Saturday, September 02, 2023
dev@conference.yunohost.org
September
Mon Tue Wed Thu Fri Sat Sun
        1
 2
 3
4
 5
 6
 7
 8
 9
 10
11
 12
 13
 14
 15
 16
 17
18
 19 20
 21
 22
 23
 24
25
 26
 27
 28
 29
 30
  
             

[08:58:37] <selfhoster1312> oui avec du cache c'est mieux:
> Latencies [min, mean, 50, 90, 95, 99, max] 421.631µs, 25.981ms, 33.233ms, 36.978ms, 40.572ms, 57.215ms, 83.917ms
[08:59:59] <selfhoster1312> après ça c'est la happy path où on check un truc en boucle du coup déjà caché, par contre si la personne forge des cookies différents avec une mauvaise signature à chaque requête on tombe sur un vecteur de DOS
[09:01:00] <selfhoster1312> est-ce que y'aurait un désavantage à stocker en RAM toutes les sessions dans le cache et à juste checker si la session est valide sans rechecker les signatures? comme ça quand on reçoit un cookie on fait un cache:get(cookie) qui correspond à un simple hash du cookie et demande beaucoup moins de ressources
[09:03:04] <selfhoster1312> cela reviendrait à l'ancien modèle pré-portal-api où c'est ssowat qui gère les sessions, ce qui résoudrait par ailleurs le problème du logout avec le modèle du portal-api :D :D :D
[09:32:20] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 [commented](https://github.com/YunoHost/issues/issues/1514#issuecomment-1703778581) on [issue #1514](https://github.com/YunoHost/issues/issues/1514) ssowat conf redirected_regex should redirect also root path: I think last time i installed Yunohost i was redirected to the admin panel. Is that right? If yes, we can probably close...
[09:38:22] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 [commented](https://github.com/YunoHost/issues/issues/793#issuecomment-1703780096) on [issue #793](https://github.com/YunoHost/issues/issues/793) Support RTL language: Setting dir=rtl for the entire page is good, but form inputs should probably use dir=auto, as well as other elements...
[10:49:03] <Aleks (he/him/il/lui)> > <selfhoster1312> après ça c'est la happy path où on check un truc en boucle du coup déjà caché, par contre si la personne forge des cookies différents avec une mauvaise signature à chaque requête on tombe sur un vecteur de DOS

