#cofacts
2021-03-01
Done. Also update readme.md. Please refer to: <https://github.com/cofacts/rumors-ai-bert/blob/master/README.md|https://github.com/cofacts/rumors-ai-bert/blob/master/README.md>
Done. Refer: <https://github.com/cofacts/rumors-ai-bert/blob/master/CPU_host/run-scripts/main.py#L167|https://github.com/cofacts/rumors-ai-bert/blob/master/CPU_host/run-scripts/main.py#L167>
Refer to: <https://github.com/cofacts/rumors-ai-bert/blob/master/CPU_host/run-scripts/main.py#L176|https://github.com/cofacts/rumors-ai-bert/blob/master/CPU_host/run-scripts/main.py#L176>
<https://user-images.githubusercontent.com/108608/109457306-93018c00-7a95-11eb-93c8-ab9a6aa7d682.png|image>
<https://user-images.githubusercontent.com/108608/109459511-dd850780-7a99-11eb-8fd8-49b0bef04f72.png|image>
When Mandarin is used in slug, user will be redirected to `/user/<Mandarin>`, but will show "The user does not exist".
The root cause is that we did not update rumors-db schema on production to latest. Currently `slug` field mapping is automatically generated value: ``` "slug" : { "type" : "text", "fields" : { "keyword" : { "type" : "keyword", "ignore_above" : 256 } } }, ``` To resolve, we must reindex to the latest mapping.
2021-03-02
Bumps <https://github.com/medialize/URI.js|urijs> from 1.19.1 to 1.19.6. Release notes _Sourced from <https://github.com/medialize/URI.js/releases|urijs's releases>._ > *1.19.6 (February 13th 2021)* > > • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to rewrite `\` in scheme delimiter to `/` as Node and Browsers do - disclosed privately by <https://twitter.com/ynizry|Yaniv Nizry> from the CxSCA AppSec team at Checkmarx > > *1.19.5 (December 30th 2020)* > > • dropping jquery.URI.js from minified bundle accidentally added since v1.19.3 - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/404|#404>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/404|medialize/URI.js#404>) > > *1.19.4 (December 23rd 2020)* > > • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseAuthority|`URI.parseAuthority()`> to rewrite `\` to `/` as Node and Browsers do - followed up to by <https://github.com/alesandroortiz|alesandroortiz> in [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/403|#403>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/403|medialize/URI.js#403>), relates to [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/233|#233>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/233|medialize/URI.js#233>) > > *1.19.3 (December 20th 2020)* > > • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseAuthority|`URI.parseAuthority()`> to rewrite `\` to `/` as Node and Browsers do - disclosed privately by <https://github.com/alesandroortiz|alesandroortiz>, relates to [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/233|#233>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/233|medialize/URI.js#233>) > > *1.19.2 (October 20th 2019)* > > • fixing <http://medialize.github.io/URI.js/docs.html#static-build|`URI.build()`> to properly handle relative paths when a scheme is given - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/387|#387>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/387|medialize/URI.js#387>) > • fixing <http://medialize.github.io/URI.js/docs.html#static-buildQuery|`URI.buildQuery()`> to properly handle empty param name - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/243|#243>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/243|medialize/URI.js#243>), [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/383|#383>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/383|medialize/URI.js#383>) > • support Composer [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/386|#386>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/386|medialize/URI.js#386>) Changelog _Sourced from <https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md|urijs's changelog>._ > *1.19.6 (February 13th 2021)* > > • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to rewrite `\` in scheme delimiter to `/` as Node and Browsers do - disclosed privately by <https://twitter.com/ynizry|Yaniv Nizry> from the CxSCA AppSec team at Checkmarx > > *1.19.5 (December 30th 2020)* > > • dropping jquery.URI.js from minified bundle accidentally added since v1.19.3 - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/404|#404>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/404|medialize/URI.js#404>) > > *1.19.4 (December 23rd 2020)* > > • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseAuthority|`URI.parseAuthority()`> to rewrite `\` to `/` as Node and Browsers do - followed up to by <https://github.com/alesandroortiz|alesandroortiz> in [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/403|#403>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/403|medialize/URI.js#403>), relates to [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/233|#233>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/233|medialize/URI.js#233>) > > *1.19.3 (December 20th 2020)* > > • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parseAuthority|`URI.parseAuthority()`> to rewrite `\` to `/` as Node and Browsers do - disclosed privately by <https://github.com/alesandroortiz|alesandroortiz>, relates to [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/233|#233>](<https://github-redirect.dependabot.com/medialize/URI.js/pull/233|medialize/URI.js#233>) > > *1.19.2 (October 20th 2019)* > > • fixing <http://medialize.github.io/URI.js/docs.html#static-build|`URI.build()`> to properly handle relative paths when a scheme is given - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/387|#387>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/387|medialize/URI.js#387>) > • fixing <http://medialize.github.io/URI.js/docs.html#static-buildQuery|`URI.buildQuery()`> to properly handle empty param name - [Issue <https://github-redirect.dependabot.com/medialize/URI.js/issues/243|#243>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/243|medialize/URI.js#243>), [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/383|#383>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/383|medialize/URI.js#383>) > • support Composer [PR <https://github-redirect.dependabot.com/medialize/URI.js/issues/386|#386>](<https://github-redirect.dependabot.com/medialize/URI.js/issues/386|medialize/URI.js#386>) Commits • <https://github.com/medialize/URI.js/commit/46c8ac0c7e6997daad8ff6859784b39f8892fa97|`46c8ac0`> chore(build): bumping to version 1.19.6 • <https://github.com/medialize/URI.js/commit/a1ad8bcbc39a4d136d7e252e76e957f3ece70839|`a1ad8bc`> fix(parse): treat backslash as forwardslash in scheme delimiter • <https://github.com/medialize/URI.js/commit/d7bb4ce8cb71caa5063a617b2afdb5a0a3685532|`d7bb4ce`> chore(build): bumping to version 1.19.5 • <https://github.com/medialize/URI.js/commit/bf04ec5f053829f9ea3a887608bdfca4fd84cd64|`bf04ec5`> chore(build): bumping to version 1.19.4 • <https://github.com/medialize/URI.js/commit/b02bf037c99ac9316b77ff8bfd840e90becf1155|`b02bf03`> fix(parse): treat backslash as forwardslash in authority (<https://github-redirect.dependabot.com/medialize/URI.js/issues/403|#403>) • <https://github.com/medialize/URI.js/commit/d7064ab9acbbdf8d8acc35d9dc2454cf1606ff98|`d7064ab`> chore(build): bumping to version 1.19.3 • <https://github.com/medialize/URI.js/commit/4f45fafedec9fea4d65c2562721ec94343a33c2b|`4f45faf`> fix(parse): treat backslash as forwardslash in authority • <https://github.com/medialize/URI.js/commit/594ffc1d1ba995d8e90814d6de18e1330d419be1|`594ffc1`> chore(build): bumping to version 1.19.2 • <https://github.com/medialize/URI.js/commit/e780eebc0ddaea04a6928c0f7d54b061e541e05c|`e780eeb`> chore: inform people of modern APIs • <https://github.com/medialize/URI.js/commit/433f0e51e4028130a8685dfe49a185e982bc1f47|`433f0e5`> chore(package): support Composer by adding composer.json • Additional commits viewable in <https://github.com/medialize/URI.js/compare/v1.19.1...v1.19.6|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits t…
Superseded by <https://github.com/cofacts/rumors-fb-bot/pull/19|#19>.
