Mercurial > p > roundup > code

annotate website/README.txt @ 5726:e199d0ae4a25

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2551033: prevent reverse engineering hidden data by using etags as an oracle to identify when the right data has been guessed. Identified by Joseph Myers who also suggested remediation methods. Implemented John Rouillard.
author John Rouillard <rouilj@ieee.org>
date Thu, 23 May 2019 18:56:57 -0400
parents 7a570b1f0d67
children e338969b1d23
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
1 Roundup has three web sites:
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
2
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
3 * http://www.roundup-tracker.org/
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
4 * http://wiki.roundup-tracker.org/
5612
da2decb6d0c7 update http://issues.roundup-tracker.org to https://isues.... for the
John Rouillard <rouilj@ieee.org>
parents: 5343
diff changeset
5 * https://issues.roundup-tracker.org/
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
6
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
7 www and wiki are hosted on SourceForge.
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
8
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
9
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
10 updating issues.roundup-tracker.org
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
11 ===================================
4934
55eccea8911f website/README.txt: Update instructions how to update tracker
anatoly techtonik <techtonik@gmail.com>
parents: 4933
diff changeset
12 If you don't have access, ask to update on mailing list. You may try to
55eccea8911f website/README.txt: Update instructions how to update tracker
anatoly techtonik <techtonik@gmail.com>
parents: 4933
diff changeset
13 ping Ralf, Bernhard or Ezio directly.
4227
25db485027cf add website instructions
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
14
25db485027cf add website instructions
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
15 * log into issues.roundup-tracker.org
4598
5c8463b8f7ba Updated README for maintaining the websites (www, wiki, issues)
Thomas Arendsen Hein <thomas@intevation.de>
parents: 4554
diff changeset
16 * get a working copy of roundup/website/issues from the SCM, either via
4934
55eccea8911f website/README.txt: Update instructions how to update tracker
anatoly techtonik <techtonik@gmail.com>
parents: 4933
diff changeset
17 hg clone http://hg.code.sf.net/p/roundup/code
4598
5c8463b8f7ba Updated README for maintaining the websites (www, wiki, issues)
Thomas Arendsen Hein <thomas@intevation.de>
parents: 4554
diff changeset
18 or download a snapshot:
4934
55eccea8911f website/README.txt: Update instructions how to update tracker
anatoly techtonik <techtonik@gmail.com>
parents: 4933
diff changeset
19 http://sourceforge.net/p/roundup/code/ci/default/tarball
4871
8930fe9d6d21 Website, Issues: Updated tracker-instructions in README.
Bernhard Reiter <bernhard@intevation.de>
parents: 4830
diff changeset
20
8930fe9d6d21 Website, Issues: Updated tracker-instructions in README.
Bernhard Reiter <bernhard@intevation.de>
parents: 4830
diff changeset
21 * check the differences
4934
55eccea8911f website/README.txt: Update instructions how to update tracker
anatoly techtonik <techtonik@gmail.com>
parents: 4933
diff changeset
22 diff -ur /home/roundup/trackers/roundup/ /home/YOURUSERID/roundup/website/issues/
4227
25db485027cf add website instructions
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
23 * copy the files into the tracker instance, using sudo:
4598
5c8463b8f7ba Updated README for maintaining the websites (www, wiki, issues)
Thomas Arendsen Hein <thomas@intevation.de>
parents: 4554
diff changeset
24 sudo -u roundup cp <file> /home/roundup/trackers/roundup/...
4871
8930fe9d6d21 Website, Issues: Updated tracker-instructions in README.
Bernhard Reiter <bernhard@intevation.de>
parents: 4830
diff changeset
25 or use rsync to check and only copy the changed files as user roundup like
4646
cd81ebbce7f9 Minor improvement to the instructions how to maintain our tracker.
Bernhard Reiter <bernhard@intevation.de>
parents: 4620
diff changeset
26 rsync -rvc /home/YOURUSERID/roundup/website/issues/ trackers/roundup/
4871
8930fe9d6d21 Website, Issues: Updated tracker-instructions in README.
Bernhard Reiter <bernhard@intevation.de>
parents: 4830
diff changeset
27 HINT: old files will not be deleted by this rsync command
4227
25db485027cf add website instructions
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
28 * restart the roundup server:
4646
cd81ebbce7f9 Minor improvement to the instructions how to maintain our tracker.
Bernhard Reiter <bernhard@intevation.de>
parents: 4620
diff changeset
29 sudo /etc/init.d/roundup restart
4227
25db485027cf add website instructions
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
30
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
31
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
32 updating services hosted on sf.net (www and wiki)
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
33 =================================================
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
34 Generic SF instructions for web service recommend
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
35 uploading files through SFTP, described here:
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
36 http://sourceforge.net/p/forge/documentation/Project%20Web%20Services/
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
37
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
38 However, SFTP is ugly to script in non-interactive
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
39 mode, so we use SSH access to fetch everything and
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
40 build from server side.
