Merge branch 'upstream'

We need to allow html to be passed into format_html.

.flake8

@@ -1,3 +1,3 @@
 [flake8]
-max-line-length = 300
+max-line-length = 118
 ignore = E731, E241, E741

.github/workflows/main.yml

@@ -9,14 +9,17 @@ jobs:
 
     steps:
     - uses: actions/checkout@v3
-    - name: Set up Python 3.11
+    - name: Set up Python 3.13
       uses: actions/setup-python@v4
       with:
-        python-version: 3.11
+        python-version: 3.13
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip
-        pip install -r requirements.txt && pip install -r requirements_test.txt
+        pip install -r requirements.txt && pip install -r requirements_test.txt && pip install ruff
+    - name: Run ruff
+      run: |
+        ruff check .
     - name: Lint with flake8
       run: |
         make lint

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.12-alpine3.20 AS base
+FROM python:3.13-alpine3.20 AS base
 
 RUN apk add --no-cache git gcc musl-dev curl gpg gpg-agent
 

README.md

@@ -131,7 +131,7 @@ Archweb provides multiple management commands for importing various sorts of dat
 * reporead_inotify - Watches a templated patch for updates of *.files.tar.gz to update Arch databases with.
 * donor_import - Import a single donator from a mail passed to stdin
 * mirrorcheck - Poll every active mirror URLs to store the lastsnyc time and record network timing details.
-* mirrorresolv - Poll every active mirror URLs and determine wheteher they have IP4 and/or IPv6 addresses.
+* mirrorresolv - Poll every active mirror URLs and determine whether they have IP4 and/or IPv6 addresses.
 * populate_signoffs - retrieves the latest commit message of a signoff-eligible package.
 * update_planet - Import all feeds for users who have a valid website and website_rss in their user profile.
 * read_links - Reads a repo.links.db.tar.gz file and updates the Soname model.

devel/management/commands/archweb_inotify.py

@@ -71,7 +71,8 @@ class Database(object):
                         retry = False
                     except OperationalError as exc:
                         retry_count += 1
-                        logger.error('Unable to update database \'%s\', retrying=%d', self.path, retry_count, exc_info=exc)
+                        logger.error('Unable to update database \'%s\', retrying=%d',
+                                     self.path, retry_count, exc_info=exc)
                         time.sleep(5)
 
                 if retry_count == self.retry_limit:

devel/management/commands/readlinks_inotify.py

@@ -59,7 +59,7 @@ class Command(BaseCommand):
             arches = Arch.objects.filter(agnostic=False)
             repos = Repo.objects.all()
 
-        arch_path_map = {arch: None for arch in arches}
+        arch_path_map = dict.fromkeys(arches)
         all_paths = set()
         total_paths = 0
         for arch in arches:
@@ -89,7 +89,9 @@ class Command(BaseCommand):
         for name in all_paths:
             manager.add_watch(name, mask)
 
-        handler = EventHandler(arch_paths=arch_path_map, filename_suffix='.links.tar.gz', callback_func=wrapper_read_links)
+        handler = EventHandler(arch_paths=arch_path_map,
+                               filename_suffix='.links.tar.gz',
+                               callback_func=wrapper_read_links)
         return pyinotify.Notifier(manager, handler)
 
 

devel/management/commands/reporead.py

@@ -539,7 +539,9 @@ def parse_info(pkgname, filename, iofile):
         elif blockname:
             store[blockname].append(line)
         else:
-            raise Exception("%s: Read package info outside a block while reading from %s: %s" % (pkgname, filename, line))
+            raise Exception("%s: Read package info outside a block while reading from %s: %s" % (pkgname,
+                                                                                                 filename,
+                                                                                                 line))
     return store
 
 

devel/management/commands/reporead_inotify.py

@@ -72,7 +72,7 @@ class Command(BaseCommand):
             arches = Arch.objects.filter(agnostic=False)
             repos = Repo.objects.all()
 
-        arch_path_map = {arch: None for arch in arches}
+        arch_path_map = dict.fromkeys(arches)
         all_paths = set()
         total_paths = 0
         for arch in arches:

devel/migrations/0011_userprofile_social.py

@@ -0,0 +1,16 @@
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('devel', '0010_merge_20230312_1527'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='userprofile',
+            name='social',
+            field=models.CharField(blank=True, max_length=200, null=True),
+        ),
+    ]

devel/models.py

@@ -1,5 +1,6 @@
 # -*- coding: utf-8 -*-
 import zoneinfo
+
 from django.contrib.auth.models import Group, User
 from django.core.validators import MaxValueValidator, MinValueValidator
 from django.db import models
@@ -39,6 +40,9 @@ class UserProfile(models.Model):
     website = models.URLField(max_length=200, null=True, blank=True)
     website_rss = models.URLField(max_length=200, null=True, blank=True,
                                   help_text='RSS Feed of your website for planet.archlinux.org')
+    social = models.URLField(max_length=200, null=True, blank=True,
+                             verbose_name="Social account URL",
+                             help_text="Mastodon or Fediverse account URL")
     yob = models.IntegerField("Year of birth", null=True, blank=True,
                               validators=[MinValueValidator(1950), MaxValueValidator(2500)])
     country = CountryField(blank=True)

devel/reports.py

@@ -202,7 +202,8 @@ def non_existing_dependencies(packages):
 
 
 def non_reproducible_packages(packages):
-    statuses = RebuilderdStatus.objects.select_related().filter(status=RebuilderdStatus.BAD, pkg__pkgname__in=packages.values('pkgname'))
+    statuses = RebuilderdStatus.objects.select_related().filter(status=RebuilderdStatus.BAD,
+                                                                pkg__pkgname__in=packages.values('pkgname'))
     return linkify_non_reproducible_packages(statuses)
 