Bumps <https://github.com/medialize/URI.js|urijs> from 1.19.5 to 1.19.6. Release notes _Sourced from <https://github.com/medialize/URI.js/releases|urijs's releases>._ > *1.19.6 (February 13th 2021)* > > • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to rewrite `\` in scheme delimiter to `/` as Node and Browsers do - disclosed privately by <https://twitter.com/ynizry|Yaniv Nizry> from the CxSCA AppSec team at Checkmarx Changelog _Sourced from <https://github.com/medialize/URI.js/blob/gh-pages/CHANGELOG.md|urijs's changelog>._ > *1.19.6 (February 13th 2021)* > > • *SECURITY* fixing <http://medialize.github.io/URI.js/docs.html#static-parse|`URI.parse()`> to rewrite `\` in scheme delimiter to `/` as Node and Browsers do - disclosed privately by <https://twitter.com/ynizry|Yaniv Nizry> from the CxSCA AppSec team at Checkmarx Commits • <https://github.com/medialize/URI.js/commit/46c8ac0c7e6997daad8ff6859784b39f8892fa97|`46c8ac0`> chore(build): bumping to version 1.19.6 • <https://github.com/medialize/URI.js/commit/a1ad8bcbc39a4d136d7e252e76e957f3ece70839|`a1ad8bc`> fix(parse): treat backslash as forwardslash in scheme delimiter • See full diff in <https://github.com/medialize/URI.js/compare/v1.19.5...v1.19.6|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-site/network/alerts|Security Alerts page>.
Also related: <https://github.com/cofacts/rumors-site/issues/399|cofacts/rumors-site#399> .
See "threshold 問題" in <https://g0v.hackmd.io/@mrorz/cofacts-meeting-notes/%2FSvt6MCd5T76hjDJ8UsKBnQ|20210224 meeting note> <https://user-images.githubusercontent.com/108608/109604706-ee4b8100-7b5e-11eb-80f2-b82dcd15a558.png|image>
From <https://g0v.hackmd.io/Svt6MCd5T76hjDJ8UsKBnQ?both#Chatbot-%E5%9C%96%E7%89%87-or-%E5%BD%B1%E7%89%87|20210224 meeting> Ask user to manually input text from image iff • In 1-on-1 chats • The user is sending images • The image contains text • OCR yields no results or the OCR result does not have search hit
From <https://g0v.hackmd.io/Svt6MCd5T76hjDJ8UsKBnQ?both#Profile-page-upvote--downvote|20210224 meeting> <https://user-images.githubusercontent.com/108608/109605108-a2e5a280-7b5f-11eb-8a3b-0181ec328fde.png|image>
This is probably because when we query by `slug` it is invoking Search API. If elasticsearch database have not indexed such `slug` we will meet this error. On staging & production database, I forgot not apply `keyword` type to `slug` (see <https://github.com/cofacts/rumors-site/issues/399#issuecomment-788004931|#399 (comment)> ). In this case Elasticsearch may take longer to index because it's dealing with full text indexes rather than keywords. Hopefully after we fix the index issue, the redirect bug would go away; if not, we may need to consider removing the automatic redirect after the user updated their username. In this case, the user can still refresh the page manually if they want to.
參與零時小學校之後,看到開始有新血加入,覺得很開心~~
我突然想起之前 profile page pilot study 時,有編輯提到:
> 在看了其他人貢獻之後,會好奇他加入 Cofacts 的時間
我剛才也有想看看這個人什麼時候加入 Cofacts 的想法。想問其他編輯對這個功能有什麼疑慮嗎?沒有的話我就開票紀錄囉~?
我突然想起之前 profile page pilot study 時,有編輯提到:
> 在看了其他人貢獻之後,會好奇他加入 Cofacts 的時間
我剛才也有想看看這個人什麼時候加入 Cofacts 的想法。想問其他編輯對這個功能有什麼疑慮嗎?沒有的話我就開票紀錄囉~?
g0v.hackmd.io 
- 🦒1
這應該有隱私疑慮?🤔
要讓使用者能決定要不要公開
那感覺也可以做成
某個等級之後讓使用者能設定是否要隱藏
但對低等級編輯來說就是一率公開
(也是某種 anti-spam 透明化)
某個等級之後讓使用者能設定是否要隱藏
但對低等級編輯來說就是一率公開
(也是某種 anti-spam 透明化)
<https://coveralls.io/builds/37576060|Coverage Status> Coverage increased (+0.1%) to 86.635% when pulling *<https://github.com/cofacts/rumors-api/commit/f1a1cbbc36b9b91e2c834b7b4384c4b90ec1c289|f1a1cbb> on contributions* into *<https://github.com/cofacts/rumors-api/commit/bb6778705fdc41c61284601359f8ecdfb5f0a479|bb67787> on master*.
<https://user-images.githubusercontent.com/1817638/109645650-1b655700-7b92-11eb-9b98-82113bcb0fcf.png|Screen Shot 2021-03-02 at 7 18 24 PM> <https://user-images.githubusercontent.com/1817638/109645711-2ddf9080-7b92-11eb-999d-17dec26fcae2.png|Screen Shot 2021-03-02 at 7 18 30 PM> <https://user-images.githubusercontent.com/1817638/109645723-30da8100-7b92-11eb-8804-cca7bef1c871.png|Screen Shot 2021-03-02 at 7 44 38 PM> <https://user-images.githubusercontent.com/1817638/109645834-58c9e480-7b92-11eb-961c-f2cc321ef1b0.png|Screen Shot 2021-03-02 at 8 03 13 PM> <https://user-images.githubusercontent.com/1817638/109645921-78610d00-7b92-11eb-8c29-c624e6a8e8fc.png|Screen Shot 2021-03-02 at 8 04 12 PM>
2021-03-03
It is looking great! Let me fix excessive `undefined` class name in snapshot, commit and we are ready to ship it <https://github.githubassets.com/images/icons/emoji/shipit.png|:shipit:>
Use `cx` so that we won't end up with `undefined` in the `className` (which can be seen in snapshot) Suggested change
@judywe.hsu has joined the channel
It's looking good! Thanks for your contribution on contribution chart! We can ship it after conflict resolves.
