
+
+## The `User-Agent` header
+
+Clients are not required to pass a `User-Agent` HTTP header, but we
+highly recommend doing so when writing an integration. It's easy to do
+and it can help save time when debugging issues related to an API
+client.
+
+If provided, the Zulip server will parse the `User-Agent` HTTP header
+in order to identify specific clients and integrations. This
+information is used by the server for logging, [usage
+statistics](/help/analytics), and on rare occasions, for
+backwards-compatibility logic to preserve support for older versions
+of official clients.
+
+Official Zulip clients and integrations use a `User-Agent` that starts
+with something like `ZulipMobile/20.0.103 `, encoding the name of the
+application and it's version.
+
+Zulip's official API bindings have reasonable defaults for
+`User-Agent`. For example, the official Zulip Python bindings have a
+default `User-Agent` starting with `ZulipPython/{version}`, where
+`version` is the version of the library.
+
+You can give your bot/integration its own name by passing the `client`
+parameter when initializing the Python bindings. For example, the
+official Zulip Nagios integration is initialized like this:
+
+``` python
+client = zulip.Client(
+    config_file=opts.config, client=f"ZulipNagios/{VERSION}"
+)
+```
+
+If you are working on an integration that you plan to share outside
+your organization, you can get help picking a good name in
+`#integrations` in the [Zulip development
+community](https://zulip.com/development-community).
+
+## Rate-limiting response headers
+
+To help clients avoid exceeding rate limits, Zulip sets the following
+HTTP headers in all API responses:
+
+* `X-RateLimit-Remaining`: The number of additional requests of this
+  type that the client can send before exceeding its limit.
+* `X-RateLimit-Limit`: The limit that would be applicable to a client
+  that had not made any recent requests of this type. This is useful
+  for designing a client's burst behavior so as to avoid ever reaching
+  a rate limit.
+* `X-RateLimit-Reset`: The time at which the client will no longer
+  have any rate limits applied to it (and thus could do a burst of
+  `X-RateLimit-Limit` requests).
+
+[Zulip's rate limiting rules are configurable][rate-limiting-rules],
+and can vary by server and over time. The default configuration
+currently limits:
+
+* Every user is limited to 200 total API requests per minute.
+* Separate, much lower limits for authentication/login attempts.
+
+When the Zulip server has configured multiple rate limits that apply
+to a given request, the values returned will be for the strictest
+limit.
+
+[rate-limiting-rules]: https://zulip.readthedocs.io/en/latest/production/security-model.html#rate-limiting

api_docs/include/rest-endpoints.md

@@ -13,7 +13,15 @@
 * [Check if messages match narrow](/api/check-messages-match-narrow)
 * [Get a message's edit history](/api/get-message-history)
 * [Update personal message flags](/api/update-message-flags)
+* [Update personal message flags for narrow](/api/update-message-flags-for-narrow)
 * [Mark messages as read in bulk](/api/mark-all-as-read)
+* [Get a message's read receipts](/api/get-read-receipts)
+
+#### Scheduled messages
+
+* [Get scheduled messages](/api/get-scheduled-messages)
+* [Create or edit a scheduled message](/api/create-or-update-scheduled-message)
+* [Delete a scheduled message](/api/delete-scheduled-message)
 
 #### Drafts
 
@@ -31,13 +39,17 @@
 * [Get all subscribers](/api/get-subscribers)
 * [Update subscription settings](/api/update-subscription-settings)
 * [Get all streams](/api/get-streams)
+* [Get a stream by ID](/api/get-stream-by-id)
 * [Get stream ID](/api/get-stream-id)
 * [Create a stream](/api/create-stream)
 * [Update a stream](/api/update-stream)
 * [Archive a stream](/api/archive-stream)
 * [Get topics in a stream](/api/get-stream-topics)
 * [Topic muting](/api/mute-topic)
+* [Update personal preferences for a topic](/api/update-user-topic)
 * [Delete a topic](/api/delete-topic)
+* [Add a default stream](/api/add-default-stream)
+* [Remove a default stream](/api/remove-default-stream)
 
 #### Users
 
@@ -53,6 +65,7 @@
 * [Deactivate own user](/api/deactivate-own-user)
 * [Set "typing" status](/api/set-typing-status)
 * [Get user presence](/api/get-user-presence)
+* [Get presence of all users](/api/get-presence)
 * [Get attachments](/api/get-attachments)
 * [Delete an attachment](/api/remove-attachment)
 * [Update settings](/api/update-settings)
@@ -61,8 +74,15 @@
 * [Update a user group](/api/update-user-group)
 * [Delete a user group](/api/remove-user-group)
 * [Update user group members](/api/update-user-group-members)
+* [Update user group subgroups](/api/update-user-group-subgroups)
+* [Get user group membership status](/api/get-is-user-group-member)
+* [Get user group members](/api/get-user-group-members)
+* [Get subgroups of user group](/api/get-user-group-subgroups)
 * [Mute a user](/api/mute-user)
 * [Unmute a user](/api/unmute-user)
+* [Get all alert words](/api/get-alert-words)
+* [Add alert words](/api/add-alert-words)
+* [Remove alert words](/api/remove-alert-words)
 
 #### Server & organizations
 

api_docs/incoming-webhooks-overview.md

@@ -16,7 +16,7 @@ Zulip:
 * Adding an incoming webhook integration (detailed on this page),
   where all the logic for formatting the Zulip messages lives in the
   Zulip server.  This is how most of [Zulip's official
-  integrations](/integrations) work, because they enable Zulip to
+  integrations](/integrations/) work, because they enable Zulip to
   support third-party services that just have an "outgoing webhook"
   feature (without the third party needing to do any work specific to
   Zulip).

api_docs/incoming-webhooks-walkthrough.md

@@ -185,7 +185,7 @@ to a URL. This is done in `zerver/lib/integrations.py`.
 Look for the lines beginning with:
 
 ```python
-WEBHOOK_INTEGRATIONS = [
+WEBHOOK_INTEGRATIONS: List[WebhookIntegration] = [
 ```
 
 And you'll find the entry for Hello World:
@@ -258,7 +258,7 @@ After running the above command, you should see something similar to:
 Using `manage.py` from within the Zulip development environment:
 
 ```console
-(zulip-py3-venv) vagrant@debian-10:/srv/zulip$
+(zulip-py3-venv) vagrant@vagrant:/srv/zulip$
 ./manage.py send_webhook_fixture_message \
     --fixture=zerver/webhooks/helloworld/fixtures/hello.json \
     '--url=http://localhost:9991/api/v1/external/helloworld?api_key=<api_key>'
@@ -280,10 +280,15 @@ The format is a JSON dictionary, so make sure that the header names do
 not contain any spaces in them and that you use the precise quoting
 approach shown above.
 
+For more information about `manage.py` command-line tools in Zulip, see
+the [management commands][management-commands] documentation.
+
+[management-commands]: https://zulip.readthedocs.io/en/latest/production/management-commands.html
+
 ### Integrations Dev Panel
 This is the GUI tool.
 
-1. Run `./tools/run-dev.py` then go to http://localhost:9991/devtools/integrations/.
+1. Run `./tools/run-dev` then go to http://localhost:9991/devtools/integrations/.
 
 2. Set the following mandatory fields:
 **Bot** - Any incoming webhook bot.
@@ -384,7 +389,7 @@ Once you have written some tests, you can run just these new tests from within
 the Zulip development environment with this command:
 
 ```console
-(zulip-py3-venv) vagrant@debian-10:/srv/zulip$
+(zulip-py3-venv) vagrant@vagrant:/srv/zulip$
 ./tools/test-backend zerver/webhooks/helloworld
 ```
 
@@ -420,27 +425,29 @@ Second, you need to write the actual documentation content in
 ```md
 Learn how Zulip integrations work with this simple Hello World example!
 