 
@@ -227,7 +228,7 @@ def orphan_dependencies(packages):
     JOIN packages_packagerelation ppr ON pp.pkgbase = ppr.pkgbase
     JOIN (SELECT DISTINCT cp.pkgname FROM packages cp LEFT JOIN packages_packagerelation pr ON cp.pkgbase = pr.pkgbase WHERE pr.id IS NULL) child ON ppd.name = child.pkgname
     ORDER BY child.pkgname;
-    """
+    """  # noqa: E501
     cursor.execute(query)
 
     for row in cursor.fetchall():

devel/views.py

@@ -216,7 +216,9 @@ def tier0_mirror_auth(request):
     token = credentials[1]
 
     groups = Group.objects.filter(name__in=SELECTED_GROUPS)
-    user = User.objects.filter(username=username, is_active=True, groups__in=groups).select_related('userprofile').first()
+    user = User.objects.filter(username=username,
+                               is_active=True,
+                               groups__in=groups).select_related('userprofile').first()
     if not user:
         return unauthorized
 

docker-compose.yml

@@ -1,20 +1,23 @@
 version: '2'
 
 # Run the following once:
-# docker compose run --rm packages_web python manage.py migrate
-# docker compose run --rm packages_web python manage.py loaddata main/fixtures/arches.json
-# docker compose run --rm packages_web python manage.py loaddata main/fixtures/repos.json
-# docker compose run --rm packages_web python manage.py createsuperuser --username=admin --email=admin@artixweb.local
+# docker compose run --rm archweb_web python manage.py migrate
+# docker compose run --rm archweb_web python manage.py loaddata mirrors/fixtures/mirrorprotocols.json
+# docker compose run --rm archweb_web python manage.py loaddata main/fixtures/arches.json
+# docker compose run --rm archweb_web python manage.py loaddata main/fixtures/repos.json
+# docker compose run --rm archweb_web python manage.py createsuperuser --username=admin --email=admin@artixweb.local
 ## go to /admin and create a user according to overlay/devel/fixtures/user_profiles.json
 ## go to /admin/auth/user/2/change/ and add a name
-# docker compose run --rm packages_web python manage.py generate_keyring pgp.surfnet.nl ./config/keyring
-# docker compose run --rm packages_web python manage.py pgp_import ./config/keyring
+# docker compose run --rm archweb_web python manage.py generate_keyring pgp.surfnet.nl ./config/keyring
+# docker compose run --rm archweb_web python manage.py pgp_import ./config/keyring
 ## go to /admin/devel/developerkey/ and set the owner (and parent) for the ownerless key
 ## go to /admin/sites/site/1/change/ and set the domain
+## clone the mirrors repo
+# docker compose run --rm archweb_web python manage.py loaddata /mirrors/mirrors.fixture.json
 
 
 services:
-    packages_web:
+    archweb_web:
         container_name: artixweb-packages
         build:
             context: ./
@@ -25,7 +28,7 @@ services:
         volumes:
             - ./config:/usr/src/web/config
     
-    packages_sync:
+    archweb_sync:
         container_name: artixweb-sync
         build:
             context: ./
@@ -35,7 +38,7 @@ services:
             - ./config:/usr/src/web/config
         command: ./downloadpackages.sh
     
-    packages_nginx:
+    archweb_nginx:
         container_name: artixweb-nginx
         image: linuxserver/nginx:latest
         restart: "no"

main/models.py

@@ -280,7 +280,8 @@ class Package(models.Model):
             dep_pkgs = list(dep_pkgs)
             dep = dep_pkgs[0]
             if len(dep_pkgs) > 1:
-                dep_pkgs = [d for d in dep_pkgs if d.pkg.repo.testing == self.repo.testing and d.pkg.repo.staging == self.repo.staging]
+                dep_pkgs = [d for d in dep_pkgs
+                            if d.pkg.repo.testing == self.repo.testing and d.pkg.repo.staging == self.repo.staging]
                 if len(dep_pkgs) > 0:
                     dep = dep_pkgs[0]
             trimmed.append(dep)

main/storage.py

@@ -1,9 +1,10 @@
-import cssmin
 import jsmin
 from django.contrib.staticfiles.storage import ManifestStaticFilesStorage
 from django.core.files.base import ContentFile
 from django.utils.encoding import smart_str
 
+import cssmin
+
 
 class MinifiedStaticFilesStorage(ManifestStaticFilesStorage):
     """

main/templatetags/cdn.py

@@ -9,24 +9,24 @@ register = template.Library()
 @register.simple_tag
 def jquery():
     version = '3.6.0'
-    filename = 'jquery-%s.min.js' % version
+    filename = f'jquery-{version}.min.js'
     link = staticfiles_storage.url(filename)
-    return mark_safe('<script type="text/javascript" src="%s"></script>' % link)
+    return mark_safe(f'<script type="text/javascript" src="{link}"></script>')
 
 
 @register.simple_tag
 def jquery_tablesorter():
     version = '2.31.0'
-    filename = 'jquery.tablesorter-%s.min.js' % version
+    filename = f'jquery.tablesorter-{version}.min.js'
     link = staticfiles_storage.url(filename)
-    return format_html('<script type="text/javascript" src="%s"></script>' % link)
+    return format_html('<script type="text/javascript" src="{link}"></script>', link=link)
 
 
 @register.simple_tag
 def d3js():
     version = '3.5.0'
-    filename = 'd3-%s.min.js' % version
+    filename = f'd3-{version}.min.js'
     link = staticfiles_storage.url(filename)
-    return format_html('<script type="text/javascript" src="%s"></script>' % link)
+    return format_html('<script type="text/javascript" src="{link}"></script>', link=link)
 
 # vim: set ts=4 sw=4 et:

main/templatetags/flags.py

@@ -8,8 +8,11 @@ register = template.Library()
 def country_flag(country):
     if not country:
         return ''
-    return format_html('<span class="fam-flag fam-flag-%s" title="%s"></span> ' % (
-        str(country.code).lower(), str(country.name)))
+    return format_html(
+        '<span class="fam-flag fam-flag-{country_code}" title="{country_name}"></span> ',
+        country_code=str(country.code).lower(),
+        country_name=str(country.name),
+    )
 
