Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[F] Add spam detection & public access mitigations #3722

Merged
merged 12 commits into from
Feb 23, 2024
Merged

[F] Add spam detection & public access mitigations #3722

merged 12 commits into from
Feb 23, 2024

Conversation

zdavis
Copy link
Member

@zdavis zdavis commented Feb 23, 2024

No description provided.

scryptmouse and others added 12 commits February 21, 2024 22:22
@scryptmouse
[F] Improve settings sections & test coverage
ecaec69 
* Finishes up an in-progress branch to make settings easier to grok.
* Normalizes settings into store models rather than arbitrary hash
  with multiple sources of truth across the application
* Tightens up serializer to have parity with new section store models,
  ensures that the API definition actually declares which settings
  can be nil instead of relying on missing keys not tripping the
  validators.
* Improve test coverage over updating settings from environment,
  pulling google drive data out of config files, and handling of
  unknown settings that may get set or exist from legacy use cases.
@scryptmouse
[B] Correct logic for manifold_analytics_enabled
a2974d0 
There was an obvious typo in the original logic that is being fixed
in a separate commit to make it more clear what's happening.

It should now read from the proper section setting.
@scryptmouse
[C] Downgrade unused dalli dependency
54d2075 
* This gets rid of an annoying deprecation message that shows up every
  time the app / console boots.
@scryptmouse
[C] Normalize request specs
ccbcd8d 
* Behavior is inconsistent between swagger specs and normal request
  specs, causing order-of-operation problems when trying to use
  `let_it_be` / optimizations on certain records. This ensures all
  requests load the normalized contexts for further improvements
  and refinements when testing requests.
@scryptmouse
[F] Implement new measures for dealing with spam
19cea8b 
* Add akismet integration for detecting spam
* Add new setting for disabling spam detection globally
* Add ability to disable public reading groups
* Require users to be trusted / established when commenting, creating
  a public annotation, or creating a public reading group
@scryptmouse
[C] Improve test coverage
baf6e5e 
* Ensure application is eager loaded before running test suite
* Filter out development / testing-only services to make coverage
  results more meaningful for reviewing gaps
@scryptmouse
[F] Check for spam during update as well
8d2efe6
@1aurend @zdavis
[F] Add new settings for spam mitigation
6007ee6
@1aurend @zdavis
[F] Update RG UI to handle disablePublicReadingGroups
6f88abd
@1aurend @zdavis
[C] Add established to user serializer
bb244f1
@1aurend @zdavis
[F] Add not established warning to user drawer + edit profile
9b96315
@1aurend @zdavis
[F] Add resend verification email button
4c8be12
@zdavis zdavis merged commit c0d6fa9 into master Feb 23, 2024
8 checks passed
@zdavis zdavis deleted the ag/mitigations branch February 23, 2024 13:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@zdavis @scryptmouse @1aurend