search

yourlabs / django-session-security

A little javascript and middleware work together to ensure that the user was active during the past X minutes in any tab he has open. Otherwise, display a warning leaving a couple of minutes to show any kind of activity like moving the mouse. Otherwise, logout the user.
http://django-session-security.rtfd.org
MIT License
309 stars 142 forks source link

Django 4 compatibility #145

Closed J4bbi closed 2 years ago

J4bbi commented 2 years ago

It's been a month since #142 was merged. Any chance a 2.7.0 release can be done?

Is there a concern that the changes might break anything? The code seems cautious.

I am looking to move to Django 4 and I would rather not have to modify my code manually.

J4bbi commented 2 years ago

@jpic , tagging you as you last committed

AlexCLeduc commented 2 years ago

For what it's worth to anyone else waiting on this, I've been using this monkey patch in my settings module, behaviour is identical to the merged PR

import sys
from django.urls import re_path

class fakemodule(object):
    @staticmethod
    def url(*args, **kwargs):
        return re_path(*args, **kwargs)

sys.modules["django.conf.urls.defaults"] = fakemodule
mpasternak commented 2 years ago

Is there a pull request opened?

J4bbi commented 2 years ago

@mpasternak my understanding is that the main branch is Django 4 compatible but a tagged release hasn't been done since Jan 2020 and we need a tagged release to trigger a new build for pypi

jpic commented 2 years ago

@mpasternak https://github.com/mpasternak do you need any help to make a pypi release? I can also make one if needed if course On Fri, May 20, 2022, 10:46 Hrafn Malmquist @.***> wrote:

@mpasternak https://github.com/mpasternak my understanding is that the main branch is Django 4 compatible but a tagged release hasn't been done since Jan 2020 https://github.com/yourlabs/django-session-security/releases/tag/2.6.6 and we need a tagged release to trigger a new build for pypi

β€” Reply to this email directly, view it on GitHub https://github.com/yourlabs/django-session-security/issues/145#issuecomment-1132644381, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAXDLCPSUES7545ZTY5VX3VK5GM7ANCNFSM5SPUCI7A . You are receiving this because you were mentioned.Message ID: @.***>

mpasternak commented 2 years ago

@jpic hi! I'm on it, will let you know in a minute.

mpasternak commented 2 years ago

@jpic What I understand is I'm going to use either bumpversion or bumpver to tag 2.6.7 and then commit.

I don't know if I have PyPI upload privileges.

What's your preferred tool to upload stuff there? Twine? I'm experimenting with Poetry, looks promising.

Another problem is that that Travis-CI stopped working and in the future it would be cool to move this project to GitHub Actions. I do have some small experience and I think I'll handle it.

mpasternak commented 2 years ago

@jpic @J4bbi I'll be hones with you guys, there's no Django 4.0 mention in tox.ini, first I'm going to fix/integrate CI

jpic commented 2 years ago

Can do a pre release meanwhile perhaps? So at least users can start reporting problems they figure? Not sure what state the tests are in, might need quite some upgrades in the test code

On Fri, May 20, 2022, 11:19 MichaΕ‚ Pasternak @.***> wrote:

@jpic https://github.com/jpic @J4bbi https://github.com/J4bbi I'll be hones with you guys, there's no Django 4.0 mention in tox.ini, first I'm going to fix/integrate CI

β€” Reply to this email directly, view it on GitHub https://github.com/yourlabs/django-session-security/issues/145#issuecomment-1132675713, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAXDLDRXXW345QV3HMV25DVK5KL5ANCNFSM5SPUCI7A . You are receiving this because you were mentioned.Message ID: @.***>

mpasternak commented 2 years ago

@jpic the plan is 1) move to GitHub actions [done], 2) make GitHub Actions pass [in progress] 3) add Django 4.0 to GitHub Actions 4) tag sources as 2.6.7-pre0, release 5) after 2 weeks, release 2.6.7 to PyPI

I am not sure if I have rights to write to PyPI but as it looks like you're around it should be good.

jpic commented 2 years ago

I'm alive and well but will miss some emails from time to time, on which case you might want to reach me on YourLabs.chat

Unless you have any objection, I'd like to make a pre-release on pypi that won't hit users who don't explicitly ask for the pre release in their requirements, so that we can start getting more feedback about the version in master, because I believe it can be helpful prior to make the actual release that will have been through the new pipeline.