 
 # vim: set ts=4 sw=4 et:

main/templatetags/pgp.py

@@ -10,7 +10,7 @@ def format_key(key_id):
     if len(key_id) in (8, 20):
         return '0x%s' % key_id
     elif len(key_id) == 40:
-        # normal display format is 5 groups of 4 hex chars seperated by spaces,
+        # normal display format is 5 groups of 4 hex chars separated by spaces,
         # double space, then 5 more groups of 4 hex chars
         split = tuple(key_id[i:i + 4] for i in range(0, 40, 4))
         return '%s\u00a0 %s' % (' '.join(split[0:5]), ' '.join(split[5:10]))
@@ -35,7 +35,7 @@ def pgp_dev_key_link(key_id):
     key_id = pad_key_id(key_id)
     if not key_id:
         return "Unknown"
-    link_text = (''.join((f'<span>{key_id[i:i+4]}</span>' for i in range(0, len(key_id), 4))))
+    link_text = (''.join((f'<span>{key_id[i:i + 4]}</span>' for i in range(0, len(key_id), 4))))
     link_text = f'<div class="pgp-key-ids">{link_text}</div>'
     return pgp_key_link(key_id, link_text)
 
@@ -51,11 +51,15 @@ def pgp_key_link(key_id, link_text=None):
         return format_key(key_id)
     pgp_server_secure = getattr(settings, 'PGP_SERVER_SECURE', False)
     scheme = 'https' if pgp_server_secure else 'http'
-    url = '%s://%s/pks/lookup?op=vindex&amp;fingerprint=on&amp;exact=on&amp;search=0x%s' % (scheme, pgp_server, key_id)
+    url = '%s://%s/pks/lookup?op=vindex&amp;fingerprint=on&amp;exact=on&amp;search=0x%s' % (scheme,
+                                                                                            pgp_server,
+                                                                                            key_id)
     if link_text is None:
         link_text = '0x%s' % key_id[-8:]
-    values = (url, format_key(key_id), link_text)
-    return format_html('<a href="%s" title="PGP key search for %s">%s</a>' % values)
+    return format_html('<a href="{url}" title="PGP key search for {key}">{content}</a>',
+                       url=url,
+                       key=format_key(key_id),
+                       content=mark_safe(link_text))
 
 
 @register.simple_tag

mirrors/fixtures/mirrorprotocols.json

@@ -25,5 +25,14 @@
             "default": false, 
             "protocol": "https"
         }
+    },
+    {
+        "pk": 9, 
+        "model": "mirrors.mirrorprotocol", 
+        "fields": {
+            "is_download": false, 
+            "default": false, 
+            "protocol": "ftp"
+        }
     }
 ]

mirrors/management/commands/mirrorcheck.py

@@ -184,12 +184,26 @@ def check_rsync_url(mirror_url, location, timeout):
         with open(os.devnull, 'w') as devnull:
             if logger.isEnabledFor(logging.DEBUG):
                 logger.debug("rsync cmd: %s", ' '.join(rsync_cmd))
+
             start = time.time()
-            proc = subprocess.Popen(rsync_cmd, stdout=devnull, stderr=subprocess.PIPE)
-            _, errdata = proc.communicate()
-            end = time.time()
-        log.duration = end - start
-        if proc.returncode != 0:
+            timeout_expired = False
+            # add an arbitrary 5-second buffer to ensure the process completes and to catch actual rsync timeouts.
+            rsync_subprocess_timeout = timeout + 5
+            try:
+                proc = subprocess.Popen(rsync_cmd, stdout=devnull, stderr=subprocess.PIPE)
+                _, errdata = proc.communicate(timeout=rsync_subprocess_timeout)
+
+                end = time.time()
+                log.duration = end - start
+            except subprocess.TimeoutExpired:
+                timeout_expired = True
+                proc.kill()
+                logger.debug("rsync command timeout error: %s, %s", url, errdata)
+                log.is_success = False
+                log.duration = None
+                log.error = f"rsync subprocess killed after {rsync_subprocess_timeout} seconds"
+
+        if proc.returncode != 0 and not timeout_expired:
             logger.debug("error: %s, %s", url, errdata)
             log.is_success = False
             log.error = errdata.strip().decode('utf-8')
@@ -197,7 +211,7 @@ def check_rsync_url(mirror_url, location, timeout):
             # don't record a duration as it is misleading
             if proc.returncode in (1, 30, 35):
                 log.duration = None
-        else:
+        elif not timeout_expired:
             logger.debug("success: %s, %.2f", url, log.duration)
             if os.path.exists(lastsync_path):
                 with open(lastsync_path, 'r') as lastsync:

mirrors/tests/test_mirrorurl.py

@@ -27,7 +27,7 @@ def test_mirrorurl_get_full_url(mirrorurl):
 
 def test_mirror_url_clean(mirrorurl):
     mirrorurl.clean()
-    # TOOD(jelle): this expects HOSTNAME to resolve, maybe mock
+    # TODO(jelle): this expects HOSTNAME to resolve, maybe mock
     assert mirrorurl.has_ipv4
     # requires ipv6 on host... mock?
     # assert mirrorurl.has_ipv6 == True

news/views.py

@@ -54,10 +54,12 @@ class NewsCreateView(CreateView):
             if settings.MAILMAN_PASSWORD:
                 headers['Approved'] = settings.MAILMAN_PASSWORD
             template = loader.get_template('news/news_email_notification.txt')
+            author = newsitem.author.get_full_name()
+            from_ = f'"Arch Linux: Recent news updates: {author}" <{settings.ANNOUNCE_EMAIL}>'
             EmailMessage(
                 subject=f'[arch-announce] {newsitem.title}',
                 body=template.render(ctx),
-                from_email=f'"Arch Linux: Recent news updates: {newsitem.author.get_full_name()}" <{settings.ANNOUNCE_EMAIL}>',
+                from_email=from_,
                 to=[settings.ANNOUNCE_EMAIL],
                 headers=headers).send()
         return super(NewsCreateView, self).form_valid(form)

nginx.conf

@@ -33,7 +33,7 @@ server {
     try_files "" @proxy;
   }
 
-  location ~ ^/(packages|groups|opensearch|feeds) {
+  location ~ ^/(packages|groups|opensearch|feeds|mirrors|mirrorlist) {
     try_files "" @proxy;
   }
 

packages/management/commands/populate_signoffs.py

@@ -53,7 +53,8 @@ def create_specification(package, log, finder):
 
 
 def get_tag_info(repo, pkgbase, version):
-    # Gitlab requires the path to the gitlab repo to be html encoded and project name encoded in a different special way
+    # Gitlab requires the path to the gitlab repo to be html encoded and
+    # project name encoded in a different special way
     pkgrepo = urllib.parse.quote_plus(f'{settings.GITLAB_PACKAGE_REPO}/') + gitlab_project_name_to_path(pkgbase)
     url = f'https://{settings.GITLAB_INSTANCE}/api/v4/projects/{pkgrepo}/repository/tags'
 
