Paul Wise authored 1 month ago and Antoine Lambert committed 1 month ago

These just result in a rejection from the archival moderation team.

The GitLab API sets the appropriate CORS headers for this to work.

Co-authored-by: Antoine Lambert <anlambert@softwareheritage.org>

When searching for an origin URL, the search interface redirects
to its browse interface if the origin URL exists in SWH database.

Nevertheless, it the origin could not be archived, the redirection
was still done leading to a 404 error so ensure to check the origin
has a snapshot before redirecting.

Fixes #4828.

The bootstrap admin theme we are using (AdminLTE) recently added support for
bootstrap 5.x in its 4.0 release (still in beta but works for our needs).

So it was time to upgrade bootstrap from 4.x to 5.x for the SWH webapp.

The following was made to complete the upgrade while keeping same look and
feel as before:

- remove use of bootstrap loader for webpack and simplify webpack configuration

- replace use of deprecated node-sass package by sass one from Dart

- update bootstrap sass variables to override and add button style matching the
  default one from AdminLTE 3.x we were using

- adapt some CSS rules and add new ones to ensure same look and feel as before

- remove explicit use of custom form controls from bootstrap 4.x as they are now
  the standard in bootstrap 5.x through new CSS classes form-*

- update CSS classes renamed in bootstrap 5.x and adminlte 4.x, notably:

  * wrapper => app-wrapper
  * main-header => app-header
  * content => app-content
  * sidebar => app-sidebar
  * footer => app-footer
  * ml-* => ms-*
  * mr-* => me-*
  * pl-* => ps-*
  * pr-* => pe-*
  * float-left => float-end
  * float-right => float-start
  * text-left => text-start
  * text-right => text-end

- rename some data-* attributes to data-bs-*

- use btn-secondary CSS class for button style instead of btn-default

- use standard bootstrap close button for modals and alerts

- put sidebar HTML code in its own dedicated include file

- simplify forms HTML code and use new form-label CSS class

- remove no longer needed javascript hacks

- improve color theme consistency notably when focusing elements with keyboard

Upgrade highlightjs to its latest release and add a couple of new
referenced plugins adding support for new programming languages.

Antoine Lambert authored 1 year ago and Antoine Lambert committed 1 year ago

When searching for origins with the Web UI, if the search pattern is equal
to the URL of an archived origin then user gets automatically redirected to
the interface for browsing it.

Previously the visit type was not taken into account prior performing the
redirection so ensure to redirect only if the origin has a visit type
that matches the selected one.

Add around 30 new programming languages that can he highlighted using
the highlight.js library by registering associated hljs plugins.

Fix all accessibility critical errors detected by IBM Equal Access
Toolkit and Axe.

Related to #4767.

For each swh-web django application, create an assets folder in application
one and move related static assets source code (js, css, ...) in it.

Also modify webpack configuration to generate bundles the following way:

  - if swh/web/<app>/assets/index.js exists, a bundle named <app> is generated

  - if swh/web/<app>/assets/<bundle>/index.js exists, a bundle named <bundle>
    is generated

After these changes, some bundles got renamed but also new ones are generated
so update django templates and js code accordingly.

Related to T4398

It was previously included in the browse application but it makes
sense to isolate it in its own application in order to easily
deactivate it if needed.

Related to T4398

Related to T4398

Display info about the number of add forge now requests (filtered or not)
below the table on the left.

Set default ordering to descending submission date.

It heavily depends on browse templates so better moving it here.

Also changes view URL from /embed/<swhid>/ to /browse/embed/<swhid>/
but keeps backward compatibility by adding a redirection from the
old URL to the new one.

Inject transitions dict into Django template instead and pass it to js.

This will prevent submission of add forge now requests with invalid
forge URLs from the Web UI and the Web API.

It looks weird when email clients soft-wrap on smaller number
of columns; eg. Thunderbird defaults to 72 when editing in
plain text.

When sidebar is in collpased mode, it was previously flashing from expanded
to collapsed when loading a page as its state was changed using javascript.

So prefer to use a cookie describing sidebar state that can be read server
side from django and injected in templates, this way the sidebar is ensured
to be in correct state in HTML code on page load.

Prefer to use a div instead of an iframe to avoid blinking banner
on page load.

Nevertheless, keep the iframe view to ease embedding in external
WordPress website.

The banner will be displayed on archive.softwareheritage.org and
softwareheritage.org.

When rendering a markdown README coming from a github origin, use
showdown github flavor in order to enable HTML rendering options
specific to github (header id format for instance).

Promise was returned instead of the expected asynchronous result which
was causing issues when submitting save code now requests.

Related to T4260

For obvious security reasons, do not accept a Save Code Now request
for an origin URL containing a password in it as the list of submitted
requests are publicly browsable from the Web UI.

Nevertheless accept origin URLs with anonymous credentials (CVS ones
for instance).

Related to T4240

The deposits admin view is read only and there is no sensitive data
displayed here so we can remove the deposits filtering by username
for non staff users but with adequate permission.

When that parameter is used, the lists of origin types it contains will
be emphasized in the archive coverage view by adding a red border around
the associated bootstrap cards.

Cards content will also be expanded by default and no maximum height
will be applied.

The purpose is to emphasize the result of a given lister. Such links
will be made available in the documentation page compiling the current
statuses of available listers.

Related to T3117

The unqualified catch would hide all exceptions instead of only setting
an error message when the request itself fails.

Add a signal receiver to process inbound emails to the address set up in
config. The text part of the emails is parsed if available, and the raw
message is saved as a last resort.

This sets the Cc and Reply-To headers to the email address for inbound
message processing, when sending an email to the forge administrator.

To access this view, one can follow the link inside RequestHistory API
responses.

This lets us generate more meaningful email subjects for request
tracking, and will be useful for raw message filename generation too.

It enables to search for all origins or for all origins with a
specific visit type.

Add moderator name and last modified date columns.

Closes T4071