Generate links that users can use to submit messages encrypted with your public key.

Overview

Hawkpost

Hawkpost lets you create unique links that you can share with the person that desires to send you important information but doesn't know how to deal with PGP.

You can deploy your own server using the code from this repository or use the official server (that is running an exact copy of this repo) at https://hawkpost.co.

Rationale

For many web and mobile development studios, no matter how hard they try to secure their client secrets (passwords, API keys, etc), the weakest link resides on the client most of the times, specially when he's not a tech savvy person. This project tries to help minimize this issue on the communication between both parties.

The way it works is like this:

  1. It fetches your public key.
  2. When the box is open and the secrets submitted, all the content is encrypted on the client side.
  3. The server then signs (experimental) the encrypted content.
  4. Finally the server forwards it to your e-mail address.

Setting up a development environment

In this section you can find the steps to setup a minimal development environment on your machine.

Base requirements:

  • Python 3
  • Redis
  • PostgreSQL

On Linux

On a Debian based operating system execute the following steps, after cloning the repository:

  • Install the dependencies
$ pipenv install
  • Create the local postgreSQL database with your user and no password

  • Migrate the database

$ pipenv run python manage.py migrate
  • Generate stylesheet with gulp (installation instructions for gulp can be found here)
$ gulp build
  • Now you should be able to launch the server and its workers
$ pipenv run python manage.py runserver
$ pipenv run celery -A hawkpost worker --beat -l info

You can avoid pipenv run in every command if you first active the virtual environment with pipenv shell.

Using Docker

To use this approach you need to have Docker and Docker Compose installed. Please note that since this project uses version 2 of the Compose file format you may need to update your Docker and Docker Compose to their latest versions.

Installation instructions for every platform are available at the Docker Engine Documentation. If you use Linux you'll have to install Docker Compose manually.

After having the latest Docker and Docker Compose installed, make the folder that will hold the GPG public keys keyring:

$ mkdir -p gpg_home

Some environment variables need to be set so the application works properly. Copy the provided .env.sample and name it .env:

$ cp .env.sample .env

Since this setup assumes containers talk to each other some of the variables need to be set in order to point to the containers' names.

Edit .env and set the following variables to these values:

DB_HOST=db
DB_USER=hawkpost
DB_PASSWORD=hawkpost
REDIS_URL=redis://redis:6379/0

Don't forget to set the remaining variables as well.

After setting .env correctly, just run (you may need to sudo depending on your setup)

# Run the databases in detached mode to avoid seeing the logs
$ docker-compose up -d db redis

# Perform the migrations
# (using `--rm` to remove the temporary container afterwards)
$ docker-compose run --rm web pipenv run python manage.py migrate

# Run the web and celery containers
# (`docker-compose up` would log db and redis as well)
$ docker-compose up web celery

These commands

  1. Run the db and the redis containers detached from the console, so we're not bothered by their logs while working on the application.
  2. Perform the migrations using a temporary web container; it is removed afterwards.
  3. Run the web and celery attached to the console.

The web container will reload on code changes.

You may access the application by opening http://<docker-network-ip> on your browser, which you can find by running (you may need to run this as root depending on your setup).

CID=$(docker ps | grep 'hawkpost_web' | cut -d ' ' -f 1)
docker inspect -f "{{ .NetworkSettings.Networks.hawkpost_default.Gateway }}" $CID

This IP won't change unless you remove every container and the corresponding network (manually), so you may alias it on your /etc/hosts (to something like hawkpost.test).

Note: This approach was not tested on OS X or Windows platforms, so the network feature may require additional steps.

Running the test suite

To execute our current test suite, you just need to execute the following command after setting up your local development environment:

$ pipenv run python manage.py test

In case you are using our docker setup the command should be:

$ docker-compose run --rm web pipenv run python manage.py test

Credits

Whitesmith

This project was born during an internal hackathon at Whitesmith, which is helping and supporting the current development.

Comments
  • Error encrypting message

    Error encrypting message

    Hello, I tried using hawkpost.co today and was experiencing the following error:

    openpgp.min.0ac5ae9c7d87.js:8 Uncaught (in promise) Error: Error encrypting message: Could not find valid key packet for encryption in key 3f77ce4377661af7
        at A (https://hawkpost.co/static/javascripts/openpgp.min.0ac5ae9c7d87.js:8:29141)
    

    This was happening here: https://hawkpost.co/box/ec362e6c-490f-42a1-9f0e-d04aa7c43378 when I clicked on the Encrypt and Send button. (The box should still be open since it Never expires.)