@@ -112,7 +113,8 @@ def cleanup_signoff_comments():
     id_signoffs = [signoff.id for g in groups for signoff in g.signoffs]
     logger.info("Keeping %s signoffs", len(id_signoffs))
     # FakeSignoffSpecification's have no id
-    id_signoffspecs = [g.specification.id for g in groups if not isinstance(g.specification, FakeSignoffSpecification)]
+    id_signoffspecs = [g.specification.id for g in groups if not isinstance(g.specification,
+                                                                            FakeSignoffSpecification)]
     logger.info("Keeping %s signoffspecifications", len(id_signoffspecs))
 
     Signoff.objects.exclude(id__in=id_signoffs).delete()

packages/models.py

@@ -253,7 +253,8 @@ class UpdateManager(models.Manager):
             if new_pkg:
                 update.action_flag = CHANGE
                 # ensure we should even be logging this
-                if old_pkg.pkgver == new_pkg.pkgver and old_pkg.pkgrel == new_pkg.pkgrel and old_pkg.epoch == new_pkg.epoch:
+                if old_pkg.pkgver == new_pkg.pkgver and old_pkg.pkgrel == new_pkg.pkgrel \
+                   and old_pkg.epoch == new_pkg.epoch:
                     # all relevant fields were the same; e.g. a force update
                     return
             else:
@@ -395,7 +396,8 @@ class RelatedToBase(models.Model):
         # actually satisfy the requirements
         if self.comparison and self.version:
             alpm = AlpmAPI()
-            pkgs = [pkg for pkg in pkgs if not alpm.available or alpm.compare_versions(pkg.full_version, self.comparison, self.version)]
+            pkgs = [pkg for pkg in pkgs if not alpm.available or alpm.compare_versions(pkg.full_version,
+                                                                                       self.comparison, self.version)]
         if len(pkgs) == 0:
             # couldn't find a package in the DB
             # it should be a virtual depend (or a removed package)

packages/templatetags/package_extras.py

@@ -43,8 +43,8 @@ def pkg_details_link(pkg, link_title=None, honor_flagged=False):
     link_content = link_title
     if honor_flagged and pkg.flag_date:
         link_content = '<span class="flagged">%s</span>' % link_title
-    link = '<a href="%s" title="View package details for %s">%s</a>'
-    return format_html(link % (pkg.get_absolute_url(), pkg.pkgname, link_content))
+    link = '<a href="{link}" title="View package details for {pkgname}">{content}</a>'
+    return format_html(link, link=pkg.get_absolute_url(), pkgname=pkg.pkgname, content=link_content)
 
 
 # vim: set ts=4 sw=4 et:

packages/tests/test_search.py

@@ -67,6 +67,7 @@ def test_sort(client, package):
 def test_packages(client, package):
     response = client.get('/opensearch/packages/')
     assert response.status_code == 200
+    assert 'template="http://example.com/opensearch/packages/"' in response.content.decode()
 
 
 def test_packages_suggest(client, package):

packages/views/__init__.py

@@ -5,6 +5,7 @@ from collections import defaultdict
 from django.contrib import messages
 from django.contrib.auth.decorators import permission_required
 from django.contrib.auth.models import User
+from django.contrib.sites.models import Site
 from django.core.cache import cache
 from django.db.models import Q
 from django.http import HttpResponse, HttpResponseBadRequest
@@ -21,10 +22,10 @@ from ..utils import get_wrong_permissions, multilib_differences
 @require_safe
 @cache_control(public=True, max_age=86400)
 def opensearch(request):
-    domain = "%s://%s" % ('https', request.META.get('HTTP_HOST'))
+    current_site = Site.objects.get_current()
 
     return render(request, 'packages/opensearch.xml',
-                  {'domain': domain},
+                  {'domain': f'{request.scheme}://{current_site.domain}'},
                   content_type='application/opensearchdescription+xml')
 
 
@@ -140,8 +141,14 @@ def sonames(request):
         name = request.GET.get('name')
 
         if name:
-            sonames = Soname.objects.filter(name__startswith=name).values('pkg__pkgname', 'pkg__pkgver', 'pkg__pkgrel', 'pkg__epoch', 'pkg__repo__name')
-            packages = [{'pkgname': soname['pkg__pkgname'], 'pkgrel': soname['pkg__pkgrel'], 'pkgver': soname['pkg__pkgver'], 'epoch': soname['pkg__epoch'], 'repo': soname['pkg__repo__name'].lower()} for soname in sonames]
+            sonames = Soname.objects.filter(name__startswith=name).values('pkg__pkgname',
+                                                                          'pkg__pkgver',
+                                                                          'pkg__pkgrel',
+                                                                          'pkg__epoch',
+                                                                          'pkg__repo__name')
+            packages = [{'pkgname': soname['pkg__pkgname'], 'pkgrel': soname['pkg__pkgrel'],
+                         'pkgver': soname['pkg__pkgver'], 'epoch': soname['pkg__epoch'],
+                         'repo': soname['pkg__repo__name'].lower()} for soname in sonames]
         else:
             return HttpResponseBadRequest('name parameter is required')
 

packages/views/flag.py

@@ -38,7 +38,8 @@ class FlagForm(forms.Form):
         # make sure the message isn't garbage (only punctuation or whitespace)
         # or spam (using a simple denylist)
         # and ensure a certain minimum length
-        if re.match(r'^[^0-9A-Za-z]+$', data) or any(fd.keyword in data for fd in FlagDenylist.objects.all()) or len(data) < 3:
+        if re.match(r'^[^0-9A-Za-z]+$', data) or any(fd.keyword in data for fd in FlagDenylist.objects.all()) \
+           or len(data) < 3:
             raise forms.ValidationError("Enter a valid and useful out-of-date message.")
         return data
 

