ivatar issueshttps://git.linux-kernel.at/oliver/ivatar/-/issues2021-09-06T11:42:47Zhttps://git.linux-kernel.at/oliver/ivatar/-/issues/19Wrong size is returned for default=retro and default=identicon2021-09-06T11:42:47ZGhost UserWrong size is returned for default=retro and default=identiconWhen an avatar is requested with a default option of 'retro' or 'identicon' on a non-existing user a wrongly sized image is returned. This image will always be 20px large.
Example:
```
https://avatars.linux-kernel.at/avatar/nobodyasdas...When an avatar is requested with a default option of 'retro' or 'identicon' on a non-existing user a wrongly sized image is returned. This image will always be 20px large.
Example:
```
https://avatars.linux-kernel.at/avatar/nobodyasdasdasdasdashdakhdkjhkaa?s=80&d=retro
```
This image will be 100 pixels wide.
Issue found with my tests script `ivatar.t`.Feature complete - one month before go liveOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/18The MysteryMan avatar is returned when a non-existing user is requested with ...2021-09-06T11:43:00ZGhost UserThe MysteryMan avatar is returned when a non-existing user is requested with an empty default optionWhen an avatar is requested with a malformed `default` option with no value on a non-existing user the 'mm.png' file is returned.
Example:
```
curl -i https://avatars.linux-kernel.at/avatar/nobodyasdasdasdasdashdakhdkjhkaa?d=
```
Whil...When an avatar is requested with a malformed `default` option with no value on a non-existing user the 'mm.png' file is returned.
Example:
```
curl -i https://avatars.linux-kernel.at/avatar/nobodyasdasdasdasdashdakhdkjhkaa?d=
```
While not technically against the API this is not the behaviour of both Libravatar 0.1 and Gravatar, where the default 'nobody.png' file is used instead. This is mentioned briefly, although I think not very clearly, in the documentation:
> d or default parameter defaults to the Libravatar logo
Issue found with my tests script `ivatar.t`.Feature complete - one month before go liveOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/17Error 500 on invalid size option2021-09-06T11:48:25ZGhost UserError 500 on invalid size optionWhen requesting an avatar with a non-integer size such as the word “mille” (or anything else) ivatar seems to crash and returns a HTTP 500 error code.
Example:
```curl -i https://avatars.linux-kernel.at/avatar/4751ed9aae86881d2b45dd051...When requesting an avatar with a non-integer size such as the word “mille” (or anything else) ivatar seems to crash and returns a HTTP 500 error code.
Example:
```curl -i https://avatars.linux-kernel.at/avatar/4751ed9aae86881d2b45dd0512c3e14a?s=mille```
Issue found with my tests script `ivatar.t`.Feature complete - one month before go liveOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/2Security check2019-02-21T08:52:03ZOliver Falkoliver@linux-kernel.atSecurity checkI believe there should be no real big security issue, but if someone could check, I'd appreciate!I believe there should be no real big security issue, but if someone could check, I'd appreciate!Feature complete - one month before go liveOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/1Write INSTALL.md2019-02-21T08:53:19ZOliver Falkoliver@linux-kernel.atWrite INSTALL.mdThere's only 'TODO' in INSTALL.md at the moment. Write some real documentatino.There's only 'TODO' in INSTALL.md at the moment. Write some real documentatino.Feature complete - one month before go livehttps://git.linux-kernel.at/oliver/ivatar/-/issues/14raw_image/<id> should not be accessible to _every_ logged in user2018-11-12T15:25:37ZOliver Falkoliver@linux-kernel.atraw_image/<id> should not be accessible to _every_ logged in userAt the moment the raw/original image can be access by every logged in person, this poses a bit of a security leak. Eg. https://avatars.linux-kernel.at/accounts/raw_image/12At the moment the raw/original image can be access by every logged in person, this poses a bit of a security leak. Eg. https://avatars.linux-kernel.at/accounts/raw_image/12Go-LiveOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/87Add webp support2022-12-06T18:10:22ZOliver Falkoliver@linux-kernel.atAdd webp supportIt would be great to use WebP (or even AVIF) for the generated avatar icons by appending the file extension as a suffix in the URL.
https://caniuse.com/webp
https://caniuse.com/avif
Then the website that uses Libravatar can choose if ...It would be great to use WebP (or even AVIF) for the generated avatar icons by appending the file extension as a suffix in the URL.
https://caniuse.com/webp
https://caniuse.com/avif
Then the website that uses Libravatar can choose if they want it in PNG or WebP format.
https://www.libravatar.org/static/img/nobody/80.png -- works today
https://www.libravatar.org/static/img/nobody/80.webp -- does not work
https://www.libravatar.org/avatar/23463b99b62a72f26ed677cc556c44e8?s=80 -- works today
https://www.libravatar.org/avatar/23463b99b62a72f26ed677cc556c44e8.webp?s=80 -- does not workWinter Sprint 2022Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/69Automatically associate added emails with "other service" default2021-09-16T11:27:12ZGhost UserAutomatically associate added emails with "other service" defaultI've been importing all my previous email associated to Gravatar, however the experience was a bit annoying as I was expecting this to set the previously used image as default for such email, instead of having me to redo the same process...I've been importing all my previous email associated to Gravatar, however the experience was a bit annoying as I was expecting this to set the previously used image as default for such email, instead of having me to redo the same process for them all (and I had like 8 with different images).