    My GPG Key fingerprint is F3140E4A8D56FF55792112EF3F77CE4377661AF7 and I added the key using the keyserver URL https://pgp.mit.edu/pks/lookup?op=get&fingerprint=on&search=0xF3140E4A8D56FF55792112EF3F77CE4377661AF7.

    I am assuming this is happening because I signed up using github, where my e-mail address is [email protected], but my public key has different e-mail adresses on it. I will probably delete the account and manually sign up with a matching e-mail address, but it might be good to inform users that their public key doesn't match their e-mail.

    bug help wanted prioritary 
    opened by jmesserli 10
  • Please Help - Unable to Get Email Working (Gmail/SMTP Possible?)

    Please Help - Unable to Get Email Working (Gmail/SMTP Possible?)

    Hey guys,

    So after eventually getting Hawkpost up and running on a fresh Ubuntu 16.04 installation, I'm having major troubles getting email to work for when a new user signs up.

    Being a small, simple, self hosted setup, I'd like to just use Gmail SMTP if possible as that's what every other service I run uses and I find it easiest for me personally. I'm not sure if that's not possible or if it's somehow evading me.

    I couldn't find anything hawkpost specific, so I've Google'd till I'm blue in the face, and in my .env file I started off with a basic configuration based on guidelines I've found:

    EMAIL_BACKEND = 'django.core.mail.backends.smtp.EmailBackend'
    EMAIL_HOST = 'smtp.gmail.com'
    EMAIL_HOST_USER = '[redacted - my gmail address]'
    EMAIL_HOST_PASSWORD = '[redacted - gmail app password]'
    EMAIL_PORT = 587
    EMAIL_USE_TLS = True
    

    However, this throws the following error along with a long stack trace:

    smtplib.SMTPSenderRefused: (530, b'5.7.0 Must issue a STARTTLS command first. e18sm653160qtc.59 - gsmtp', '[redacted - my gmail address]')

    If I try changing the port to 465 and instead of "EMAIL_USE_TLS = True" I use "EMAIL_USE_SSL = True" then I get the following error after a long pause (again with a long stack trace):

    smtplib.SMTPServerDisconnected: Connection unexpectedly closed

    I've tried many, many other varying combinations of lines with and without the single quotes, changing the "EMAIL_BACKEND" to 'django_smtp_ssl.SSLEmailBackend', leaving that line out entirely (which throws a

    Gets: IndexError: string index out of range

    error , etc. etc. etc. but nothing has resulted in successful sending of emails.

    I would sincerely appreciate any help or guidance anyone could provide, as I'd really really like to get this working if at all possible. Thank you!!

    opened by dohlin 6
  • Unable to login

    Unable to login

    Hi,

    I installed hawkpost and tried to sign-up using email but nothing happened. And then tried to login using github, hawkpost said, "Server Error". How can I fix this issue?

    Python: 3.6.8 node.js: v10.16.0 OS: Debian GNU/Linux 10 (Buster)

    opened by mzch 5
  • reply_to is filled if the user is authenticated

    reply_to is filled if the user is authenticated

    Addresses #218

    This is a simple implementation of a requested feature. If a user is logged in when submitting a box, the reply_to field will be filled with his email address.

    We could added a field for users not logged in, however we would have to validate the users is not trying to impersonate (not providing is own email address).

    A possible improvement for this PR, would be to allow the logged in user to opt out of this feature. Would that be preferable?

    opened by dethos 5
  • Cannot delete account when signed-on via github.

    Cannot delete account when signed-on via github.

    I logged in with github SSO which went very well.

    After trying to add my key which didn't work (fingerprint kept mismatching, and key is invalid error. This could be my fault), I wanted to delete my account.

    I clicked on the Do you wish to delete your account? if yes, just click here link on the settings page.

    I then was asked for my password which, obviously, I hadn't need to set.

    and without a password I can't delete my account...

    Could this be fixed?

    bug Hacktoberfest good first issue 
    opened by techhazard 4
  • Email users

    Email users

    When the administrator of one Hawkpost instance wants to communicate to its users an issue or important information, such as downtime for maintenance, it now can use this simple built in feature.

    opened by dethos 4
  • Docker installation with Compose doesn't work following README

    Docker installation with Compose doesn't work following README

    Hi all!

