home / github

Menu
  • Search all tables
  • GraphQL API

issue_comments

Table actions
  • GraphQL API for issue_comments

18 rows where "updated_at" is on date 2020-07-01 sorted by updated_at descending

✖
✖

✎ View and edit SQL

This data as json, CSV (advanced)

Suggested facets: issue_url, reactions, created_at (date), updated_at (date)

issue 8

  • Consider dropping explicit CSRF protection entirely? 6
  • Skip counting hidden tables 3
  • Ability to customize what happens when a view permission fails 2
  • POST to /db/canned-query that returns JSON should be supported (for API clients) 2
  • Release notes for 0.45 2
  • Mechanism for skipping CSRF checks on API posts 1
  • Database page loads too slowly with many large tables (due to table counts) 1
  • Blog entry about the release 1

user 3

  • simonw 11
  • abdusco 6
  • codecov[bot] 1

author_association 3

  • OWNER 11
  • CONTRIBUTOR 6
  • NONE 1
id html_url issue_url node_id user created_at updated_at ▲ author_association body reactions issue performed_via_github_app
652681996 https://github.com/simonw/datasette/issues/885#issuecomment-652681996 https://api.github.com/repos/simonw/datasette/issues/885 MDEyOklzc3VlQ29tbWVudDY1MjY4MTk5Ng== simonw 9599 2020-07-01T22:44:47Z 2020-07-01T22:44:47Z OWNER

https://simonwillison.net/2020/Jul/1/datasette-045/

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Blog entry about the release 649373451  
652663177 https://github.com/simonw/datasette/issues/882#issuecomment-652663177 https://api.github.com/repos/simonw/datasette/issues/882 MDEyOklzc3VlQ29tbWVudDY1MjY2MzE3Nw== simonw 9599 2020-07-01T21:48:08Z 2020-07-01T21:48:08Z OWNER

https://datasette.readthedocs.io/en/latest/changelog.html#v0-45

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Release notes for 0.45 648673556  
652646487 https://github.com/simonw/datasette/issues/880#issuecomment-652646487 https://api.github.com/repos/simonw/datasette/issues/880 MDEyOklzc3VlQ29tbWVudDY1MjY0NjQ4Nw== simonw 9599 2020-07-01T21:05:48Z 2020-07-01T21:05:48Z OWNER

I've been testing the WIP using this in the console: javascript fetch('/data/add_name.json', { method: 'POST', body: 'name=XXXfetch', credentials: 'omit', headers: {'Content-Type': 'application/x-www-form-urlencoded'} }) .then(response => console.log(response)) Against a canned query configured like this: yaml databases: data: queries: add_name: sql: insert into names (name) values (:name) write: true I haven't got it to work yet. Latest error is this one: INFO: Uvicorn running on http://127.0.0.1:8001 (Press CTRL+C to quit) Traceback (most recent call last): File "/Users/simon/Dropbox/Development/datasette/datasette/app.py", line 975, in route_path await response.asgi_send(send) AttributeError: 'tuple' object has no attribute 'asgi_send' INFO: 127.0.0.1:49938 - "POST /data/add_name.json HTTP/1.1" 500 Internal Server Error It looks like I'm going to have to rethink how the BaseView code around tables, formats and hashes is structured in order to fix this. That's a big refactoring! I'm moving this to a new milestone for Datasette 0.46.

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
POST to /db/canned-query that returns JSON should be supported (for API clients) 648637666  
652604569 https://github.com/simonw/datasette/issues/882#issuecomment-652604569 https://api.github.com/repos/simonw/datasette/issues/882 MDEyOklzc3VlQ29tbWVudDY1MjYwNDU2OQ== simonw 9599 2020-07-01T19:27:17Z 2020-07-01T19:27:17Z OWNER

Don't forget to update the news in the README.

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Release notes for 0.45 648673556  
652597975 https://github.com/simonw/datasette/issues/877#issuecomment-652597975 https://api.github.com/repos/simonw/datasette/issues/877 MDEyOklzc3VlQ29tbWVudDY1MjU5Nzk3NQ== simonw 9599 2020-07-01T19:12:15Z 2020-07-01T19:12:15Z OWNER

The latest release of https://github.com/simonw/datasette-auth-tokens (0.2) now supports SQL configuration of tokens.