planet/migrations/0001_initial.py

@@ -50,7 +50,8 @@ class Migration(migrations.Migration):
                 ('author', models.CharField(max_length=255)),
                 ('publishdate', models.DateTimeField(db_index=True, verbose_name='publish date')),
                 ('url', models.CharField(max_length=255, verbose_name='URL')),
-                ('feed', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='feed', to='planet.Feed')),
+                ('feed', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE,
+                                           related_name='feed', to='planet.Feed')),
             ],
             options={
                 'verbose_name_plural': 'Feed Items',

planet/migrations/0002_alter_feeditem_feed.py

@@ -14,6 +14,7 @@ class Migration(migrations.Migration):
         migrations.AlterField(
             model_name='feeditem',
             name='feed',
-            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='items', to='planet.feed'),
+            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE,
+                                    related_name='items', to='planet.feed'),
         ),
     ]

public/views.py

@@ -1,8 +1,9 @@
 import json
-from datetime import datetime
+from datetime import datetime, timezone
 from operator import attrgetter
 
 from django.contrib.auth.models import User
+from django.contrib.sites.models import Site
 from django.db.models import Count, Q
 from django.http import HttpResponse
 from django.shortcuts import get_object_or_404, render
@@ -25,12 +26,12 @@ def index(request):
     else:
         def updates():
             return get_recent_updates()
-    domain = "%s://%s" % (request.scheme, request.META.get('HTTP_HOST'))
+    current_site = Site.objects.get_current()
     context = {
         'news_updates': News.objects.order_by('-postdate', '-id')[:15],
         'pkg_updates': updates,
         'staff_groups': StaffGroup.objects.all(),
-        'domain': domain,
+        'domain': f'{request.scheme}://{current_site.domain}',
     }
     return render(request, 'public/index.html', context)
 
@@ -92,12 +93,13 @@ def feeds(request):
 @cache_control(max_age=307)
 def keys(request):
     profile_ids = UserProfile.allowed_repos.through.objects.values('userprofile_id')
-    users = User.objects.filter(
-            is_active=True, userprofile__id__in=profile_ids).order_by('first_name', 'last_name').select_related('userprofile')
+    users = User.objects.filter(is_active=True,
+                                userprofile__id__in=profile_ids).order_by('first_name',
+                                                                          'last_name').select_related('userprofile')
     user_key_ids = frozenset(user.userprofile.pgp_key[-16:] for user in users
             if user.userprofile.pgp_key)
 
-    not_expired = Q(expires__gt=datetime.utcnow()) | Q(expires__isnull=True)
+    not_expired = Q(expires__gt=datetime.now(timezone.utc)) | Q(expires__isnull=True)
     master_keys = MasterKey.objects.select_related('owner', 'revoker',
             'owner__userprofile', 'revoker__userprofile').filter(
             revoked__isnull=True)
@@ -153,7 +155,7 @@ def keys_json(request):
             'group': 'master'
         } for key in master_keys)
 
-    not_expired = Q(expires__gt=datetime.utcnow()) | Q(expires__isnull=True)
+    not_expired = Q(expires__gt=datetime.now(timezone.utc)) | Q(expires__isnull=True)
     signatures = PGPSignature.objects.filter(not_expired, revoked__isnull=True)
     edge_list = [{ 'signee': sig.signee, 'signer': sig.signer }
             for sig in signatures]

releng/tests/conftest.py

@@ -1,5 +1,5 @@
 from base64 import b64encode
-from datetime import datetime
+from datetime import datetime, timezone
 
 import pytest
 from bencode import bencode
@@ -24,7 +24,7 @@ def torrent_data():
     data = {
         'comment': 'comment',
         'created_by': 'Arch Linux',
-        'creation date': int(datetime.utcnow().timestamp()),
+        'creation date': int(datetime.now(timezone.utc).timestamp()),
         'info': {
             'name': 'arch.iso',
             'length': 1,

releng/urls.py

@@ -9,8 +9,10 @@ from .views import ReleaseDetailView, ReleaseListView
 releases_patterns = [
     path('', ReleaseListView.as_view(), name='releng-release-list'),
     path('json/', views.releases_json, name='releng-release-list-json'),
-    re_path(r'^(?P<version>[-.\w]+)/$', cache_page(311)(ReleaseDetailView.as_view()), name='releng-release-detail'),
-    re_path(r'^(?P<version>[-.\w]+)/torrent/$', cache_page(311)(views.release_torrent), name='releng-release-torrent'),
+    re_path(r'^(?P<version>[-.\w]+)/$', cache_page(311)(ReleaseDetailView.as_view()),
+            name='releng-release-detail'),
+    re_path(r'^(?P<version>[-.\w]+)/torrent/$', cache_page(311)(views.release_torrent),
+            name='releng-release-torrent'),
 ]
 
 netboot_patterns = [

requirements.txt

@@ -1,19 +1,19 @@
 -e git+https://github.com/fredj/cssmin.git@master#egg=cssmin
-Django==5.0.10
+Django==5.1.13
 IPy==1.1
 Markdown==3.3.7
 bencode.py==4.0.0
 django-countries==7.6.1
-django-extensions==3.2.3
+django-extensions==4.1
 jsmin==3.0.1
 pgpdump==1.5
 parse==1.20.2
 sqlparse==0.5.0
-django-csp==3.8
+django-csp==4.0
 ptpython==2.0.4
 feedparser==6.0.11
 bleach==6.0.0
-requests==2.32.3
+requests==2.32.4
 xtarfile==0.2.1
 zstandard==0.23.0
 whitenoise==6.8.2

ruff.toml

@@ -24,7 +24,6 @@ select = [
 ]
 
 ignore = [
-    "E501", # line lengt violation
     "E731", # Do not assign a `lambda` expression, use a `def`
     "B904", # Within an `except` clause, raise exceptions with `raise ... from err`
     "RUF012", # Mutable class attributes should be annotated with `typing.ClassVar`
@@ -34,3 +33,8 @@ ignore = [
     "DJ008", # Model does not define `__str__` method
     "DJ012", # Order of model's inner classes, methods, and fields does not follow the Django Style Guide: `Meta` class should come before `get_absolute_url`
 ]
+
+exclude = [
+    "*/migrations/*.py",  # Ignore Django migrations
+    "src/cssmin/*"  # cssmin, not our code
+]

settings.py

@@ -267,8 +267,16 @@ if DEBUG_TOOLBAR:
     INSTALLED_APPS = [*list(INSTALLED_APPS), 'debug_toolbar']
 
 if PROMETHEUS_METRICS:
-    MIDDLEWARE = ['django_prometheus.middleware.PrometheusBeforeMiddleware', *list(MIDDLEWARE), 'django_prometheus.middleware.PrometheusAfterMiddleware']
+    MIDDLEWARE = ['django_prometheus.middleware.PrometheusBeforeMiddleware',
+                  *list(MIDDLEWARE),
+                  'django_prometheus.middleware.PrometheusAfterMiddleware']
 
