schleuder issueshttps://0xacab.org/schleuder/schleuder/-/issues2023-01-18T23:42:21Zhttps://0xacab.org/schleuder/schleuder/-/issues/399HTML mails might leak keywords to third parties2023-01-18T23:42:21ZgeorgHTML mails might leak keywords to third partiesSchleuder leaves an encrypted HTML part of a mail untouched, it doesn't fiddle with the content. This might lead to keyword leaks to third parties, for example if `x-resend` is used.
Ideas so far how to deal with this:
- Drop the HTML p...Schleuder leaves an encrypted HTML part of a mail untouched, it doesn't fiddle with the content. This might lead to keyword leaks to third parties, for example if `x-resend` is used.
Ideas so far how to deal with this:
- Drop the HTML part completely (which would possibly annoy users)
- Parse the HTML, drop possibly sensitive content
- Use a regex, fed with the keywords which were found in the plaintext, on the "stringified" HTML3.4pazpazhttps://0xacab.org/schleuder/schleuder/-/issues/352Upgrade to latest mail gem - 2.7.x2019-02-11T08:43:09ZngUpgrade to latest mail gem - 2.7.xMail 2.7.0 broke schleuder (#277), though it seems that once they stabilized their code changes, this will be the path forward. At least we want it for things such as: #334
Any kind of integration work should be tracked here, as well as...Mail 2.7.0 broke schleuder (#277), though it seems that once they stabilized their code changes, this will be the path forward. At least we want it for things such as: #334
Any kind of integration work should be tracked here, as well as kept it for a reminder.3.4pazpazhttps://0xacab.org/schleuder/schleuder/-/issues/400Fix issue with factory bots new build strategy2019-02-11T00:05:50ZNinaFix issue with factory bots new build strategyWith the release of factory bot 5.0 the use_parent_strategy has changed. This breaks a few tests on the subscription model.
> Changed: use_parent_strategy now defaults to true, so by default the build strategy will build, rather than cr...With the release of factory bot 5.0 the use_parent_strategy has changed. This breaks a few tests on the subscription model.
> Changed: use_parent_strategy now defaults to true, so by default the build strategy will build, rather than create associations
https://github.com/thoughtbot/factory_bot/releases3.4pazpazhttps://0xacab.org/schleuder/schleuder/-/issues/401Cherry-pick upgrade of activerecord into master2019-02-11T00:05:04ZpazCherry-pick upgrade of activerecord into masterRequired to fix dependencies of next debian stable
Commit fa2c4a3Required to fix dependencies of next debian stable
Commit fa2c4a33.4NinaNinahttps://0xacab.org/schleuder/schleuder/-/issues/407CI: rake task to set up the database fails2019-02-09T01:41:06ZgeorgCI: rake task to set up the database fails```
SCHLEUDER_ENV=test SCHLEUDER_CONFIG=spec/schleuder.yml eatmydata bundle exec rake db:init
rake aborted!
Gem::LoadError: Specified 'sqlite3' for database adapter, but the gem is not loaded. Add `gem 'sqlite3'` to your Gemfile (and ens...```
SCHLEUDER_ENV=test SCHLEUDER_CONFIG=spec/schleuder.yml eatmydata bundle exec rake db:init
rake aborted!
Gem::LoadError: Specified 'sqlite3' for database adapter, but the gem is not loaded. Add `gem 'sqlite3'` to your Gemfile (and ensure its version is at the minimum required by ActiveRecord).