@mrorz @bil 這邊是 Tutorial page 還需要翻譯的地方,藍色的部分是翻譯中文和 UI 中文不一樣的地方,再麻煩你們了 感謝 !
https://docs.google.com/spreadsheets/d/1gtGcyn3Ihm2pAk3AZk0FV5ZYeuAadXiHsYMKlXas0Os/edit#gid=0
https://docs.google.com/spreadsheets/d/1gtGcyn3Ihm2pAk3AZk0FV5ZYeuAadXiHsYMKlXas0Os/edit#gid=0
@bil @mrorz tutorial 有更新一些未翻譯的文字,我有用綠色標註,再麻煩你們,感謝!
感謝感謝,現在應該好囉
收到了 感謝!
@mrorz 不好意思我漏貼到一句翻譯
`請參考公視新聞實驗室【社群內容打假術】Google教你深度事實查核,人人都是數位打假王`
這句翻譯再麻煩你 (最後一句了XD)
`請參考公視新聞實驗室【社群內容打假術】Google教你深度事實查核,人人都是數位打假王`
這句翻譯再麻煩你 (最後一句了XD)
Done~
看錯了,test case 裡的是 `2020-02-01T00:00:00.000+00:00`
<https://coveralls.io/builds/37614863|Coverage Status> Coverage decreased (-0.1%) to 86.597% when pulling *<https://github.com/cofacts/rumors-api/commit/487bd0ad39a0df365eb86105a90f1ac3e7d850a8|487bd0a> on contributions* into *<https://github.com/cofacts/rumors-api/commit/a78340aa4dbb914c106d0e455efaf565d804cbea|a78340a> on master*.
• wrap 'more' translation with ttag context • handle influence background with media query
<https://github.githubassets.com/images/icons/emoji/shipit.png|:shipit:>
2021-03-04
頭像編輯功能與 contribution chart release 囉~~
感謝 @zoetwca 與 @yutunghsiao19 的影響力報告~~
https://github.com/cofacts/rumors-site/releases/tag/release%2F20210304
感謝 @zoetwca 與 @yutunghsiao19 的影響力報告~~
https://github.com/cofacts/rumors-site/releases/tag/release%2F20210304
- 🎉2
• add shuffle button to openpeeps editor • fix anchor warning about conflicting props
2021-03-05
Replied to a thread: 2021-03-03 20:05:58
@bil @mrorz tutorial 有更新一些未翻譯的文字,我有用綠色標註,再麻煩你們,感謝!
感謝感謝,現在應該好囉
收到了 感謝!
@mrorz 不好意思我漏貼到一句翻譯
`請參考公視新聞實驗室【社群內容打假術】Google教你深度事實查核,人人都是數位打假王`
這句翻譯再麻煩你 (最後一句了XD)
`請參考公視新聞實驗室【社群內容打假術】Google教你深度事實查核,人人都是數位打假王`
這句翻譯再麻煩你 (最後一句了XD)
Done~
2021-03-06
<https://user-images.githubusercontent.com/108608/110152547-dacd3e00-7e1c-11eb-8905-57ac585ff0be.png|image>
Interaction, i18n & animation will be in future PRs. Adds button to Open data, analytics & source code as a proof of Cofacts' openness <https://user-images.githubusercontent.com/108608/110153036-7494eb00-7e1d-11eb-93b9-468ce8af8b2a.png|localhost_3000_impact> <https://user-images.githubusercontent.com/108608/110153080-85456100-7e1d-11eb-9c84-83e50cc0bbad.png|localhost_3000_impact (1)>
The DONATION_URL should be <https://ocf.neticrm.tw/civicrm/contribute/transact?reset=1&id=48&_ga=2.48960160.787954249.1615009552-1055191347.1615009552|https://ocf.neticrm.tw/civicrm/contribute/transact?reset=1&id=48&_ga=2.48960160.787954249.1615009552-1055191347.1615009552>
Note: this should be "(Hoax) for you"
Thanks for updating the two pages! We have some inconsistencies in the translated text and actual UI text. I think we can coin the actual term after this PR is merged. Let's ship it <https://github.githubassets.com/images/icons/emoji/shipit.png|:shipit:>
"Other Opinions" has been renamed to "Opinion Sources" <https://user-images.githubusercontent.com/108608/110197387-4bf50b80-7e86-11eb-8be9-ce5bd5675aa3.png|image>
TODO (in another PR): We may need to update corresponding UI text accordingly. <https://user-images.githubusercontent.com/108608/110197325-cd986980-7e85-11eb-9e84-ac4d332d2349.png|image>
"My Supplement" --> "Comment" <https://user-images.githubusercontent.com/108608/110197414-76df5f80-7e86-11eb-8303-3f9da8656eb9.png|image>
See comments of <https://github.com/cofacts/rumors-site/pull/405|#405>
Suggest using the name `onShuffle` for this callback to follow the convention of React componentization.
Thanks for the follow-up contribution! Just a small comment regarding naming convention and we should be good to go <https://github.githubassets.com/images/icons/emoji/shipit.png|:shipit:>
2021-03-07
Currently on production, the GA environment variable is not set. Therefore, no traffic to /impact is being captured by Google Analytics at all. This PR fixes the issue by disabling build-time optimization so that runtime env variables can be picked up. <https://user-images.githubusercontent.com/108608/110239294-23057100-7f81-11eb-9483-471cda3eeba1.png|截圖 2021-03-07 下午8 08 08>
2021-03-09
Bumps <https://github.com/indutny/elliptic|elliptic> from 6.5.3 to 6.5.4. Commits • <https://github.com/indutny/elliptic/commit/43ac7f230069bd1575e1e4a58394a512303ba803|`43ac7f2`> 6.5.4 • <https://github.com/indutny/elliptic/commit/f4bc72be11b0a508fb790f445c43534307c9255b|`f4bc72b`> package: bump deps • <https://github.com/indutny/elliptic/commit/441b7428b0e8f6636c42118ad2aaa186d3c34c3f|`441b742`> ec: validate that a point before deriving keys • <https://github.com/indutny/elliptic/commit/e71b2d9359c5fe9437fbf46f1f05096de447de57|`e71b2d9`> lib: relint using eslint • <https://github.com/indutny/elliptic/commit/8421a01aa3ff789c79f91eaf8845558a7be2b9fa|`8421a01`> build(deps): bump elliptic from 6.4.1 to 6.5.3 (<https://github-redirect.dependabot.com/indutny/elliptic/issues/231|#231>) • See full diff in <https://github.com/indutny/elliptic/compare/v6.5.3...v6.5.4|compare view> <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-site/network/alerts|Security Alerts page>.