    I've been trying to install Hawkpost with Docker Compose following the instructions in the README but I'm having issues. The build doesn't seem to be installing pipenv correctly and I'm getting the following:

    Step 8/11 : RUN pipenv install --dev
     ---> Running in e677cf55a8e8 
    Warning: Python 3.6 was not found on your system… 
    You can specify specific versions of Python with: 
      $ pipenv --python path/to/python
    The command '/bin/sh -c pipenv install --dev' returned a non-zero code: 1
    

    Is Docker installation actively supported for Hawkpost?

    opened by lpulley 3
  • 212 password change

    212 password change

    Fixes #212

    • Updates UpdateUserInfoForm to accept password change;
    • Add "Change Password" section in the settings forms;
    • Modify the settings form javascript to work for N tabs
    opened by Lobosque 3
  • Build a roadmap.

    Build a roadmap.

    Hi All,

    This looks like a super nice idea. It'd be good if there was some sort of roadmap so we can get an idea on when it gets to 1.0.0, after which we'll look it implementing it. Is there some list of tasks that block 1.0.0?

    Cheers,

    discussion 
    opened by andrewhowdencom 3
  • Check for expired and revoked keys

    Check for expired and revoked keys

    This PR handles the following issues:

    • Fixes a bug that lets the users submit a key, without fingerprint check
    • Add revoke and expiration checks to settings form
    • Adds a daily task to update and check the users keys (Issue: https://github.com/whitesmith/hawkpost/issues/1)
    opened by dethos 3
  • Javascript disabled

    Javascript disabled

    Handle the situations when the JavaScript it disabled on the browser.

    This is an attempt to fix the following issue: https://github.com/whitesmith/hawkpost/issues/33

    opened by dethos 3
  • Bump django-dotenv from 1.4.1 to 1.4.2

    Bump django-dotenv from 1.4.1 to 1.4.2

    Bumps django-dotenv from 1.4.1 to 1.4.2.

    Release notes

    Sourced from django-dotenv's releases.

    v1.4.2

    Commits
    • 4a3ea82 Merge pull request #27 from alexdlaird/feature-26-adl-overwrite-flag
    • fa0a6fe #26 Bumping version number.
    • fecf473 #26 Removing Python 3.3 references from other files.
    • 8836e69 #26 Removing PY33, as interpreter no longer support by Travis CI.
    • 6f6cac1 #79: Adding an "overwrite" flag to read_dotenv, False by default.
    • fb0fb72 Merge pull request #22 from merwok-forks/fix-warning-stacklevel
    • f879413 Fix line length
    • 4c5b61c Show calling function in warning
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies python 
    opened by dependabot[bot] 0
  • Bump whitenoise from 4.1.4 to 5.3.0

    Bump whitenoise from 4.1.4 to 5.3.0

    Bumps whitenoise from 4.1.4 to 5.3.0.

    Changelog

    Sourced from whitenoise's changelog.

    5.3.0 (2021-07-16)

    • Gracefully handle unparsable If-Modified-Since headers (thanks @danielegozzi <https://github.com/danielegozzi>_).
    • Test against Django 3.2 (thanks @jhnbkr <https://github.com/jhnbkr>_).
    • Add mimetype for Markdown (.md) files (thanks @bz2 <https://github.com/bz2>_).
    • Various documentation improvements (thanks @PeterJCLaw <https://github.com/PeterJCLaw>_ and @AliRn76 <https://github.com/AliRn76>_).

    5.2.0 (2020-08-04)

    • Add support for relative STATIC_URLs <https://docs.djangoproject.com/en/3.1/ref/settings/#std:setting-STATIC_URL>_ in settings, as allowed in Django 3.1.
    • Add mimetype for .mjs (JavaScript module) files and use recommended text/javascript mimetype for .js files (thanks @hanswilw <https://github.com/hanswilw>_).
    • Various documentation improvements (thanks @lukeburden <https://github.com/lukeburden>_).

    5.1.0 (2020-05-20)

    • Add a :any:manifest_strict <WHITENOISE_MANIFEST_STRICT> setting to prevent Django throwing errors when missing files are referenced (thanks @MegacoderKim <https://github.com/MegacoderKim>_).