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Consider dropping explicit CSRF protection entirely? 648421105  
652520496 https://github.com/simonw/datasette/issues/877#issuecomment-652520496 https://api.github.com/repos/simonw/datasette/issues/877 MDEyOklzc3VlQ29tbWVudDY1MjUyMDQ5Ng== simonw 9599 2020-07-01T16:26:52Z 2020-07-01T16:26:52Z OWNER

Tokens get verified by plugins. So far there's only one: https://github.com/simonw/datasette-auth-tokens - which has you hard-coding plugins in a configuration file. I have a issue there to add support for database-backed tokens too: https://github.com/simonw/datasette-auth-tokens/issues/1

{
    "total_count": 1,
    "+1": 1,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Consider dropping explicit CSRF protection entirely? 648421105  
652394742 https://github.com/simonw/datasette/pull/883#issuecomment-652394742 https://api.github.com/repos/simonw/datasette/issues/883 MDEyOklzc3VlQ29tbWVudDY1MjM5NDc0Mg== abdusco 3243482 2020-07-01T12:41:13Z 2020-07-01T12:41:13Z CONTRIBUTOR

Well tests need to be updated.

I need to get tests working on Windows.

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Skip counting hidden tables 648749062  
652311990 https://github.com/simonw/datasette/pull/883#issuecomment-652311990 https://api.github.com/repos/simonw/datasette/issues/883 MDEyOklzc3VlQ29tbWVudDY1MjMxMTk5MA== codecov[bot] 22429695 2020-07-01T09:40:40Z 2020-07-01T09:40:40Z NONE

Codecov Report

Merging #883 into master will not change coverage. The diff coverage is n/a.

```diff @@ Coverage Diff @@

master #883 +/-

======================================= Coverage 83.42% 83.42%
======================================= Files 27 27
Lines 3632 3632
======================================= Hits 3030 3030
Misses 602 602
```


Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 676bb64...251884f. Read the comment docs.

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Skip counting hidden tables 648749062  
652297139 https://github.com/simonw/datasette/pull/883#issuecomment-652297139 https://api.github.com/repos/simonw/datasette/issues/883 MDEyOklzc3VlQ29tbWVudDY1MjI5NzEzOQ== abdusco 3243482 2020-07-01T09:11:29Z 2020-07-01T09:11:29Z CONTRIBUTOR

Turns out we should include hidden tables in the result dict, or we're breaking tests. I've committed a refactor https://github.com/simonw/datasette/pull/883/commits/4f06e1bf6fbe4b73be770b87f610bf7c0e6e3ea7

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Skip counting hidden tables 648749062  
652255960 https://github.com/simonw/datasette/issues/877#issuecomment-652255960 https://api.github.com/repos/simonw/datasette/issues/877 MDEyOklzc3VlQ29tbWVudDY1MjI1NTk2MA== abdusco 3243482 2020-07-01T07:52:25Z 2020-07-01T08:10:00Z CONTRIBUTOR

I am calling the API from another origin, so injecting CSRF token into templates wouldn't work.

EDIT:

I'll try the new version, it sounds promising

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Consider dropping explicit CSRF protection entirely? 648421105  
652261382 https://github.com/simonw/datasette/issues/877#issuecomment-652261382 https://api.github.com/repos/simonw/datasette/issues/877 MDEyOklzc3VlQ29tbWVudDY1MjI2MTM4Mg== abdusco 3243482 2020-07-01T08:03:17Z 2020-07-01T08:03:23Z CONTRIBUTOR

Bearer tokens sound interesting. Where do tokens come from? An auth provider of my choosing? How do they get verified?

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Consider dropping explicit CSRF protection entirely? 648421105  
652182990 https://github.com/simonw/datasette/issues/877#issuecomment-652182990 https://api.github.com/repos/simonw/datasette/issues/877 MDEyOklzc3VlQ29tbWVudDY1MjE4Mjk5MA== simonw 9599 2020-07-01T04:29:38Z 2020-07-01T04:42:59Z OWNER

Have you tried the method described here? https://datasette.readthedocs.io/en/latest/internals.html#csrf-protection - I'm happy to bulk out that section of the documentation if that doesn't help solve your problem.

I just closed #835 which should make CSRF protection easier to work with - it won't interfere with requests without cookies or requests with Authentication: Bearer token tokens. See also https://github.com/simonw/asgi-csrf/issues/11

You can try out pip install datasette==0.45a5 to get those features. Hopefully releasing a full 0.45 tomorrow.