2021-03-10
Implement the content and dialog of the "Cofacts ecosystem" circles. Figma: <https://www.figma.com/file/mfsTnlvaMC1MC4aG8tf5YW/Cofacts%E5%B9%B4%E5%BA%A6%E5%A0%B1%E5%91%8A?node-id=147%3A3|https://www.figma.com/file/mfsTnlvaMC1MC4aG8tf5YW/Cofacts%E5%B9%B4%E5%BA%A6%E5%A0%B1%E5%91%8A?node-id=147%3A3> TODO: • Translation • Left / right switch • Swipe to change content <https://user-images.githubusercontent.com/108608/110524408-4fbab380-814e-11eb-9646-c71e50186609.gif|mobile-dialog> <https://user-images.githubusercontent.com/108608/110524690-a9bb7900-814e-11eb-8c28-ec177b4a2b1c.gif|desktop-dialogs>
See discussion in <https://g0v.hackmd.io/-Mth-vd5RPWqdLOfRJHHcg#Show-join-date-on-profile-page|20210303> We should display join date of a user on their profile page.
Ref: <https://g0v.hackmd.io/@mrorz/cofacts-meeting-notes/%2F-Mth-vd5RPWqdLOfRJHHcg|https://g0v.hackmd.io/@mrorz/cofacts-meeting-notes/%2F-Mth-vd5RPWqdLOfRJHHcg> • Color the contribution graph according to the user's max contribution count • Crop old contribution like Github on mobile • Use `Math.floor` to round-up the contribution to color
Done in <https://github.com/cofacts/rumors-site/pull/395|#395> and <https://github.com/cofacts/rumors-site/pull/404|#404>. Kudos to <https://github.com/ztsai|@ztsai> !
2021-03-11
@szyeefun has joined the channel
關於昨天開會 data studio 沒辦法精準的算出群組總人數的問題,我查了一下,ga 的 clientId 要自己輸出 raw data 才拿的到;在 ga audience 頁面能對資料做的操作也不多
目前打算直接把 clientId 放進 event,有兩個方法
1. 開一個 custom dimension 放,每個 event 都可以用,比較不會遇到需要用 clientId(=userId) 來處理資料的時候拿不到 clientId 的問題,但不知道開放資料上會不會有什麼資安/個資的考量?(雖然 line bot userId 只有那個 bot 有用,而且拿到 userId 還要有 bot 的 access token 才有用)
2. 只在 join/leave event 放,開放資料還是會露出 userId,只是比較少..
目前打算直接把 clientId 放進 event,有兩個方法
1. 開一個 custom dimension 放,每個 event 都可以用,比較不會遇到需要用 clientId(=userId) 來處理資料的時候拿不到 clientId 的問題,但不知道開放資料上會不會有什麼資安/個資的考量?(雖然 line bot userId 只有那個 bot 有用,而且拿到 userId 還要有 bot 的 access token 才有用)
2. 只在 join/leave event 放,開放資料還是會露出 userId,只是比較少..
1- 🙏2
還是我再 hash 一次再丟到 ga ?
hash 一次
再放在 custom dimension 如何
再放在 custom dimension 如何
還是我再 hash 一次再丟到 ga ?
hash 一次
再放在 custom dimension 如何
再放在 custom dimension 如何
Quick reply 現在支援網址了呢
https://taichunmin.idv.tw/blog/2021-03-11-line-quickreply-uri.html
https://taichunmin.idv.tw/blog/2021-03-11-line-quickreply-uri.html
筆記國度 
2021-03-12
到底為什麼這 24 小時內有這麼多人傳 cofacts 連結進資料庫 @@
是不是有誰的 CC BY-SA link 寫錯了 orz
https://cofacts.g0v.tw/article/39ukl1k19aglm
https://cofacts.g0v.tw/article/p8p1gml08ef3
https://cofacts.g0v.tw/article/wys7nsvjwo9v
https://cofacts.g0v.tw/article/17a78uaeoz4p
https://cofacts.g0v.tw/article/2j4yh2nyojnzo
是不是有誰的 CC BY-SA link 寫錯了 orz
https://cofacts.g0v.tw/article/39ukl1k19aglm
https://cofacts.g0v.tw/article/p8p1gml08ef3
https://cofacts.g0v.tw/article/wys7nsvjwo9v
https://cofacts.g0v.tw/article/17a78uaeoz4p
https://cofacts.g0v.tw/article/2j4yh2nyojnzo
後來 @shesee 回報說 iOS 會自動把 redirect 裡面附上的 https 轉 http QQ
這裡是 fix: https://github.com/cofacts/rumors-line-bot/pull/247
這裡是 fix: https://github.com/cofacts/rumors-line-bot/pull/247
Done in <https://github.com/cofacts/rumors-line-bot/pull/207|#207>
@yidi has joined the channel
<https://user-images.githubusercontent.com/108608/110961942-508c5900-838b-11eb-8d09-23676246be06.png|image>
@bil 改影片的 PR 發囉
@bil 改影片的 PR 發囉
2021-03-13
*Problem* Starting from 3/11, many messages with `<http://cofacts.org/article/xxxxx>` are submitted to Cofacts database: • <https://cofacts.g0v.tw/article/39ukl1k19aglm|https://cofacts.g0v.tw/article/39ukl1k19aglm> • <https://cofacts.g0v.tw/article/p8p1gml08ef3|https://cofacts.g0v.tw/article/p8p1gml08ef3> • <https://cofacts.g0v.tw/article/wys7nsvjwo9v|https://cofacts.g0v.tw/article/wys7nsvjwo9v> • <https://cofacts.g0v.tw/article/17a78uaeoz4p|https://cofacts.g0v.tw/article/17a78uaeoz4p> • <https://cofacts.g0v.tw/article/2j4yh2nyojnzo|https://cofacts.g0v.tw/article/2j4yh2nyojnzo> On 3/13 <https://github.com/CarolHsu|@CarolHsu> reported that on iOS, https:// URLs are somehow converted to `http`. iOS users from Auntie Meiyu are submitting `http` URLs to Cofacts database. *Solution* Cofacts chatbot should recognize http URLs as well. *Implementation* 1. replace `SITE_URL` env var with `SITE_URLS` env var. The latter takes a comma separated strings. 2. Rewrite article URL detection so that it supports host names in SITE_URLS. 3. On staging & production, we will put both http & https versions of Cofacts website URLs in `SITE_URLS`. We can support other URLs such as <http://cofacts.tw|cofacts.tw>, <http://cofacts.g0v.tw|cofacts.g0v.tw> as well, as `SITE_URLS` are very flexible.
