0ct0pu5/healthchecks
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3019 commits 2 branches 66 tags 26 MiB
Commit graph

1885 commits

Author SHA1 Message Date
Pēteris Caune
d269b54ca1
Fix tests 2023-02-21 11:11:43 +02:00
Pēteris Caune
04c9398da3
Fix the "Test" button in the Integrations screen for read-only users 
(I broke it by accident in 963f1758de)
 2023-02-20 10:21:41 +02:00
Pēteris Caune
d84a97acef
Add @sensitive_post_parameters() to views that handle passwords 2023-02-20 10:09:16 +02:00
Pēteris Caune
c2f828df83
Add custom ExceptionReporterFilter which filters out TWILIO_AUTH 2023-02-20 09:43:03 +02:00
Pēteris Caune
423dac4b19
Add a protection for non-bool settings.SESSION_COOKIE_SECURE value 2023-02-15 09:20:00 +02:00
Pēteris Caune
3d728325fe
Fix the SameSite and Secure attributes on the "auto-login" cookie 
The "auto-login" cookie is a part of a work-around for
some email clients automatically clicking links in emails:

- when sending an one-time sign-in link, server also sends the
  "auto-login" cookie to the client
- when end user clicks on the sign-in link, the server checks
  if client's request contains the "auto-login" cookie
- if the "auto-login" cookie is present, log the user in
- if the "auto-login" cookie is absent, serve a HTTP POST form
  with a submit button. The user must click the button to log in.

This commit fixes attributes on the "auto-login" cookie:

- it sets SameSite=Lax
- it sets Secure=true if SESSION_COOKIE_SECURE=True
 2023-02-15 09:17:09 +02:00
Pēteris Caune
c8750ad05b
Fix the signup form to work with httpOnly CSRF cookies 2023-02-14 14:20:27 +02:00
Pēteris Caune
e46cf3725b
Add CSRF protection in the signup view 2023-02-14 09:15:46 +02:00
Pēteris Caune
f27e7c82a2
Optimize SQL query in hc.front.views.status 
Filter checks by project.id instead of project.code,
this avoids a JOIN in the query.
 2023-02-10 12:06:56 +02:00
Pēteris Caune
0d0087d898
Update Telegram notification template to include more data 2023-02-08 15:28:39 +02:00
Pēteris Caune
b1d47abd97
Fix tests when TELEGRAM_BOT_NAME has a custom value 2023-02-08 14:22:55 +02:00
Pēteris Caune
311f7064dc
Fix a race condition in Check.ping method 
The code in Check.ping() updates a Check object, then
creates a Ping object. There's a possible race condition
where the "sendalerts" command sees# the updated Check object
before the Ping object is created. This is especially likely
when offloading ping bodies to S3, because Ping gets created
*after* the upload completes, which can take some time.

To avoid this, put both operations inside a transaction,
but keep the S3 upload *outside* the transaction--uploads
can hang, and we want to avoid long transactions.
 2023-02-08 13:12:05 +02:00
Fabrizio Ferrai
9939e45c5a
Add body to Telegram notifications (#783) 
Add body to Telegram notifications

---------

Co-authored-by: Pēteris Caune <cuu508@gmail.com>
 2023-02-08 12:52:36 +02:00
Pēteris Caune
19383d0414
Improve the error message about rejected private IPs 2023-02-03 10:08:06 +02:00
boopzz
55361d5ae2
Amended Mattermost class to include the BODY in the message (#785) 
Add last ping body in Mattermost notifications