    5.0.1 (2019-12-12)

    • Fix packaging to indicate only Python 3.5+ compatibiity (thanks @mdalp <https://github.com/mdalp>_).

    5.0 (2019-12-10)

    .. note:: This is a major version bump, but only because it removes Python 2 compatibility. If you were already running under Python 3 then there should be no breaking changes.

    WhiteNoise is now tested on Python 3.5--3.8 and Django 2.0--3.0.

    Other changes include:

    • Fix incompatibility with Django 3.0 which caused problems with Safari (details here <https://github.com/evansd/whitenoise/issues/240>). Thanks @paltman <https://github.com/paltman> and @giilby <https://github.com/giilby>_ for diagnosing.
    • Lots of improvements to the test suite (including switching to py.test).

    ... (truncated)

    Commits
    • 0632866 Release version 5.3.0
    • c8b49a2 Merge pull request #281 from jhnbkr/master
    • 870813f Merge pull request #267 from bz2/media_md
    • e504d4a Merge pull request #287 from danielegozzi/master
    • 5b58695 Ignore unparsable If-Modified-Since headers and return the file
    • d1868be Added support for Django 3.2
    • 855c05e Merge pull request #278 from PeterJCLaw/secure-links
    • 5fb5d57 Make these various links secure
    • de827c9 Merge pull request #269 from AliRn76/master
    • cc49b0b Update the STATIC_ROOT for Django 3.1
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies python 
    opened by dependabot[bot] 0
  • Bump qs and browser-sync

    Bump qs and browser-sync

    Bumps qs to 6.11.0 and updates ancestor dependency browser-sync. These dependencies need to be updated together.

    Updates qs from 6.5.2 to 6.11.0

    Changelog

    Sourced from qs's changelog.

    6.11.0

    • [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option (#442)
    • [readme] fix version badge

    6.10.5

    • [Fix] stringify: with arrayFormat: comma, properly include an explicit [] on a single-item array (#434)

    6.10.4

    • [Fix] stringify: with arrayFormat: comma, include an explicit [] on a single-item array (#441)
    • [meta] use npmignore to autogenerate an npmignore file
    • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, object-inspect, tape

    6.10.3

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [actions] reuse common workflows
    • [Dev Deps] update eslint, @ljharb/eslint-config, object-inspect, tape

    6.10.2

    • [Fix] stringify: actually fix cyclic references (#426)
    • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] add note and links for coercing primitive values (#408)
    • [actions] update codecov uploader
    • [actions] update workflows
    • [Tests] clean up stringify tests slightly
    • [Dev Deps] update eslint, @ljharb/eslint-config, aud, object-inspect, safe-publish-latest, tape

    6.10.1

    • [Fix] stringify: avoid exception on repeated object values (#402)

    6.10.0

    • [New] stringify: throw on cycles, instead of an infinite loop (#395, #394, #393)
    • [New] parse: add allowSparse option for collapsing arrays with missing indices (#312)
    • [meta] fix README.md (#399)
    • [meta] only run npm run dist in publish, not install
    • [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbols, tape
    • [Tests] fix tests on node v0.6
    • [Tests] use ljharb/actions/node/install instead of ljharb/actions/node/run
    • [Tests] Revert "[meta] ignore eclint transitive audit warning"

    6.9.7

    • [Fix] parse: ignore __proto__ keys (#428)
    • [Fix] stringify: avoid encoding arrayformat comma when encodeValuesOnly = true (#424)
    • [Robustness] stringify: avoid relying on a global undefined (#427)
    • [readme] remove travis badge; add github actions/codecov badges; update URLs
    • [Docs] add note and links for coercing primitive values (#408)
    • [Tests] clean up stringify tests slightly
    • [meta] fix README.md (#399)
    • Revert "[meta] ignore eclint transitive audit warning"

    ... (truncated)

    Commits
    • 56763c1 v6.11.0
    • ddd3e29 [readme] fix version badge
    • c313472 [New] [Fix] stringify: revert 0e903c0; add commaRoundTrip option
    • 95bc018 v6.10.5
    • 0e903c0 [Fix] stringify: with arrayFormat: comma, properly include an explicit `[...
    • ba9703c v6.10.4
    • 4e44019 [Fix] stringify: with arrayFormat: comma, include an explicit [] on a s...
    • 113b990 [Dev Deps] update object-inspect
    • c77f38f [Dev Deps] update eslint, @ljharb/eslint-config, aud, has-symbol, tape
    • 2cf45b2 [meta] use npmignore to autogenerate an npmignore file
    • Additional commits viewable in compare view

    Updates browser-sync from 2.26.14 to 2.27.11

    Release notes

    Sourced from browser-sync's releases.