2021-03-14
Replied to a thread: 2021-03-12 09:23:12
後來 @shesee 回報說 iOS 會自動把 redirect 裡面附上的 https 轉 http QQ
這裡是 fix: https://github.com/cofacts/rumors-line-bot/pull/247
這裡是 fix: https://github.com/cofacts/rumors-line-bot/pull/247
*Problem* Starting from 3/11, many messages with `<http://cofacts.org/article/xxxxx>` are submitted to Cofacts database: • <https://cofacts.g0v.tw/article/39ukl1k19aglm|https://cofacts.g0v.tw/article/39ukl1k19aglm> • <https://cofacts.g0v.tw/article/p8p1gml08ef3|https://cofacts.g0v.tw/article/p8p1gml08ef3> • <https://cofacts.g0v.tw/article/wys7nsvjwo9v|https://cofacts.g0v.tw/article/wys7nsvjwo9v> • <https://cofacts.g0v.tw/article/17a78uaeoz4p|https://cofacts.g0v.tw/article/17a78uaeoz4p> • <https://cofacts.g0v.tw/article/2j4yh2nyojnzo|https://cofacts.g0v.tw/article/2j4yh2nyojnzo> On 3/13 <https://github.com/CarolHsu|@CarolHsu> reported that on iOS, https:// URLs are somehow converted to `http`. iOS users from Auntie Meiyu are submitting `http` URLs to Cofacts database. *Solution* Cofacts chatbot should recognize http URLs as well. *Implementation* 1. replace `SITE_URL` env var with `SITE_URLS` env var. The latter takes a comma separated strings. 2. Rewrite article URL detection so that it supports host names in SITE_URLS. 3. On staging & production, we will put both http & https versions of Cofacts website URLs in `SITE_URLS`. We can support other URLs such as <http://cofacts.tw|cofacts.tw>, <http://cofacts.g0v.tw|cofacts.g0v.tw> as well, as `SITE_URLS` are very flexible. *Screenshots* Existing behaviors are not affected. *Not found & URL only* <https://user-images.githubusercontent.com/108608/110971484-e6c57c80-8395-11eb-823e-f302c80c2e5f.png|image> *LIFF URLs* <https://user-images.githubusercontent.com/108608/110971502-ed53f400-8395-11eb-825d-3dbfd3001bb5.png|image>
Update tutorial page translation `Latest Checked` --> `Replies` `No validated responses yet` --> `No useful reply yet` `Popularly Reported` --> `Asked many times` `Hot Topics` --> `Replied many times` `Waiting for Your Response` --> `(Hoax) for you` `Other Opinions` --> `Opinion Sources` `My Supplement` --> `Comment` related PR: <https://github.com/cofacts/rumors-site/pull/405#discussion_r588840165|#405 (comment)> translation: <https://docs.google.com/spreadsheets/d/1gtGcyn3Ihm2pAk3AZk0FV5ZYeuAadXiHsYMKlXas0Os/edit?usp=drive_web&ouid=114191909423481582373|https://docs.google.com/spreadsheets/d/1gtGcyn3Ihm2pAk3AZk0FV5ZYeuAadXiHsYMKlXas0Os/edit?usp=drive_web&ouid=114191909423481582373> discussion: <https://g0v.hackmd.io/hKK0F5KLRAGOz3Zz_kgrHQ?both#Tutorial-%E7%BF%BB%E8%AD%AF|https://g0v.hackmd.io/hKK0F5KLRAGOz3Zz_kgrHQ?both#Tutorial-%E7%BF%BB%E8%AD%AF>
*Pull Request Test Coverage Report for <https://coveralls.io/builds/37913870|Build 1296>* • *11* of *11* *(100.0%)* changed or added relevant lines in *2* files are covered. • No unchanged relevant lines lost coverage. • Overall coverage increased (+*0.07%*) to *86.842%* * * * * * * *:yellow_heart: - <https://coveralls.io|Coveralls>*
Thanks for the fix! Let's <https://github.githubassets.com/images/icons/emoji/shipit.png|:shipit:>
剛才 11:30 ~ 11:35 production server 有些意外(nginx 設定 deploy 失敗)
所以 API, server, LINE bot 應該有一些 downtime 😛
所以 API, server, LINE bot 應該有一些 downtime 😛
2021-03-15
Nginx `include` directive is relative to nginx root rather than the file that writes `include` directive.
@cameron.ph.chen has joined the channel
@wildjcrt has joined the channel
(假消息討論應該是發這個頻道吧 XD)
今天收到長輩的詢問,發現假消息居然是一則語音訊息……
今天收到長輩的詢問,發現假消息居然是一則語音訊息……
訊息內容只有 `這是新加坡客人傳的打疫苗經驗分享,一定要聽完哦!超貼心的!`
看起來就很可疑,但好像找假消息都找不到資料
看起來就很可疑,但好像找假消息都找不到資料
建議討論假訊息到臉書社群裡喔,這邊討論比較多是功能開發的部分
ok
好久沒用 FB 了 XD
是在 LINE 收到的嗎 XD
有「這是新加坡客人傳的打疫苗經驗分享,一定要聽完哦!超貼心的!」這樣的文字送進資料庫也不錯
有「這是新加坡客人傳的打疫苗經驗分享,一定要聽完哦!超貼心的!」這樣的文字送進資料庫也不錯
LINE 收到的沒錯
建議討論假訊息到臉書社群裡喔,這邊討論比較多是功能開發的部分
ok
好久沒用 FB 了 XD
是在 LINE 收到的嗎 XD
有「這是新加坡客人傳的打疫苗經驗分享,一定要聽完哦!超貼心的!」這樣的文字送進資料庫也不錯
有「這是新加坡客人傳的打疫苗經驗分享,一定要聽完哦!超貼心的!」這樣的文字送進資料庫也不錯
LINE 收到的沒錯
2021-03-17
For some reason, there are some Cofacts pages indexed as "<http://www.cofacts.org|www.cofacts.org>" in search engines: <https://user-images.githubusercontent.com/108608/111417705-5da99f00-8721-11eb-8376-922a5f3de60a.png|image> This PR adds back <http://www.cofacts.org|www.cofacts.org> support.
