Permalink
Commits on Aug 29, 2016
  1. @tobias

    Merge pull request #561 from timmc/fix-epl-ny

    Fix choice of law state in EPL (back to New York)
    tobias committed on GitHub Aug 29, 2016
  2. @timmc
Commits on Aug 26, 2016
  1. @tobias

    Disable pedantic for the repl profile

    Cider brings in a nrepl version that causes pedantic to complain, and
    there's not much we can do about it other than disabling pedantic for
    just the repl.
    tobias committed Aug 26, 2016
Commits on Aug 22, 2016
  1. @danielcompton

    Parse project page numbers without reporting errors

    We get lots of garbage error reports from people fuzzing the page
    parameter. This will return a specific error for them, and won't
    report them to Yeller.
    
    Relates to #492
    danielcompton committed Aug 22, 2016
Commits on Aug 13, 2016
  1. @tobias

    Version 48-SNAPSHOT

    tobias committed Aug 13, 2016
  2. @tobias

    Version 47

    tobias committed Aug 13, 2016
  3. @tobias

    Test that new log format is parsed in full log

    Related to #554
    tobias committed Aug 13, 2016
  4. @tobias

    Be forgiving of extra space after date in logs

    With the recent nginx update, we changed the access log format slightly:
    
    * 2 spaces after the date instead of 1
    * append the sni host to the end of the line
    
    The log parser ignores the sni host, but was strict about the spaces
    after the date, causing stat generation to find no downloads. This
    relaxes the regex to allow for any number of spaces after the date so we
    can re-process logs that were generated with the new format, and allows
    us to adjust the format to go back to one space if we decide to do so.
    
    Related to #554
    tobias committed Aug 13, 2016
Commits on Jul 25, 2016
  1. @danielcompton

    Version 47-SNAPSHOT

    danielcompton committed Jul 25, 2016
  2. @danielcompton

    Version 46

    danielcompton committed Jul 25, 2016
  3. @danielcompton
  4. @danielcompton
  5. @danielcompton

    Version 46-SNAPSHOT

    danielcompton committed Jul 25, 2016
  6. @danielcompton

    Version 45

    danielcompton committed Jul 25, 2016
  7. @danielcompton

    Don't show external links on password reset page

    If a user clicks on an external link (or loads an external image)
    from the password reset screen, they can leak their password reset token
     in the referrer. This commit removes external links from the password
    reset screen to avoid that.
    
    Thanks to Nitesh Sharma for this report.
    danielcompton committed Jul 25, 2016
  8. @danielcompton
Commits on Jul 24, 2016
  1. @tobias

    Clean up dependencies

    This removes all pedantic warnings, and sets the build to abort if new
    warnings are introduced.
    
    It also removes some dependencies that we get transitively, and updates
    some versions to aid in removing the warnings.
    
    The tests caught one behavior change in the status code we return for a
    PUT to a missing route. This should be fine, as users shouldn't be
    depending on that error code.
    tobias committed Jul 24, 2016
Commits on Jul 18, 2016
  1. @tobias

    Version 45-SNAPSHOT

    tobias committed Jul 18, 2016
  2. @tobias

    Version 44

    tobias committed Jul 18, 2016
  3. @tobias

    Disable in-band uploads to cloudfiles [#546]

    These uploads can cause timeouts on the client-side if they take too
    long (I believe the default aether timeout is 10s). We're not yet using
    the cloudfiles versions, so it's fine to disable for now.
    tobias committed Jul 18, 2016
  4. @tobias

    Version 44-SNAPSHOT

    tobias committed Jul 18, 2016
  5. @tobias

    Version 43

    tobias committed Jul 18, 2016
  6. @tobias
Commits on Jul 12, 2016
  1. @tobias
Commits on Jun 28, 2016
  1. @tobias

    Give feedback when user doesn't have rights to group [#509]

    This takes authorization for a group away from friend, so we can report
    our own status message.
    tobias committed Jun 28, 2016
  2. @tobias

    Give better error feedback [#545]

    This moves the catch for returning a 403 higher up, to be able to report
    a wider set of validation/verification errors.
    tobias committed Jun 28, 2016
Commits on Jun 27, 2016
  1. @tobias

    Store tmp repos as a set

    Otherwise, we're adding the same repo to the vector for every upload,
    tobias committed Jun 27, 2016
  2. @tobias

    Version 43-SNAPSHOT

    tobias committed Jun 27, 2016
  3. @tobias

    Version 42

    tobias committed Jun 27, 2016
  4. @tobias

    Don't share tmp repos between artifacts [#541]

    lein-module based projects will share an aether session when deploying,
    but we want each module to have it's own session, so they will each have
    their own atomic deploy. Without this change, the second and all
    subsequent module deploys will fail.
    
    The fix here is to store the tmp repos as a seq, and find the existing
    one that matches the current upload, or creating a new one if none
    match. This would allow interleaving files for different artifacts in
    the same session, which none of the existing tooling does, but who knows
    what craziness exists out there?
    tobias committed Jun 27, 2016
Commits on Jun 23, 2016
  1. @tobias

    Merge pull request #539 from skazhy/badge-textarea

    increase clojars badge field size
    tobias committed on GitHub Jun 23, 2016
  2. @skazhy
  3. @tobias

    Version 42-SNAPSHOT

    tobias committed Jun 23, 2016
  4. @tobias

    Version 41

    tobias committed Jun 23, 2016
  5. @tobias

    Don't allow a dependency version to be nil [#538]

    Dependency versions can be nil if they come from a parent pom. As quick
    fix, this ensures the version won't be nil.
    tobias committed Jun 23, 2016