-The Hello World webhook will use the `test` stream, which is
-created by default in the Zulip dev environment. If you are running
-Zulip in production, you should make sure that this stream exists.
+1.  The Hello World webhook will use the `test` stream, which is created
+    by default in the Zulip development environment. If you are running
+    Zulip in production, you should make sure that this stream exists.
 
-Next, on your {{ settings_html|safe }}, create a Hello World bot.
-Construct the URL for the Hello World bot using the API key and
-stream name:
+1.  {!create-bot-construct-url.md!}
 
-`{{ api_url }}/v1/external/helloworld?api_key=abcdefgh&stream=test`
 
-To trigger a notification using this webhook, use
-`send_webhook_fixture_message` from the Zulip command line:
+1.  To trigger a notification using this example webhook, you can use
+    `send_webhook_fixture_message` from a [Zulip development
+    environment](https://zulip.readthedocs.io/en/latest/development/overview.html):
 
-    (zulip-py3-venv) vagrant@debian-10:/srv/zulip$
-    ./manage.py send_webhook_fixture_message \
-        --fixture=zerver/tests/fixtures/helloworld/hello.json \
-        '--url=http://localhost:9991/api/v1/external/helloworld?api_key=&lt;api_key&gt;'
+    ```
+        (zulip-py3-venv) vagrant@vagrant:/srv/zulip$
+        ./manage.py send_webhook_fixture_message \
+        > --fixture=zerver/tests/fixtures/helloworld/hello.json \
+        > '--url=http://localhost:9991/api/v1/external/helloworld?api_key=abcdefgh&stream=stream%20name;'
+    ```
 
-Or, use curl:
+    Or, use curl:
 
-    curl -X POST -H "Content-Type: application/json" -d '{ "featured_title":"Marilyn Monroe", "featured_url":"https://en.wikipedia.org/wiki/Marilyn_Monroe" }' http://localhost:9991/api/v1/external/helloworld\?api_key\=&lt;api_key&gt;
+    ```
+    curl -X POST -H "Content-Type: application/json" -d '{ "featured_title":"Marilyn Monroe", "featured_url":"https://en.wikipedia.org/wiki/Marilyn_Monroe" }' http://localhost:9991/api/v1/external/helloworld\?api_key=abcdefgh&stream=stream%20name;
+    ```
 
 {!congrats.md!}
 
@@ -448,9 +455,10 @@ Or, use curl:
 
 ```
 
-`{!congrats.md!}` is an example of a Markdown macro. Zulip has a macro-based
-Markdown/Jinja2 framework that includes macros for common instructions in
-Zulip's webhooks/integrations documentation.
+`{!create-bot-construct-url.md!}` and `{!congrats.md!}` are examples of
+a Markdown macro. Zulip has a macro-based Markdown/Jinja2 framework that
+includes macros for common instructions in Zulip's webhooks/integrations
+documentation.
 
 See
 [our guide on documenting an integration][integration-docs-guide]
@@ -473,8 +481,8 @@ request:
    https://zulip.readthedocs.io/en/latest/contributing/code-style.html) and take a look
    through your code to double-check that you've followed Zulip's guidelines.
 3. Take a look at your Git history to ensure your commits have been clear and
-   logical (see [Version control](
-   https://zulip.readthedocs.io/en/latest/contributing/version-control.html) for tips). If not,
+   logical (see [Commit discipline](
+   https://zulip.readthedocs.io/en/latest/contributing/commit-discipline.html) for tips). If not,
    consider revising them with `git rebase --interactive`. For most incoming webhooks,
    you'll want to squash your changes into a single commit and include a good,
    clear commit message.
@@ -483,8 +491,8 @@ request:
 
 If you would like feedback on your integration as you go, feel free to post a
 message on the [public Zulip instance](https://chat.zulip.org/#narrow/stream/bots).
-You can also create a [`[WIP]` pull request](
-https://zulip.readthedocs.io/en/latest/overview/contributing.html#working-on-an-issue) while you
+You can also create a [draft pull request](
+https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/proposing-changes-to-your-work-with-pull-requests/about-pull-requests#draft-pull-requests) while you
 are still working on your integration. See the
 [Git guide](https://zulip.readthedocs.io/en/latest/git/pull-requests.html#create-a-pull-request)
 for more on Zulip's pull request process.
@@ -610,7 +618,7 @@ event = validate_extract_webhook_http_header(request, header, integration_name)
 ```
 
 `request` is the `HttpRequest` object passed to your main webhook function. `header`
-is the name of the custom header you'd like to extract, such as `X_EVENT_KEY`, and
+is the name of the custom header you'd like to extract, such as `X-Event-Key`, and
 `integration_name` is the name of the third-party service in question, such as
 `GitHub`.
 
@@ -628,9 +636,9 @@ Many third-party services have dozens of different event types. In
 some cases, we may choose to explicitly ignore specific events. In
 other cases, there may be events that are new or events that we don't
 know about. In such cases, we recommend raising
-`UnsupportedWebhookEventType` (found in `zerver/lib/exceptions.py`),
+`UnsupportedWebhookEventTypeError` (found in `zerver/lib/exceptions.py`),
 with a string describing the unsupported event type, like so:
 
 ```
-raise UnsupportedWebhookEventType(event_type)
+raise UnsupportedWebhookEventTypeError(event_type)
 ```

api_docs/index.md

@@ -0,0 +1,26 @@
+# The Zulip API
+
+Zulip's APIs allow you to integrate other services with Zulip.  This
+guide should help you find the API you need:
+
+* First, check if the tool you'd like to integrate with Zulip
+  [already has a native integration](/integrations/).
+* Next, check if [Zapier](https://zapier.com/apps) or
+  [IFTTT](https://ifttt.com/search) has an integration.
+  [Zulip's Zapier integration](/integrations/doc/zapier) and
+  [Zulip's IFTTT integration](/integrations/doc/ifttt) often allow
+  integrating a new service with Zulip without writing any code.
+* If you'd like to send content into Zulip, you can
+  [write a native incoming webhook integration](/api/incoming-webhooks-overview)
+  or use [Zulip's API for sending messages](/api/send-message).
+* If you're building an interactive bot that reacts to activity inside
+  Zulip, you'll want to look at Zulip's
+  [Python framework for interactive bots](/api/running-bots) or
+  [Zulip's real-time events API](/api/get-events).
+
+And if you still need to build your own integration with Zulip, check out
+the full [REST API](/api/rest), generally starting with
+[installing the API client bindings](/api/installation-instructions).
+
+In case you already know how you want to build your integration and you're
+just looking for an API key, we've got you covered [here](/api/api-keys).

api_docs/integrations-overview.md

@@ -16,7 +16,7 @@ possible.
 Most existing integrations send content from a third-party product into
 Zulip.
 
