Ryan Baumann
Ryan Baumann
### Pitch There are multiple well-supported ways to implement application-level encryption in Rails applications (e.g. [Active Record Encryption](https://edgeguides.rubyonrails.org/active_record_encryption.html), [lockbox](https://github.com/ankane/lockbox)). Mastodon doesn't currently seem to use any of them, but security...
DSpace currently uses the [`openjdk`](https://hub.docker.com/_/openjdk/) Docker image, which is now officially deprecated: > This image is officially deprecated and all users are recommended to find and use suitable replacements ASAP....
Hyrax currently depends on [carrierwave](https://github.com/carrierwaveuploader/carrierwave) 1.x (https://github.com/samvera/hyrax/blob/main/hyrax.gemspec#L44), which has multiple known security vulnerabilities, e.g. [CVE-2023-49090](https://nvd.nist.gov/vuln/detail/CVE-2023-49090) and [CVE-2024-29034](https://nvd.nist.gov/vuln/detail/CVE-2024-29034).
This fixes warning messages like the following: ``` /usr/local/bundle/gems/ldp-1.0.3/lib/ldp/response.rb:196: warning: URI.unescape is obsolete ``` Similar to #132, but this fix doesn't add a new dependency on the `addressable` gem.
When I run `grain` in a clean directory with my `config.toml`, I get: ``` Loading archive… mkdir archive/twitter: permission denied ``` I think this is because of the 0644 permissions...
I'm inexperienced with Go so I'm kind of fumbling around in the dark here. If I run `go build -v ./cmd/grain`, I get: ``` cmd/grain/main.go:24:32: cannot use config (type *"github.com/pelletier/go-toml".Tree)...
We should add a check + exit code to display whether the dimensions of the final image match what's expected from the DZI XML.
The fix for #5 needed content-type checking, which is currently hardcoded to JPEG. At the very least, we should perhaps only do this when the DeepZoom parameters response specifies `"format":...
PhantomJS is now unmaintained. See https://github.com/dhamaniasad/HeadlessBrowsers for alternatives.