So, please... I like the idea of a free service, but make the migration a nicer experience.Winter Sprint 2022Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/59Email in settings is not editable2021-09-06T11:54:03ZGhost UserEmail in settings is not editableGo to `/accounts/pref/`
There is only one option - email, and you can't edit it
Maybe change it to a select with verified emailsGo to `/accounts/pref/`
There is only one option - email, and you can't edit it
Maybe change it to a select with verified emailsWinter Sprint 2022Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/72Link to online avatar generators2022-12-30T12:24:15ZGhost UserLink to online avatar generatorsLink to online avatar generator websites that can be used to create an avatar for Libravtar.
Example:
* https://avatarmaker.net/create-avatar
* https://avachara.com/avatar/
Maybe link to some Android apps that let you create avatars to...Link to online avatar generator websites that can be used to create an avatar for Libravtar.
Example:
* https://avatarmaker.net/create-avatar
* https://avachara.com/avatar/
Maybe link to some Android apps that let you create avatars too.
Here is a search query for "[face avatar makers](https://play.google.com/store/apps/collection/cluster?clp=ggETChFmYWNlIGF2YXRhciBtYWtlcg%3D%3D:S:ANO1ljJ8XxQ&gsr=ChaCARMKEWZhY2UgYXZhdGFyIG1ha2Vy:S:ANO1ljLcF0M)" on Google Play Store.Next sprintOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/61Maintenance page2020-02-25T11:29:27ZOliver Falkoliver@linux-kernel.atMaintenance pageAdd config option to allow a maintenance page to show up instead of the normal user interface, but still allow avatars to be served.
So => No write, just read.Add config option to allow a maintenance page to show up instead of the normal user interface, but still allow avatars to be served.
So => No write, just read.Migration 02/2020Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/60Avatar boxes are too narrow2021-11-22T13:14:32ZGhost UserAvatar boxes are too narrowHaving several similarly named domains turns avatar management into a nightmare
![image](/uploads/a01170dd3cfb22092292d7c567f4d889/image.png)
Why not use wide list like gravatar does?Having several similarly named domains turns avatar management into a nightmare
![image](/uploads/a01170dd3cfb22092292d7c567f4d889/image.png)
Why not use wide list like gravatar does?Redesign Profile pagehttps://git.linux-kernel.at/oliver/ivatar/-/issues/13Add RoboHash?2019-02-21T08:51:43ZOliver Falkoliver@linux-kernel.atAdd RoboHash?If we want RoboHash, this should receive some votes, else, I'll not care too much:
https://github.com/e1ven/RobohashIf we want RoboHash, this should receive some votes, else, I'll not care too much:
https://github.com/e1ven/RobohashAdditional features (not required for go-live)Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/9Login with OpenID should automatically add OpenID identity2018-12-05T15:48:21ZOliver Falkoliver@linux-kernel.atLogin with OpenID should automatically add OpenID identityIf you login with https://avatars.linux-kernel.at/openid/login/, it will not automatically create your OpenID identity, but it should, since it's kinda confirmed at that point already.If you login with https://avatars.linux-kernel.at/openid/login/, it will not automatically create your OpenID identity, but it should, since it's kinda confirmed at that point already.Additional features (not required for go-live)Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/96Discrepency between docs and software2024-02-02T15:26:16ZSeth Falcoseth@falco.funDiscrepency between docs and softwareI've just learned recently that Gravatar supports uses SHA256 hashes now. I'm unsure when this functionality was added, but their documentation was updated somewhere in 2023 to reflect the change.
See: https://web.archive.org/web/202310...I've just learned recently that Gravatar supports uses SHA256 hashes now. I'm unsure when this functionality was added, but their documentation was updated somewhere in 2023 to reflect the change.
See: https://web.archive.org/web/20231023231148/https://docs.gravatar.com/general/hash/
The documentation for Libravatar includes the following:
> if an image is not found in the Libravatar database and the hash algorithm used was **MD5**, then Libravatar will first redirect to Gravatar in case the image exists there
>
> — https://wiki.libravatar.org/api/
From manually testing on the website and reviewing the code, it looks this has already been handled. Since both are supported, there shouldn't be a need to specify MD5 in the docs as this causes confusion.