-* Search Zulip's [list of native integrations](/integrations) for the
+* Search Zulip's [list of native integrations](/integrations/) for the
   third-party product. Each integration has a page describing how to set it
   up.
 

api_docs/mark-all-as-read.md

@@ -1,6 +1,4 @@
-{generate_api_title(/mark_all_as_read:post)}
-
-{generate_api_description(/mark_all_as_read:post)}
+{generate_api_header(/mark_all_as_read:post)}
 
 ## Usage examples
 
@@ -26,15 +24,11 @@
 
 {generate_response_description(/mark_all_as_read:post)}
 
-#### Example response
+#### Example response(s)
 
 {generate_code_example|/mark_all_as_read:post|fixture}
 
-{generate_api_title(/mark_stream_as_read:post)}
-
-{generate_api_description(/mark_stream_as_read:post)}
-
-`POST {{ api_url }}/v1/mark_stream_as_read`
+{generate_api_header(/mark_stream_as_read:post)}
 
 ## Usage examples
 
@@ -60,15 +54,11 @@
 
 {generate_response_description(/mark_all_as_read:post)}
 
-#### Example response
+#### Example response(s)
 
 {generate_code_example|/mark_stream_as_read:post|fixture}
 
-{generate_api_title(/mark_topic_as_read:post)}
-
-{generate_api_description(/mark_topic_as_read:post)}
-
-`POST {{ api_url }}/v1/mark_topic_as_read`
+{generate_api_header(/mark_topic_as_read:post)}
 
 ## Usage examples
 
@@ -94,6 +84,6 @@
 
 {generate_response_description(/mark_all_as_read:post)}
 
-#### Example response
+#### Example response(s)
 
 {generate_code_example|/mark_topic_as_read:post|fixture}

api_docs/rest-error-handling.md

@@ -0,0 +1,34 @@
+# Error handling
+
+Zulip's API will always return a JSON format response.
+The HTTP status code indicates whether the request was successful
+(200 = success, 40x = user error, 50x = server error).  Every response
+will contain at least two keys: `msg` (a human-readable error message)
+and `result`, which will be either `error` or `success` (this is
+redundant with the HTTP status code, but is convenient when printing
+responses while debugging).
+
+For some common errors, Zulip provides a `code` attribute.  Where
+present, clients should check `code`, rather than `msg`, when looking
+for specific error conditions, since the `msg` strings are
+internationalized (e.g. the server will send the error message
+translated into French if the user has a French locale).
+
+Each endpoint documents its own unique errors; documented below are
+errors common to many endpoints:
+
+{generate_code_example|/rest-error-handling:post|fixture}
+
+## Ignored Parameters
+
+In JSON success responses, all Zulip REST API endpoints may return
+an array of parameters sent in the request that are not supported
+by that specific endpoint.
+
+While this can be expected, e.g. when sending both current and legacy
+names for a parameter to a Zulip server of unknown version, this often
+indicates either a bug in the client implementation or an attempt to
+configure a new feature while connected to an older Zulip server that
+does not support said feature.
+
+{generate_code_example|/settings:patch|fixture}

api_docs/rest.md

@@ -10,10 +10,9 @@ you can do in Zulip, you can do with Zulip's REST API.  To use this API:
 * Choose what language you'd like to use.  You can download the
   [Python or JavaScript bindings](/api/installation-instructions), projects in
   [other languages](/api/client-libraries), or
-  just make HTTP requests with your favorite programming language.  If
-  you're making your own HTTP requests, you'll want to send the
-  appropriate HTTP basic authentication headers; see each endpoint's
-  `curl` option for details on the request format.
+  just make HTTP requests with your favorite programming language.
+* If you're making your own HTTP requests, you'll want to send the
+  appropriate [HTTP basic authentication headers](/api/http-headers).
 * The Zulip API has a standard
   [system for reporting errors](/api/rest-error-handling).
 

api_docs/roles-and-permissions.md

@@ -0,0 +1,120 @@
+# Roles and permissions
+
+Zulip offers several levels of permissions based on a
+[user's role](/help/roles-and-permissions) in a Zulip organization.
+
+Here are some important details to note when working with these
+roles and permissions in Zulip's API:
+
+## A user's role
+
+A user's account data include a `role` property, which contains the
+user's role in the Zulip organization. These roles are encoded as:
+
+* Organization owner: 100
+
+* Organization administrator: 200
+
+* Organization moderator: 300
+
+* Member: 400
+
+* Guest: 600
+
+User account data also include these boolean properties that duplicate
+the related roles above:
+
+* `is_owner` specifying whether the user is an organization owner.
+
+* `is_admin` specifying whether the user is an organization administrator.
+
+* `is_guest` specifying whether the user is a guest user.
+
+These are intended as conveniences for simple clients, and clients
+should prefer using the `role` field, since only that one is updated
+by the [events API](/api/get-events).
+
+Note that [`POST /register`](/api/register-queue) also returns an
+`is_moderator` boolean property specifying whether the current user is
+an organization moderator.
+
+Additionally, user account data include an `is_billing_admin` property
+specifying whether the user is a billing administrator for the Zulip
+organization, which is not related to one of the roles listed above,
+but rather allows for specific permissions related to billing
+administration in [paid Zulip Cloud plans](https://zulip.com/plans/).
+
+### User account data in the API
+
+Endpoints that return the user account data / properties mentioned
+above are:
+
+* [`GET /users`](/api/get-users)
+
+* [`GET /users/{user_id}`](/api/get-user)
+
+* [`GET /users/{email}`](/api/get-user-by-email)
+
+* [`GET /users/me`](/api/get-own-user)
+
+* [`GET /events`](/api/get-events)
+
+* [`POST /register`](/api/register-queue)
+
+Note that the [`POST /register` endpoint](/api/register-queue) returns
+the above boolean properties to describe the role of the current user,
+when `realm_user` is present in `fetch_event_types`.
+
+Additionally, the specific events returned by the
+[`GET /events` endpoint](/api/get-events) containing data related
+to user accounts and roles are the [`realm_user` add
+event](/api/get-events#realm_user-add), and the
+[`realm_user` update event](/api/get-events#realm_user-update).
+
+## Permission levels
+
+Many areas of Zulip are customizable by the roles
+above, such as (but not limited to) [restricting message editing and
+deletion](/help/restrict-message-editing-and-deletion) and
+[streams permissions](/help/stream-permissions). The potential
+permission levels are:
+
+* Everyone / Any user including Guests (least restrictive)
+
+* Members
+
+* Full members
+
+* Moderators
+
+* Administrators
+
+* Owners
+
+* Nobody (most restrictive)
+
+These permission levels and policies in the API are designed to be
+cutoffs in that users with the specified role and above have the
+specified ability or access. For example, a permission level documented
+as 'moderators only' includes organization moderators, administrators,
+and owners.
+
+Note that specific settings and policies in the Zulip API that use these
+permission levels will likely support a subset of those listed above.
+
+## Determining if a user is a full member
+
+When a Zulip organization has set up a [waiting period before new members
+turn into full members](/help/restrict-permissions-of-new-members),
+clients will need to determine if a user's account has aged past the
+organization's waiting period threshold.
+
+The `realm_waiting_period_threshold`, which is the number of days until
+a user's account is treated as a full member, is returned by the
+[`POST /register` endpoint](/api/register-queue) when `realm` is present
+in `fetch_event_types`.
+
+Clients can compare the `realm_waiting_period_threshold` to a user
+accounts's `date_joined` property, which is the time the user account
+was created, to determine if a user has the permissions of a full
+member or a new member.

