hypothesis / h

69%

master: 97%

LAST BUILD ON BRANCH replace-hashids-with-pubids

branch: replace-hashids-with-pubids

CHANGE BRANCH

x

Reset

• replace-hashids-with-pubids
• 1142-no-client-side-error-message-when-saving-annotation-fails
• 1334-latest-pdfjs
• 1542-source-url-not-visible-on-older-annotations
• 1612-hide-orphans
• 1615-update-timestamps
• 174-let-me-change-my-email
• 1755-handle-internal-server-error-in-registration-form
• 1759-fix-reply-permissions
• 1776-bring-padded-scrolling-back
• 179-focus-in-username-field-when-sign-in-is-clicked
• 1815-streamer-doc-not
• 1916-message-not-available-in-stream
• 1916-message-not-available-in-stream-2
• 1916-rework-stream
• 1916-stream-cards
• 1916-stream-message-not-available
• 1916-stream-message-not-available-2
• 1979-clear-selected-annotations
• 1979-fix-annotation-creation
• 1992-fix
• 2013-fix-fuzzy
• 2026-module-isolate-env
• 2033-fix-focusing
• 2041-fix-show-diff
• 2052-scroll-to-sign-in-form-on-clicking-sign-in-link
• 2053-scroll-sidebar-to-new-annotations
• 2053-scroll-sidebar-to-new-annotations-2
• 2263-tooltip-for-note-button
• 2273-gunicorn-ssl-crash
• 2326-fix-search-with-no-document
• 2440-replies-dont-match-search-normalized-url-queries
• 2440-replies-dont-match-search-normalized-url-queries-2
• 2441-fix-change-email-form
• 2484-fix-page-notes
• 2515-fix-uri-normalization-crash-when-no-hostname
• 2519-crash-when-annotation-document-link-is-None
• 2521-hide-unanchored-warnings-when-not-on-sidebar
• 2525-new-annotations-disappearing
• 2555-fix-email-notifications
• 2589-fix-bug-incorrect-search-results
• 2598-enable-literal-mid-word-underscores
• 2701-delete-unsaved-drafts-on-sign-out
• 2702-fix-diplay-of-num-replies-on-collapsed-replies
• 2713-change-permissions-when-moving-annotations-btwn-groups
• 2716-save-permissions-to-drafts
• 2728-misc-AnnotationController-refactors-part-2
• 2728-refactor-annotation-controller
• 2728-refactor-annotation-controller-tests
• 2728-refactor-highlight-saving
• 2728-remove-USER_CHANGED-event-from-AnnotationController
• 2728-translate-annotation-controller-to-js
• 2771-fix-notifications-crash-on-parent-with-no-text
• 2799-dont-update-wrong-annotations
• 2810-no-error-on-sign-in-to-unactivated-account
• 2823-fix-annotation-thread-collapsing
• 2838-fix-wrong-group-shown-on-stream
• 2845-unsafe-eval-on-github
• 2848-TypeError-Cannot-read-property-show_sidebar_tutorial-of-undefined
• 2852-fill-hole-in-groups-dropdown-button
• 2928-restore-counting-of-private-and-group-annotations-in-badge
• 2NiiPelT-limit-group-names-to-25-characters
• 3001-fix-hypothesis-admin-command
• 3007-fix-tags-autocomplete-dropdown-css
• 391-add-atom-feeds
• 391-add-atom-feeds-2
• 404-should-be-a-404
• 404-style-fix
• 6vnMlymZ-alias-tag-to-tags-in-search-api
• 800-fancy-selected-annotations
• 930-loading-icon
• 9sqXWtNi-fix-title-for-local-file-pdf-annotations
• AnnotationController-domain-model-view-model-refactor
• BPA1eZ9O-add-developer-api-tokens
• EqRZwdZC-clear-selection-before-creating-new-annotation
• Kj8vWkme-show-filenames-of-local-files
• NUoaiUO4-add-create-account-banner
• PfK5vbcM-add-tutorial-to-sidebar
• TPUsXCk4-add-media-embeds-feature
• User.get_by_id-refactor
• User.get_by_id-refactor-2
• accounts-views
• add-admin-users
• add-anno-count-to-admin
• add-api-cors-support
• add-authors-to-rss
• add-caching-to-Chrome-badge-api
• add-clickToClose-option
• add-debug-arg-to-buildext
• add-docs-for-how-authenticate-to-the-api
• add-guidelines-for-model-code
• add-help-text-to-nipsa
• add-hpt.is-support-to-chrome-extension
• add-ie-autodetect
• add-jscs-to-hound-config
• add-pyramid-redis-sessions-dependency
• add-pyroma-dependency
• add-robots-txt
• add-rss
• add-sphinx-httpdomain-dependency
• add-staff-users
• add-unit-test-factories
• add-userid-domain-setting