這個可以 review 囉
https://github.com/cofacts/rumors-site/pull/416
https://github.com/cofacts/rumors-site/pull/416
*Fix intro translation* <https://user-images.githubusercontent.com/108608/111421791-8e410700-8728-11eb-8009-269dff4e4d9a.png|image> *Ecosystem modal* *TW* <https://user-images.githubusercontent.com/108608/111421848-a57ff480-8728-11eb-8f41-3874d09cfc64.png|image> <https://user-images.githubusercontent.com/108608/111421869-ae70c600-8728-11eb-92de-cdac1c658ef9.png|image> *EN* <https://user-images.githubusercontent.com/108608/111422058-07d8f500-8729-11eb-9937-d302900b5a74.png|image> <https://user-images.githubusercontent.com/108608/111422074-0dced600-8729-11eb-988c-3811fbfa6ec3.png|image>
*As-is* <https://user-images.githubusercontent.com/108608/111423121-c5b0b300-872a-11eb-9650-7409f96834aa.png|image> *To-be* Openpeeps avatar should show in the same way as in other pages <https://user-images.githubusercontent.com/108608/111423263-fbee3280-872a-11eb-9bac-27be22aa784e.png|image>
2021-03-19
@wildjcrt has left the channel
2021-03-20
See: <https://g0v.hackmd.io/@mrorz/cofacts-meeting-notes/%2F-Mth-vd5RPWqdLOfRJHHcg|https://g0v.hackmd.io/@mrorz/cofacts-meeting-notes/%2F-Mth-vd5RPWqdLOfRJHHcg> This is because • currently the oauth callback (setting API cookie and redirect back) is using <http://cofacts-api.g0v.tw|cofacts-api.g0v.tw>, then redirect back to the original site • for instance, if logging in from <http://cofacts.tw|cofacts.tw>, during the oauth server flow, the user is being directed to: 1. <http://cofacts-api.g0v.tw|cofacts-api.g0v.tw>, remember current path 2. Facebook login 3. <http://cofacts-api.g0v.tw|cofacts-api.g0v.tw>, getting the previously set redirect path 4. <http://cofacts.tw|cofacts.tw> • API calls to <http://cofacts.g0v.tw|cofacts.g0v.tw> from other domains like <http://cofacts.org|cofacts.org> and <http://cofacts.tw|cofacts.tw> us considered ccross-site • iOS now blocks third party cookie strictly, regardless of samesite: none is present or not. *Proposed change* When redirecting to original site, we fix the domain to <http://cofacts.g0v.tw|cofacts.g0v.tw>. In this way, <http://cofacts.g0v.tw|cofacts.g0v.tw> and <http://cofacts-api.g0v.tw|cofacts-api.g0v.tw> are considered same-site, then iOS can send login cookie along with it's request to API. *alternative* Use <http://cofacts.tw|cofacts.tw> as main site and redirect target, and connect to <http://api.cofacts.tw|api.cofacts.tw> for all domains. In this way <http://cofacts.tw|cofacts.tw> and <http://API.cofacts.tw|API.cofacts.tw> are coming nsidered same-site.
@chenyi200310 has joined the channel
I'd like to pick this up. Will try to finish this today.
@gorange310 has joined the channel
@kerrick has joined the channel
👋
- 🚀2
If a date is over 23.5 hours ago, render it as an absolute date. Fixes <https://github.com/cofacts/rumors-site/issues/396|#396> .
This PR fixes <https://github.com/cofacts/rumors-api/issues/250|#250> *Current situation* On Mac & iOS safari, users cannot login when they visit <https://cofacts.org|https://cofacts.org>. This is because the current login mechanism will write cookie to <https://cofacts-api.g0v.tw|https://cofacts-api.g0v.tw>. Even though <https://cofacts-api.g0v.tw|https://cofacts-api.g0v.tw> have CORS enabled and also uses `sames-site: lax`, it is possibly that <https://www.adexchanger.com/privacy/chrome-is-killing-cookies-but-samesite-still-needs-to-be-updated/|browsers _are_ blocking all third-party cookies> anyway. *What this PR do* We redirect users to a fixed domain. After we apply corresponding changes in rumors-deploy (TBA), we can always redirect users to `<https://cofacts.tw>`, and the website always connects to `<https://api.cofacts.tw>`. Since `<https://cofacts.tw>` and `<https://api.cofacts.tw>` are considered <https://web.dev/samesite-cookies-explained/#explicitly-state-cookie-usage-with-the-samesite-attribute|same-site>, the browser can pickup the login session cookie and shows as logged-in.
其實問題的核心是
rumors-site 戳 API 的時候,無論是造訪 cofacts.org, cofacts.tw 還是 cofacts.g0v.tw,都是往同一個 API_URL。
這三個網域都需要放在 CORS whitelist 上面,不然會直接壞掉
但 login session 只會寫在 redirect back 的那個網域上,也就是 API_URL。
不管 API_URL 設成 api.cofacts.org, api.cofacts.tw 還是 cofacts-api.g0v.tw,都只能與網站三個網域中的一個網域 same-site,另外兩個網域,就會在 disable 3rd party cookie 的瀏覽器中遇到無法登入的狀況。
rumors-site 戳 API 的時候,無論是造訪 cofacts.org, cofacts.tw 還是 cofacts.g0v.tw,都是往同一個 API_URL。
這三個網域都需要放在 CORS whitelist 上面,不然會直接壞掉
但 login session 只會寫在 redirect back 的那個網域上,也就是 API_URL。
不管 API_URL 設成 api.cofacts.org, api.cofacts.tw 還是 cofacts-api.g0v.tw,都只能與網站三個網域中的一個網域 same-site,另外兩個網域,就會在 disable 3rd party cookie 的瀏覽器中遇到無法登入的狀況。
現在 API 的這個解,是故意在登入後,把使用者導向到跟 API_URL 符合 same-site 定義的那個網站,但導向的網域卻是拿第0個 CORS allowed origin。
這個解除了把 CORS allowed origin 與 login redirect domain 兩個概念掛勾混淆之外,還會有 en.cofacts.tw 登入後卻被固定到 cofacts.tw 的問題,即使 en.cofacts.tw 其實也與 api.cofacts.tw 是 same-site。
我覺得比現況固定拿第0個 CORS allowed origin,更好的解可能是另外訂一個 redirect domains 的 env vars,若來源網域在 allowed domain,就 redirect back to allowed domain
這個解除了把 CORS allowed origin 與 login redirect domain 兩個概念掛勾混淆之外,還會有 en.cofacts.tw 登入後卻被固定到 cofacts.tw 的問題,即使 en.cofacts.tw 其實也與 api.cofacts.tw 是 same-site。
我覺得比現況固定拿第0個 CORS allowed origin,更好的解可能是另外訂一個 redirect domains 的 env vars,若來源網域在 allowed domain,就 redirect back to allowed domain
iOS 登入問題的 fix 已經改好囉,請大家 review
https://github.com/cofacts/rumors-api/pull/251
https://github.com/cofacts/rumors-deploy/pull/18
https://github.com/cofacts/rumors-api/pull/251
https://github.com/cofacts/rumors-deploy/pull/18
<https://coveralls.io/builds/38106304|Coverage Status> Coverage decreased (-0.2%) to 86.468% when pulling *<https://github.com/cofacts/rumors-api/commit/468040cef6406be0a1f5a3eaa4f0f8fbc2474208|468040c> on redirect* into *<https://github.com/cofacts/rumors-api/commit/b887a4fb3ae968e0b1e248cc32099f80ad812353|b887a4f> on master*.