api_docs/send-message.md

@@ -1,6 +1,4 @@
-{generate_api_title(/messages:post)}
-
-{generate_api_description(/messages:post)}
+{generate_api_header(/messages:post)}
 
 ## Usage examples
 
@@ -17,14 +15,14 @@
 curl -X POST {{ api_url }}/v1/messages \
     -u BOT_EMAIL_ADDRESS:BOT_API_KEY \
     --data-urlencode type=stream \
-    --data-urlencode to=Denmark \
+    --data-urlencode 'to="Denmark"' \
     --data-urlencode topic=Castle \
     --data-urlencode 'content=I come not, friends, to steal away your hearts.'
 
-# For private messages
+# For direct messages
 curl -X POST {{ api_url }}/v1/messages \
     -u BOT_EMAIL_ADDRESS:BOT_API_KEY \
-    --data-urlencode type=private \
+    --data-urlencode type=direct \
     --data-urlencode 'to=[9]' \
     --data-urlencode 'content=With mirth and laughter let old wrinkles come.'
 ```
@@ -40,7 +38,7 @@ the command-line, providing the message content via STDIN.
 zulip-send --stream Denmark --subject Castle \
     --user othello-bot@example.com --api-key a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5
 
-# For private messages
+# For direct messages
 zulip-send hamlet@example.com \
     --user othello-bot@example.com --api-key a0b1c2d3e4f5a6b7c8d9e0f1a2b3c4d5
 ```
@@ -74,6 +72,6 @@ file.
 
 {generate_response_description(/messages:post)}
 
-#### Example response
+#### Example response(s)
 
 {generate_code_example|/messages:post|fixture}

api_docs/sidebar_index.md

@@ -0,0 +1,27 @@
+## Integrations
+
+* [Overview](/api/integrations-overview)
+* [Incoming webhook integrations](/api/incoming-webhooks-overview)
+* [Hello world walkthrough](/api/incoming-webhooks-walkthrough)
+* [Non-webhook integrations](/api/non-webhook-integrations)
+
+## Interactive bots (beta)
+
+* [Running bots](/api/running-bots)
+* [Deploying bots](/api/deploying-bots)
+* [Writing bots](/api/writing-bots)
+* [Outgoing webhooks](/api/outgoing-webhooks)
+
+## REST API
+
+* [Overview](/api/rest)
+* [Installation instructions](/api/installation-instructions)
+* [API keys](/api/api-keys)
+* [Configuring the Python bindings](/api/configuring-python-bindings)
+* [HTTP headers](/api/http-headers)
+* [Error handling](/api/rest-error-handling)
+* [Roles and permissions](/api/roles-and-permissions)
+* [Client libraries](/api/client-libraries)
+* [API changelog](/api/changelog)
+
+{!rest-endpoints.md!}

confirmation/migrations/0001_initial.py

@@ -3,7 +3,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("contenttypes", "0001_initial"),
     ]

confirmation/migrations/0002_realmcreationkey.py

@@ -3,7 +3,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("confirmation", "0001_initial"),
     ]

confirmation/migrations/0003_emailchangeconfirmation.py

@@ -3,7 +3,6 @@ from django.db import migrations
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("confirmation", "0002_realmcreationkey"),
     ]

confirmation/migrations/0004_remove_confirmationmanager.py

@@ -3,7 +3,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("confirmation", "0003_emailchangeconfirmation"),
     ]

confirmation/migrations/0005_confirmation_realm.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("zerver", "0124_stream_enable_notifications"),
         ("confirmation", "0004_remove_confirmationmanager"),

confirmation/migrations/0006_realmcreationkey_presume_email_valid.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("confirmation", "0005_confirmation_realm"),
     ]

confirmation/migrations/0007_add_indexes.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("confirmation", "0006_realmcreationkey_presume_email_valid"),
     ]

confirmation/migrations/0008_confirmation_expiry_date.py

@@ -2,7 +2,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("confirmation", "0007_add_indexes"),
     ]

confirmation/migrations/0009_confirmation_expiry_date_backfill.py

@@ -5,12 +5,12 @@ from datetime import timedelta
 
 from django.conf import settings
 from django.db import migrations, transaction
-from django.db.backends.postgresql.schema import DatabaseSchemaEditor
+from django.db.backends.base.schema import BaseDatabaseSchemaEditor
 from django.db.migrations.state import StateApps
 
 
 def set_expiry_date_for_existing_confirmations(
-    apps: StateApps, schema_editor: DatabaseSchemaEditor
+    apps: StateApps, schema_editor: BaseDatabaseSchemaEditor
 ) -> None:
     Confirmation = apps.get_model("confirmation", "Confirmation")
     if not Confirmation.objects.exists():

confirmation/migrations/0010_alter_confirmation_expiry_date.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("confirmation", "0009_confirmation_expiry_date_backfill"),
     ]

confirmation/migrations/0011_alter_confirmation_expiry_date.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("confirmation", "0010_alter_confirmation_expiry_date"),
     ]

confirmation/models.py

@@ -13,24 +13,24 @@ from django.contrib.contenttypes.models import ContentType
 from django.db import models
 from django.db.models import CASCADE
 from django.http import HttpRequest, HttpResponse
-from django.shortcuts import render
+from django.template.response import TemplateResponse
 from django.urls import reverse
 from django.utils.timezone import now as timezone_now
-from typing_extensions import Protocol
 
+from confirmation import settings as confirmation_settings
 from zerver.lib.types import UnspecifiedValue
-from zerver.models import EmailChangeStatus, MultiuseInvite, PreregistrationUser, Realm, UserProfile
+from zerver.models import (
+    EmailChangeStatus,
+    MultiuseInvite,
+    PreregistrationRealm,
+    PreregistrationUser,
+    Realm,
+    RealmReactivationStatus,
+    UserProfile,
+)
 
