github
id | node_id | number | title | user | state | locked | assignee | milestone | comments | created_at | updated_at | closed_at | author_association | pull_request | body | repo | type | active_lock_reason | performed_via_github_app | reactions | draft | state_reason |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
449854604 | MDU6SXNzdWU0NDk4NTQ2MDQ= | 492 | Facets not correctly persisted in hidden form fields | 9599 | closed | 0 | 3268330 | 4 | 2019-05-29T14:49:39Z | 2020-09-15T20:12:29Z | 2020-09-15T20:12:29Z | OWNER | Steps to reproduce: visit https://2a4b892.datasette.io/fixtures/roadside_attractions?_facet_m2m=attraction_characteristic and click "Apply" Result is a 500: `no such column: attraction_characteristic` The error occurs because of this hidden HTML input: <input type="hidden" name="_facet" value="attraction_characteristic"> This should be: <input type="hidden" name="_facet_m2m" value="attraction_characteristic"> | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/492/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
522352520 | MDU6SXNzdWU1MjIzNTI1MjA= | 634 | Don't run tests twice when releasing a tag | 9599 | closed | 0 | 2 | 2019-11-13T17:02:42Z | 2020-09-15T20:37:58Z | 2020-09-15T20:37:58Z | OWNER | Shipping a release currently runs the tests twice: https://travis-ci.org/simonw/datasette/builds/611463728 It does a regular test run on Python 3.6/7/8 - then the "Release tagged version" step runs the tests again before publishing to PyPI! This second run is not necessary. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/634/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | ||||||
648421105 | MDU6SXNzdWU2NDg0MjExMDU= | 877 | Consider dropping explicit CSRF protection entirely? | 9599 | closed | 0 | 9 | 2020-06-30T19:00:55Z | 2020-09-15T20:42:05Z | 2020-09-15T20:42:04Z | OWNER | https://scotthelme.co.uk/csrf-is-dead/ from Feb 2017 has background here. The `SameSite=lax` cookie property effectively eliminates CSRF in modern browsers. https://caniuse.com/#search=SameSite shows 92.13% global support for it. Datasette already uses `SameSite=lax` when it sets cookies by default: https://github.com/simonw/datasette/blob/af350ba4571b8e3f9708c40f2ddb48fea7ac1084/datasette/utils/asgi.py#L327-L341 A few options then. I could ditch CSRF protection entirely. I could make it optional - turn it off by default, but let users who care about that remaining 7.87% of global users opt back into it. One catch: login CSRF: I don't see how `SameSite=lax` protects against that attack. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/877/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | ||||||
649702801 | MDU6SXNzdWU2NDk3MDI4MDE= | 888 | URLs in release notes point to 127.0.0.1 | 3243482 | closed | 0 | 1 | 2020-07-02T07:28:04Z | 2020-09-15T20:39:50Z | 2020-09-15T20:39:49Z | CONTRIBUTOR | Just a quick heads up: Release notes for 0.45 include urls that point to localhost. https://github.com/simonw/datasette/releases/tag/0.45 | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/888/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | ||||||
649907676 | MDU6SXNzdWU2NDk5MDc2NzY= | 889 | asgi_wrapper plugin hook is crashing at startup | 49260 | closed | 0 | 3 | 2020-07-02T12:53:13Z | 2020-09-15T20:40:52Z | 2020-09-15T20:40:52Z | CONTRIBUTOR | Steps to reproduce: 1. Install datasette-media plugin `pip install datasette-media` 2. Launch datasette `datasette databasename.db` 3. Error ``` INFO: Started server process [927704] INFO: Waiting for application startup. ERROR: Exception in 'lifespan' protocol Traceback (most recent call last): File "/home/amjith/.virtualenvs/itsysearch/lib/python3.7/site-packages/uvicorn/lifespan/on.py", line 48, in main await app(scope, self.receive, self.send) File "/home/amjith/.virtualenvs/itsysearch/lib/python3.7/site-packages/uvicorn/middleware/proxy_headers.py", line 45, in __call__ return await self.app(scope, receive, send) File "/home/amjith/.virtualenvs/itsysearch/lib/python3.7/site-packages/datasette_media/__init__.py", line 9, in wrapped_app path = scope["path"] KeyError: 'path' ERROR: Application startup failed. Exiting. ``` | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/889/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | ||||||