     INSTALLED_APPS = [*list(INSTALLED_APPS), 'django_prometheus']
 
+# Assume all URLField will be HTTPS if not specified.
+# NOTE: this can be removed once we bump Django to 6.x
+# where `https` becomes the default.
+FORMS_URLFIELD_ASSUME_HTTPS = True
+
+
 # vim: set ts=4 sw=4 et:

sitestatic/archweb.css

@@ -1207,12 +1207,12 @@ ul.signoff-list {
 
     /* style input as a normal anchor */
     input {
-      background: none!important;
+      background: none !important;
       border: none;
-      padding: 0!important;
-      /*optional*/
+      padding: 0 0.5em !important;
+      /* optional */
       font-family: arial, sans-serif;
-      font-size: 0.9em;
+      font-size: 100%;
       /*input has OS specific font-family*/
       color: #07b;
     }

sitestatic/archweb.js

@@ -324,6 +324,10 @@ function filter_signoffs() {
     /* start with all rows, and then remove ones we shouldn't show */
     var rows = $('#tbody_signoffs').children(),
         all_rows = rows;
+    /* apply the filters, cheaper ones first */
+    if ($('#id_mine_only').is(':checked')) {
+        rows = rows.filter('.mine');
+    }
     /* apply arch and repo filters */
     $('#signoffs_filter .arch_filter').add(
             '#signoffs_filter .repo_filter').each(function() {
@@ -352,6 +356,7 @@ function filter_signoffs() {
 function filter_signoffs_reset() {
     $('#signoffs_filter .arch_filter').prop('checked', true);
     $('#signoffs_filter .repo_filter').prop('checked', true);
+    $('#id_mine_only').prop('checked', false);
     $('#id_pending').prop('checked', false);
     filter_signoffs();
 }

sitestatic/artixweb.css

@@ -145,6 +145,10 @@ tr :nth-child(7) {
         background-image: url(data:image/gif;base64,R0lGODlhFQAEAPABAOTu/wAAACH/C05FVFNDQVBFMi4wAwEAAAAh+QQFAgABACwAAAAAFQAEAAACDYwfoAvoz9qbZ9FrJC0AOw==);
     }
 
+    code {
+        background: #334450;
+    }
+
     .results.results td,
     .results.results th {
         border: 1px solid #858585;
@@ -158,7 +162,7 @@ tr :nth-child(7) {
         background-color: #111;
     }
 
-    .results th {
+    .results th, #pkgsearch {
         color: #fff;
         background-color: #0f3147;
         border: 1px solid #0A6682;

templates/devel/tier0_mirror.html

@@ -7,7 +7,7 @@
 <div class="box">
 
     <h2>Tier 0 Mirror usage information</h2>
-    <p>Arch Linux Tier 0 mirror on <a href="https://repos.archlinux.org">repos.archlinux.org</a> which can be used if to obtain the absolute latest packages. The mirror is protected with a HTTP Basic Auth password unique per Staff member.</p>
+    <p>Arch Linux Tier 0 mirror on <a href="https://repos.archlinux.org">repos.archlinux.org</a> which can be used if to obtain the absolute latest packages. The mirror is protected with an HTTP Basic Auth password unique per Staff member.</p>
     {% if mirror_url %}
       <code id="serverinfo">Server = {{ mirror_url }}</code> <button id="copybutton">Copy to clipboard</button>
 

templates/packages/differences.html

@@ -16,7 +16,7 @@
                 <th>Multilib Version</th>
                 <th>x86_64 Version</th>
                 <th>x86_64 Name</th>
-                <th>x864_ Repo</th>
+                <th>x86_64 Repo</th>
                 <th>Multilib Last Updated</th>
                 <th>x86_64 Last Updated</th>
             </tr>

templates/packages/signoffs.html

@@ -26,6 +26,8 @@
             <div><label for="id_repo_{{ repo_name|lower }}" title="Target Repository {{ repo_name }}">[{{ repo_name|lower }}]</label>
                 <input type="checkbox" name="repo_{{ repo_name|lower }}" id="id_repo_{{ repo_name|lower }}" class="repo_filter" value="{{ repo_name|lower }}" checked="checked"/></div>
             {% endfor %}
+            <div><label for="id_mine_only" title="Show only packages packaged by me">Only Mine</label>
+                <input type="checkbox" name="mine_only" id="id_mine_only" value="mine_only"/></div>
             <div><label for="id_pending" title="Packages with not enough signoffs">Only Pending Approval</label>
                 <input type="checkbox" name="pending" id="id_pending" value="pending"/></div>
             <div><label>&nbsp;</label><input title="Reset search criteria" type="button" id="criteria_reset" value="Reset"/></div>
@@ -50,7 +52,8 @@
             </tr>
         </thead>
         <tbody id="tbody_signoffs">
-            {% for group in signoff_groups %}<tr class="{{ group.arch.name }} {{ group.target_repo|lower }}">
+            {% for group in signoff_groups %}
+            <tr class="{% if user == group.packager %} mine{% endif %} {{ group.arch.name }} {{ group.target_repo|lower }}">
                 <td>{% pkg_details_link group.package %} {{ group.version }}</td>
                 <td>{{ group.arch.name }}</td>
                 <td>{{ group.target_repo }}</td>

templates/public/developer_list.html

@@ -49,6 +49,11 @@
                     <td>{% if prof.website %}<a itemprop="url" href="{{ prof.website }}"
                             title="Visit the website for {{ dev.get_full_name }}">
                             {{ prof.website }}</a>{% endif %}</td>
+                </tr><tr>
+                    <th>Social:</th>
+                    <td>{% if prof.social %}<a itemprop="url" href="{{ prof.social }}"
+                            title="Visit social account for {{ dev.get_full_name }}" rel="me">
+                            {{ prof.social }}</a>{% endif %}</td>
                 </tr><tr>
                     <th>Occupation:</th>
                     <td>{{ prof.occupation }}</td>

templates/public/donate.html

@@ -53,37 +53,10 @@
     <img src="{% static "nitrokey_logo.png" %}"
     class="sponsor-btn-nitrokey" title="" alt="Nitrokey logo"/></a>
 
