Categories
Uncategorized

pygit2 1.0.0 released, drops Python 2.7 support

Added support for Python 3.8, dropped support for Python 2.7 & 3.4; See the full list of changes.

Thanks to Robert Coup, Dan Sully, Drew DeVault, Marcel Waldvogel, Chad Birch, Christopher Hunt, Colin Watson, David Black, Dennis Schwertel, Gregory Herrero, Isabella Stephens, Jonathan Robson, Saul Pwanson and Shane Turner for their contributions to this release.

Resources:

Categories
Uncategorized

pygit2 0.28.0 with manylinux wheels now

Upgraded to libgit2 0.28, manylinux wheels now available, support for mailmap added. See the full list of changes.

Special thanks to Sviatoslav Sydorenko for his work on manylinux wheels. Thanks too to Nika Layzell, Robert Coup, Insomnia, Benjamin Wohlwend, Jorge C. Leitao and Sriram Raghu.

Resources:

Enjoy!

Categories
Uncategorized

pygit2 0.27.3 now uses pytest, dropped support for Python 3.3

See the full list of changes.

Thanks to Matthias Bartelmeß, Robin Stocker, Assaf Nativ, Alexander Linne, Chris Jerdonek, Cristian Hotea and Jorge C. Leitao

Resources:

Enjoy!

Categories
Uncategorized

Pygit2 0.26.0 update for libgit2 0.26, drops support for Python 3.2

This release drops support for Python 3.2, adds support for latest cffi, and requires the new libigit2 0.26

New revert and branch features, several bugs fixed.

See the full list of changes. Thanks to Lukas Fleischer, Carlos Martín Nieto, Mark Adams and Nick Hynes.

Resources:

Enjoy!

Categories
Uncategorized

Pygit2 0.25.1 adds support for stash, and more

This release adds a number of new features and improved API, including:

  • new stash methods,
  • improved support for submodules,
  • a friendlier API for branches & references,
  • support for custom backends.

See the full list of changes. Thanks to Nick Hynes, Tamir Bahar, Jason Ziglar and Matthaus Woolard.

Resources:

Enjoy!

Categories
Uncategorized

The system-ui font

Imagine:

font-family: system-ui, sans-serif;

Enabled by default in Chrome 56, system-ui is a special font name, that tells Chrome to use the system font (be it Cantarell in Gnome, San Francisco in macOS, etc.)

But system-ui is something new, as far as I know available only in the latest versions of Blink based browsers. So what to do as of today? This is from Bootstrap 4:

font-family: -apple-system, system-ui, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif;

Safari and Firefox on Mac will recognize -apple-system and use the Mac system font, just as system-ui, but not standard. Then comes the standard system-ui, but only available in Chrome 56. Older versions of Chrome, on Mac only, will interpret the same with BlinkMacSystemFont. Now comes Segoe UI, unlike the first three this is a real font name, the one used in Windows since Windows Vista. Now comes: Roboto for Android, Helvetica Neue for some versions of macOS, and Arial for old Windows.

But, but, where is Gnome’s font, you insensitive clod?

font-family: system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", "Roboto", "Oxygen", "Ubuntu", "Cantarell", "Helvetica Neue", Arial, Helvetica, sans-serif;

Ah that looks better, just added Oxygen for KDE, Ubuntu for.. (I let you guess this one), Cantarell for Gnome, and Helvetica because… well I don’t know why.

If you want, you can still add Droid Sans for old Android, Fira Sans for Firefox OS,  and maybe Lucida Grande for some old versions of macOS. Okey, the list is long but you only have to type it once. You can also define the list using @font-face

Make your own list, decide which platforms you don’t care about, and use it as default in your projects. But don’t be insensitive and include Cantarell in the list!

Of course, if your site tries to sell something or to send a message, and if you care enough, then consider choosing a nice font (adjust letter spacing bla bla). To make it short, maybe something like:

font-family: "My nice font", system-ui, sans-serif;

Check Font Squirrel

Categories
Uncategorized

HTTP Strict Transport Security (hsts)

Just learned about HSTS and started using it. First let me explain HSTS with my own words.

Scenario without hsts:
  1. The user types the domain name in the URL bar without the protocol, such as “example.com”, and the browser automatically adds the “http://” prefix. This first request is vulnerable to Man In The Middle (MITM) attacks.
  2. The server replies with a redirection to the secure “https://example.com”. From the rest of the interaction communication is secure.
  3. The next day the user types again “example.com” in the URL bar. The browser sends again an insecure HTTP request.
Scenario with hsts:
  1. The user types the domain name in the URL bar without the protocol, such as “example.com”, and the browser automatically adds the “http://” prefix. This first request is vulnerable to Man In The Middle (MITM) attacks.
  2. The server replies with a redirection to the secure “https://example.com”. From the rest of the interaction communication is secure. And, the server adds the response header:
    Strict-Transport-Security: max-age=31536000

    This response header instructs the browser to use HTTPS, and asks him to do so for the next 31.536.000 seconds (1 year).

  3. The next day, the user types again “example.com” in the URL bar. But, the browser remembers, and it uses HTTPS instead of HTTP. And will do so even if the user includes explicitly the prefix “http://example.com”.
Closing

So with HSTS the user will only be vulnerable the first time, and not every time she starts a session.

After learning this I have added support for HSTS to my Ansible role for Django deployment. See commit, and I encourage you to start using HSTS too.

Links:

Have a nice secure day!

 

 

Categories
Uncategorized

Automatic LXD snapshots

Just wrote an small Python script (lxdsnap) to automatically create snapshots of every LXD container, once an hour, and remove the old ones.

Categories
Uncategorized

Pygit2 0.25.0 released, upgrades to libgit2 0.25

This release requires the recently released libgit2 0.25.0; see the full list of changes.

Thanks to Carlos Martín Nieto, Szucs Krisztian and Guillermo Pérez.

Resources:

Enjoy!

Categories
Uncategorized

Pygit2 0.24.2 improves support for Windows

Now unit tests pass on Windows. Integration with AppVeyor. Wheels available on Pypi. See the full list of changes.

Thanks to Matthias Bartelmeß, Anatoly Techtonik, Robert Hölzl and Carlos Martín Nieto.

Resources:

Enjoy!