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Consider dropping explicit CSRF protection entirely? 648421105  
652166115 https://github.com/simonw/datasette/issues/877#issuecomment-652166115 https://api.github.com/repos/simonw/datasette/issues/877 MDEyOklzc3VlQ29tbWVudDY1MjE2NjExNQ== abdusco 3243482 2020-07-01T03:28:07Z 2020-07-01T03:28:07Z CONTRIBUTOR

Does this mean custom routes get to expose endpoints accepting POST requests? I've tried earlier to add some POST endpoints, but requests were being rejected by Datasette due to CSRF

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Consider dropping explicit CSRF protection entirely? 648421105  
652165709 https://github.com/simonw/datasette/issues/812#issuecomment-652165709 https://api.github.com/repos/simonw/datasette/issues/812 MDEyOklzc3VlQ29tbWVudDY1MjE2NTcwOQ== simonw 9599 2020-07-01T03:26:35Z 2020-07-01T03:26:35Z OWNER

This case may not be covered without extra work: https://github.com/simonw/datasette/blob/3ec5b1abf6afa2d22a3378092809a1a8c0249d26/datasette/views/database.py#L122-L123

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Ability to customize what happens when a view permission fails 634112607  
652163450 https://github.com/simonw/datasette/issues/812#issuecomment-652163450 https://api.github.com/repos/simonw/datasette/issues/812 MDEyOklzc3VlQ29tbWVudDY1MjE2MzQ1MA== simonw 9599 2020-07-01T03:18:51Z 2020-07-01T03:20:28Z OWNER

This can be a plugin hook:

python @hookspec def forbidden(datasette, request, message, send): "Custom response for a 403 forbidden error" If the hook returns a Response object, it will be returned to the user. Plugins are likely to want to return a redirect response.

Maybe the hook can instead use the send argument to respond to the request and return True which means "I've responded to this"?

I'm going to leave send off for the moment - I can add that in the future if it turns out it would have been a good idea.

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Ability to customize what happens when a view permission fails 634112607  
652162722 https://github.com/simonw/datasette/issues/880#issuecomment-652162722 https://api.github.com/repos/simonw/datasette/issues/880 MDEyOklzc3VlQ29tbWVudDY1MjE2MjcyMg== simonw 9599 2020-07-01T03:16:07Z 2020-07-01T03:16:07Z OWNER

The response from this will never be a 302 - it will always be a 200 if the response worked or a 400 for bad parameters or a 500 for errors. The body returned will always be in JSON format.

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
POST to /db/canned-query that returns JSON should be supported (for API clients) 648637666  
652160909 https://github.com/simonw/datasette/issues/859#issuecomment-652160909 https://api.github.com/repos/simonw/datasette/issues/859 MDEyOklzc3VlQ29tbWVudDY1MjE2MDkwOQ== abdusco 3243482 2020-07-01T03:09:32Z 2020-07-01T03:10:21Z CONTRIBUTOR

I've just realized Datasette tries to count hidden tables too. There are 5 visible tables, 25 hidden tables, which I haven't realize earlier to consider their effect. I've turned off counting for hidden tables to see if it has any effect.

What's the point of counting FTS tables?

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Database page loads too slowly with many large tables (due to table counts) 642572841  
652159398 https://github.com/simonw/datasette/issues/835#issuecomment-652159398 https://api.github.com/repos/simonw/datasette/issues/835 MDEyOklzc3VlQ29tbWVudDY1MjE1OTM5OA== simonw 9599 2020-07-01T03:03:51Z 2020-07-01T03:03:51Z OWNER

I'm going to add some tests for this.

{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
Mechanism for skipping CSRF checks on API posts 637363686  

Advanced export

JSON shape: default, array, newline-delimited, object

CSV options:

CREATE TABLE [issue_comments] (
   [html_url] TEXT,
   [issue_url] TEXT,
   [id] INTEGER PRIMARY KEY,
   [node_id] TEXT,
   [user] INTEGER REFERENCES [users]([id]),
   [created_at] TEXT,
   [updated_at] TEXT,
   [author_association] TEXT,
   [body] TEXT,
   [reactions] TEXT,
   [issue] INTEGER REFERENCES [issues]([id])
, [performed_via_github_app] TEXT);
CREATE INDEX [idx_issue_comments_issue]
                ON [issue_comments] ([issue]);
CREATE INDEX [idx_issue_comments_user]
                ON [issue_comments] ([user]);
Powered by Datasette · Queries took 484.64ms · About: github-to-sqlite
  • Sort ascending
  • Sort descending
  • Facet by this
  • Hide this column
  • Show all columns
  • Show not-blank rows