---------

Co-authored-by: Pēteris Caune <cuu508@gmail.com>
 2023-02-01 13:22:54 +02:00
Pēteris Caune
e995d299b8
Improve hc.lib.s3 tests 2023-02-01 10:25:17 +02:00
Pēteris Caune
3992c0927b
Add handling for ProtocolError exceptions in hc.lib.s3.get_object 2023-02-01 09:31:15 +02:00
Pēteris Caune
114faf1d42
Improve type hints 2023-01-30 13:07:03 +02:00
Pēteris Caune
88325b4d90
Fix mypy warnings 2023-01-30 13:02:00 +02:00
Pēteris Caune
f4bd1d69f2
Fix URL validation to allow hostnames with no TLD 
Fixes: #782
 2023-01-30 11:19:51 +02:00
Pēteris Caune
09593c80d9
Fix a crash in the "createsuperuser" management command 
Fixes: #779
 2023-01-26 09:20:35 +02:00
Pēteris Caune
737405679f
Fix EmailLoginForm initialization 2023-01-23 14:53:49 +02:00
Pēteris Caune
2cfb37f097
Add rate limiting by client IP in the signup and login views 2023-01-23 14:35:45 +02:00
Pēteris Caune
359edbd270
Fix login and signup views to make email enumeration harder 2023-01-23 13:05:49 +02:00
Pēteris Caune
a9b084ec9a
Add "Start Keyword" filtering for inbound emails 
Fixes: #716
 2023-01-16 13:19:35 +02:00
Pēteris Caune
f849c5e1a1
Fix wording in the invite email when inviting read-only users 2023-01-12 10:14:18 +02:00
Pēteris Caune
4716168da2
Fix check transfer between same account's projects when at check limit 2023-01-12 09:46:02 +02:00
Pēteris Caune
a161498e85
Tighten Signal number verification rate limiting 2023-01-11 15:33:04 +02:00
Pēteris Caune
8d06a3e896
Add a "verify number" step in the Signal onboarding flow 2023-01-10 12:54:25 +02:00
Pēteris Caune
afbce84731
Reduce SQL queries in "status_single", "details", "log" views 2022-12-22 14:35:24 +02:00
Pēteris Caune
2bf0d0dbc5
Fix special character encoding in project invite emails 2022-12-22 12:05:37 +02:00
Pēteris Caune
18c17fb4b5
Fix project sort order to be case-insensitive everywhere in the UI 
Fixes: #768
 2022-12-22 11:39:20 +02:00
Pēteris Caune
d19156801f
Fix special character encoding in Signal notifications 
Fixes: #767
 2022-12-21 15:58:52 +02:00
Pēteris Caune
a49bc4ef3a
Fix the Signal integration to handle unexpected RPC messages better 
Fixes: #763
cc: #758
 2022-12-21 12:18:03 +02:00
Pēteris Caune
70a7024cf2
Remove support for obsolete signal-cli versions 
Due to Signal server-side changes, signal-cli versions
before 0.11.2 do not work any more. Hence there is no point
supporting them.
 2022-12-21 10:43:25 +02:00
Pēteris Caune
ae53aaaa3a
Update settings.py to read the ADMINS setting from an env variable 2022-12-20 16:23:33 +02:00
Pēteris Caune
f5f05b0589
Exclude the "Management API v1" page from docs search 2022-12-20 10:38:10 +02:00
Pēteris Caune
2ed197e7ef
Improve type hints, mark arguments as keyword-only 2022-12-20 09:50:47 +02:00
Pēteris Caune
4863dda6c3
Add /api/v2/ which reports check's status slightly differently 
cc: #633
 2022-12-19 22:31:38 +02:00
Pēteris Caune
1d7f4a50ad
Add signal-cli TCP socket test and update docs 2022-12-15 19:29:00 +02:00
Pēteris Caune
73a5cb0d57
Add support for communicating with signal-cli over TCP 
cc: #732
 2022-12-15 17:46:37 +02:00
Pēteris Caune
5e826ec15a
Fix pruneflips 2022-12-02 12:19:52 +02:00
Pēteris Caune
c3369b22d6
Add more tests 2022-12-02 09:54:07 +02:00
Pēteris Caune
15cbb39bd3
Change "Settings - Email Reports" page to allow manual tz selection 2022-12-01 16:12:32 +02:00
Pēteris Caune
86262ef620
Make datetime.datetime imports consistent everywhere 2022-12-01 15:36:35 +02:00
Pēteris Caune
260f6e36a7
Fix templates to use user's timezone when displaying dates 2022-12-01 15:21:40 +02:00
Pēteris Caune
818ccad56f
Fix week, month boundary calculation to use user's timezone 2022-12-01 13:46:21 +02:00
Pēteris Caune
ff7b963d15
Move "send report", "deactivate" admin actions to the Profile admin 2022-12-01 09:35:13 +02:00
Pēteris Caune
a65aa171f4
Replace var=[...];if var: [...] usages with the walrus operator 2022-12-01 09:16:19 +02:00
Pēteris Caune
b5006f2741
Fix downtime calculation for recently created checks 2022-11-30 16:19:02 +02:00