Age | Commit message (Collapse) | Author |
|
Since we don't use a JavaScript frontend, we don't actually need any XSRF
protection. All of the requests will be coming from the browser, not from a
computer running inside the browser (js).
|
|
The design kinda sucks, but I will refresh it later. I just want to get this
shipped right now.
|
|
|
|
Perhaps this is not as performant as the wai-provided one, but it is *much*
simpler and follows my output format, which I think is much easier to quickly
read. Anyway I doubt logging will ever be a bottleneck, and if it is then I
should be able to create some instrument to detect that.
|
|
|
|
It would be good to have this as a general logging config, but I'm not sure how
to do that. I probably need a logging monad or something.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
It's easier and cleaner this way - I don't have to do complex switching between
the two. Instead just treat them as the same thing basically. Can adjust later
if need be.
|
|
|
|
|
|
|
|
This is supposed to be how to cleanup the database and any other local files.
Should only be used before/after test, so maybe I can find a way to enforce this
constraint somehow in the code.
|
|
I need 'repo' scope in order to see private repos. I can't clone and analyze
private repos yet, for that I need to handle ssh keys and such, but at least I
can ensure that requests are being made with the correct scope.
Another addition I should do: check the X-OAuth-Scopes header on every request
to ensure the user does not downgrade my scope after registering the app.
https://docs.github.com/en/developers/apps/scopes-for-oauth-apps#available-scopes
|
|
|
|
|
|
|
|
Created guardAuth and cleaned up the handlers to be as small and regular as
possible. My custom operators make it really fun to write this kind of code,
heh. And it looks cool.
|
|
I'm still working on figuring out operator precedence with my custom operators.
The normal precedences don't work well for writing code in a pipeline as I like,
so I have to re-define the operators with my own fixity settings. This will take
some fiddling to get right.
The user subscription allows setting to "Free" only now. It's fine because I
still need to do a design refresh on the pages I just made. One thing I noticed
is that it's getting harder to make changes without breaking stuff, so I either
need to make smaller incremental changes, or actually write some real tests.
I'll probably write tests soon.
|
|
Also improved the test situation, did some refactors, and now listing the user's
past analyses on their account page.
|
|
|
|
Keep Analysis runs, with a unique id, and index them based on ID, which user
asked for the analysis, and commit sha.
|
|
The footer is just a copyright for now. The header is full width, main and
footer max out at 900px. This seems like a reasonable default, so I put it in
the base Biz/Look.hs.
|
|
I'm borrowing heavily from Basecamp.com, but I figure after enough itreation I
will settle on something more unique. Anyway, copying Basecamp isn't so bad --
they are a great company after all!
|
|
My qutebrowser dark filter messed up my colors. Also now I'm using header and
main HTML elements.
|
|
Part of a larger effort, but doing this iteratively in smaller chunks.
|
|
Also changes the --test option to a 'test' command. This is because running the
tests for a namespace/exe should never be combined with anything else: you
either want to run the tests, or not.
|
|
Wraps docopt rather nicely. It's much nicer than optparse-applicative and runs
tests with the --test argument automatically. Next I just need to implement a
test framework.
|
|
It was always showing 0 because of annoying numeric type conversion stuff. This
is my least favorite part of Haskell.
|
|
This necessitated adding a few more paths for clarity and such, and a type for
the analysis page. There seem to be some bugs with session handling I think, but
I'll suss those out later. Also I'm running into many uncaught exceptions so
eventually I will need to tackle those as well.
|
|
|
|
Auth was broken without the xsrf thing disabled. Anyway, its best to have
well-defined live and test settings. I will re-enable xsrf when I figure out the
js snippet I need.
|
|
Boy that was harder than I thought, but the code is pretty clean now. I still
need to fixup the error handling, and maybe move all the extra args into an app
monad, but I think otherwise I have it in a good place.
|
|
I had to refactor Biz/Bild/Rules.nix. I also had to checkin my patched
hoogle.nix file, but I also upstreamed the patch to nixpkgs-dev so it shouldn't
stick around for too long.
|
|
|
|
|
|
|
|
Still calibrating my use of hlint.
|
|
|
|
|
|
|
|
|
|
|
|
|