• admin-account-deletion
• admin-views-cleanup
• alembic-logging
• allow-disabling-websocket-uri-equiv
• allow-missing-parents
• allow-missing-permissions
• anchoring-rewrite
• angular-1.4
• angular-csp
• annotation-element-directive
• annotation-html-presenter
• annotation-test-cleanup
• annotation-test-refactor
• annotator-css-separation
• api-blueprint
• api-exception-handling
• api-view-tests-refactor
• api-view-tests-refactor-event
• app-to-extension-comms
• atom-feed-link-tweaks
• autoprefix_css
• aw/csp
• aw/features_pending_removal
• aw/sentry-logging
• b13OFeU2-allow-skinnier-sidebar
• b9PFMDM7-add-activate-button-to-admin-users-page
• better-custom-pdf-viewer-handling
• better-dockerfile-caching
• better-handling-of-missing-blacklist
• better-login-form
• blank-og-description
• build-artifacts
• building-chrome-extension-docs
• buildkite-pipeline
• bump-initial-load-count
• canceling-edits-loses-changes
• capture-request-context-for-sentry
• centralise-api-storage-calls
• centralise-models
• check-manifest
• chrome-error-handling
• chrome-inject-error-capture
• claim-account
• claim-invite
• clarify-effective-principals
• clean-up-debug-helpers
• clean-up-thread-show-logic
• cleaner-direct-es-access
• cleanup-pdf-anchoring
• cleanup-socket-threading-mapper-routes
• cleanup-transactions
• client-auth-refactor
• code-style-conformance
• conditional-http
• consolidate-gitignore
• consolidate-templates
• consolidate-validation
• constraint-naming-convention
• convert-filters-to-functions
• convert-views-module-to-package
• correct-x-annotator-auth-token-to-authorization
• coverage
• coverage-does-not-include-tests
• create_group_ux_tweaks
• csp-friendly-settings
• csrf-tween
• csv-unicode-fix
• debug-logging-database
• decaf
• decouple-tm-from-session
• decouple_app_template_from_pyramid
• decouple_ext_build_from_pyramid
• deduplicate-profile-pages
• deduplicate-script
• defensive-feed-construction
• deform-form-rendering
• dehorusify-authcontroller
• dehorusify-forgotpasswordcontroller
• dehorusify-profilecontroller
• dehorusify-registercontroller
• describe-virtualenvs-in-install-docs
• develop
• disentangle-form-helpers
• dismiss_app_route
• do-not-update-annotation-times-too-often
• do-not-via-via
• docker-deployment-docs
• docker-entrypoint
• docker-prod
• docs-tweaks
• document-id-param-of-search-api
• document-model-tweaks
• document_link_cleanups
• document_link_refactor
• dont-autofocus-group-share-link
• dont-expand-canonical-uris
• dont-explode-on-invalid-json
• dont-open-welcome-page-when-admin-install
• dont-save-null-data-to-draft-store
• dont-sentry-404s
• drop-cc0-license-from-only-me-annotations
• dumb-makefile
• editor-js-conversion-and-tests
• editor-markdown-commands-refactor
• editorconfig
• embed-instruction-hostname
• enriched-stream
• excerpt-hysteresis
• explicit-settings-for-websocket
• explicitly-state-visibility-level
• exponential-backoff-features
• export-showframe
• extend-search-api-docs
• extension-analytics
• faster-api
• faster-database-tests
• faster-docker
• faster-travis
• feature-flags-admin
• features-pending-removal
• finish-indirection-through-storage
• firefox-addon-fixes
• firefox-webextensions-build
• fix-2429
• fix-2452
• fix-a-comment
• fix-a-pep257-warning
• fix-admin-annotations-query
• fix-angular-is-not-defined
• fix-bouncer-url
• fix-broken-document-equivalence-lookups
• fix-broken-promises-ie
• fix-broken-uri-query
• fix-changing-size-socketlist
• fix-crash-on-login-with-non-json-body
• fix-digest-problem
• fix-docker-build
• fix-docs-help
• fix-failing-tests
• fix-form-button-gradients
• fix-group-annot-edit-from-stream
• fix-group-page-js
• fix-groups-principals
• fix-groups-race
• fix-groups-views
• fix-guest-embedding
• fix-http-syntax-highlighting-in-api-docs
• fix-hypothesis-admin-command
