1457: python:3.6-slim with hash r=mythmon a=peterbe
Fixes#1434
I don't know why Renovate hasn't suggested something like this yet. Perhaps it's in our renovate config. Either way, I see no risk of using 3.6 instead of 3.6.6. Especially since we use a hash.
Co-authored-by: Peter Bengtsson <mail@peterbe.com>
1469: Make all words required when searching r=peterbe a=mythmon
This should make searching a bit nicer. I didn't realize how bad "any word matches" was without a scoring step. I considered adding a scoring step, but I don't know if that is reasonable at our scale.
Co-authored-by: Mike Cooper <mythmon@gmail.com>
1470: Rename test shortcuts in run.sh r=mythmon a=sciurus
Matching on "pytest" and running a predefined set of commands prevented
us from running pytest with different arguments. We rename our pytest
launching shortcut to fix that and preemptively fix the same problem
with karma.
Co-authored-by: Brian Pitts <bpitts@mozilla.com>
Matching on "pytest" and running a predefined set of commands prevented
us from running pytest with different arguments. We rename our pytest
launching shortcut to fix that and preemptively fix the same problem
with karma.
1464: Pin python Docker tag r=mythmon a=renovate[bot]
<p>This Pull Request pins Docker base image <code>python:3.6.0-slim</code> to use a digest (<code>sha256:ed16e4e6ee97ad893c5be1a22aae0de95b996b0a21e544d9b8a4625f66d1d49e</code>).<br />
This digest will then be kept updated via Pull Requests whenever the image is updated on the Docker registry. For details on Renovate's Docker support, please visit <a href="https://renovatebot.com/docs/docker">https://renovatebot.com/docs/docker</a></p>
<p><strong>Important</strong>: Renovate will wait until you have merged this Pin request before creating PRs for any <em>upgrades</em>. If you do not wish to pin anything, please update your config accordingly instead of leaving this PR open.</p>
<hr />
<p>This PR has been generated by <a href="https://renovatebot.com">Renovate Bot</a>.</p>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
1463: Pin dependencies r=mythmon a=renovate[bot]
<p>This Pull Request renovates the package group "Pin Dependencies" with the following modifications:</p>
<ul>
<li>Pins dependency <code>nsp</code> (<a href="https://renovatebot.com/gh/nodesecurity/nsp">source</a>) from <code>^3.2.1</code> to <code>v3.2.1</code></li>
<li>Pins dependency <code>mozilla-normandy-action-argument-schemas</code> from <code>0.3</code> to <code>v0.3.0</code></li>
</ul>
<p><strong>Important</strong>: Renovate will wait until you have merged this Pin request before creating PRs for any <em>upgrades</em>. If you do not wish to pin anything, please update your config accordingly instead of leaving this PR open.</p>
<hr />
<p>This PR has been generated by <a href="https://renovatebot.com">Renovate Bot</a>.</p>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
1459: Configure Renovate r=mythmon a=renovate[bot]
<p>Welcome to <a href="https://renovatebot.com">Renovate</a>! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.</p>
<p>🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.</p>
<hr />
<h3 id="detected-package-files">Detected Package Files</h3>
<ul>
<li><code>.circleci/config.yml</code> (circleci)</li>
<li><code>ci/docker-compose.yml</code> (docker-compose)</li>
<li><code>Dockerfile</code> (dockerfile)</li>
<li><code>client/actions/console-log/package.json</code> (npm)</li>
<li><code>client/actions/opt-out-study/package.json</code> (npm)</li>
<li><code>client/actions/preference-experiment/package.json</code> (npm)</li>
<li><code>client/actions/show-heartbeat/package.json</code> (npm)</li>
<li><code>package.json</code> (npm)</li>
</ul>
<h3 id="configuration">Configuration</h3>
<p>🔡 Renovate has detected a custom config for this PR. Feel free to post it to the <a href="https://renovatebot.com/gh/renovatebot/config-help/issues">Config Help repository</a> if you have any doubts and would like it reviewed.</p>
<p>⚠️ This PR has a merge conflict, however Renovate is unable to automatically fix that due to edits in this branch. Please resolve the merge conflict manually.</p>
<h3 id="what-to-expect">What to Expect</h3>
<p>With your current configuration, Renovate will create 39 Pull Requests:</p>
<p>
Co-authored-by: Renovate Bot <bot@renovateapp.com>
Co-authored-by: Peter Bengtsson <mail@peterbe.com>
1456: null bytes string in /api/v1/recipe/signed r=mythmon a=peterbe
Fixes#1455
The trick here to use `django_filters`'s `CharFilter` in some way. That has builtin support for rejecting strings with null bytes in them.
Co-authored-by: Peter Bengtsson <mail@peterbe.com>
1452: resilience against rounding error in timestamp in test_caching fixture r=rehandalal a=peterbe
Fixes#1423
Hopefully my comment is clear enough. A way to "visualize" it is to create [a script like this](https://gist.github.com/peterbe/699e6826a82717e896a8ddb9b0a53fde).
Co-authored-by: Peter Bengtsson <mail@peterbe.com>
Renovate Bot
bors[bot]
Peter Bengtsson
Brian Pitts
Mike Cooper
Rehan Dalal
pyup-bot