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
41
5633
7a570b1f0d67 website: improve sf login instructions
Bernhard Reiter <bernhard@intevation.de>
parents: 5612
diff changeset
42 Working with sf.net
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
43 -------------------
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
44 Current docs are taken down with SourceForge Trac,
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
45 so working instructions are available from here:
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
46 http://web.archive.org/web/20140618231150/http://sourceforge.net/apps/trac/sourceforge/wiki/Shell%20service
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
47
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
48 # log in, replace <user> with your account
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
49 ssh -t <user>,roundup@shell.sourceforge.net create
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
50
4956
4e7208743254 Update web site instruction to restore web presence of
anatoly techtonik <techtonik@gmail.com>
parents: 4940
diff changeset
51 # set project_home
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
52 project_home=/home/project-web/roundup
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
53
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
54 # pull latest Roundup source with www and wiki
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
55 # (the warning about "Not trusting file ... " can be ignored
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
56 # for now https://sourceforge.net/p/forge/site-support/8217/)
4940
ff4d939f4619 website/README: Make "hg up" location-independent
anatoly techtonik <techtonik@gmail.com>
parents: 4934
diff changeset
57 hg pull -u --cwd ${project_home}/src/roundup
5343
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
58 # see below if this fails with: not trusting file
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
59 # /home/project-web/roundup/src/roundup/.hg/hgrc from untrusted
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
60 # user 110231, group 48
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
61
4956
4e7208743254 Update web site instruction to restore web presence of
anatoly techtonik <techtonik@gmail.com>
parents: 4940
diff changeset
62 # read up on other people changes and add yours
4e7208743254 Update web site instruction to restore web presence of
anatoly techtonik <techtonik@gmail.com>
parents: 4940
diff changeset
63 cd ${project_home}
4e7208743254 Update web site instruction to restore web presence of
anatoly techtonik <techtonik@gmail.com>
parents: 4940
diff changeset
64 vim logbuch.txt
4e7208743254 Update web site instruction to restore web presence of
anatoly techtonik <techtonik@gmail.com>
parents: 4940
diff changeset
65
5343
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
66 If you get a "not trusting" error the problem is that the .hg files in
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
67 use are not owned by you and hg won;t use them. Add this to your
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
68 ~/.hgrc file (create file if needed)
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
69
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
70 [trusted]
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
71 groups=48
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
72 users=110231
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
73
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
74 if the uid/gid changes you may have to change the values.
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
75 See: https://www.mercurial-scm.org/wiki/Trust for details
f1270730505d Add directions on how to handle issues when updating using hg.
John Rouillard <rouilj@ieee.org>
parents: 4956
diff changeset
76
5633
7a570b1f0d67 website: improve sf login instructions
Bernhard Reiter <bernhard@intevation.de>
parents: 5612
diff changeset
77 When done working in the sf shell, you can destroy it early
7a570b1f0d67 website: improve sf login instructions
Bernhard Reiter <bernhard@intevation.de>
parents: 5612
diff changeset
78 to free resources:
7a570b1f0d67 website: improve sf login instructions
Bernhard Reiter <bernhard@intevation.de>
parents: 5612
diff changeset
79
7a570b1f0d67 website: improve sf login instructions
Bernhard Reiter <bernhard@intevation.de>
parents: 5612
diff changeset
80 shutdown
4620
0aafd64866d1 website/README.txt: Improved: Added new generic sf.net section.
Bernhard Reiter <bernhard@intevation.de>
parents: 4609
diff changeset
81
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
82 updating wiki.roundup-tracker.org
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
83 ---------------------------------
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
84 wiki doesn't require building anything, so if you're
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
85 logged in to SF (see above), just copy new files over
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
86 to new directories:
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
87
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
88 cd ${project_home}/src/roundup/website/wiki
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
89 cp -r -p static/roundup ${project_home}/htdocs/_wiki/
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
90 cp -p wiki/data/plugin/theme/roundup.py ${project_home}/persistent/wiki/data/plugin/theme/
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
91 cd -
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
92
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
93 If you need to adjust wiki configuration, it is here:
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
94
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
95 vim persistent/wiki/wikiconfig.py
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
96
4227
25db485027cf add website instructions
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
97
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
98 updating www.roundup-tracker.org
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
99 ---------------------------------
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
100 Site update requires rebuilding HTML files. For that
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
101 you `sphinx` and `sphinxcontrib-cheeseshop` are required/
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
102 Hopefully, they are already installed into virtualenv, so
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
103 the whole procedure looks like so:
4227
25db485027cf add website instructions
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
104
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
105 # activate the virtualenv
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
106 . ${project_home}/docbuilder/bin/activate
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
107 # cd to website source and build it
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
108 cd ${project_home}/src/roundup/website/www
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
109 make clean
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
110 make html
5633
7a570b1f0d67 website: improve sf login instructions
Bernhard Reiter <bernhard@intevation.de>
parents: 5612
diff changeset
111 # you can check which files updated (the date will change with many files)
7a570b1f0d67 website: improve sf login instructions
Bernhard Reiter <bernhard@intevation.de>
parents: 5612
diff changeset
112 #diff -ur --brief ${project_home}/htdocs/ ./html/
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
113 # copy to website dir
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
114 cp -r -p ./html/* ${project_home}/htdocs/
4956
4e7208743254 Update web site instruction to restore web presence of
anatoly techtonik <techtonik@gmail.com>
parents: 4940
diff changeset
115 # copy legacy html doc to website docs/ dir
4e7208743254 Update web site instruction to restore web presence of
anatoly techtonik <techtonik@gmail.com>
parents: 4940
diff changeset
116 # (in main doc/conf.py this is done automatically)
4e7208743254 Update web site instruction to restore web presence of
anatoly techtonik <techtonik@gmail.com>
parents: 4940
diff changeset
117 cp -r -p ../../doc/html_extra/* ${project_home}/htdocs/docs/
4915
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
118 # or try it with rsync (skip --dry-run when ready)
0e22b13c5ab5 website/README.txt: Test and update instructions
anatoly techtonik <techtonik@gmail.com>
parents: 4871
diff changeset
119 #rsync --dry-run -v --checksum --recursive ./html/* ${project_home}/htdocs/
Roundup Issue Tracker: http://roundup-tracker.org/