    2.27.9

    What's Changed

    A bug prevented the help output from displaying - it was introduced when the CLI parser yargs was updated, and is now fixed :)

    Full Changelog: https://github.com/BrowserSync/browser-sync/compare/v2.27.8...v2.27.9

    2.27.8

    This release upgrades Socket.io (client+server) to the latest versions - solving the following issues, and silencing security warning :)

    PR:

    Resolved Issues:

    Thanks to @​lachieh for the original PR, which helped me land this fix

    added snippet: boolean option

    This release adds a feature to address BrowserSync/browser-sync#1882

    Sometimes you don't want Browsersync to auto-inject it's connection snippet into your HTML - now you can disable it globally via either a CLI param or the new snippet option :)

    browser-sync . --no-snippet
    

    or in any Browsersync configuration

    const config = {
      snippet: false,
    };
    

    the original request was related to Eleventy usage, so here's how that would look

    eleventyConfig.setBrowserSyncConfig({
      snippet: false,
    });
    
    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump django-timezone-field from 2.0 to 4.2.3

    Bump django-timezone-field from 2.0 to 4.2.3

    Bumps django-timezone-field from 2.0 to 4.2.3.

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies python 
    opened by dependabot[bot] 0
  • Bump scss-tokenizer and gulp-sass

    Bump scss-tokenizer and gulp-sass

    Removes scss-tokenizer. It's no longer used after updating ancestor dependency gulp-sass. These dependencies need to be updated together.

    Removes scss-tokenizer

    Updates gulp-sass from 4.1.0 to 5.1.0

    Release notes

    Sourced from gulp-sass's releases.

    v5.1.0

    Huge shout out to @​XhmikosR for putting a ton of effort into this release 🎉

    What's Changed

    New Contributors

    Full Changelog: https://github.com/dlmanning/gulp-sass/compare/v5.0.0...v5.1.0

    v5.0.0

    First and foremost a huge shout out to @​mxmason for making this long awaited release possible <3

    Breaking changes

    • Require Node >= 12
    • Require Gulp 4
    • Drop dependency on the deprecate node-sass
    • Remove hardcoded default Sass compiler

    Upgrading to v5

    It is now required to explicitly install a Sass compiler.

    npm install gulp-sass sass
    </tr></table> 
    

    ... (truncated)

    Changelog

    Sourced from gulp-sass's changelog.

    gulp-sass Changelog

    v5.0.0

    June 25, 2021

    https://github.com/dlmanning/gulp-sass/releases/tag/v5.0.0

    v4.1.1

    June 24, 2021

    https://github.com/dlmanning/gulp-sass/releases/tag/v4.1.1

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
    dependencies javascript 
    opened by dependabot[bot] 0
  • Bump axios and localtunnel

    Bump axios and localtunnel

    Bumps axios and localtunnel. These dependencies needed to be updated together. Updates axios from 0.21.1 to 0.21.4

    Release notes

    Sourced from axios's releases.

    v0.21.4

    Fixes and Functionality:

    • Fixing JSON transform when data is stringified. Providing backward compatibility and complying to the JSON RFC standard (#4020)

    Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

    v0.21.3

    Fixes and Functionality:

    • Fixing response interceptor not being called when request interceptor is attached (#4013)

    Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

    v0.21.2

    Fixes and Functionality:

    • Updating axios requests to be delayed by pre-emptive promise creation (#2702)
    • Adding "synchronous" and "runWhen" options to interceptors api (#2702)
    • Updating of transformResponse (#3377)
    • Adding ability to omit User-Agent header (#3703)
    • Adding multiple JSON improvements (#3688, #3763)
    • Fixing quadratic runtime and extra memory usage when setting a maxContentLength (#3738)
    • Adding parseInt to config.timeout (#3781)
    • Adding custom return type support to interceptor (#3783)
    • Adding security fix for ReDoS vulnerability (#3980)

    Internal and Tests:

