~breatheoutbreathein

~breatheoutbreathein/public-inbox

Last active 4 months ago
View more

Recent activity

Re: Unlisted repositories are listed in todo.sr.ht 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

>Do not post about security issues on the public mailing list.
>
>Email me DIRECTLY to address these issues. This is written up on the
>docs, the IRC channel, every bug tracker, and every mailing list. Pay
>attention or someone is going to get hurt.

Thanks for the reminder. I'll do that next time.

>Thankfully, this is not a security issue, but a misunderstanding about
>how sr.ht works. Two issues:
>
>- Bug trackers and repositories are totally separate. Your bug tracker
>  is not "for" your repository except in so far as you decide it to be
>  by convention. The software has no awareness of this. If you don't

Re: Unlisted repositories are listed in todo.sr.ht 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

>I'm curious -- how did you create the tracker?  I ask because I think
>this gets back to what I was saying in my previous email:

When you create a new repo, there's a little "New project checklist"
which appears in your repo. I clicked "Add bug trackers", and it created
a new tracker for me.

>> I don't know that it's explicitly tied to the repository as such.
>
>In other words, you have a tracker with the same name as an unlisted
>repository, but might that be the extent of the connection between the
>two?  I am not a srht power user and have not used the todo feature
>myself.

Re: todo.sr.ht on the web renders emails weirdly 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

>The content on the web view is being interpreted as Markdown, hence
>backticks and so on working.  In this case, the backslash is interpreted
>as an escape character, and so it vanishes, escaping the following
>double-quote.  There is not an easy solution to this, other than perhaps
>putting the backslash in backticks.  (At least in CommonMark-compatible
>Markdown, backslashes are not interpreted as escapes in backticks.)

Thank you! Good to know about putting backslashes in backticks. This
resolves this thread for me :)

Re: Unlisted repositories are listed in todo.sr.ht 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

Asherah,

Thank you for your help! Interesting to know that it's possible to 
disable anonymous access to the tracker, but that still leaves the 
fact that one cannot make use of the tracker on an unlisted repo 
without having it listed at https://todo.sr.ht/~username/

Not a big deal for me, but it does seem like a bug. What do you think?

Re: Unlisted repositories are listed in todo.sr.ht 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

As I expected, that didn't cause the repo to become publicly listed.

Re: Unlisted repositories are listed in todo.sr.ht 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

Testing out the unlikely possibility that posting the link to an 
unlisted repo on a sr.ht mailing list causes it to be marked as 
public.
https://sr.ht/~breatheoutbreathein/unlisted-repo/

Re: Unlisted repositories are listed in todo.sr.ht 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

That's really confusing, because I did not mark it public. I have 
since switched it back to unlisted. Would you try again and see if my 
report is correct?

Re: todo.sr.ht on the web renders emails weirdly 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

Oh... That's embarrassing. You're right. Thank you!

Oops!

What about the backslashes? Is the intended behavior for backslashes 
to disappear inside quotation marks?

Joseph

Unlisted repositories are listed in todo.sr.ht 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

Hello,

The way it is now, it's possible for users to discover other users' 
unlisted repos if they've added a ticket to the bug tracker for that 
repo.

To demonstrate, I set up an unlisted repo at 

https://sr.ht/~breatheoutbreathein/unlisted-repo/

Then, I made a bug tracker and added a ticket to it.

Now, if you visit https://todo.sr.ht/~breatheoutbreathein/ , you'll 
see the ticket that I added for that unlisted repo, along with a link

todo.sr.ht on the web renders emails weirdly 2 months ago

From Joseph Turner to ~sircmpwn/sr.ht-discuss

Hello,

Certain characters are removed or modified in the todo.sr.ht web 
interface. Two examples are exhibited in this thread:

https://todo.sr.ht/~martanne/vis/2

1. Sometimes lone backslash characters are not rendered inside 
quotation marks.  "\" renders as quote-backslash-quote in my email 
client, but as quote-quote in the browser.

2. Sometimes capital letters are made lowercase inside tick ("`") 
marks. `V_` renders as tick-V-_-tick in my email client, but as v-_ 
(correctly wrapped in <code> tags) in the browser. The problem is that