Keep up the good work 🎩

On Fri, May 20, 2022, 11:30 MichaΕ‚ Pasternak @.***> wrote:

@jpic https://github.com/jpic the plan is

  1. move to GitHub actions [done],
  2. make GitHub Actions pass [in progress]
  3. add Django 4.0 to GitHub Actions
  4. tag sources as 2.6.7-pre0, release
  5. after 2 weeks, release 2.6.7 to PyPI

I am not sure if I have rights to write to PyPI but as it looks like you're around it should be good.

β€” Reply to this email directly, view it on GitHub https://github.com/yourlabs/django-session-security/issues/145#issuecomment-1132685731, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAXDLA3HISUT3GXBBPKTW3VK5LSZANCNFSM5SPUCI7A . You are receiving this because you were mentioned.Message ID: @.***>

mpasternak commented 2 years ago
  1. move to GitHub actions [done],
  2. make GitHub Actions pass [in progress]

done!

  1. add Django 4.0 to GitHub Actions

done! @jpic , take a look: https://github.com/yourlabs/django-session-security/actions/runs/2363443984

  1. tag sources as 2.6.7-pre0, release

@jpic, did I understood that correctly?

... or should I just edit the version and build package and send it to PyPI?

mpasternak commented 2 years ago

@jpic also please note that the method I used to move to GitHub Actions is the simplest method for the laziest of us and it uses tox.ini. Chances are I'll be moving other of our yourlabs projects to GA

jpic commented 2 years ago

Mind blowing MichaΕ‚!!

On Sat, May 21, 2022, 17:35 MichaΕ‚ Pasternak @.***> wrote:

@jpic https://github.com/jpic also please note that the method I used to move to GitHub Actions is the simplest method for the laziest of us and it uses tox.ini. Chances are I'll be moving other of our yourlabs projects to GA

β€” Reply to this email directly, view it on GitHub https://github.com/yourlabs/django-session-security/issues/145#issuecomment-1133655548, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAAXDLCHNDI6M7BVVPAEBUTVLD7CXANCNFSM5SPUCI7A . You are receiving this because you were mentioned.Message ID: @.***>

mpasternak commented 2 years ago

All set, tests pass, I need PyPI privileges @jpic 

Uploading distributions to https://upload.pypi.org/legacy/
Uploading django_session_security-2.6.7rc1-py3-none-any.whl
100% ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 123.5/123.5 kB β€’ 00:00 β€’ 81.5 MB/s
WARNING  Error during upload. Retry with the --verbose option for more details.
ERROR    HTTPError: 403 Forbidden from https://upload.pypi.org/legacy/
         The user 'dotz' isn't allowed to upload to project 'django-session-security'. See
         https://pypi.org/help/#project-name for more information.
J4bbi commented 2 years ago

@jpic, I think @mpasternak needs you to grant him PyPI privileges is possible

mpasternak commented 2 years ago

I’m working on the next release. Kindly requesting more patience, thanks.

mpasternak commented 2 years ago

2.6.7-rc1 released

https://pypi.org/project/django-session-security/2.6.7rc1/

Feel free to test and let me know how's it going, let's give it a 2-week period, then I'm releasing final 2.6.7.

Tips about release process kindly welcome.

mpasternak commented 2 years ago

Almost 2 weeks. Should I release the final one? I think I should

daronzwink commented 2 years ago

It would be great if you could! Thank you for your help here!

mpasternak commented 2 years ago

I have no idea, what I'm doing, but I released 2.6.7. Proceed with caution. Big thanks to everyone involved.