    • Updating build dev dependancies (#3401)
    • Fixing builds running on Travis CI (#3538)
    • Updating follow rediect version (#3694, #3771)
    • Updating karma sauce launcher to fix failing sauce tests (#3712, #3717)
    • Updating content-type header for application/json to not contain charset field, according do RFC 8259 (#2154)
    • Fixing tests by bumping karma-sauce-launcher version (#3813)
    • Changing testing process from Travis CI to GitHub Actions (#3938)

    Documentation:

    • Updating documentation around the use of AUTH_TOKEN with multiple domain endpoints (#3539)
    • Remove duplication of item in changelog (#3523)
    • Fixing gramatical errors (#2642)
    • Fixing spelling error (#3567)
    • Moving gitpod metion (#2637)
    • Adding new axios documentation website link (#3681, #3707)
    • Updating documentation around dispatching requests (#3772)

    ... (truncated)

    Changelog

    Sourced from axios's changelog.

    0.21.4 (September 6, 2021)

    Fixes and Functionality:

    • Fixing JSON transform when data is stringified. Providing backward compatability and complying to the JSON RFC standard (#4020)

    Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

    0.21.3 (September 4, 2021)

    Fixes and Functionality:

    • Fixing response interceptor not being called when request interceptor is attached (#4013)

    Huge thanks to everyone who contributed to this release via code (authors listed below) or via reviews and triaging on GitHub:

    0.21.2 (September 4, 2021)

    Fixes and Functionality:

    • Updating axios requests to be delayed by pre-emptive promise creation (#2702)
    • Adding "synchronous" and "runWhen" options to interceptors api (#2702)
    • Updating of transformResponse (#3377)
    • Adding ability to omit User-Agent header (#3703)
    • Adding multiple JSON improvements (#3688, #3763)
    • Fixing quadratic runtime and extra memory usage when setting a maxContentLength (#3738)
    • Adding parseInt to config.timeout (#3781)
    • Adding custom return type support to interceptor (#3783)
    • Adding security fix for ReDoS vulnerability (#3980)

    Internal and Tests:

    • Updating build dev dependancies (#3401)
    • Fixing builds running on Travis CI (#3538)
    • Updating follow rediect version (#3694, #3771)
    • Updating karma sauce launcher to fix failing sauce tests (#3712, #3717)
    • Updating content-type header for application/json to not contain charset field, according do RFC 8259 (#2154)
    • Fixing tests by bumping karma-sauce-launcher version (#3813)
    • Changing testing process from Travis CI to GitHub Actions (#3938)

    Documentation:

    • Updating documentation around the use of AUTH_TOKEN with multiple domain endpoints (#3539)
    • Remove duplication of item in changelog (#3523)

    ... (truncated)

    Commits
    • 66c4602 Merge branch 'master' into release/0.21.4
    • fc15665 [Releasing] v0.21.4
    • c2714f0 [Updating] incorrect JSON syntax in README.md
    • 0fc7248 fix json transform when data is pre-stringified (#4020)
    • 90205f8 Change headers type to string record (#3021)
    • 92b29d2 Make the default type of response data never (#3002)
    • 4eeb3b1 Improved type-safety for AxiosRequestConfig (#2995)
    • cd7ff04 Adding HTTP status code to error.toJSON (#2956)
    • b5a1a67 Adding nodejs http.request option: insecureHTTPParser (#2930)
    • 4f25380 Exposing the Axios constructor in index.d.ts (#2872)
    • Additional commits viewable in compare view
    Maintainer changes

    This version was pushed to npm by jasonsaayman, a new releaser for axios since your current version.


    Updates localtunnel from 2.0.1 to 2.0.2

    Changelog

    Sourced from localtunnel's changelog.

    2.0.2 (2021-09-18)

    • Upgrade dependencies
    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
    dependencies javascript 
    opened by dependabot[bot] 0
Releases(v1.3.0)
  • v1.3.0(Apr 8, 2019)

    This release updates several components to more recent versions, adds better flow to set up self-hosted instances and adds many small improvements to the overall software package. Logged users can now add their email to sent messages.

    Major Changes

    • Removed server sign experimental feature, since it had several compatibility issues #289
    • Added reply_to field to messages sent by logged in users #290

    Minor Changes and bug fixes

    • Changed the development workflow to use pipenv #281
    • Updated development environment setup instructions #81
    • Fix box description multi-line issue #280
    • Update OpenPGP.js to version 3 #284
    • Added meta description and alt text to home page #283
    • Fixed missing contact information on closed box page #287

    How to update from previous version

    Since the dependency management of the project changed. You will need to change the instruction you usually do to run the project. This time you will need to run the following commands after fetching the new code changes:

    • $ pipenv install
    • $ gulp build
    • $ pipenv run python manage.py collectstatic

    The deployment commands (such as celery and gunicorn) should now be preceded by pipenv run.

