{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":373267,"defaultBranch":"main","name":"clojars-web","ownerLogin":"clojars","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2009-11-15T00:19:16.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/15964657?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1714984122.0","currentOid":""},"activityList":{"items":[{"before":"66d68b629d837486871882f708f8d452163619d5","after":"a59efb6128f2ae355df359a57bf06d6b8b0289cc","ref":"refs/heads/main","pushedAt":"2024-05-06T08:28:27.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Remove reflection from interop calls","shortMessageHtmlLink":"Remove reflection from interop calls"}},{"before":"1800ea899bfd8e43f1dcc79f599d863dacf19cf7","after":null,"ref":"refs/heads/tobias/upgrade-to-jetty-11","pushedAt":"2024-05-06T07:02:38.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"}},{"before":"a0a6c3850d6155438e38025abc465c9b4def8ed9","after":"66d68b629d837486871882f708f8d452163619d5","ref":"refs/heads/main","pushedAt":"2024-05-06T07:02:36.000Z","pushType":"pr_merge","commitsCount":4,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Merge pull request #883 from clojars/tobias/upgrade-to-jetty-11\n\nUpgrade to Jetty 11","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2279770313\" data-permission-text=\"Title is private\" data-url=\"https://github.com/clojars/clojars-web/issues/883\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/clojars/clojars-web/pull/883/hovercard\" href=\"https://github.com/clojars/clojars-web/pull/883\">#883</a> from clojars/tobias/upgrade-to-jetty-11"}},{"before":null,"after":"1800ea899bfd8e43f1dcc79f599d863dacf19cf7","ref":"refs/heads/tobias/upgrade-to-jetty-11","pushedAt":"2024-05-05T22:41:13.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Directly depend on slf4j-api\n\nThis is a bit of a mystery: if we let slf4j-api come in via a transitive\ndependency, our logback.xml file is ignored (at least in dev & test), so\nall logging goes to stdout. clojure.tools.logging is finding slj4j-api\nin both cases, but logback does not get initialized in the case where\nthis isn't a top-level dep.\n\nI have no idea why this is happening! Logging is terrible.","shortMessageHtmlLink":"Directly depend on slf4j-api"}},{"before":"25f413398b2088d314abd57f1a14376fd0311d9a","after":"a0a6c3850d6155438e38025abc465c9b4def8ed9","ref":"refs/heads/main","pushedAt":"2024-05-02T10:53:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Update changelog","shortMessageHtmlLink":"Update changelog"}},{"before":"1d5cc2003e6bce16641c552666934af713dcff7c","after":null,"ref":"refs/heads/tobias/downcase-emails","pushedAt":"2024-05-02T10:44:57.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"}},{"before":"2b2b980d175454faa30f5a822e67cde2f9fcc11e","after":"25f413398b2088d314abd57f1a14376fd0311d9a","ref":"refs/heads/main","pushedAt":"2024-05-02T10:44:55.000Z","pushType":"pr_merge","commitsCount":6,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Merge pull request #882 from clojars/tobias/downcase-emails\n\nEnsure emails are downcased; don't allow future duplicate email usage","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2271145063\" data-permission-text=\"Title is private\" data-url=\"https://github.com/clojars/clojars-web/issues/882\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/clojars/clojars-web/pull/882/hovercard\" href=\"https://github.com/clojars/clojars-web/pull/882\">#882</a> from clojars/tobias/downcase-emails"}},{"before":"a47a345ca569308762ea2d54d8043b7742cdab18","after":"1d5cc2003e6bce16641c552666934af713dcff7c","ref":"refs/heads/tobias/downcase-emails","pushedAt":"2024-05-02T10:29:47.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Add tighter email validation on input\n\nThis ensures:\n- the email is closer to an actual email address\n- the email isn't too long (254 characters is plenty!)","shortMessageHtmlLink":"Add tighter email validation on input"}},{"before":"3c279fa65c6fc6eb58311ab631d9c725f60c2808","after":"a47a345ca569308762ea2d54d8043b7742cdab18","ref":"refs/heads/tobias/downcase-emails","pushedAt":"2024-05-02T10:17:22.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Add tighter email validation on input\n\nThis ensures:\n- the email is closer to an actual email address\n- the email isn't too long (254 characters is plenty!)","shortMessageHtmlLink":"Add tighter email validation on input"}},{"before":"89e33a5a60f10ccb33e59d3a418a224bcb4af0dd","after":"2b2b980d175454faa30f5a822e67cde2f9fcc11e","ref":"refs/heads/main","pushedAt":"2024-05-01T10:44:27.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Update changelog","shortMessageHtmlLink":"Update changelog"}},{"before":"279bd2e0d70717d0b3107e2ecee21add20a467e8","after":"3c279fa65c6fc6eb58311ab631d9c725f60c2808","ref":"refs/heads/tobias/downcase-emails","pushedAt":"2024-04-30T14:23:23.