 
-class HasRealmObject(Protocol):
-    realm: Realm
-
-
-class OptionalHasRealmObject(Protocol):
-    realm: Optional[Realm]
-
-
-class ConfirmationKeyException(Exception):
+class ConfirmationKeyError(Exception):
     WRONG_LENGTH = 1
     EXPIRED = 2
     DOES_NOT_EXIST = 3
@@ -41,13 +41,13 @@ class ConfirmationKeyException(Exception):
 
 
 def render_confirmation_key_error(
-    request: HttpRequest, exception: ConfirmationKeyException
+    request: HttpRequest, exception: ConfirmationKeyError
 ) -> HttpResponse:
-    if exception.error_type == ConfirmationKeyException.WRONG_LENGTH:
-        return render(request, "confirmation/link_malformed.html", status=404)
-    if exception.error_type == ConfirmationKeyException.EXPIRED:
-        return render(request, "confirmation/link_expired.html", status=404)
-    return render(request, "confirmation/link_does_not_exist.html", status=404)
+    if exception.error_type == ConfirmationKeyError.WRONG_LENGTH:
+        return TemplateResponse(request, "confirmation/link_malformed.html", status=404)
+    if exception.error_type == ConfirmationKeyError.EXPIRED:
+        return TemplateResponse(request, "confirmation/link_expired.html", status=404)
+    return TemplateResponse(request, "confirmation/link_does_not_exist.html", status=404)
 
 
 def generate_key() -> str:
@@ -55,58 +55,87 @@ def generate_key() -> str:
     return b32encode(secrets.token_bytes(15)).decode().lower()
 
 
-ConfirmationObjT = Union[MultiuseInvite, PreregistrationUser, EmailChangeStatus]
+ConfirmationObjT = Union[
+    MultiuseInvite,
+    PreregistrationRealm,
+    PreregistrationUser,
+    EmailChangeStatus,
+    UserProfile,
+    RealmReactivationStatus,
+]
 
 
 def get_object_from_key(
-    confirmation_key: str, confirmation_types: List[int], activate_object: bool = True
+    confirmation_key: str, confirmation_types: List[int], *, mark_object_used: bool
 ) -> ConfirmationObjT:
+    """Access a confirmation object from one of the provided confirmation
+    types with the provided key.
+
+    The mark_object_used parameter determines whether to mark the
+    confirmation object as used (which generally prevents it from
+    being used again). It should always be False for MultiuseInvite
+    objects, since they are intended to be used multiple times.
+    """
+
     # Confirmation keys used to be 40 characters
     if len(confirmation_key) not in (24, 40):
-        raise ConfirmationKeyException(ConfirmationKeyException.WRONG_LENGTH)
+        raise ConfirmationKeyError(ConfirmationKeyError.WRONG_LENGTH)
     try:
         confirmation = Confirmation.objects.get(
             confirmation_key=confirmation_key, type__in=confirmation_types
         )
     except Confirmation.DoesNotExist:
-        raise ConfirmationKeyException(ConfirmationKeyException.DOES_NOT_EXIST)
+        raise ConfirmationKeyError(ConfirmationKeyError.DOES_NOT_EXIST)
 
     if confirmation.expiry_date is not None and timezone_now() > confirmation.expiry_date:
-        raise ConfirmationKeyException(ConfirmationKeyException.EXPIRED)
+        raise ConfirmationKeyError(ConfirmationKeyError.EXPIRED)
 
     obj = confirmation.content_object
     assert obj is not None
-    if activate_object and hasattr(obj, "status"):
-        obj.status = getattr(settings, "STATUS_ACTIVE", 1)
+
+    used_value = confirmation_settings.STATUS_USED
+    revoked_value = confirmation_settings.STATUS_REVOKED
+    if hasattr(obj, "status") and obj.status in [used_value, revoked_value]:
+        # Confirmations where the object has the status attribute are one-time use
+        # and are marked after being used (or revoked).
+        raise ConfirmationKeyError(ConfirmationKeyError.EXPIRED)
+
+    if mark_object_used:
+        # MultiuseInvite objects do not use the STATUS_USED status, since they are
+        # intended to be used more than once.
+        assert confirmation.type != Confirmation.MULTIUSE_INVITE
+        assert hasattr(obj, "status")
+        obj.status = getattr(settings, "STATUS_USED", 1)
         obj.save(update_fields=["status"])
     return obj
 
 
 def create_confirmation_link(
-    obj: Union[Realm, HasRealmObject, OptionalHasRealmObject],
+    obj: ConfirmationObjT,
     confirmation_type: int,
     *,
-    validity_in_days: Union[Optional[int], UnspecifiedValue] = UnspecifiedValue(),
+    validity_in_minutes: Union[Optional[int], UnspecifiedValue] = UnspecifiedValue(),
     url_args: Mapping[str, str] = {},
+    realm_creation: bool = False,
 ) -> str:
-    # validity_in_days is an override for the default values which are
+    # validity_in_minutes is an override for the default values which are
     # determined by the confirmation_type - its main purpose is for use
     # in tests which may want to have control over the exact expiration time.
     key = generate_key()
-    realm = None
-    if isinstance(obj, Realm):
-        realm = obj
-    elif hasattr(obj, "realm"):
+    if realm_creation:
+        realm = None
+    else:
+        assert not isinstance(obj, PreregistrationRealm)
         realm = obj.realm
 
     current_time = timezone_now()
     expiry_date = None
-    if not isinstance(validity_in_days, UnspecifiedValue):
-        if validity_in_days is None:
+    if not isinstance(validity_in_minutes, UnspecifiedValue):
+        if validity_in_minutes is None:
             expiry_date = None
         else:
-            assert validity_in_days is not None
-            expiry_date = current_time + datetime.timedelta(days=validity_in_days)
+            assert validity_in_minutes is not None
+            expiry_date = current_time + datetime.timedelta(minutes=validity_in_minutes)
     else:
         expiry_date = current_time + datetime.timedelta(
             days=_properties[confirmation_type].validity_in_days
@@ -139,12 +168,12 @@ def confirmation_url(
 
 class Confirmation(models.Model):
     content_type = models.ForeignKey(ContentType, on_delete=CASCADE)
-    object_id: int = models.PositiveIntegerField(db_index=True)
+    object_id = models.PositiveIntegerField(db_index=True)
     content_object = GenericForeignKey("content_type", "object_id")
-    date_sent: datetime.datetime = models.DateTimeField(db_index=True)
-    confirmation_key: str = models.CharField(max_length=40, db_index=True)
-    expiry_date: Optional[datetime.datetime] = models.DateTimeField(db_index=True, null=True)
-    realm: Optional[Realm] = models.ForeignKey(Realm, null=True, on_delete=CASCADE)
+    date_sent = models.DateTimeField(db_index=True)
+    confirmation_key = models.CharField(max_length=40, db_index=True)
+    expiry_date = models.DateTimeField(db_index=True, null=True)
+    realm = models.ForeignKey(Realm, null=True, on_delete=CASCADE)
 
     # The following list is the set of valid types
     USER_REGISTRATION = 1
@@ -155,14 +184,14 @@ class Confirmation(models.Model):
     MULTIUSE_INVITE = 6
     REALM_CREATION = 7
     REALM_REACTIVATION = 8
-    type: int = models.PositiveSmallIntegerField()
-
-    def __str__(self) -> str:
-        return f"<Confirmation: {self.content_object}>"
+    type = models.PositiveSmallIntegerField()
 
     class Meta:
         unique_together = ("type", "confirmation_key")
 