    Source code(tar.gz)
    Source code(zip)
  • v1.2.0(Apr 10, 2018)

    This release brings more control to the user key state, automating reminders of expiration for all keys and letting the user audit recent key changes. Also several annoying issues were fixed and more clear instructions were added to the front-end.

    Major changes:

    • Improved key verification. Now all users are notified, more than once, when their key is about to expire. #274
    • Key change log. In order to improve transparency and control to the user, all changes to their "public key" field are record and shown in the settings page. #275

    Minor changes and bug-fixes:

    • Updated the project dependencies (some with vulnerabilities) #256, #261
    • Fixed settings overlapping button issue #252
    • Added instructions to first time users, when the box list is empty #246
    • Users can now update their passwords (those who signed up using email+password) #254
    • Added instance information to the about page #262
    • Added custom error pages #265
    • Re-factor of the key verification function (key_state) #266
    • When generating the submit page, the owner key is verified #267
    • Updated openpgp.js to v2.5.3 #268 (solves the extended expiration problem described here)
    • Fix syntax error caused by an invalid translation block #276

    How to update from previous version

    In this version SUPPORT_NAME and SUPPORT_EMAIL environment variables are now required. So before going through any of the following steps add them to your environment or .env file.

    To update from the previous version, you need to run the following commands after fetching the new code changes:

    • $ pip install -r requirements/requirements.txt
    • $ gulp build
    • $ python manage.py collectstatic
    Source code(tar.gz)
    Source code(zip)
  • v1.1.0(Aug 4, 2017)

    Improvements in this release:

    • It is now possible to send small files (#242)
    • Hawkpost now supports multiple languages. At this moment the existing ones are Portuguese and English. (#237)
    • Added an extra protection for brute-force attacks to all login forms. (#244).

    How to upgrade:

    To upgrade from the previous version you should follow the normal procedure:

    • Pull sources
    • Install new dependencies through pip
    • Run Migrations
    • Compile the new CSS (gulp build)
    • Collect the new static assets
    • Start your service
    Source code(tar.gz)
    Source code(zip)
  • 1.0(Apr 19, 2017)

    This is the first official version. This means that during the last few months the code has been tested and all critical issues (know to date), related to the main feature and purpose of the application, were addressed.

    Source code(tar.gz)
    Source code(zip)
Owner
Whitesmith
Digital Product and Innovation Studio
Whitesmith
Reference client for Bitmessage: a P2P encrypted decentralised communication protocol:

PyBitmessage Bitmessage is a P2P communication protocol used to send encrypted messages to another person or to many subscribers. It is decentralized

Bitmessage 2.7k Dec 30, 2022
A wiki system with complex functionality for simple integration and a superb interface. Store your knowledge with style: Use django models.

django-wiki Django support The below table explains which Django versions are supported. Release Django Upgrade from 0.7.x 2.2, 3.0, 3.1 0.5 or 0.6 0.

django-wiki 1.6k Dec 28, 2022
MoinMoin Wiki Development (2.0+), unstable, for production please use 1.9.x.

MoinMoin - a wiki engine in Python MoinMoin is an easy to use, full-featured and extensible wiki software package written in Python. It can fulfill a

MoinMoin Wiki Engine 240 Dec 22, 2022
Easy-to-use and powerful offline translation tool

Introduction Virtaal is a graphical program for doing translation. It is meant to be easy to use and powerful at the same time. Although the initial f

Translate 271 Nov 22, 2022
Read/sync your IMAP mailboxes (python2)

Upstream status (master branch): Upstream status (next branch): Financial contributors: Links: Official github code repository: offlineimap Website: w

OfflineIMAP 1.7k Dec 29, 2022
Mysterium the first tool which permits you to retrieve the most part of a Python code even the .py or .pyc was extracted from an executable file, even it is encrypted with every existing encryptage. Mysterium don't make any difference between encrypted and non encrypted files, it can retrieve code from Pyarmor or .pyc files.