-    <p>We would also like to thank <a href="https://www.privateinternetaccess.com/"
-    title="Private Internet Access">Private Internet Access</a> for sponsoring
-    dedicated servers across the globe. Private Internet Access is the leading
-    VPN Service provider specializing in secure, encrypted VPN tunnels which
-    create several layers of privacy and security providing users safety on the
-    internet.</p>
-
-    <a href="https://www.privateinternetaccess.com/" title="Private Internet Access">
-    <img src="{% static "pia_logo.png" %}"
-    class="sponsor-btn-pia" title="" alt="Private Internet Access logo"/></a>
-
-    <p>We would also like to thank <a href="https://www.shells.com/"
-    title="Shells">Shells.com</a> for their monetary donation.
-    Shells provides you with a 1-click, powerful virtual desktop environment,
-    driven by a cloud computer, without leaving your browser! It's your
-    personal workspace in the cloud.</p>
-
-    <a href="https://www.shells.com/" title="Shells">
-    <img src="{% static "shells_logo.png" %}"
-    title="" alt="Shells logo"/></a>
-
-    <p>We would also like to thank <a href="https://uptimerobot.com/"
-    title="UptimeRobot">UptimeRobot</a> for providing their monitoring service to us.
-    UptimeRobot is a leading uptime monitoring service.</p>
-
-    <a href="https://uptimerobot.com/" title="UptimeRobot">
-    <img src="{% static "uptimerobot_logo.png" %}"
-    title="" alt="UptimeRobot logo"/></a>
-
     <h3>Past donors</h3>
 
+    <p><a href="http://www.dotcom-monitor.com/" title="Dotcom-Monitor">Dotcom-Monitor</a> &amp; <a href="https://www.loadview-testing.com/" title="LoadView">LoadView</a></p>
+
     <div id="donor-list">
         <ul>
 {% for donor in donors %}

templates/public/download.html

@@ -77,13 +77,6 @@
             title="Arch Linux Netboot">Arch Linux Netboot</a></li>
     </ul>
 
-    <h3>Vagrant images</h3>
-
-    <p>Vagrant images for libvirt and virtualbox are available on the <a href="https://app.vagrantup.com/archlinux/boxes/archlinux">Vagrant Cloud</a>. You can bootstrap the image with the following commands:</p>
-    <code>vagrant init archlinux/archlinux</code>
-    <br/>
-    <code>vagrant up</code>
-
     <h3>Docker image</h3>
 
     <p>The official Docker image is available on <a href="https://hub.docker.com/_/archlinux/">Docker Hub</a>. You can run the image with the following command:</p>
@@ -93,6 +86,14 @@
 
     <p>Official virtual machine images are available for download on our <a href="https://gitlab.archlinux.org/archlinux/arch-boxes/-/packages">GitLab instance</a>, more information is available in the <a href="https://gitlab.archlinux.org/archlinux/arch-boxes/">README</a>.</p>
 
+    <h3>WSL images</h3>
+
+    <p>The official WSL image can be installed with the following command (in a PowerShell prompt from a Windows system with WSL 2 installed):</p>
+    <code>wsl --install archlinux</code>
+
+    <p>It is also available for download on <a href="https://geo.mirror.pkgbuild.com/wsl/latest">mirrors</a>.</p>
+    <p>More information available in the <a href="https://wiki.archlinux.org/title/Install_Arch_Linux_on_WSL">Wiki</a>.</p>
+
     <h3 id="http-downloads">HTTP Direct Downloads</h3>
 
     <p>In addition to the BitTorrent links above, install images can also be
@@ -132,15 +133,15 @@
     <pre><code>$ b2sum -c b2sums.txt</code></pre>
 
     To verify the PGP signature using Sequoia, first download the release signing key from WKD:
-    <pre><code>$ sq network wkd fetch {{ release.wkd_email }} -o release-key.pgp</code></pre>
+    <pre><code>$ sq network wkd search {{ release.wkd_email }} --output release-key.pgp</code></pre>
 
     With this signing key, verify the signature:
-    <pre><code>$ sq verify --signer-file release-key.pgp --detached archlinux-{{ release.version }}-x86_64.iso.sig archlinux-{{ release.version }}-x86_64.iso</code></pre>
+    <pre><code>$ sq verify --signer-file release-key.pgp --signature-file archlinux-{{ release.version }}-x86_64.iso.sig archlinux-{{ release.version }}-x86_64.iso</code></pre>
 
     Alternatively, using GnuPG, download the signing key from WKD:
     <pre><code>$ gpg --auto-key-locate clear,wkd -v --locate-external-key {{ release.wkd_email }}</code></pre>
     Verify the signature:
-    <pre><code>$ gpg --keyserver-options auto-key-retrieve --verify archlinux-{{ release.version }}-x86_64.iso.sig archlinux-{{ release.version }}-x86_64.iso</code></pre>
+    <pre><code>$ gpg --verify archlinux-{{ release.version }}-x86_64.iso.sig archlinux-{{ release.version }}-x86_64.iso</code></pre>
 