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Don't allow using an existing email\n\nThis prevents creating a new user or updating an existing user with the\nemail address of another user. This does not add a uniqueness constraint\nto the database for the email address because we currently have 511\nemail addresses that are in use across at least 2 user records.","shortMessageHtmlLink":"Don't allow using an existing email"}},{"before":null,"after":"279bd2e0d70717d0b3107e2ecee21add20a467e8","ref":"refs/heads/tobias/downcase-emails","pushedAt":"2024-04-30T10:54:51.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Don't allow using an existing email\n\nThis prevents creating a new user or updating an existing user with the\nemail address of another user. This does not add a uniqueness constraint\nto the database for the email address because we currently have 511\nemail addresses that are in use across at least 2 user records.","shortMessageHtmlLink":"Don't allow using an existing email"}},{"before":"a26e1ee9eb5cee9e4ef6ac6f9ef6164c37c0e40e","after":"89e33a5a60f10ccb33e59d3a418a224bcb4af0dd","ref":"refs/heads/main","pushedAt":"2024-04-14T14:49:29.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Return invalid params response as json\n\nWe didn't have a content-type before, so it was defaulting to\n`application/octet-stream`, making browers unhappy.","shortMessageHtmlLink":"Return invalid params response as json"}},{"before":"d3a7cff8c40c4bc8f462e155548027f8d4dac2f5","after":"a26e1ee9eb5cee9e4ef6ac6f9ef6164c37c0e40e","ref":"refs/heads/main","pushedAt":"2024-04-14T14:37:04.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Reject non-flat http params\n\nWe only ever expect string params for any route other than /repo and\n/token-breach routes, so have lots of code that assumes they will be\nstrings instead of collections.\n\nWe recently had someone use a fuzzing tool against Clojars, which\nresulted in thousands of logged errors from 500s. This should eliminate\nmany of those errors.\n\nThere is future work to do to deal with illegal bytes in UTF-8 strings\nthat the fuzzing tools also send.","shortMessageHtmlLink":"Reject non-flat http params"}},{"before":"50c6cc28261a6ee8fda4d476f8c004004841d961","after":"d3a7cff8c40c4bc8f462e155548027f8d4dac2f5","ref":"refs/heads/main","pushedAt":"2024-04-13T21:11:38.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Remove /error route\n\nThis was just used in tests to ensure error reporting worked, but\nexternal callers hit it sometimes, leading to noise in Sentry.","shortMessageHtmlLink":"Remove /error route"}},{"before":"4a109fd875b0101164c2349b31a1fa624a7f28be","after":"50c6cc28261a6ee8fda4d476f8c004004841d961","ref":"refs/heads/main","pushedAt":"2024-04-11T19:54:48.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Tighten search page error handling\n\nIf a user sends `page[]=1` as a param, we'll get a Vector here, which\nwill cause a ClassCastException instead of a NumberFormatException. So\nwe'll just catch any exception here and return an error response instead\nof triggering a 500.","shortMessageHtmlLink":"Tighten search page error handling"}},{"before":"e5f809a2d391b49761c9fc247646e36d2210f6de","after":"4a109fd875b0101164c2349b31a1fa624a7f28be","ref":"refs/heads/main","pushedAt":"2024-03-22T11:32:32.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Update CHANGELOG","shortMessageHtmlLink":"Update CHANGELOG"}},{"before":"d5bac318e3f39b49ced82813bf24a0a9a4b48f8e","after":"e5f809a2d391b49761c9fc247646e36d2210f6de","ref":"refs/heads/main","pushedAt":"2024-03-22T11:08:51.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Upgrade Clojure to address CVE-2024-22871","shortMessageHtmlLink":"Upgrade Clojure to address <a title=\"CVE-2024-22871\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-vr64-r9qj-h27f/hovercard\" href=\"https://github.com/advisories/GHSA-vr64-r9qj-h27f\">CVE-2024-22871</a>"}},{"before":"0b131ebcaf21b33cb7106026726d571e4fc47d1c","after":"d5bac318e3f39b49ced82813bf24a0a9a4b48f8e","ref":"refs/heads/main","pushedAt":"2024-03-06T02:51:51.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Update docker-compose to use pg 15.5 for tests\n\nThis was missed in the 15.5 upgrade.","shortMessageHtmlLink":"Update docker-compose to use pg 15.5 for tests"}},{"before":"d3153018dda214f00569bc8276c9b9dbf28a46c8","after":"0b131ebcaf21b33cb7106026726d571e4fc47d1c","ref":"refs/heads/main","pushedAt":"2024-02-29T12:28:57.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Update CHANGELOG","shortMessageHtmlLink":"Update CHANGELOG"}},{"before":"6585b113a861b5d8a7447f636fd2e85a834a263f","after":"d3153018dda214f00569bc8276c9b9dbf28a46c8","ref":"refs/heads/main","pushedAt":"2024-02-29T12:22:59.