Moui mais normalement c'est censé trigger fail2ban (enfin c'est ptete pas correctement implémenté pour le nouveau systeme, y'a sans doute un FIXME)
[10:49:38] <selfhoster1312> j'ai bien sûr désactivé fail2ban pour les tests :) :)
[11:51:59] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 labeled :space_invader: bug on [issue #2238](https://github.com/YunoHost/issues/issues/2238): portal-api: Logout doesnt work (by design)
[11:52:00] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 opened [issue #2238](https://github.com/YunoHost/issues/issues/2238): portal-api: Logout doesnt work (by design)
[11:54:08] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 opened [issue #2239](https://github.com/YunoHost/issues/issues/2239): [META] Tracking issue for user management, sessions and SSO
[11:54:09] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 labeled :birthday: feature on [issue #2239](https://github.com/YunoHost/issues/issues/2239): [META] Tracking issue for user management, sessions and SSO
[11:54:34] <selfhoster1312> i opened a huge tracking issue for all things users/SSO: https://github.com/YunoHost/issues/issues/2239
[11:54:43] <selfhoster1312> because there was so many of them i was getting lost...
[11:55:11] <selfhoster1312> let me know if it's inappropriate, and if it's cool you can pin it in the issue tracker to make it easier to find
[11:59:40] <tituspijean> *insert xkcd reference here*
[12:00:18] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 [commented](https://github.com/YunoHost/issues/issues/2051#issuecomment-1703813575) on [issue #2051](https://github.com/YunoHost/issues/issues/2051) Add OpenID Connect support using Dex: I propose to close this issue in favor of #676.
[12:02:36] <selfhoster1312> tituspijean, i know that one about standards, but it's not exactly the same... the issues all have different names/keywords so it's hard to find precisely what you're looking for at a glance :)
[12:37:49] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 [commented](https://github.com/YunoHost/issues/issues/676#issuecomment-1703822053) on [issue #676](https://github.com/YunoHost/issues/issues/676) Use YunoHost as an identity provider?: There was some discussion here about Authelia, in #2051 about Dex, but other alternatives can be considered. Lets start...
[14:18:48] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 [commented](https://github.com/YunoHost/issues/issues/676#issuecomment-1703822053) on [issue #676](https://github.com/YunoHost/issues/issues/676) Use YunoHost as an identity provider?: There was some discussion here about Authelia, in #2051 about Dex, but other alternatives can be considered. Lets start...
[14:19:05] <selfhoster1312> u_u à chaque fois que j'update une issue le bot spamme? :P
[15:20:03] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 [commented](https://github.com/YunoHost/issues/issues/676#issuecomment-1703822053) on [issue #676](https://github.com/YunoHost/issues/issues/676) Use YunoHost as an identity provider?: There was some discussion here about Authelia, in #2051 about Dex, but other alternatives can be considered. Lets start...
[15:24:00] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 opened [issue #2240](https://github.com/YunoHost/issues/issues/2240): Replacing SSOWat
[15:30:15] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 edited [issue #2240](https://github.com/YunoHost/issues/issues/2240): Replacing SSOWat
[15:32:19] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 edited [issue #2239](https://github.com/YunoHost/issues/issues/2239): [META] Tracking issue for user management, sessions and SSO
[15:34:52] <selfhoster1312> bon, fini de faire du ménage sur le bugtracker pour aujourd'hui :)
[17:09:50] <Yunohost Git/Infra notifications> [issues] @BRGustavoRibeiro [commented](https://github.com/YunoHost/issues/issues/676#issuecomment-1703890616) on [issue #676](https://github.com/YunoHost/issues/issues/676) Use YunoHost as an identity provider?: Kanidm has a pretty amazing performance. I personally use it in some of my projects (small and huge ones) and its worki...
[17:11:20] <Yunohost Git/Infra notifications> [issues] @BRGustavoRibeiro [commented](https://github.com/YunoHost/issues/issues/2240#issuecomment-1703891374) on [issue #2240](https://github.com/YunoHost/issues/issues/2240) Replacing SSOWat: As replied in #676, although I really like Authelia, Kanidm is worth a look. It has an amazing performance, its stable,...
[17:28:55] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 [commented](https://github.com/YunoHost/issues/issues/2240#issuecomment-1703895222) on [issue #2240](https://github.com/YunoHost/issues/issues/2240) Replacing SSOWat: Ive been following Kanidm for a while and it looks great The main downside is they have [strict hardware requirements]...
[17:30:24] <Yunohost Git/Infra notifications> [issues] @selfhoster1312 [commented](https://github.com/YunoHost/issues/issues/2240#issuecomment-1703895222) on [issue #2240](https://github.com/YunoHost/issues/issues/2240) Replacing SSOWat: Ive been following Kanidm for a while and it looks great The main downside is they have [strict hardware requirements]...
[17:42:35] <Yunohost Git/Infra notifications> [SSOwat] @selfhoster1312 opened [pull request #220](https://github.com/YunoHost/SSOwat/pull/220): Lua optimizations: caching & no check on public routes
[18:19:39] <Yunohost Git/Infra notifications> [issues] @alexAubin [commented](https://github.com/YunoHost/issues/issues/952#issuecomment-1703905312) on [issue #952](https://github.com/YunoHost/issues/issues/952) Option to disable the SSOwat user panel for an app?: Closing because were going to drop the tile thing entirely in the SSOwat/portal-api refactoring
[18:19:39] <Yunohost Git/Infra notifications> [issues] @alexAubin closed [issue #952](https://github.com/YunoHost/issues/issues/952): Option to disable the SSOwat user panel for an app?
[18:19:39] <Yunohost Git/Infra notifications> [issues] @alexAubin closed [issue #1314](https://github.com/YunoHost/issues/issues/1314): Portal button is not showing in many apps
[18:19:39] <Yunohost Git/Infra notifications> [issues] @alexAubin [commented](https://github.com/YunoHost/issues/issues/1314#issuecomment-1703905374) on [issue #1314](https://github.com/YunoHost/issues/issues/1314) Portal button is not showing in many apps: Closing because were going to drop the tile thing entirely in the SSOwat/portal-api refactoring
[18:24:46] <Yunohost Git/Infra notifications> [issues] @alexAubin [commented](https://github.com/YunoHost/issues/issues/1270#issuecomment-1703906288) on [issue #1270](https://github.com/YunoHost/issues/issues/1270) [SSOwat] Does not work with public apps at the root of a domain: (Probably going to be implicitly "fixed" by the ssowat/portal-api refactoring because were gonna have one portal per ma...
[20:47:21] <Yunohost Git/Infra notifications> [yunohost] @zamentur pushed 1 commit to enh-bind-heritage-config-panel: [fix] Avoid char conflict with bind properties ([6f3b1949](https://github.com/YunoHost/yunohost/commit/6f3b194944502460422d0f06c02a7fd225387f58))
[20:50:44] <Yunohost Git/Infra notifications> [yunohost] 🔴 Pipeline [#989994919](https://gitlab.com/yunohost/yunohost/-/pipelines/989994919) failed on branch enh-bind-heritage-config-panel
[22:26:59] <Yunohost Git/Infra notifications> [yunohost] @yunohost-bot opened [pull request #1707](https://github.com/YunoHost/yunohost/pull/1707): Translations update from Weblate