RACTF Public Address System

[thebeanogamer]

We need a way to communicate things to self-hosted users. My proposed solution:

• Store a JSON file somewhere with semvers that are impacted

  [
      {
          "name": "Big vulnerability",
          "type": "Security",
          "body": "Patch please, is bad",
          "impacted_version": "<=0.1.2",
          "url": "https://..."
      }
  ]

• We can update the JSON to tell people about changes they should be aware of
  • Security issues
  • Deployment improvements
    • Daphne -> Gunicorn
    • Docker Hub -> GHCR
• During boot up, backend should check for this and log it to stdout
  • Maybe it could check periodically once we have Celery?
• Should this be disabled on instances with telemetry disabled?

This was inspired by Ghost emailing me to tell me everything was on fire, but I'm not convinced about sending out these kind of emails, as we'd have to do things like track within the DB which admins should get these emails and which have been sent them. Could be an option. Yes I have applied the update the email said to.

[0xAda]

frontend problem imo

…

On Fri, 24 Sep 2021, 19:26 Daniel Milnes, ***@***.***> wrote: We need a way to communicate things to self-hosted users. My proposed solution: - Store a JSON file somewhere with semvers that are impacted [ { "name": "Big vulnerability", "type": "Security", "body": "Patch please, is bad", "impacted_version": "<=0.1.2", "url": "https://..." } ] - We can update the JSON to tell people about changes they should be aware of - Security issues - Deployment improvements - Daphne -> Gunicorn - Docker Hub -> GHCR - During boot up, backend should check for this and log it to stdout - Maybe it could check periodically once we have Celery? - Should this be disabled on instances with telemetry disabled? This was inspired by Ghost emailing me to tell me everything was on fire, but I'm not convinced about sending out these kind of emails, as we'd have to do things like track within the DB which admins should get these emails and which have been sent them. Could be an option. Yes I have applied the update the email said to. [image: image] <https://user-images.githubusercontent.com/3729048/134722073-b1ab3683-e990-48cf-9221-3abdcd191dd2.png> — You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub <#190>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ACBCZQZX6EF54TNSB43FCF3UDS7F5ANCNFSM5EWP4WNA> . Triage notifications on the go with GitHub Mobile for iOS <https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android <https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.

[jchristgit]

Deployment improvements
Daphne -> Gunicorn

These two do different things. Daphne does ASGI, gunicorn does WSGI. Unless something changed recently.

[jerbob]

Good morning Johannes,

gunicorn can do ASGI by means of the uvicorn gunicorn worker.

Regards,
Jeremiah

[jchristgit]

Jeremiah, thanks for correcting me. Of course, you are right.

…

Am 25.09.2021 um 11:57 schrieb Jeremiah Boby ***@***.***>:  Good morning Johannes, gunicorn can do ASGI by means of the uvicorn gunicorn worker. Regards, Jeremiah — You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android.