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Upgrade postgresql driver to address CVE-2024-1597","shortMessageHtmlLink":"Upgrade postgresql driver to address <a title=\"CVE-2024-1597\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-24rp-q3w6-vc56/hovercard\" href=\"https://github.com/advisories/GHSA-24rp-q3w6-vc56\">CVE-2024-1597</a>"}},{"before":"1655377c40927316c15cfd225dda5470cb801efb","after":"6585b113a861b5d8a7447f636fd2e85a834a263f","ref":"refs/heads/main","pushedAt":"2024-02-24T14:07:24.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Give delete-user! a more appropriate name","shortMessageHtmlLink":"Give delete-user! a more appropriate name"}},{"before":"6a8c8025120d654f49940bbf40737a7396ed6859","after":"1655377c40927316c15cfd225dda5470cb801efb","ref":"refs/heads/main","pushedAt":"2024-02-17T20:30:10.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Add admin helper to soft-delete a user","shortMessageHtmlLink":"Add admin helper to soft-delete a user"}},{"before":"ac91737611cd2ea0a43f195026b98dead2505fe9","after":"6a8c8025120d654f49940bbf40737a7396ed6859","ref":"refs/heads/main","pushedAt":"2024-02-10T14:50:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Update CHANGELOG","shortMessageHtmlLink":"Update CHANGELOG"}},{"before":"60c064f9612f98336aebf6bda2845d112ff2827c","after":null,"ref":"refs/heads/tobias/github-secret-scanning-validity","pushedAt":"2024-02-10T14:35:01.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"}},{"before":"dbe8769339c6470f9a094e1017e695bc85e27a3b","after":"ac91737611cd2ea0a43f195026b98dead2505fe9","ref":"refs/heads/main","pushedAt":"2024-02-10T14:35:00.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Merge pull request #880 from clojars/tobias/github-secret-scanning-validity\n\nReport validity to GitHub when scanning tokens","shortMessageHtmlLink":"Merge pull request <a class=\"issue-link js-issue-link\" data-error-text=\"Failed to load title\" data-id=\"2125126241\" data-permission-text=\"Title is private\" data-url=\"https://github.com/clojars/clojars-web/issues/880\" data-hovercard-type=\"pull_request\" data-hovercard-url=\"/clojars/clojars-web/pull/880/hovercard\" href=\"https://github.com/clojars/clojars-web/pull/880\">#880</a> from clojars/tobias/github-secret-scanning-va…"}},{"before":null,"after":"60c064f9612f98336aebf6bda2845d112ff2827c","ref":"refs/heads/tobias/github-secret-scanning-validity","pushedAt":"2024-02-08T12:59:28.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Report validity to GitHub when scanning tokens\n\nGitHub supports[1] returning the validity (true or false positive) for\nClojars deploy tokens that it reports to us. This implements that\nresponse.\n\nFixes #879.\n\n[1]:\nhttps://docs.github.com/en/enterprise-cloud@latest/code-security/secret-scanning/secret-scanning-partner-program#provide-feedback-for-false-positives","shortMessageHtmlLink":"Report validity to GitHub when scanning tokens"}},{"before":"bb01ae647468e8591d2de642d1d11ad7e8be18f2","after":"dbe8769339c6470f9a094e1017e695bc85e27a3b","ref":"refs/heads/main","pushedAt":"2024-02-05T12:52:34.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Convert receive loop to Thread\n\nThe future is swallowing errors, so we will use a bare Thread here. This\nshould allow an exception in SQS processing to trigger the\nuncaught-exception-handler, exiting the process. Systemd will then\nrestart it.\n\nOtherwise, SQS receiving stops, and we stop processing async tasks until\nthe process is restarted.","shortMessageHtmlLink":"Convert receive loop to Thread"}},{"before":"c329e1c121c4fb227025628744c0e96815d7a44e","after":"bb01ae647468e8591d2de642d1d11ad7e8be18f2","ref":"refs/heads/main","pushedAt":"2024-02-01T12:56:13.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Add username to page headings\n\nThis makes it clearer that a user is logged in, and who they are logged\nin as.","shortMessageHtmlLink":"Add username to page headings"}},{"before":"4c63223f47bd4d94e879acfbfdee8ea6ecd869e3","after":"c329e1c121c4fb227025628744c0e96815d7a44e","ref":"refs/heads/main","pushedAt":"2024-02-01T12:19:49.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"tobias","name":"Toby Crawley","path":"/tobias","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/2631?s=80&v=4"},"commit":{"message":"Suppress CVE-2017-20189\n\nThis CVE only impacts projects running Clojure < 1.9.0, and we are on\n1.11.1.","shortMessageHtmlLink":"Suppress <a title=\"CVE-2017-20189\" data-hovercard-type=\"advisory\" data-hovercard-url=\"/advisories/GHSA-jgxc-8mwq-9xqw/hovercard\" href=\"https://github.com/advisories/GHSA-jgxc-8mwq-9xqw\">CVE-2017-20189</a>"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEQk9PAgA","startCursor":null,"endCursor":null}},"title":"Activity · clojars/clojars-web"}