• fix-invalid-manifest-error-when-building-stage-and-prod-chrome-extensions
• fix-links-in-readme
• fix-logout
• fix-nipsa-migration
• fix-password-reset
• fix-passwordresetevent
• fix-pdf-uris
• fix-realtime
• fix-realtime-for-replies-standalone
• fix-registration-process
• fix-replies-hover-highlight
• fix-reply-notification-worker
• fix-signed-out-top-bar
• fix-split-user
• fix-standalone-reply-pages
• fix-stream-banner-flash
• fix-streamer-for-namespaced-nsq
• fix-subscription-event
• fix-tag-links
• fix-token-command-for-non-default-ports
• fix-tooltip-on-share-icon
• fix-unsubscribe-auth
• fix-video-embeds-in-firefox-less-than-45
• fix-websocket-auth-policies
• focus-on-a-group
• four-space-js
• frame-rpc
• front-page-font-size-quick-fix
• frontend-cleanups
• frontend-fixes
• fullscreen-video-embeds
• generate-token
• gevent-bump
• gh1900-chrome_pdf_viewer_detection
• gh2590-app_init_race
• gh2671-group_notification_consistency
• gh2675-wait_for_features
• gh2819-new-annot-timestamp
• gh2820-date-formatting-perf
• gh2830-chrome_ext_inline_install
• github-2686-fix-invalid-permissions-when-creating-annotations-when-signed-out
• group-page-update
• group-share-page-design-tweaks
• guest-embedding
• gulp-frontend-build
• gulp-frontend-build-admin
• hSxsjvim-add-WebTrends-to-blacklisted-URL-params
• handle-missing-permissions-fields
• handle-null-targets
• hide-old-sort-control-in-sidebar
• homepage-aak-banner
• host-sidebar-split
• hound-python
• ie-cache-fixes
• increase-max-annot-body-size
• isolate-config-env
• jpm
• jscs-require-spaces-after-function
• jscsrc
• jshint-tweaks
• jsonld-renderer
• jsonschema-annotation-validation
• jwt-bearer
• kill-comment-icon-on-card
• kill-sqlite
• lenazun-fixed-link
• lenient-search
• limit-what-admins-can-do
• lint-tweaks
• lookahead-tags-3
• make-activation-fields-nullable
• make-bridge-a-factory
• manage-own-search-client
• master
• match-tags-according-to-mapping-analyzer
• move-auth-to-api
• move-es-config-into-search
• move-i18n-helper
• move-login-form-to-directive
• move-models-to-api
• move-nipsa-to-app
• move-nipsa-to-prepare
• move-token-to-app
• multitarget
• namespaced-nsqd
• new-group
• ng-annotate
• ng-csp-everywhere
• ng15-upgrade
• nipsa
• no-explicit-typechecks
• nodtm
• oWe60V8v-signal-when-there-are-public-annotations-on-a-page
• observer-3
• one-time-bindings
• open-sidebar-when-annot-fragment-present
• optimistic-save
• optional-websocket
• p-decouple_app_template_from_pyramid
• packaging-cleanups
• paginate-groups-admin
• paste-api-entrypoint
• percolator
• percolator-sse
• pin-webassets
• postgres
• postgres-annotations
• postgres-documents
• postgres-read-write
• presalt-hashids
• prevent-annotation-attempt-when-not-signed-in
• proper-feature-flags
• prospector-allow-id-as-valid-name
• publish-to-a-group
• publish-to-a-group-permissions
• publish-to-a-group-squashed
• publisher-cli-commands
• purge-fontawesome
• purge-yaml
• py3-compat
• quote-hysteresis
• r-squash_test_error_logging
• randomize-websocket-reconnects
• realtime-update-v1-1
• realtime-update-v1-h-only-1
• redirect-after-login
• redirect-after-login-groups-join
• redirect-to-welcome-after-claim
• refactor-accounts-view-config
• refactor-auth-controller-test
• refactor-blocklist
• refactor-chrome-badge-client
• refactor-chrome-tab-error-handling
• refactor-search
• refactor-ux
• refactor_search
• releaser
• reload-annotations-auth-change
• remove-256-character-limit-from-uri-column
• remove-angular-animate
• remove-blocklist
• remove-broken-cla-links
• remove-claim-feature-flag
• remove-claim-invite-module
• remove-dead-code
• remove-dependencies-on-threading
• remove-diff-remnants
• remove-es-test
• remove-get-by-userid
• remove-groups-feature-flag
• remove-hiring-banner
• remove-horus-from-subscriptions
• remove-legacy-firefox-extension
• remove-model-dependence-from-search
• remove-momentjs
• remove-notification-flag
• remove-old-capability-url-serializer
• remove-old-feature-flag-data
• remove-old-internals-docs
• remove-pulse-remnants
• remove-queue-flag
• remove-search-normalized-flag
• remove-show-unanchored-feature
• remove-streamer-flag
• remove-unanchored-annotations-flag
• remove-unnecessary-flashes
• remove-unnecessary-group-filter
• remove-unused-annotation-deleted-property
• remove-unused-streamer-code
• remove_assets_ext_build_arg
• replace-%20-with-space-when-displaying-URIs
• replace-accounts-forms
• replace-profile-form
• report-form-level-errors
• resource-refactoring
• script-subscribers
• search-endpoint-default-and
• search-for-one-uri
• search-module-to-package
• send-activation-emails-from-worker
• sentry-stream-errors
• separate-controllers
• separate-service-uri-from-base-uri
• separete-host-service
• session-load-retry
• set-min-chrome-version
• share-a-group
• sharing-via-link-from-extension
• sheetaluk/298-add-product-version-and-environment-info-to-the-tool
• show-orphans
• show-traceback-on-exception-in-dev
• sidebaropenclose-callback
• signin-directive
• silence-horus-sqlalchemy-warnings
• simpler-layouts
• simpler-version-management
• simplify-admin-permission-handling
• simplify-code
• simplify-db-session-handling
• simplify-routing
• simplify-server-side-auth-code
• simplify-streamer
• small-UX-improvements
• some-dev-install-docs-fixes
• speedup-npm-deps-checking
• stable
• standalone-websocket-server
• straightforward-api-inclusion
• stream-group-hashid-query
• streamer-workqueue
• style
• support-epub-integrations
• swagger-docs
• syncbridge
• t105-group_push_notifications
• t120-client_sentry
• t158-truncated_annot_design
• t187-nav_blog_tweaks
• t187-new_homepage_design
• t87-group_scope_dropdown_ui
• t89-combined_scope_save_btn
• t91-sort_dropdown_move_to_top_bar
• test-fix-tests
• test-mock-version-on-travis
• thread-collapsing
• thread-collapsing-redux
• toastr
• toggle-resize-tooltip
• toggle-sidebar-tooltip
• tooltips-on-adder
• topbar-toolbar-harmony
• touch
• translate-annotation-mapper
• travis-node-upgrade
• travis-node-upgrade-test
• trello-135-while-drafting-an-annotation-the-group-name-or-lack-thereof-should-reflect-its-current-visibility
• trello-143-make-replies-default-to-group-and-visibility-of-parent
• trello-144-add-a-list-of-most-recently-annotated-by-the-group-urls-to-the-group-page
• trello-155-simplify-group-share-link
• trello-176-enable-staff-to-look-up-user-email-addresses
• trello-177-change-the-default-behavior-of-the-embed-to-highlights-on-by-default
• trello-178-new-homepage
• unified_session_and_features
• update-docs
• update-package-data
• upgrade-annotator-store
• uri-module
• uri-normalisation
• urlencode-badge-uri
• use-python-time-where-possible
• userid-symbol-consistency
• username-or-email-address
• users-admin-always-query-by-userid
• users-dashboard
• v0.4.2
• v0.5.0
• v0.5.1
• v0.6.0
• v0.7.0
• v0.7.1
• v0.7.10
• v0.7.11
• v0.7.12
• v0.7.13
• v0.7.2
• v0.7.3
• v0.7.4
• v0.7.5
• v0.7.6
• v0.7.8
• v0.7.9
• v0.8.0
• v0.8.1
• v0.8.10
• v0.8.11
• v0.8.12
• v0.8.13
• v0.8.14
• v0.8.15
• v0.8.2
• v0.8.3
• v0.8.4
• v0.8.5
• v0.8.6
• v0.8.7
• v0.8.8
• v0.8.9
• v0.9.0
• v0.9.1
• v0.9.2
• v0.9.3
• validate-permissions-field
• vendor-assets-from-npm
• via
• via-plain-html-form
• viewable-visible
• viewable-vs-visible
• visible-vs-viewable
• visual-truncation
• w/community-guidelines-signup
• w/csv-groups-report
• w/groups-report-in-admin-dashboard
• w/pwd-reset
• w/remove-2char-pw-copy
• warn-for-relative-import
• wdtO5Zzk-dont-404-when-opening-an-old-activation-link
• welcome-page-tweaks
• ws_exception_handling
• xgknj2RP-disable-Chrome-badge-on-certain-pages
• xwyKzlwp-strip-via-prefixes-in-normalization
• yapf-config