+    def __str__(self) -> str:
+        return f"{self.content_object!r}"
+
 
 class ConfirmationType:
     def __init__(
@@ -218,10 +247,10 @@ def validate_key(creation_key: Optional[str]) -> Optional["RealmCreationKey"]:
     try:
         key_record = RealmCreationKey.objects.get(creation_key=creation_key)
     except RealmCreationKey.DoesNotExist:
-        raise RealmCreationKey.Invalid()
+        raise RealmCreationKey.InvalidError
     time_elapsed = timezone_now() - key_record.date_created
     if time_elapsed.total_seconds() > settings.REALM_CREATION_LINK_VALIDITY_DAYS * 24 * 3600:
-        raise RealmCreationKey.Invalid()
+        raise RealmCreationKey.InvalidError
     return key_record
 
 
@@ -242,7 +271,7 @@ class RealmCreationKey(models.Model):
 
     # True just if we should presume the email address the user enters
     # is theirs, and skip sending mail to it to confirm that.
-    presume_email_valid: bool = models.BooleanField(default=False)
+    presume_email_valid = models.BooleanField(default=False)
 
-    class Invalid(Exception):
+    class InvalidError(Exception):
         pass

confirmation/settings.py

@@ -2,5 +2,5 @@
 
 __revision__ = "$Id: settings.py 12 2008-11-23 19:38:52Z jarek.zgoda $"
 
-STATUS_ACTIVE = 1
+STATUS_USED = 1
 STATUS_REVOKED = 2

corporate/lib/registration.py

@@ -3,11 +3,11 @@ from typing import Optional
 from django.conf import settings
 from django.utils.translation import gettext as _
 
-from corporate.lib.stripe import LicenseLimitError, get_latest_seat_count
+from corporate.lib.stripe import LicenseLimitError, get_latest_seat_count, get_seat_count
 from corporate.models import get_current_plan_by_realm
-from zerver.lib.actions import send_message_to_signup_notification_stream
+from zerver.actions.create_user import send_message_to_signup_notification_stream
 from zerver.lib.exceptions import InvitationError
-from zerver.models import Realm, get_system_bot
+from zerver.models import Realm, UserProfile, get_system_bot
 
 
 def generate_licenses_low_warning_message_if_required(realm: Realm) -> Optional[str]:
@@ -69,33 +69,41 @@ def send_user_unable_to_signup_message_to_signup_notification_stream(
 
 
 def check_spare_licenses_available_for_adding_new_users(
-    realm: Realm, number_of_users_to_add: int
+    realm: Realm, extra_non_guests_count: int = 0, extra_guests_count: int = 0
 ) -> None:
     plan = get_current_plan_by_realm(realm)
-    if (
-        plan is None
-        or plan.automanage_licenses
-        or plan.customer.exempt_from_from_license_number_check
-    ):
+    if plan is None or plan.automanage_licenses or plan.customer.exempt_from_license_number_check:
         return
 
-    if plan.licenses() < get_latest_seat_count(realm) + number_of_users_to_add:
-        raise LicenseLimitError()
+    if plan.licenses() < get_seat_count(
+        realm, extra_non_guests_count=extra_non_guests_count, extra_guests_count=extra_guests_count
+    ):
+        raise LicenseLimitError
 
 
 def check_spare_licenses_available_for_registering_new_user(
-    realm: Realm, user_email_to_add: str
+    realm: Realm,
+    user_email_to_add: str,
+    role: int,
 ) -> None:
     try:
-        check_spare_licenses_available_for_adding_new_users(realm, 1)
+        if role == UserProfile.ROLE_GUEST:
+            check_spare_licenses_available_for_adding_new_users(realm, extra_guests_count=1)
+        else:
+            check_spare_licenses_available_for_adding_new_users(realm, extra_non_guests_count=1)
     except LicenseLimitError:
         send_user_unable_to_signup_message_to_signup_notification_stream(realm, user_email_to_add)
         raise
 
 
-def check_spare_licenses_available_for_inviting_new_users(realm: Realm, num_invites: int) -> None:
+def check_spare_licenses_available_for_inviting_new_users(
+    realm: Realm, extra_non_guests_count: int = 0, extra_guests_count: int = 0
+) -> None:
+    num_invites = extra_non_guests_count + extra_guests_count
     try:
-        check_spare_licenses_available_for_adding_new_users(realm, num_invites)
+        check_spare_licenses_available_for_adding_new_users(
+            realm, extra_non_guests_count, extra_guests_count
+        )
     except LicenseLimitError:
         if num_invites == 1:
             message = _("All Zulip licenses for this organization are currently in use.")

corporate/lib/stripe.py

@@ -5,7 +5,7 @@ import secrets
 from datetime import datetime, timedelta
 from decimal import Decimal
 from functools import wraps
-from typing import Any, Callable, Dict, Generator, Optional, Tuple, TypeVar, Union, cast
+from typing import Any, Callable, Dict, Generator, Optional, Tuple, TypeVar, Union
 
 import orjson
 import stripe
@@ -17,6 +17,7 @@ from django.utils.timezone import now as timezone_now
 from django.utils.translation import gettext as _
 from django.utils.translation import gettext_lazy
 from django.utils.translation import override as override_language
+from typing_extensions import ParamSpec
 
 from corporate.models import (
     Customer,
@@ -45,7 +46,8 @@ billing_logger = logging.getLogger("corporate.stripe")
 log_to_file(billing_logger, BILLING_LOG_PATH)
 log_to_file(logging.getLogger("stripe"), BILLING_LOG_PATH)
 
-CallableT = TypeVar("CallableT", bound=Callable[..., object])
+ParamT = ParamSpec("ParamT")
+ReturnT = TypeVar("ReturnT")
 
 MIN_INVOICED_LICENSES = 30
 MAX_INVOICED_LICENSES = 1000
@@ -56,14 +58,29 @@ STRIPE_API_VERSION = "2020-08-27"
 
 
 def get_latest_seat_count(realm: Realm) -> int:
+    return get_seat_count(realm, extra_non_guests_count=0, extra_guests_count=0)
+
+
+def get_seat_count(
+    realm: Realm, extra_non_guests_count: int = 0, extra_guests_count: int = 0
+) -> int:
     non_guests = (
         UserProfile.objects.filter(realm=realm, is_active=True, is_bot=False)
         .exclude(role=UserProfile.ROLE_GUEST)
         .count()
+    ) + extra_non_guests_count
+
+    # This guest count calculation should match the similar query in render_stats().
+    guests = (
+        UserProfile.objects.filter(
+            realm=realm, is_active=True, is_bot=False, role=UserProfile.ROLE_GUEST
+        ).count()
+        + extra_guests_count
     )
-    guests = UserProfile.objects.filter(
-        realm=realm, is_active=True, is_bot=False, role=UserProfile.ROLE_GUEST
-    ).count()
+
+    # This formula achieves the pricing of the first 5*N guests
+    # being free of charge (where N is the number of non-guests in the organization)
+    # and each consecutive one being worth 1/5 the non-guest price.
     return max(non_guests, math.ceil(guests / 5))
 
 
@@ -78,14 +95,19 @@ def unsign_string(signed_string: str, salt: str) -> str:
     return signer.unsign(signed_string)
 
 
-def validate_licenses(charge_automatically: bool, licenses: Optional[int], seat_count: int) -> None:
+def validate_licenses(
+    charge_automatically: bool,
+    licenses: Optional[int],
+    seat_count: int,
+    exempt_from_license_number_check: bool,
+) -> None:
     min_licenses = seat_count
     max_licenses = None
     if not charge_automatically:
         min_licenses = max(seat_count, MIN_INVOICED_LICENSES)
         max_licenses = MAX_INVOICED_LICENSES
 
