Conor Schaefer
Conor Schaefer
The multiline parsing for Redmine production logs still leave something to be desired. Most, but not all, events are properly concatenated as a single Elasticsearch 'event'. There are a few...
Follow-up to #431. We are currently _not_ testing for CSP violations in CI, and instead we require devs to validate that no CSP violations were introduced by running the local...
Follow-up to #431. As @emkll noted over there: > `unsafe-eval` is required for client/common/js/common.js:645 and /client/tor/js/torEntry.js:89. We should consider fixing this, as it would be another big win. @harrislapiroff [adds](https://github.com/freedomofpress/securedrop.org/pull/431#issuecomment-382384479):...
The Wagtail settings include a wonderful feature to flag certain posts as high-priority, intended to call attention to security advisories. We used it today:  The automatic cache busting on...
Over the weekend, noticed high memory alerts on the securedrop.org webserver—over 80% of RAM utilized. After a bit of poking around, it appears that the thrice daily scans of the...
The repository contains files of several common types, including: * [ ] YAML (`*.sls` and `*.top` Salt files) * [ ] salt-lint (see https://github.com/warpnet/salt-lint) * [x] Python scripts (see https://github.com/freedomofpress/securedrop-workstation/pull/62)...
The Salt management logic (YAML files stored in `dom0/*.{sls,top}`) has proven rather problematic to work with. See this recent [qubes-users thread](https://groups.google.com/forum/#!topic/qubes-users/F_TB7Zzseeo) (in which the SecureDrop Workstation project is named as...
In the updater code we call out to `qubes-dom0-update`: https://github.com/freedomofpress/securedrop-workstation/blob/641c0d59511d72ed5abfe456dd57af9563a5669b/launcher/sdw_updater_gui/Updater.py#L168 According to the [official Qubes docs](https://www.qubes-os.org/doc/how-to-update/#command-line-interface), we shouldn't be doing that: > Updating with direct commands such as qubes-dom0-update, dnf...
We've long maintained a custom RPM leveraging the `qubes-builder` logic to install the base image for SDW: https://github.com/freedomofpress/qubes-template-securedrop-workstation. In the process of managing the Debian Bullseye migration (#733), we've updated...
Recently noticed this warning message emitted during updater runs: ``` [WARNING ] top_file_merging_strategy is set to 'merge' and multiple top files were found. Merging order is not deterministic, it may...