657747959 | MDU6SXNzdWU2NTc3NDc5NTk= | 895 | SQL query output should show numeric values in a different colour | 9599 | closed | 0 | 1 | 2020-07-16T00:28:03Z | 2020-09-15T20:40:08Z | 2020-09-15T20:40:08Z | OWNER | Compare https://latest.datasette.io/fixtures/sortable with https://latest.datasette.io/fixtures?sql=select+pk1%2C+pk2%2C+content%2C+sortable%2C+sortable_with_nulls%2C+sortable_with_nulls_2%2C+text+from+sortable+order+by+pk1%2C+pk2+limit+101 <img width="1574" alt="fixtures__select_pk1__pk2__content__sortable__sortable_with_nulls__sortable_with_nulls_2__text_from_sortable_order_by_pk1__pk2_limit_101_and_fixtures__sortable__201_rows" src="https://user-images.githubusercontent.com/9599/87612845-82e09c00-c6c0-11ea-806e-93764ca468c4.png"> | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/895/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | ||||||
682184050 | MDU6SXNzdWU2ODIxODQwNTA= | 946 | Exception in tracing code | 9599 | closed | 0 | 1 | 2020-08-19T21:12:27Z | 2020-09-15T20:16:50Z | 2020-09-15T20:16:50Z | OWNER | When using `?_trace=1`: ``` Traceback (most recent call last): File "/Users/simon/.local/share/virtualenvs/rockybeaches-09H592sC/lib/python3.8/site-packages/uvicorn/protocols/http/httptools_impl.py", line 390, in run_asgi result = await app(self.scope, self.receive, self.send) File "/Users/simon/.local/share/virtualenvs/rockybeaches-09H592sC/lib/python3.8/site-packages/uvicorn/middleware/proxy_headers.py", line 45, in __call__ return await self.app(scope, receive, send) File "/Users/simon/.local/share/virtualenvs/rockybeaches-09H592sC/lib/python3.8/site-packages/datasette/utils/asgi.py", line 150, in __call__ await self.app(scope, receive, send) File "/Users/simon/.local/share/virtualenvs/rockybeaches-09H592sC/lib/python3.8/site-packages/datasette/tracer.py", line 137, in __call__ await self.app(scope, receive, wrapped_send) File "/usr/local/opt/python@3.8/Frameworks/Python.framework/Versions/3.8/lib/python3.8/contextlib.py", line 120, in __exit__ next(self.gen) File "/Users/simon/.local/share/virtualenvs/rockybeaches-09H592sC/lib/python3.8/site-packages/datasette/tracer.py", line 63, in capture_traces del tracers[task_id] KeyError: 4575365856 ``` | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/946/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | ||||||
688427751 | MDU6SXNzdWU2ODg0Mjc3NTE= | 956 | Push to Docker Hub failed - but it shouldn't run for alpha releases anyway | 9599 | closed | 0 | 7 | 2020-08-29T01:09:12Z | 2020-09-15T20:46:41Z | 2020-09-15T20:36:34Z | OWNER | https://github.com/simonw/datasette/runs/1043709494?check_suite_focus=true <img width="740" alt="Release_notes_for_0_49a0_ยท_simonw_datasette_7178126" src="https://user-images.githubusercontent.com/9599/91625110-80c55a80-e959-11ea-8fea-70508c53fcfb.png"> - [x] This step should not run if a release is an alpha or beta - [x] When it DOES run it should work - [x] See it work for both an alpha and a non-alpha release, then close this ticket | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/956/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | ||||||
701584448 | MDU6SXNzdWU3MDE1ODQ0NDg= | 966 | Remove _request_ip example from canned queries documentation | 9599 | closed | 0 | 0 | 2020-09-15T03:51:33Z | 2020-09-15T03:52:45Z | 2020-09-15T03:52:45Z | OWNER | `_request_ip` isn't valid, so it shouldn't be in the example: https://github.com/simonw/datasette/blob/cb515a9d75430adaf5e545a840bbc111648e8bfd/docs/sql_queries.rst#L320-L322 | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/966/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | ||||||
702069429 | MDU6SXNzdWU3MDIwNjk0Mjk= | 967 | Writable canned queries with magic parameters fail if POST body is empty | 9599 | closed | 0 | 11 | 2020-09-15T16:14:43Z | 2020-09-15T20:13:10Z | 2020-09-15T20:13:10Z | OWNER | When I try to use the new `?_json=1` feature from #880 with magic parameters from #842 I get this error: > Incorrect number of bindings supplied. The current statement uses 1, and there are 0 supplied | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/967/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed |