We're lock step with this, we're installing with master.
Upstream is dead.
We can't roll back.
It doesn't make since to pin to every commit and revision our apps
version and push it.
We're just going to pull this in to gain full lockstep and call it good.
Drop markdown for monospace
With markdown, we're only allowing about 1/10 of what is possible.
This creates a false reality and expectation. Lets not suggest this.
Nor do we have in-editor preview. So the user has to save, look at it,
then go back and edit. And seeing a bunch of sanitized HTML or just
missing sections isn't firendly.
Monospace, what you type, is what you're going to get. It gives the
presenter enough power to build a readable abstract, but not so much
that they can break the page and it's CSS, nor the ability to confuse
onselve through not getting what you expect.
We keep bleach sanitation and we should probably run linkify on this in
the long term. (Turn links into clickable links)
DEBUG is something that should never be turned in on prod. As such,
lets be extremely specific on what we expect to process.
As we'll be taking this in from the environment, it's ensured we will
get a string. So we'll always get and only handle this in string
form. If it's anything else, it's an operational error and we bail.
(Note: bool('0') is truthy, so we make sure we leverge our string -> int
-> bool every time, so corectness can be noticed if it is not)
This builds a working docker image for the application.
This is only an initial revision. It needs testing. MySQL, PIL, etc.
Was going to use Alpine, however, python3.6 segfaulted on docker
starting up, and I couldn't find the core files...
This is all noop in Py3, and Py2 is broke now in various places.
Dropping Py2 code as it will not be a thing going forward.
Django 2 is the next release, Py2 support will be dropped, as such,
dropping this is forward looking.
This is an XSS vulnribilitiy.
This also blocks a number of MD attributes that a user might attempt to
use.
The following are the allowed attributes.
['a', 'abbr', 'acronym', 'b', 'blockquote', 'code', 'em', 'i', 'li',
'ol', 'p', 'pre', 'strong', 'ul']
I belive this to be acceptable, as honeslty, a speaker using H1 is going
to stomp all over the page and make it harder for the reviewer to parse.
UX wise, it's less than great. A user can do # title and be left with
<h1> in the sanitized output.
This was put in place a long while ago and lacks the usage documentaiton
for use with this repo. For now, I will remove it from the repo.
We obviously need to bring this or something similar back. But there's
no reason to keep this when it is not being used.
Remove in-app stale resources and their branching of different cons.
Remove dist and move everyting into static/src.
Remove unused stale resouces such as less and hbs, etc.