Mysterium the first tool which permits you to retrieve the most part of a Python code even the .py or .pyc was extracted from an executable file, even it is encrypted with every existing encryptage. Mysterium don't make any difference between encrypted and non encrypted files, it can retrieve code from Pyarmor or .pyc files.

Venax 116 Dec 21, 2022
A program will generate a eth key pair that has the public key that starts with a defined amount of 0

ETHAdressGenerator This short program will generate a eth key pair that has the public key that starts with a defined amount of 0 Requirements Python

null 3 Nov 19, 2021
Fully Automated YouTube Channel ▶️with Added Extra Features.

Fully Automated Youtube Channel ▒█▀▀█ █▀▀█ ▀▀█▀▀ ▀▀█▀▀ █░░█ █▀▀▄ █▀▀ █▀▀█ ▒█▀▀▄ █░░█ ░░█░░ ░▒█░░ █░░█ █▀▀▄ █▀▀ █▄▄▀ ▒█▄▄█ ▀▀▀▀ ░░▀░░ ░▒█░░ ░▀▀▀ ▀▀▀░

sam-sepiol 249 Jan 2, 2023
A simple bot that lives in your Telegram group, logging messages to a Postgresql database and serving statistical tables and plots to users as Telegram messages.

telegram-stats-bot Telegram-stats-bot is a simple bot that lives in your Telegram group, logging messages to a Postgresql database and serving statist

null 22 Dec 26, 2022
Generate simple encrypted messages!

Premio's Shift is a very simple text encryption, you can use it to send secret messages to your friends. Table of Content Table of Content How it work

Peterson Adami Candido 3 Aug 6, 2021
Discord bot code to stop users that are scamming with fake messages of free discord nitro on servers in order to steal users accounts.

AntiScam Discord bot code to stop users that are scamming with fake messages of free discord nitro on servers in order to steal users accounts. How to

H3cJP 94 Dec 15, 2022
Key Cast - Cast your key presses and mouse clicks on the screen, while casting your favorite application on the screen. Better than the rest.

Key Cast Screen cast your keyboard and mouse clicks in style Project Homepage » View Demo · Report Bug · Request Feature Table of Contents Introductio

Mehul Singh Teya 13 Dec 23, 2022
generate HPC scheduler systems jobs input scripts and submit these scripts to HPC systems and poke until they finish

DPDispatcher DPDispatcher is a python package used to generate HPC(High Performance Computing) scheduler systems (Slurm/PBS/LSF/dpcloudserver) jobs in

DeepModeling 23 Nov 30, 2022
Just to play with my kids: create a secret alphabet and exchange encrypted messages

Secret Alphabet Description This project allows you to randomly generate an alphabet (a set of characters) and its corresponding translation. For the

BS 1 Nov 12, 2021
Use Flask API to wrap Facebook data. Grab the wapper of Facebook public pages without an API key.

Facebook Scraper Use Flask API to wrap Facebook data. Grab the wapper of Facebook public pages without an API key. (Currently working 2021) Setup Befo

Encore Shao 2 Dec 27, 2021
Python wrapper class for OpenVINO Model Server. User can submit inference request to OVMS with just a few lines of code

Python wrapper class for OpenVINO Model Server. User can submit inference request to OVMS with just a few lines of code.

Yasunori Shimura 7 Jul 27, 2022
The Devils Eye is an OSINT tool that searches the Darkweb for onion links and descriptions that match with the users query without requiring the use for Tor.

The Devil's Eye searches the darkweb for information relating to the user's query and returns the results including .onion links and their description

Richard Mwewa 135 Dec 31, 2022
A discord bot that can detect Nitro Scam Links and delete them to protect other users

A discord bot that can detect Nitro Scam Links and delete them to protect other users. Add it to your server from here.

Kanak Mittal 9 Oct 20, 2022
A simple, transparent, open-source key logger, written in Python, for tracking your own key-usage statistics.

A simple, transparent, open-source key logger, written in Python, for tracking your own key-usage statistics, originally intended for keyboard layout optimization.

Ga68 56 Jan 3, 2023
A discord Server Bot made with Python, This bot helps people feel better by inspiring them with motivational quotes or by responding with a great message, also the users of the server can create custom messages by telling the bot with Commands.

A discord Server Bot made with Python, This bot helps people feel better by inspiring them with motivational quotes or by responding with a great message, also the users of the server can create custom messages by telling the bot with Commands.

Aran 1 Oct 13, 2021