The SQL injection issues, at least all that I could find, are fixed. The first alert was on March 18th. That went out via: Twitter account status page a notice on the top of each page of the website See also FreshSource code fixes. Short version everything we know about is fixed we saw no …
In this post, I’ll talk about how someone was able to use SQL injection to spin up the database server to 100% utilization. I found the queries in the logs, duplicated the situation on dev, patched the code, and updated the website. See also SQL inejection issues fixed. In this post: FreeBSD 13.1 PostgreSQL server …
Yesterday, an incident with a commit wound up taking up a lot of time to process on FreshPorts. The purpose of this post includes: document how the commit was handled on different nodes document the fixes for some nodes investigate how the code can be improved to detect such situations and abort See also How …
The packages_raw gets reloaded. A lot. Every time a new set of packages is available from the FreeBSD packages table, data gets deleted and reloaded. So I manually vacuum the table. Well, it’s automated, as part of the code, but it doesn’t wait for the daily scripts. I was seeing these errors on server r720-02: …
When setting up a new FreshPorts ingress node, the repositories must be configured with tags so FreshPorts knows the last commit it has processed. This is the starting point each time FreshPorts goes to search for new commits. This post about Processing commits on branches with git might help with background. Those tags must be …
The commits.php page has a long history dating back to 2006 in GitHub and before that in another repo. Soon, it is going away. The justification is in issue 337: it’s not used much, and it’s not doing as it should (loading the last 100 commits). In the early days, the front page showed only …
This post documents how I’m changing the search methods for pkg-message. It uses full-text search, but instead of using a special column, I’m going to use an index. I will elaborate. When searching pkg-message was added to the website, a different approach was taken than in the past. In Converting a column-based expression to a …
Moving from storing the tsvector values to a tsvector index Read More »
One of the primary uses for FreshPorts is searching various characteristics of the ports. One highly used search feature is pkg-messages (background at pkg-message). A problem which has been vexing me for about 2 months was the lack of results on prod, but results which worked on dev. The issue was raised on GitHub. Initially, …
When tsvector was working as expected on most hosts, but not one Read More »
Tonight I was setting up a new FreshPorts node for development. It took me a while to remember the steps. sudo su -l postgres psql template1 < globals.sql createdb -T template0 -E SQL_ASCII freshports.org psql freshports.org create language plperl; exit; time pg_restore -j 32 -d freshports.org ~dan/dump/freshports.org.dump
Based on the Add links to GitHub and GitLab mirrors for ports and commits request, the website has some new links arriving soon. Link to GitHub from each commit A similar link to GitLab Use the one you like. Each git web interface has it’s own followers. Also, while there, the commit hash at the …
New links to GitLab and GitHub, in addition to the exist cgit.freebsd.org Read More »