Could the documentation please be updated to reflect the current behavior?Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/95Logout leading to HTTP error 4052024-01-16T14:00:42ZOliver Falkoliver@linux-kernel.atLogout leading to HTTP error 405Django 5 deprecated logout via GET request - only POST is allowed.
Reference: https://docs.djangoproject.com/en/5.0/releases/5.0/#features-removed-in-5-0
Also partially outlined here: https://codereviewdoctor.medium.com/3-awesome-django...Django 5 deprecated logout via GET request - only POST is allowed.
Reference: https://docs.djangoproject.com/en/5.0/releases/5.0/#features-removed-in-5-0
Also partially outlined here: https://codereviewdoctor.medium.com/3-awesome-django-4-1-changes-1-is-a-logout-deprecation-you-need-to-know-about-1d8166ccbdb2
This needs to be fixed in navigation and home pages.https://git.linux-kernel.at/oliver/ivatar/-/issues/94RFE: Default for gravatarproxy and gravatarredirect should be configurable in...2023-09-26T11:20:51ZOliver Falkoliver@linux-kernel.atRFE: Default for gravatarproxy and gravatarredirect should be configurable in settings/config# Describe your issue
The defaults in https://git.linux-kernel.at/oliver/ivatar/-/blob/master/ivatar/views.py?ref_type=heads#L118-119make sense for the main, public available, instance under libravatar.org, but may not make sense for lo...# Describe your issue
The defaults in https://git.linux-kernel.at/oliver/ivatar/-/blob/master/ivatar/views.py?ref_type=heads#L118-119make sense for the main, public available, instance under libravatar.org, but may not make sense for local instances where you may not have or want your instance to access the public internet. Hence, these defaults should be configurable in https://git.linux-kernel.at/oliver/ivatar/-/blob/master/config.py
Suggesting to add:
* DEFAULT_GRAVATARPROXY
* DEFAULT_GRAVATARREDIRECT
and maybe also
* FORCEDEFAULT
To the list of settings/config. Need to ensure it's fail safe if the parameters are **_not_** listed in the configuration.
# What have you tried to far?
Adding the options to the request URL. For example: &gravatarproxy=n&gravatarredirect=n is possible, but tedious and redundant if it's always true for your local instance.
# Links / Pointer / Resources
* https://git.linux-kernel.at/oliver/ivatar/-/blob/master/ivatar/views.py?ref_type=heads#L118-119
* https://git.linux-kernel.at/oliver/ivatar/-/blob/master/config.pyOliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/92Dicebear implementation needs update2023-02-01T16:17:39ZOliver Falkoliver@linux-kernel.atDicebear implementation needs updateAllowed URLs need an update: https://git.linux-kernel.at/oliver/ivatar/-/blob/master/config.py#L213
Dicebear API docs: https://dicebear.com/how-to-use/http-api
Maybe keep the 'avatars' subdomain and just add the 'api' subdomain in case...Allowed URLs need an update: https://git.linux-kernel.at/oliver/ivatar/-/blob/master/config.py#L213
Dicebear API docs: https://dicebear.com/how-to-use/http-api
Maybe keep the 'avatars' subdomain and just add the 'api' subdomain in case it would break some implementation.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/91Error 500 if trying to confirm a mail address that is already confirmed for a...2023-01-24T21:00:19ZOliver Falkoliver@linux-kernel.atError 500 if trying to confirm a mail address that is already confirmed for another userError logged:
```
IntegrityError at /accounts/confirm_email/<verify digest>
duplicate key value violates unique constraint "ivataraccount_confirmedemail_email_key"
DETAIL: Key (email)=(<some mail address>) already exists.
```Error logged:
```
IntegrityError at /accounts/confirm_email/<verify digest>
duplicate key value violates unique constraint "ivataraccount_confirmedemail_email_key"
DETAIL: Key (email)=(<some mail address>) already exists.
```Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.athttps://git.linux-kernel.at/oliver/ivatar/-/issues/90Trusted URLs improvements/refactors2022-09-15T17:06:45ZSeth Falcoseth@falco.funTrusted URLs improvements/refactorsJust making some notes to resolve later if you don't disagree with them anyway:
* Given that the list of TRUSTED_DEFAULT_URLs can be overridden, it's probably best to handle None explicitly.
* Add backward compatibility to work with stri...Just making some notes to resolve later if you don't disagree with them anyway:
* Given that the list of TRUSTED_DEFAULT_URLs can be overridden, it's probably best to handle None explicitly.
* Add backward compatibility to work with string literals and check the start of the string.Oliver Falkoliver@linux-kernel.atOliver Falkoliver@linux-kernel.at