Build # 8770

Build Type

push

travis-ci

Committed by nickstenning

Commit Message

Replace all uses of Group.hashid with Group.pubid

This commit removes all use of the Group.hashid property, and then
removes all the supporting infrastructure for hashids.

For posterity, it's worth noting the reason for this change: at the time
of writing, we are using hashids for two reasons:

1. To prevent users from guessing the URL for the "join a group" pages
   of groups they have not been invited to.

2. To avoid leaking details of the how many groups have been created
   through the use of an integer primary key in URLs.

Both of these are ultimately security requirements, and the
cryptographic properties of hashids are questionable at best:

    https://carnage.github.io/2015/08/cryptanalysis-of-hashids/

In order to avoid the possibility of having to remove hashids at a later
date, thus breaking many URLs, we are adopting a much simpler, much more
"stupid" (i.e. less "clever"), way of generating this "public IDs",
which now relies for its cryptographic properties on the system
CSPRNG[^1] rather than the algorithm or implementation of hashids. And,
frankly, if /dev/urandom is broken, we have bigger problems...

[^1]: "Cryptographically Secure Pseudo-Random Number Generator". See
      also: https://en.wikipedia.org/wiki/Cryptographically_secure_pseudorandom_number_generator

Run Details

2499 of 3637 relevant lines covered (68.71%)

0.69 hits per line