securedrop

securedrop copied to clipboard

Licensing notices are used in different ways in different repositories

8

## Description Currently, we have different practices regarding license notices in different parts of the SecureDrop project. - SecureDrop Client uses full [AGPL-3.0-or-later][spdx-agpl] headers in each file ([example][client]) - SecureDrop...

gonzalo-bulnes

Switch from itsdangerous to another JWT library

2

## Description An upcoming release of `itsdangerous`, 2.1, will drop support for JSON Web Signatures. The project maintainers recommend switching to `authlib` instead. Encountered the deprecation notice while performing a...

conorsch

## Description `test_no_ecrypt_messages_in_logs` in `molecule/testinfra/common/test_system_hardening.py` triggered by `securedrop-admin verify` hangs indefinitely when confronted with a `/var/log/syslog` that's larger than approximately 2.125MB. ## Steps to Reproduce * SSH into app server...

eaon

Add support for generating signed CSRs for Harica and Digicert in securedrop-admin

4

## Description Harica and Digicert now apparently require that CSRs for certs for onion services be signed with the service's private key. Harica have written a tool to support this:...

zenmonkeykstop

## Description [Accessibility Lab recommendation](https://docs.google.com/document/d/1jZlKco2YgOrrI4PmTkG_Q8lKuV5VxCds/edit#): > * **Keyboard** > The tab key must be constrained within the dialog. Users cannot tab out of the dialog. The focus goes to the...

cfm

Large upload failure should result in comprehensible error message

8

## Steps to reproduce (To see production-like behavior below, make sure to test in Tor Browser against a staging or production instance.) In the Source Interface, upload a file that...

eloquence

/var/lib/securedrop/keys/gpg-agent.conf should be installed by the package, not generated in postinst

1

## Description Currently we create and edit the `/var/lib/securedrop/keys/gpg-agent.conf` file in the `postinst` of the securedrop-app-code package. Aside from being a bit precarious to be grepping for certain strings and...

legoktm

Independently repeatable fully deterministic compilation

29

It should be possible for independent folks to compile SecureDrop from source and achieve exactly the same binary. Once this is possible, SecureDrop's normal release process should rely on multiple...

tildelowengrimm

## Description **Do we want to move SecureDrop to Weblate's continuous-localization workflow?** *This is a stub issue pending freedomofpress/securedrop-client#239.* ## User Research Evidence - freedomofpress/securedrop-client#239 ## User Stories As a...

cfm

Edit/Rethink GPG Guidance in SI

7

## Problem Today's text guiding GPG usage in the SI is likely to be alienating to many users. It assumes the reader understands BASH and how to use a Terminal...

ninavizz