@sdfghj1001 has joined the channel
@guo-jim has left the channel
英文查核校對完成
- ❤️2
錯別字修正+字幕口語與文法校正
- ❤️2
感謝Peter😊😊
This is accompanying <https://github.com/cofacts/rumors-api/pull/251|cofacts/rumors-api#251> to fix Cofacts login issue (<https://github.com/cofacts/rumors-api/issues/250|cofacts/rumors-api#250>) on iOS. We need to change redirect URL on Facebook, Twitter and github after deploy.
2021-03-22
Replied to a thread: 2021-03-20 16:19:02
其實問題的核心是
rumors-site 戳 API 的時候,無論是造訪 cofacts.org, cofacts.tw 還是 cofacts.g0v.tw,都是往同一個 API_URL。
這三個網域都需要放在 CORS whitelist 上面,不然會直接壞掉
但 login session 只會寫在 redirect back 的那個網域上,也就是 API_URL。
不管 API_URL 設成 api.cofacts.org, api.cofacts.tw 還是 cofacts-api.g0v.tw,都只能與網站三個網域中的一個網域 same-site,另外兩個網域,就會在 disable 3rd party cookie 的瀏覽器中遇到無法登入的狀況。
rumors-site 戳 API 的時候,無論是造訪 cofacts.org, cofacts.tw 還是 cofacts.g0v.tw,都是往同一個 API_URL。
這三個網域都需要放在 CORS whitelist 上面,不然會直接壞掉
但 login session 只會寫在 redirect back 的那個網域上,也就是 API_URL。
不管 API_URL 設成 api.cofacts.org, api.cofacts.tw 還是 cofacts-api.g0v.tw,都只能與網站三個網域中的一個網域 same-site,另外兩個網域,就會在 disable 3rd party cookie 的瀏覽器中遇到無法登入的狀況。
現在 API 的這個解,是故意在登入後,把使用者導向到跟 API_URL 符合 same-site 定義的那個網站,但導向的網域卻是拿第0個 CORS allowed origin。
這個解除了把 CORS allowed origin 與 login redirect domain 兩個概念掛勾混淆之外,還會有 en.cofacts.tw 登入後卻被固定到 cofacts.tw 的問題,即使 en.cofacts.tw 其實也與 api.cofacts.tw 是 same-site。
我覺得比現況固定拿第0個 CORS allowed origin,更好的解可能是另外訂一個 redirect domains 的 env vars,若來源網域在 allowed domain,就 redirect back to allowed domain
這個解除了把 CORS allowed origin 與 login redirect domain 兩個概念掛勾混淆之外,還會有 en.cofacts.tw 登入後卻被固定到 cofacts.tw 的問題,即使 en.cofacts.tw 其實也與 api.cofacts.tw 是 same-site。
我覺得比現況固定拿第0個 CORS allowed origin,更好的解可能是另外訂一個 redirect domains 的 env vars,若來源網域在 allowed domain,就 redirect back to allowed domain
codecov 的 github integration 好像很不錯,可以直接標記在 PR 裡面
https://github.com/apache/superset/pull/13152/files
適逢 travis-ci.org 轉移,我在想要不要改用 codecov
https://github.com/apache/superset/pull/13152/files
適逢 travis-ci.org 轉移,我在想要不要改用 codecov
- 🆒1
2021-03-24
Replied to a thread: 2021-03-20 16:19:02
iOS 登入問題的 fix 已經改好囉,請大家 review
https://github.com/cofacts/rumors-api/pull/251
https://github.com/cofacts/rumors-deploy/pull/18
https://github.com/cofacts/rumors-api/pull/251
https://github.com/cofacts/rumors-deploy/pull/18
From slack > 問題的核心是 > rumors-site 戳 API 的時候,無論是造訪 <http://cofacts.org|cofacts.org>, <http://cofacts.tw|cofacts.tw> 還是 <http://cofacts.g0v.tw|cofacts.g0v.tw>,都是往同一個 API_URL。 > 這三個網域都需要放在 CORS whitelist 上面,不然會直接壞掉 > 但 login session 只會寫在 redirect back 的那個網域上,也就是 API_URL。 > 不管 API_URL 設成 <http://api.cofacts.org|api.cofacts.org>, <http://api.cofacts.tw|api.cofacts.tw> 還是 <http://cofacts-api.g0v.tw|cofacts-api.g0v.tw>,都只能與網站三個網域中的一個網域 same-site,另外兩個網域,就會在 disable 3rd party cookie 的瀏覽器中遇到無法登入的狀況。
Thanks to <https://github.com/kerrickstaley|@kerrickstaley> we are now having relative dates! This is a revision of the relative time display so that the behavior is more similar to Facebook timeline. • Apply `TimeInfo` for "First reported" display on top right corner in article detail page • Remove time from absolute time display outside of tooltip • Align with Facebook timeline • Relative date cut-off time changes to 48 hours • Allows "yesterday" to appear • Also allows literal "days ago" • Calculate calendar days for relative date • Calendar days should be more intuitive for users • Adds unit test for `formatDate()` • Please check if the snapshot makes sense / is intuitive for users <https://github.com/bil4444|@bil4444> Screenshots TBA
@bil please see if these time representation makes sense to end users:
https://github.com/cofacts/rumors-site/pull/420/files#diff-180160ff65ef378a6b32a9e84618eeb339d71fbc57881338165c96b5da35ddba
https://github.com/cofacts/rumors-site/pull/420/files#diff-180160ff65ef378a6b32a9e84618eeb339d71fbc57881338165c96b5da35ddba
@bil please see if these time representation makes sense to end users:
https://github.com/cofacts/rumors-site/pull/420/files#diff-180160ff65ef378a6b32a9e84618eeb339d71fbc57881338165c96b5da35ddba
https://github.com/cofacts/rumors-site/pull/420/files#diff-180160ff65ef378a6b32a9e84618eeb339d71fbc57881338165c96b5da35ddba
2021-03-25
https://github.com/cofacts/rumors-site/releases/tag/release%2F20210325 Hackathon contributions have been released to production on 20210325 release ! Kudos to @kerrick and 恩寧 !
