tangled.org
commits
Obviously file naming of appview/web/handler/*.go files are directly
against to go convention. Though I think flattening all handler files
can significantly reduce the effort involved in file naming and
structuring. We are already grouping core services by domains, and doing
same for web handers is just over-complicating.
```
- appview/web/routes.go : define all web page routes
- appview/web/middleware.go : define middlewares related to web routes
- appview/web/handler/*.go : http handlers, named as path pattern
- appview/service/* : domain-level services
```
Each handlers are pure by receiving all required dependencies as
parameters. Ideally we should not pass base dependencies like `db`, but
that's how it works for now.
Now we can test:
- http handlers with mocked services/renderer
- internal service logic without http handlers
Signed-off-by: Seongmin Lee <git@boltless.me>
This is not required anymore. `MultiAccountUser` can just hold active
user DID.
Signed-off-by: Seongmin Lee <git@boltless.me>
In most helper methods, DID is enough. Don't pass entire session info.
Signed-off-by: Seongmin Lee <git@boltless.me>
We are using `MultiAccountUser.Did()` to get current DID instead.
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Seongmin Lee <git@boltless.me>
We should resolve handle on render and we are already doing that.
Removing the unused field.
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Seongmin Lee <git@boltless.me>
idk why was this added. Seems like it isn't used?
Signed-off-by: Seongmin Lee <git@boltless.me>
We don't need to pass full `MultiAccountUser` here. just `[]AccountInfo`
should be enough. This way, we can make `MultiAccountUser` to always
hold an active user.
Signed-off-by: Seongmin Lee <git@boltless.me>
- `AccountRegistry.OtherAccounts()` is not used anywhere
- Removed several legacy session value names from `oauth/consts.go`
- We can just embed the `oauth.GetUser()` now
Signed-off-by: Seongmin Lee <git@boltless.me>
The `Pds` field is only used to render it on settings/profile page. We
can get user PDS from DID instead.
Signed-off-by: Seongmin Lee <git@boltless.me>
also fix the `isTnglHandle` logic a bit.
Signed-off-by: Seongmin Lee <git@boltless.me>
🤑📈
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Compares the incoming host to the domain in the KV map, and fetches the
relevant site from R2. Written in Rust, compiled to wasm using
`worker-build`.
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
wip: repo pages settings and cf r2/kv setup
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Orphaned `sh.tangled.string` records on users' PDSs cannot be cleaned up
by the appview and they would need to be removed manually by each user.
Signed-off-by: Youn Mélois <youn@melois.dev>
Add support for AVIF, JPEG XL, and HEIF image formats across the stack:
- knotserver/xrpc: override MIME types for formats that Go's
http.DetectContentType does not recognize (.avif, .jxl, .heic, .heif),
using a switch statement like the existing .svg override
- camo: add image/avif, image/heif, and image/jxl to the allowed MIME
types list
- appview/repo: add .avif, .jxl, .heic, .heif to the image extension
list in the blob viewer
Without these changes, AVIF files (and other modern formats) are rejected
by the knot server with a 403 (detected as application/octet-stream),
blocked by the camo proxy with a 415, and not previewed in the blob viewer.
Signed-off-by: Niclas Overby <niclas@overby.me>
Both policies were rebuilt on every NewSanitizer() call. This included
compiling the chroma syntax-highlight class regex by iterating
chroma.StandardTypes and joining ~200 type names into a regex alternation,
on every invocation — including from inside the pull request HTTP handler,
making it a per-request cost.
Move both policies to package-level vars initialized once in init().
NewSanitizer() is now a pair of pointer assignments. This is safe per the
bluemonday README: "it is safe to use the policy in multiple goroutines".
Signed-off-by: Matías Insaurralde <matias@insaurral.de>
Signed-off-by: oppiliappan <me@oppi.li>
The devshell copied assets from the Nix store with preserved mode
bits, which left files in appview/pages/static read-only and caused
repeated cp permission errors on subsequent nix develop runs.
Stop preserving mode so generated static files remain writable across
shell entries.
AI-assisted: OpenCode (openai/gpt-5.3-codex)
Signed-off-by: Alessio Caiazza <code.git@caiazza.info>
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: oppiliappan <me@oppi.li>
The appview crashes on startup if Redis is not running:
appview: failed to start appview err="failed to start oauth handler:
failed to connect to redis: dial tcp [::1]:6379: connect: connection refused"
Reorder the "Running the appview" section so the Redis and
OAuth JWKs prerequisites come before the watch-appview command,
matching the actual dependency order.
Signed-off-by: Alessio Caiazza <code.git@caiazza.info>
Signed-off-by: Evan Jarrett <evan@evanjarrett.com>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
do not refresh after token expiry, do it before
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: oppiliappan <me@oppi.li>
Move blobPattern, treePattern, and pathAfterRefRE to package-level
vars so they are compiled once and reused across GetRepoInfo and
path resolution calls instead of recompiling on every request.
Signed-off-by: Matías Insaurralde <matias@insaurral.de>
the learn-more button in the features set caused an overflow on home
page.
Signed-off-by: oppiliappan <me@oppi.li>
Signed-off-by: marco.tngl.sh <dev@marco.social>
Signed-off-by: marco.tngl.sh <dev@marco.social>
Signed-off-by: marco.tngl.sh <dev@marco.social>
Signed-off-by: marco.tngl.sh <dev@marco.social>
Add {ctrl,cmd}+Enter shortcut to submit issues.
See https://tangled.org/tangled.org/core/issues/412
Signed-off-by: marco.tngl.sh <dev@marco.social>
When reviewing a pull request with multiple files, the currently visible
file is now highlighted (bolded) in the filetree sidebar. This makes it
easier to track your position when scrolling through large diffs and
lose track of the header of the file you're looking at.