     {% cache 600 download-mirrors %}
     <div id="download-mirrors">

templates/public/index.html

@@ -133,8 +133,6 @@
     <h4>Support</h4>
     <ul>
         <li><a href="{% url 'page-donate' %}" title="Help support Arch Linux">Donate</a></li>
-        <li><a href="https://www.unixstickers.com/tag/archlinux" title="Arch
-	Linux stickers, t-shirts, hoodies, mugs, posters and pins">Products via Unixstickers</a></li>
         <li><a href="https://www.freewear.org/?page=list_items&amp;org=Archlinux"
             title="T-shirts">T-shirts via Freewear</a></li>
         <li><a href="https://www.hellotux.com/arch"
@@ -155,6 +153,7 @@
     <ul>
         <li><a href="https://wiki.archlinux.org/title/Getting_involved"
             title="Getting involved">Getting involved</a></li>
+        <li><a href="https://devblog.archlinux.page" title="Dev Blog">Dev Blog</a></li>
         <li><a href="https://gitlab.archlinux.org/archlinux/"
             title="Official Arch projects (git)">Projects in Git</a></li>
         <li><a href="https://wiki.archlinux.org/title/DeveloperWiki"
@@ -202,20 +201,10 @@
             title="" alt="Hetzner logo"/>
     </a>
 
-    <a href="https://www.privateinternetaccess.com/" title="Private Internet Access">
-        <img src="{% static "pia_logo.png" %}"
-            title="" alt="Private Internet Access logo"/>
-    </a>
-
     <a href="https://icons8.com/" title="Icons8">
         <img src="{% static "icons8_logo.png" %}"
             title="" alt="Icons8 logo"/>
     </a>
-
-    <a href="https://www.shells.com" title="Shells.com">
-        <img src="{% static "shells_logo.png" %}"
-            title="" alt="Shells logo"/>
-    </a>
 </div>
 {% endcache %}
 {% endblock %}

templates/todolists/view.html

@@ -2,6 +2,8 @@
 {% load static %}
 {% load package_extras %}
 {% load todolists %}
+{% load tz %}
+{% load humanize %}
 
 {% block title %}Arch Linux - Todo: {{ list.name }}{% endblock %}
 
@@ -103,7 +105,15 @@
                     <span class="{{ pkg.status_css_class }}">{{ pkg.get_status_display }}</span>
                     {% endif %}
                 </td>
-                <td>{{ pkg.user|default:"" }}</td>
+                <td>
+                  {% if pkg.user %}
+                  {% if user.is_authenticated %}
+                  {{ pkg.user }} <span title="{{ pkg.last_modified|timezone:user.userprofile.time_zone|date:"Y-m-d H:i T" }}">({{ pkg.last_modified|naturaltime }})</span>
+                  {% else %}
+                  {{ pkg.user }} <span title="{{ pkg.last_modified|date:"Y-m-d H:i T" }}">({{ pkg.last_modified|naturaltime }})</span>
+                  {% endif %}
+                  {% endif %}
+                </td>
             </tr>
             {% endfor %}
         </tbody>

todolists/migrations/0001_squashed_0002_remove_todolist_old_id.py

@@ -28,7 +28,9 @@ class Migration(migrations.Migration):
                 ('created', models.DateTimeField(db_index=True)),
                 ('last_modified', models.DateTimeField(editable=False)),
                 ('raw', models.TextField(blank=True)),
-                ('creator', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT, related_name='created_todolists', to=settings.AUTH_USER_MODEL)),
+                ('creator', models.ForeignKey(on_delete=django.db.models.deletion.PROTECT,
+                                              related_name='created_todolists',
+                                              to=settings.AUTH_USER_MODEL)),
             ],
             options={
                 'get_latest_by': 'created',
@@ -43,13 +45,16 @@ class Migration(migrations.Migration):
                 ('created', models.DateTimeField(editable=False)),
                 ('last_modified', models.DateTimeField(editable=False)),
                 ('removed', models.DateTimeField(blank=True, null=True)),
-                ('status', models.SmallIntegerField(choices=[(0, 'Incomplete'), (1, 'Complete'), (2, 'In-progress')], default=0)),
+                ('status', models.SmallIntegerField(choices=[(0, 'Incomplete'), (1, 'Complete'), (2, 'In-progress')],
+                                                    default=0)),
                 ('comments', models.TextField(blank=True, null=True)),
                 ('arch', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='main.Arch')),
-                ('pkg', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to='main.Package')),
+                ('pkg', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL,
+                                          to='main.Package')),
                 ('repo', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='main.Repo')),
                 ('todolist', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to='todolists.Todolist')),
-                ('user', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to=settings.AUTH_USER_MODEL)),
+                ('user', models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL,
+                                           to=settings.AUTH_USER_MODEL)),
             ],
             options={
                 'get_latest_by': 'created',

todolists/migrations/0002_todolist_kind.py

@@ -13,6 +13,7 @@ class Migration(migrations.Migration):
         migrations.AddField(
             model_name='todolist',
             name='kind',
-            field=models.SmallIntegerField(choices=[(0, 'Rebuild'), (1, 'Task')], default=0, help_text='(Rebuild for soname bumps, Task for independent tasks)'),
+            field=models.SmallIntegerField(choices=[(0, 'Rebuild'), (1, 'Task')], default=0,
+                                           help_text='(Rebuild for soname bumps, Task for independent tasks)'),
         ),
     ]

todolists/models.py

@@ -23,7 +23,8 @@ class Todolist(models.Model):
     description = models.TextField()
     creator = models.ForeignKey(User, on_delete=models.PROTECT, related_name="created_todolists")
     created = models.DateTimeField(db_index=True)
-    kind = models.SmallIntegerField(default=REBUILD, choices=KIND_CHOICES, help_text='(Rebuild for soname bumps, Task for independent tasks)')
+    kind = models.SmallIntegerField(default=REBUILD, choices=KIND_CHOICES,
+                                    help_text='(Rebuild for soname bumps, Task for independent tasks)')
     last_modified = models.DateTimeField(editable=False)
     raw = models.TextField(blank=True)
 

todolists/templatetags/todolists.py

@@ -13,8 +13,9 @@ def todopkg_details_link(todopkg):
     pkg = todopkg.pkg
     if not pkg:
         return todopkg.pkgname
-    link = '<a href="%s" title="View package details for %s">%s</a>'
+    link = '<a href="{url}" title="View package details for {pkgname}">{pkgname}</a>'
     url = pkg_absolute_url(todopkg.repo, todopkg.arch, pkg.pkgname)
-    return format_html(link % (url, pkg.pkgname, pkg.pkgname))
+    return format_html(link, url=url, pkgname=pkg.pkgname)
+
 
 # vim: set ts=4 sw=4 et: