github
id | node_id | number | title | user | state | locked | assignee | milestone | comments | created_at | updated_at | closed_at | author_association | pull_request | body | repo | type | active_lock_reason | performed_via_github_app | reactions | draft | state_reason |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
957310278 | MDU6SXNzdWU5NTczMTAyNzg= | 1409 | `default_allow_sql` setting (a re-imagining of the old `allow_sql` setting) | 9599 | closed | 0 | 3268330 | 10 | 2021-07-31T19:48:56Z | 2023-01-07T18:06:01Z | 2023-01-05T00:51:31Z | OWNER | In 49d6d2f7b0f6cb02e25022e1c9403811f1fa0a7c as part of #813 I removed the `allow_sql` setting - on the basis that users could disable the ability to execute custom SQL queries using the new permission system instead. I don't think this was the right decision. Disabling custom SQL is an important security capability, and explaining how to do it using permissions is significantly more complex than letting people know they can add `--setting allow_sql off`. So I want to bring that setting back - maybe with a different, better name - and have it modify the default for that option if the permissions system doesn't have an opinion. That way people can still use the setting but then use permissions to allow specific signed-in users access to execute SQL. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1409/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1516376583 | PR_kwDOBm6k_c5GfPJL | 1974 | Bump sphinx from 5.3.0 to 6.0.0 | 49699333 | closed | 0 | 2 | 2023-01-02T13:04:26Z | 2023-01-05T13:02:42Z | 2023-01-05T13:02:40Z | CONTRIBUTOR | simonw/datasette/pulls/1974 | Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 5.3.0 to 6.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sphinx-doc/sphinx/releases">sphinx's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <p>Changelog: <a href="https://www.sphinx-doc.org/en/master/changes.html">https://www.sphinx-doc.org/en/master/changes.html</a></p> <h2>v6.0.0b2</h2> <p>Changelog: <a href="https://www.sphinx-doc.org/en/master/changes.html">https://www.sphinx-doc.org/en/master/changes.html</a></p> <h2>v6.0.0b1</h2> <p>Changelog: <a href="https://www.sphinx-doc.org/en/master/changes.html">https://www.sphinx-doc.org/en/master/changes.html</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/sphinx-doc/sphinx/blob/master/CHANGES">sphinx's changelog</a>.</em></p> <blockquote> <h1>Release 6.0.0 (released Dec 29, 2022)</h1> <h2>Dependencies</h2> <ul> <li><a href="https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/10468">#10468</a>: Drop Python 3.6 support</li> <li><a href="https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/10470">#10470</a>: Drop Python 3.7, Docutils 0.14, Docutils 0.15, Docutils 0.16, and Docutils 0.17 support. Patch by Adam Turner</li> </ul> <h2>Incompatible changes</h2> <ul> <li> <p><a href="https://github-redirect.dependabot.com/sphinx-doc/sphinx/issues/7405">#7405</a>: Removed the jQuery and underscore.js JavaScript frameworks.</p> <p>These frameworks are no longer be automatically injected into themes from Sphinx 6.0. If you develop a theme or extension that uses the <code>jQuery</code>, <code>$</code>, or <code>$u</code> global objects, you need to update your JavaScript to modern standards, or use the mitigation below.</p> <p>The first option is to use the sphinxcontrib.jquery_ extension, which has been developed by the Sphinx team and contributors. To use this, add <code>sphinxcontrib.jquery</code> to the <code>extensions</code> list in <code>conf.py</code>, or call <co… | 107914493 | pull | { "url": "https://api.github.com/repos/simonw/datasette/issues/1974/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
0 |