The highlight updates on scroll and also responds to clicks on filetree
links.
Signed-off-by: Jes Olson <j3s@c3f.net>
Add MermaidJS diagram rendering for markdown content (READMEs, issues,
PRs) using goldmark-mermaid with client-side rendering. Mermaid fenced
code blocks are transformed to <pre class="mermaid"> elements, which
MermaidJS picks up and renders in the browser.
Changes:
- Add go.abhg.dev/goldmark/mermaid dependency with client-side render mode
- Add mermaid extender before highlighting in goldmark pipeline
- Allow "mermaid" class on <pre> elements through bluemonday sanitizer
- Conditionally load MermaidJS from CDN only on pages with diagrams
- Add basic mermaid container styling with dark mode support
- Add tests verifying mermaid blocks produce correct HTML output
Closes https://tangled.org/tangled.org/core/issues/424
Signed-off-by: Nate Spilman <nate.spilman@gmail.com>
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Jes Olson <j3s@c3f.net>
We seem to be hammering bsky's PDS, which explains the 429s. Perhaps
re-using the session alleviates the pressure. It's hard to test this
locally since their rate limits vanish (different host/IP).
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
We're hitting 429s due to high load. This allows the appview to bypass
otherwise normal rate limits on the PDS.
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: oppiliappan <me@oppi.li>
We have a wildcard record in place now. Should've started with this...
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Obviously file naming of appview/web/handler/*.go files are directly
against to go convention. Though I think flattening all handler files
can significantly reduce the effort involved in file naming and
structuring. We are already grouping core services by domains, and doing
same for web handers is just over-complicating.
```
- appview/web/routes.go : define all web page routes
- appview/web/middleware.go : define middlewares related to web routes
- appview/web/handler/*.go : http handlers, named as path pattern
- appview/service/* : domain-level services
```
Each handlers are pure by receiving all required dependencies as
parameters. Ideally we should not pass base dependencies like `db`, but
that's how it works for now.
Now we can test:
- http handlers with mocked services/renderer
- internal service logic without http handlers
Signed-off-by: Seongmin Lee <git@boltless.me>
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Compares the incoming host to the domain in the KV map, and fetches the
relevant site from R2. Written in Rust, compiled to wasm using
`worker-build`.
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
wip: repo pages settings and cf r2/kv setup
Signed-off-by: Anirudh Oppiliappan <anirudh@tangled.org>
Add support for AVIF, JPEG XL, and HEIF image formats across the stack:
- knotserver/xrpc: override MIME types for formats that Go's
http.DetectContentType does not recognize (.avif, .jxl, .heic, .heif),
using a switch statement like the existing .svg override
- camo: add image/avif, image/heif, and image/jxl to the allowed MIME
types list
- appview/repo: add .avif, .jxl, .heic, .heif to the image extension
list in the blob viewer
Without these changes, AVIF files (and other modern formats) are rejected
by the knot server with a 403 (detected as application/octet-stream),
blocked by the camo proxy with a 415, and not previewed in the blob viewer.
Signed-off-by: Niclas Overby <niclas@overby.me>
Both policies were rebuilt on every NewSanitizer() call. This included
compiling the chroma syntax-highlight class regex by iterating
chroma.StandardTypes and joining ~200 type names into a regex alternation,
on every invocation — including from inside the pull request HTTP handler,
making it a per-request cost.
Move both policies to package-level vars initialized once in init().
NewSanitizer() is now a pair of pointer assignments. This is safe per the
bluemonday README: "it is safe to use the policy in multiple goroutines".
Signed-off-by: Matías Insaurralde <matias@insaurral.de>
The devshell copied assets from the Nix store with preserved mode
bits, which left files in appview/pages/static read-only and caused
repeated cp permission errors on subsequent nix develop runs.
Stop preserving mode so generated static files remain writable across
shell entries.
AI-assisted: OpenCode (openai/gpt-5.3-codex)
Signed-off-by: Alessio Caiazza <code.git@caiazza.info>
The appview crashes on startup if Redis is not running:
appview: failed to start appview err="failed to start oauth handler:
failed to connect to redis: dial tcp [::1]:6379: connect: connection refused"
Reorder the "Running the appview" section so the Redis and
OAuth JWKs prerequisites come before the watch-appview command,
matching the actual dependency order.
Signed-off-by: Alessio Caiazza <code.git@caiazza.info>
When reviewing a pull request with multiple files, the currently visible
file is now highlighted (bolded) in the filetree sidebar. This makes it
easier to track your position when scrolling through large diffs and
lose track of the header of the file you're looking at.
The highlight updates on scroll and also responds to clicks on filetree
links.
Signed-off-by: Jes Olson <j3s@c3f.net>
Add MermaidJS diagram rendering for markdown content (READMEs, issues,
PRs) using goldmark-mermaid with client-side rendering. Mermaid fenced
code blocks are transformed to <pre class="mermaid"> elements, which
MermaidJS picks up and renders in the browser.
Changes:
- Add go.abhg.dev/goldmark/mermaid dependency with client-side render mode
- Add mermaid extender before highlighting in goldmark pipeline
- Allow "mermaid" class on <pre> elements through bluemonday sanitizer
- Conditionally load MermaidJS from CDN only on pages with diagrams
- Add basic mermaid container styling with dark mode support
- Add tests verifying mermaid blocks produce correct HTML output
Closes https://tangled.org/tangled.org/core/issues/424
Signed-off-by: Nate Spilman <nate.spilman@gmail.com>
Signed-off-by: Seongmin Lee <git@boltless.me>