paulmataruso/zulip
1
0
Fork 0
mirror of https://github.com/zulip/zulip.git synced 2025-10-23 04:52:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
49ad188449a559f931a74b5aedf85c2dbe8dde70
zulip/pyproject.toml
Alex Vandiver 49ad188449 rate_limit: Add a flag to lump all TOR exit node IPs together. 
TOR users are legitimate users of the system; however, that system can
also be used for abuse -- specifically, by evading IP-based
rate-limiting.

For the purposes of IP-based rate-limiting, add a
RATE_LIMIT_TOR_TOGETHER flag, defaulting to false, which lumps all
requests from TOR exit nodes into the same bucket.  This may allow a
TOR user to deny other TOR users access to the find-my-account and
new-realm endpoints, but this is a low cost for cutting off a
significant potential abuse vector.

If enabled, the list of TOR exit nodes is fetched from their public
endpoint once per hour, via a cron job, and cached on disk.  Django
processes load this data from disk, and cache it in memcached.
Requests are spared from the burden of checking disk on failure via a
circuitbreaker, which trips of there are two failures in a row, and
only begins trying again after 10 minutes.
2021-11-16 11:42:00 -08:00

104 lines
2.4 KiB
TOML
Raw Blame History

[tool.black]
line-length = 100
target-version = ["py36"]
[tool.isort]
src_paths = [".", "tools", "tools/setup/emoji"]
known_third_party = "zulip"
profile = "black"
line_length = 100
[tool.mypy]
# Logistics of what code to check and how to handle the data.
scripts_are_modules = true
show_traceback = true
# See https://zulip.readthedocs.io/en/latest/testing/mypy.html#mypy-stubs-for-third-party-modules
# for notes on how we manage mypy stubs.
mypy_path = "$MYPY_CONFIG_FILE_DIR/stubs"
cache_dir = "$MYPY_CONFIG_FILE_DIR/var/mypy-cache"
# These are all the options that would be enabled by mypy --strict, in
# the order listed by the mypy --help documentation of --strict. We
# do not yet enable all of them.
warn_unused_configs = true
disallow_any_generics = true
disallow_subclassing_any = false
disallow_untyped_calls = false
disallow_untyped_defs = true
disallow_incomplete_defs = true
check_untyped_defs = true
disallow_untyped_decorators = false
no_implicit_optional = true
warn_redundant_casts = true
warn_unused_ignores = true
warn_return_any = false
no_implicit_reexport = true
strict_equality = true
# Display the codes needed for # type: ignore[code] annotations.
show_error_codes = true
# Warn of unreachable or redundant code.
warn_unreachable = true
[[tool.mypy.overrides]]
module = ["zproject.configured_settings", "zproject.settings"]
no_implicit_reexport = false
[[tool.mypy.overrides]]
module = [
"ahocorasick.*",
"aioapns.*",
"bitfield.*",
"bmemcached.*",
"bs4.*",
"bson.*",
"cairosvg.*",
"circuitbreaker.*",
"coverage.*",
"cssutils.*",
"defusedxml.*",
"digitalocean.*",
"disposable_email_domains.*",
"django.*",
"django_auth_ldap.*",
"django_cte.*",
"django_otp.*",
"django_scim.*",
"django_sendfile.*",
"django_statsd.*",
"DNS.*",
"fakeldap.*",
"gcm.*",
"gitlint.*",
"jsonref.*",
"ldap.*",
"markdown_include.*",
"moto.*",
"natsort.*",
"netifaces.*",
"onelogin.*",
"openapi_core.*",
"openapi_schema_validator.*",
"premailer.*",
"pyinotify.*",
"pyoembed.*",
"pyuca.*",
"re2.*",
"requests_oauthlib.*",
"scim2_filter_parser.attr_paths",
"scrapy.*",
"social_core.*",
"social_django.*",
"sourcemap.*",
"soupsieve.*",
"sphinx_rtd_theme.*",
"talon_core.*",
"tlds.*",
"tornado.*",
"twitter.*",
"two_factor.*",
"zxcvbn.*",
]
ignore_missing_imports = true
Reference in New Issue View Git Blame Copy Permalink