-    if licenses is None or licenses < min_licenses:
+    if licenses is None or (not exempt_from_license_number_check and licenses < min_licenses):
         raise BillingError(
             "not enough licenses", _("You must invoice for at least {} users.").format(min_licenses)
         )
@@ -231,21 +253,21 @@ class UpgradeWithExistingPlanError(BillingError):
         )
 
 
-class InvalidBillingSchedule(Exception):
+class InvalidBillingScheduleError(Exception):
     def __init__(self, billing_schedule: int) -> None:
         self.message = f"Unknown billing_schedule: {billing_schedule}"
         super().__init__(self.message)
 
 
-class InvalidTier(Exception):
+class InvalidTierError(Exception):
     def __init__(self, tier: int) -> None:
         self.message = f"Unknown tier: {tier}"
         super().__init__(self.message)
 
 
-def catch_stripe_errors(func: CallableT) -> CallableT:
+def catch_stripe_errors(func: Callable[ParamT, ReturnT]) -> Callable[ParamT, ReturnT]:
     @wraps(func)
-    def wrapped(*args: object, **kwargs: object) -> object:
+    def wrapped(*args: ParamT.args, **kwargs: ParamT.kwargs) -> ReturnT:
         try:
             return func(*args, **kwargs)
         # See https://stripe.com/docs/api/python#error_handling, though
@@ -279,7 +301,7 @@ def catch_stripe_errors(func: CallableT) -> CallableT:
                 )
             raise BillingError("other stripe error")
 
-    return cast(CallableT, wrapped)
+    return wrapped
 
 
 @catch_stripe_errors
@@ -323,7 +345,7 @@ def do_create_stripe_customer(user: UserProfile, payment_method: Optional[str] =
         customer, created = Customer.objects.update_or_create(
             realm=realm, defaults={"stripe_customer_id": stripe_customer.id}
         )
-        from zerver.lib.actions import do_make_user_billing_admin
+        from zerver.actions.users import do_make_user_billing_admin
 
         do_make_user_billing_admin(user)
     return customer
@@ -502,7 +524,9 @@ def make_end_of_cycle_updates_if_needed(
             standard_plan_last_ledger = (
                 LicenseLedger.objects.filter(plan=standard_plan).order_by("id").last()
             )
+            assert standard_plan_last_ledger is not None
             licenses_for_plus_plan = standard_plan_last_ledger.licenses_at_next_renewal
+            assert licenses_for_plus_plan is not None
             plus_plan_ledger_entry = LicenseLedger.objects.create(
                 plan=plus_plan,
                 is_renewal=True,
@@ -551,16 +575,16 @@ def get_price_per_license(
         elif billing_schedule == CustomerPlan.MONTHLY:
             price_per_license = 800
         else:  # nocoverage
-            raise InvalidBillingSchedule(billing_schedule)
+            raise InvalidBillingScheduleError(billing_schedule)
     elif tier == CustomerPlan.PLUS:
         if billing_schedule == CustomerPlan.ANNUAL:
             price_per_license = 16000
         elif billing_schedule == CustomerPlan.MONTHLY:
             price_per_license = 1600
         else:  # nocoverage
-            raise InvalidBillingSchedule(billing_schedule)
+            raise InvalidBillingScheduleError(billing_schedule)
     else:
-        raise InvalidTier(tier)
+        raise InvalidTierError(tier)
 
     if discount is not None:
         price_per_license = calculate_discounted_price_per_license(price_per_license, discount)
@@ -583,7 +607,7 @@ def compute_plan_parameters(
     elif billing_schedule == CustomerPlan.MONTHLY:
         period_end = add_months(billing_cycle_anchor, 1)
     else:  # nocoverage
-        raise InvalidBillingSchedule(billing_schedule)
+        raise InvalidBillingScheduleError(billing_schedule)
 
     price_per_license = get_price_per_license(tier, billing_schedule, discount)
 
@@ -608,7 +632,7 @@ def is_free_trial_offer_enabled() -> bool:
     return settings.FREE_TRIAL_DAYS not in (None, 0)
 
 
-def ensure_realm_does_not_have_active_plan(realm: Customer) -> None:
+def ensure_realm_does_not_have_active_plan(realm: Realm) -> None:
     if get_current_plan_by_realm(realm) is not None:
         # Unlikely race condition from two people upgrading (clicking "Make payment")
         # at exactly the same time. Doesn't fully resolve the race condition, but having
@@ -617,7 +641,7 @@ def ensure_realm_does_not_have_active_plan(realm: Customer) -> None:
             "Upgrade of %s failed because of existing active plan.",
             realm.string_id,
         )
-        raise UpgradeWithExistingPlanError()
+        raise UpgradeWithExistingPlanError
 
 
 @transaction.atomic
@@ -629,7 +653,7 @@ def do_change_remote_server_plan_type(remote_server: RemoteZulipServer, plan_typ
         event_type=RealmAuditLog.REMOTE_SERVER_PLAN_TYPE_CHANGED,
         server=remote_server,
         event_time=timezone_now(),
-        extra_data={"old_value": old_value, "new_value": plan_type},
+        extra_data=str({"old_value": old_value, "new_value": plan_type}),
     )
 
 
@@ -637,8 +661,8 @@ def do_change_remote_server_plan_type(remote_server: RemoteZulipServer, plan_typ
 def do_deactivate_remote_server(remote_server: RemoteZulipServer) -> None:
     if remote_server.deactivated:
         billing_logger.warning(
-            f"Cannot deactivate remote server with ID {remote_server.id}, "
-            "server has already been deactivated."
+            "Cannot deactivate remote server with ID %d, server has already been deactivated.",
+            remote_server.id,
         )
         return
 
@@ -746,7 +770,7 @@ def process_initial_upgrade(
         )
         stripe.Invoice.finalize_invoice(stripe_invoice)
 
-    from zerver.lib.actions import do_change_realm_plan_type
+    from zerver.actions.realm_settings import do_change_realm_plan_type
 
     do_change_realm_plan_type(realm, Realm.PLAN_TYPE_STANDARD, acting_user=user)
 
@@ -916,7 +940,9 @@ def invoice_plan(plan: CustomerPlan, event_time: datetime) -> None:
     plan.save(update_fields=["next_invoice_date"])
 
 
-def invoice_plans_as_needed(event_time: datetime = timezone_now()) -> None:
+def invoice_plans_as_needed(event_time: Optional[datetime] = None) -> None:
+    if event_time is None:  # nocoverage
+        event_time = timezone_now()
     for plan in CustomerPlan.objects.filter(next_invoice_date__lte=event_time):
         invoice_plan(plan, event_time)
 
@@ -947,7 +973,7 @@ def attach_discount_to_realm(
         acting_user=acting_user,
         event_type=RealmAuditLog.REALM_DISCOUNT_CHANGED,
         event_time=timezone_now(),
-        extra_data={"old_discount": old_discount, "new_discount": discount},
+        extra_data=str({"old_discount": old_discount, "new_discount": discount}),
     )
 