2
1
Yay! So glad I could help :)
Yay! So glad I could help :)
@sonyaycchen has joined the channel
2021-03-28
2021-03-29
鳥頭棒棒
2021-03-30
Bumps <https://github.com/yargs/y18n|y18n> from 3.2.1 to 3.2.2. Commits • See full diff in <https://github.com/yargs/y18n/commits|compare view> Maintainer changes This version was pushed to npm by <https://www.npmjs.com/~oss-bot|oss-bot>, a new releaser for y18n since your current version. <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-site/network/alerts|Security Alerts page>.
Bumps <https://github.com/yargs/y18n|y18n> from 3.2.1 to 3.2.2. Commits • See full diff in <https://github.com/yargs/y18n/commits|compare view> Maintainer changes This version was pushed to npm by <https://www.npmjs.com/~oss-bot|oss-bot>, a new releaser for y18n since your current version. <https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores|Dependabot compatibility score> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. * * * Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: • `@dependabot rebase` will rebase this PR • `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it • `@dependabot merge` will merge this PR after your CI passes on it • `@dependabot squash and merge` will squash and merge this PR after your CI passes on it • `@dependabot cancel merge` will cancel a previously requested merge and block automerging • `@dependabot reopen` will reopen this PR if it is closed • `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually • `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) • `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) • `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language • `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language • `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language • `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the <https://github.com/cofacts/rumors-fb-bot/network/alerts|Security Alerts page>.
*Execution steps* *Setup SSH tunnel* ``` ssh -L 62222:<elasticsearch-ip-on-server>:62222 <server url> ``` And ensure `.env` file exists, with `ELASTICSEARCH_URL=localhost:62222`. *Execution & Results* ``` $ npm run reload -- users > rumors-db@1.0.2 reload /Users/johnsonliang/workspace/rumors-db > babel-node db/reloadSchema.js "users" Source: users_v1_0_2 Target: users_v1_1_0 Reindexed from users_v1_0_2 to users_v1_1_0 in 8 seconds. Setup users_v1_1_0 -> users alias and remove users_v1_0_2. $ npm run reload -- articles > rumors-db@1.0.2 reload /Users/johnsonliang/workspace/rumors-db > babel-node db/reloadSchema.js "articles" Source: articles_v1_0_2 Target: articles_v1_1_0 Reindexed from articles_v1_0_2 to articles_v1_1_0 in 63 seconds. Setup articles_v1_1_0 -> articles alias and remove articles_v1_0_2. $ npm run reload -- replies > rumors-db@1.0.2 reload /Users/johnsonliang/workspace/rumors-db > babel-node db/reloadSchema.js "replies" Source: replies_v1_0_2 Target: replies_v1_1_0 Reindexed from replies_v1_0_2 to replies_v1_1_0 in 78 seconds. Setup replies_v1_1_0 -> replies alias and remove replies_v1_0_2. $ npm run reload -- urls > rumors-db@1.0.2 reload /Users/johnsonliang/workspace/rumors-db > babel-node db/reloadSchema.js "urls" Source: urls_v1_0_2 Target: urls_v1_1_0 Reindexed from urls_v1_0_2 to urls_v1_1_0 in 283 seconds. Setup urls_v1_1_0 -> urls alias and remove urls_v1_0_2. ``` ** Note: timeouts should be increased, as `urls` are pretty close to timeout.
Staging 的 profile page URL 修好囉!現在可以用莫名其妙的 slug 惹:
https://dev.cofacts.org/user/_(:3%20%E3%80%8D%E2%88%A0%20)_
https://dev.cofacts.org/user/_(:3%20%E3%80%8D%E2%88%A0%20)_
欸不太妙,怎麼一直 redirect
`_(:3 」∠ )_`
`_(:3 」∠ )_`
欸不太妙,怎麼一直 redirect
`_(:3 」∠ )_`
`_(:3 」∠ )_`
2021-03-31
【Cofacts 下線維護公告】
Cofacts 資料庫預計於 2021/4/2 1:00AM - 2:00AM 下線維護,屆時 API、LINE bot、網站會無法使用唷!
下線時預計進行資料庫的維護,詳情請見:https://github.com/cofacts/rumors-db/pull/53
Cofacts 資料庫預計於 2021/4/2 1:00AM - 2:00AM 下線維護,屆時 API、LINE bot、網站會無法使用唷!
下線時預計進行資料庫的維護,詳情請見:https://github.com/cofacts/rumors-db/pull/53
This PR enables us to reload one DB index and leave all other indexes intact. After this PR is pushed to production, we can perform fix on <https://github.com/cofacts/rumors-site/issues/399|cofacts/rumors-site#399> and <https://github.com/cofacts/rumors-site/issues/386|cofacts/rumors-site#386> • `npm run schema` now supports optional argument that loads a specified index mapping <https://user-images.githubusercontent.com/108608/112743646-aee04b00-8fcb-11eb-9c43-022643f98a46.png|圖片> • We also print the full index name (including version postfix) in console logs to make operations more clear. • `npm run reload` now only reloads the specified index <https://user-images.githubusercontent.com/108608/112743775-d2f05c00-8fcc-11eb-9729-8bd830fa2c12.png|圖片> • `VERSION` const is added and exported in each index mapping files • All index versions are bumped to `1.1.0` in this PR. • Each index can be versioned separately, which gives more flexibility when we change mappings in the future. • Change analyzer to support English, Chinese & URL mix for `hyperlinks`' `summary` field and `users`' bio field
時辰已到
開始維護
開始維護