Age | Commit message (Collapse) | Author | Files | Lines |
|
https://vndb.org/t950.514
|
|
Been wanting to do this for a long time - using an integer index into an
array that changes once in a while is way too fragile. Doubly so when
said indices are also used in filters and URLs that can't be updated
every time a new resolution is added.
|
|
https://vndb.org/t950.512
|
|
https://vndb.org/t11296.3
(And I forgot to add update_20180929.sql in the previous commit)
|
|
https://vndb.org/t11296
|
|
https://vndb.org/t950.481
Also, the resolution should really be stored as an ENUM in the database,
this integer thing is waay too fragile.
|
|
|
|
As discussed in https://vndb.org/t10665
|
|
|
|
If you don't really care about the data in your Docker's Postgres DB,
then you can just update with:
docker volume rm vndb-data
docker volume create --name vndb-data
docker build --pull --no-cache -t vndb .
If you do want to keep your data, the process is roughly as follows:
- Do a pg_dumpall from your current docker image to save the data.
- Run the above commands to upgrade
- Import the database in the new docker image
(cherry picked from commit c278eec720b78624580f844d8289ddb575035138)
|
|
output
|
|
This touches a bunch of things:
- Adds a new first-class database entry type
- Removes the d+.+.+ BBCode link syntax, adds a new d+#+ and d+#+.+
link syntax (references have been updated where possible)
- Adds a new dependency on Text::MultiMarkdown
|
|
For consistency with the VN & character alias fields. It's also less
ambiguous, as there are a few aliases that contain commas.
|
|
Otherwise the vndb_site/_multi users won't have usage rights on those.
Fixes https://vndb.org/t10218.6
|
|
+ a bit of tooling to make it work.
The database was contributed by tigershark, with a few minor additions
by me.
|
|
Should fix https://vndb.org/t9425.11
|
|
https://vndb.org/t2520.233
The old bb2html() blindly replaced [url=..] anywhere inside the matched
token, and did not require that the [url=..] was itself the token. I've
made the tag matching more strict to make sure that [something[url=..]
is now properly tokenized.
This also affects other tags, so it's likely that there's some input
that the old bb2html() would still have handled differently.
|
|
|
|
|
|
This is based on the API that I described in https://vndb.org/t5564.12
It's mostly bug-compatible with the old bb2html(), main differences:
- <br /> -> <br> for no reason
- Doesn't sporadically add a wrong </div>
- $rmwhitespace now also after [/code]
Most of the test cases were contributed by flan <flan@flande.re>
|
|
Should fix https://vndb.org/t10082
|
|
|
|
|
|
|
|
|
|
|
|
This makes perms.sql the definitive place for all permissions assigned
to these roles. The DROP OWNED does require superuser privileges, but
that's alright - the statement is simply skipped when run as 'vndb'.
|
|
|
|
This saves about 1GiB.
|
|
https://vndb.org/t950.317
|
|
|
|
|
|
Previously the website was connected to the database with a "database
owner" user, which has far too many permissions. Now there's a special
vndb_site user with only the necessary permissions. The primary
reason to do this is to decrease the impact if the site process is
compromised. E.g. it's now no longer possible to delete or modify old
entry revisions. An attacker can still do a lot of damage, however.
Additionally (and this was the main reason to implement this change in
the first place), the user sessions, passwords and email data is now not
easily accessible anymore. Hopefully, the new user management
abstractions will prevent email and password dumps in case of an SQL
injection or RCE vulnerability in the site code. Of course, this only
works if my implementation is fully correct and there's no privilige
escalation vulnerability somewhere.
Furthermore, changing your password now invalidates any existing
sessions, and the password reset function is disabled for 'usermods'
(because usermods can list email addresses from the database, and the
password reset function could still allow an attacker to gain access to
anyone's account).
I also changed the format of the password reset tokens, as they totally
don't need to be salted.
|
|
|
|
VNDB tends to get unresponsive for a few minutes when the daily cron is
run. This should help somewhat.
|
|
|
|
This is a generalization of the search improvements made in
7da2edeaa0f6cf7794f4f8f68960497dc1be893c and
92235222dba4e5d0c7713d53ef12e0f10e371b83
And has been applied to the dropdown searches for producers, staff, tags
and traits.
For all those searches, exact matches are listed first, followed by
prefix matches, and then substring matches. Relevance is currently only
based on the primary name/title and ignores aliases (except for staff).
This is fixable, but not trivial, and I'm not sure it's all that useful.
|
|
|
|
|
|
|
|
|
|
...unless I missed something.
|
|
This has been mostly automated.
|
|
I definitely needed the Tie::IxHash thing for these.
|
|
This removes the reliance on sort() to provide meaningful ordering (the
keys aren't always good for ordering) and removes the 'order' hack used
for (vn|prod)_relations.
|
|
|
|
|
|
TODO: Intern strings again to simplify the code.
The immediate effect of this commit is that starting the util/vndb.pl
script and generating the JS file is much faster now and that vndb.pl
uses less memory. Translations have already been disabled on the main
VNDB for a week now.
|
|
|
|
Compresses a little better. I reduced the number of iterations required
to find the optimal image size in spritegen.pl, but generating the
icons.png is *incredibly slow* when combining zopflipng with the 'slow'
option. It's possible to parallelize the calculation and use multiple
cores to speed it up, but that seems overkill.
Some icons.png compression stats:
METHOD SIZE RUNTIME
default 18103 <1sec
slow 17941 few secs
pngcrush 15385 <1sec
pngcrush+slow 15148 few mins
zopflipng 14986 few secs
zopflipng+slow 14898 ~1 hour
|