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activerecord-4.2.11/lib/active_record/connection_adapters/connection_specification.rb:177:in `rescue in spec'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activerecord-4.2.11/lib/active_record/connection_adapters/connection_specification.rb:174:in `spec'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activerecord-4.2.11/lib/active_record/connection_handling.rb:50:in `establish_connection'
/builds/schleuder/schleuder/lib/schleuder.rb:69:in `<top (required)>'
/builds/schleuder/schleuder/Rakefile:2:in `require_relative'
/builds/schleuder/schleuder/Rakefile:2:in `<top (required)>'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/rake-12.3.2/exe/rake:27:in `<top (required)>'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli/exec.rb:74:in `load'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli/exec.rb:74:in `kernel_load'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli/exec.rb:28:in `run'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli.rb:463:in `exec'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/vendor/thor/lib/thor/command.rb:27:in `run'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/vendor/thor/lib/thor/invocation.rb:126:in `invoke_command'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/vendor/thor/lib/thor.rb:387:in `dispatch'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli.rb:27:in `dispatch'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/vendor/thor/lib/thor/base.rb:466:in `start'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli.rb:18:in `start'
/usr/local/bundle/gems/bundler-2.0.1/exe/bundle:30:in `block in <top (required)>'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/friendly_errors.rb:124:in `with_friendly_errors'
/usr/local/bundle/gems/bundler-2.0.1/exe/bundle:22:in `<top (required)>'
/usr/local/bundle/bin/bundle:23:in `load'
/usr/local/bundle/bin/bundle:23:in `<main>'
Caused by:
Gem::LoadError: can't activate sqlite3 (~> 1.3.6), already activated sqlite3-1.4.0. Make sure all dependencies are added to Gemfile.
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/rubygems_integration.rb:408:in `block (2 levels) in replace_gem'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activerecord-4.2.11/lib/active_record/connection_adapters/sqlite3_adapter.rb:5:in `<top (required)>'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activesupport-4.2.11/lib/active_support/dependencies.rb:274:in `require'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activesupport-4.2.11/lib/active_support/dependencies.rb:274:in `block in require'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activesupport-4.2.11/lib/active_support/dependencies.rb:240:in `load_dependency'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activesupport-4.2.11/lib/active_support/dependencies.rb:274:in `require'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activerecord-4.2.11/lib/active_record/connection_adapters/connection_specification.rb:175:in `spec'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/activerecord-4.2.11/lib/active_record/connection_handling.rb:50:in `establish_connection'
/builds/schleuder/schleuder/lib/schleuder.rb:69:in `<top (required)>'
/builds/schleuder/schleuder/Rakefile:2:in `require_relative'
/builds/schleuder/schleuder/Rakefile:2:in `<top (required)>'
/builds/schleuder/schleuder/vendor/ruby/2.5.0/gems/rake-12.3.2/exe/rake:27:in `<top (required)>'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli/exec.rb:74:in `load'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli/exec.rb:74:in `kernel_load'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli/exec.rb:28:in `run'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli.rb:463:in `exec'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/vendor/thor/lib/thor/command.rb:27:in `run'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/vendor/thor/lib/thor/invocation.rb:126:in `invoke_command'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/vendor/thor/lib/thor.rb:387:in `dispatch'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli.rb:27:in `dispatch'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/vendor/thor/lib/thor/base.rb:466:in `start'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/cli.rb:18:in `start'
/usr/local/bundle/gems/bundler-2.0.1/exe/bundle:30:in `block in <top (required)>'
/usr/local/bundle/gems/bundler-2.0.1/lib/bundler/friendly_errors.rb:124:in `with_friendly_errors'
/usr/local/bundle/gems/bundler-2.0.1/exe/bundle:22:in `<top (required)>'
/usr/local/bundle/bin/bundle:23:in `load'
/usr/local/bundle/bin/bundle:23:in `<main>'
(See full trace by running task with --trace)
```
See [this job](https://0xacab.org/schleuder/schleuder/-/jobs/87143) for example.3.4https://0xacab.org/schleuder/schleuder/-/issues/404CI: changelog job shouldn't hardcode the master branch2019-02-03T15:54:35ZgeorgCI: changelog job shouldn't hardcode the master branchThe current state makes it problematic if not developing against master, as in this case the job is always successful.The current state makes it problematic if not developing against master, as in this case the job is always successful.3.4