archive: fix command injection
gitsrht-periodic: fix non-integer randrange use
gitsrht-periodic: drop unsupported timer
This uses an unstable/undocumented part of the Prometheus Python
interface.
api: prevent repos with ACL from being duplicated
Only join with access entries if the second condition of the OR
condition in the WHERE clause (i.e. `repo.visibility = 'PUBLIC') is
false, which prevents WHERE from short-circuiting for every row.
blueprints/manage.py: fix incorrect route name
utils.html: Add a permalink breadcrumb
Add repo description to summary page title
Makes it easier to find repos in the history of browsers that save titles.
Potentially makes web search engine results more useful.
commit.html: Add button to download .tar.gz
Revert "Fix text-decoration for <del> tag"
This reverts commit 390e609e533048007e73b8cd587d1923989e7373.
The approach was too heavy-handed. It messes with folks who use <del> in
their README. The commit that introduced the issue that the reverted
commit was trying to address has itself been reverted.
Revert "Change markup for diff insert/delete lines"
This reverts commit b75d2f0e03317c9b37dfdb702f3a959555309890.
This commit has some issues:
- It uses <ins>/<del> not for the content that was actually
added/removed (i.e. the diff), but for the line stats. I don't think
that helps accessibility, it might actually make it worse.
- It adds some CSS to apply text decoration to <ins>/<del>, but only
inside the `diff` class. However, the elements never occur inside the
`diff` class (see first item). The CSS is never used.
- Instead, the place where it was used (line stats) got unintended text
decoration applied, causing a follow-up commit which fixed this the
wrong way, causing yet more issues (fixed in next commit).
I think the one place where it would make sense to apply <ins>/<del> is
the diff itself, but that might be a more serious operation.
api/graph: Avoid race condition when cloning repos
api/graph: Ensure files are closed after creation
api: rename accessControlList() to acls()
To be consistent with other services (e.g. todo.sr.ht).
api: expose current user's repository access level
For a given repository, the `access` attribute contains the AccessMode
that applies to the current user.
api: Rename user webhook mutations
Conform with terminology of other services.
Make deleteUserWebhook non-nullable.