 
@@ -962,14 +988,13 @@ def update_sponsorship_status(
         acting_user=acting_user,
         event_type=RealmAuditLog.REALM_SPONSORSHIP_PENDING_STATUS_CHANGED,
         event_time=timezone_now(),
-        extra_data={
-            "sponsorship_pending": sponsorship_pending,
-        },
+        extra_data=str({"sponsorship_pending": sponsorship_pending}),
     )
 
 
 def approve_sponsorship(realm: Realm, *, acting_user: Optional[UserProfile]) -> None:
-    from zerver.lib.actions import do_change_realm_plan_type, internal_send_private_message
+    from zerver.actions.message_send import internal_send_private_message
+    from zerver.actions.realm_settings import do_change_realm_plan_type
 
     do_change_realm_plan_type(realm, Realm.PLAN_TYPE_STANDARD_FREE, acting_user=acting_user)
     customer = get_customer_by_realm(realm)
@@ -986,11 +1011,16 @@ def approve_sponsorship(realm: Realm, *, acting_user: Optional[UserProfile]) ->
     for user in realm.get_human_billing_admin_and_realm_owner_users():
         with override_language(user.default_language):
             # Using variable to make life easier for translators if these details change.
-            plan_name = "Zulip Cloud Standard"
-            emoji = ":tada:"
             message = _(
-                f"Your organization's request for sponsored hosting has been approved! {emoji}.\n"
-                f"You have been upgraded to {plan_name}, free of charge."
+                "Your organization's request for sponsored hosting has been approved! "
+                "You have been upgraded to {plan_name}, free of charge. {emoji}\n\n"
+                "If you could {begin_link}list Zulip as a sponsor on your website{end_link}, "
+                "we would really appreciate it!"
+            ).format(
+                plan_name="Zulip Cloud Standard",
+                emoji=":tada:",
+                begin_link="[",
+                end_link="](/help/linking-to-zulip-website)",
             )
             internal_send_private_message(notification_bot, user, message)
 
@@ -1018,7 +1048,7 @@ def do_change_plan_status(plan: CustomerPlan, status: int) -> None:
 
 
 def process_downgrade(plan: CustomerPlan) -> None:
-    from zerver.lib.actions import do_change_realm_plan_type
+    from zerver.actions.realm_settings import do_change_realm_plan_type
 
     assert plan.customer.realm is not None
     do_change_realm_plan_type(plan.customer.realm, Realm.PLAN_TYPE_LIMITED, acting_user=None)
@@ -1037,6 +1067,7 @@ def estimate_annual_recurring_revenue_by_realm() -> Dict[str, int]:  # nocoverag
         if plan.billing_schedule == CustomerPlan.MONTHLY:
             renewal_cents *= 12
         # TODO: Decimal stuff
+        assert plan.customer.realm is not None
         annual_revenue[plan.customer.realm.string_id] = int(renewal_cents / 100)
     return annual_revenue
 
@@ -1045,6 +1076,7 @@ def get_realms_to_default_discount_dict() -> Dict[str, Decimal]:
     realms_to_default_discount: Dict[str, Any] = {}
     customers = Customer.objects.exclude(default_discount=None).exclude(default_discount=0)
     for customer in customers:
+        assert customer.realm is not None
         realms_to_default_discount[customer.realm.string_id] = assert_is_not_none(
             customer.default_discount
         )
@@ -1113,6 +1145,7 @@ def downgrade_small_realms_behind_on_payments_as_needed() -> None:
     customers = Customer.objects.all().exclude(stripe_customer_id=None)
     for customer in customers:
         realm = customer.realm
+        assert realm is not None
 
         # For larger realms, we generally want to talk to the customer
         # before downgrading or cancelling invoices; so this logic only applies with 5.
@@ -1164,11 +1197,17 @@ def switch_realm_from_standard_to_plus_plan(realm: Realm) -> None:
     standard_plan.next_invoice_date = plan_switch_time
     standard_plan.save(update_fields=["status", "next_invoice_date"])
 
+    from zerver.actions.realm_settings import do_change_realm_plan_type
+
+    do_change_realm_plan_type(realm, Realm.PLAN_TYPE_PLUS, acting_user=None)
+
     standard_plan_next_renewal_date = start_of_next_billing_cycle(standard_plan, plan_switch_time)
 
     standard_plan_last_renewal_ledger = (
         LicenseLedger.objects.filter(is_renewal=True, plan=standard_plan).order_by("id").last()
     )
+    assert standard_plan_last_renewal_ledger is not None
+    assert standard_plan.price_per_license is not None
     standard_plan_last_renewal_amount = (
         standard_plan_last_renewal_ledger.licenses * standard_plan.price_per_license
     )
@@ -1203,7 +1242,5 @@ def update_billing_method_of_current_plan(
             acting_user=acting_user,
             event_type=RealmAuditLog.REALM_BILLING_METHOD_CHANGED,
             event_time=timezone_now(),
-            extra_data={
-                "charge_automatically": charge_automatically,
-            },
+            extra_data=str({"charge_automatically": charge_automatically}),
         )

corporate/lib/stripe_event_handler.py

@@ -1,4 +1,5 @@
 import logging
+from contextlib import suppress
 from typing import Any, Callable, Dict, Union
 
 import stripe
@@ -82,17 +83,16 @@ def handle_checkout_session_completed_event(
     ]:
         ensure_realm_does_not_have_active_plan(user.realm)
         update_or_create_stripe_customer(user, payment_method)
+        assert session.payment_intent is not None
         session.payment_intent.status = PaymentIntent.PROCESSING
         session.payment_intent.last_payment_error = ()
         session.payment_intent.save(update_fields=["status", "last_payment_error"])
-        try:
+        with suppress(stripe.error.CardError):
             stripe.PaymentIntent.confirm(
                 session.payment_intent.stripe_payment_intent_id,
                 payment_method=payment_method,
                 off_session=True,
             )
-        except stripe.error.CardError:
-            pass
     elif session.type in [
         Session.FREE_TRIAL_UPGRADE_FROM_BILLING_PAGE,
         Session.FREE_TRIAL_UPGRADE_FROM_ONBOARDING_PAGE,
@@ -160,11 +160,12 @@ def handle_payment_intent_succeeded_event(
 
 @error_handler
 def handle_payment_intent_payment_failed_event(
-    stripe_payment_intent: stripe.PaymentIntent, payment_intent: Event
+    stripe_payment_intent: stripe.PaymentIntent, payment_intent: PaymentIntent
 ) -> None:
     payment_intent.status = PaymentIntent.get_status_integer_from_status_text(
         stripe_payment_intent.status
     )
+    assert payment_intent.customer.realm is not None
     billing_logger.info(
         "Stripe payment intent failed: %s %s %s %s",
         payment_intent.customer.realm.string_id,

corporate/migrations/0001_initial.py

@@ -5,7 +5,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     initial = True
 
     dependencies = [

corporate/migrations/0002_customer_default_discount.py

@@ -4,7 +4,6 @@ from django.db import migrations, models
 
 
 class Migration(migrations.Migration):
-
     dependencies = [
         ("corporate", "0001_initial"),
     ]