christianlight/tutor
6
0
Fork 0
mirror of https://github.com/ChristianLight/tutor.git synced 2025-01-07 07:54:03 +00:00
Code Issues Releases Activity

sec: apply rate limiting security fix

Browse Source
This commit is contained in:
Régis Behmo 2022-04-20 19:05:06 +02:00
parent 51d93cd54c
commit 658d6957db
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -4,6 +4,7 @@ Note: Breaking changes between versions are indicated by "💥".
## Unreleased
- [Security] Apply rate limiting security fix (see [commit](https://github.com/overhangio/edx-platform/commit/b5723e416e628cac4fa84392ca13e1b72817674f)).
- [Feature] Introduce the ``-m/--mount`` option in ``local`` and ``dev`` commands to auto-magically bind-mount folders from the host.
- [Feature] Add `tutor dev quickstart` command, which is similar to `tutor local quickstart`, except that it uses dev containers instead of local production ones and includes some other small differences for the convience of Open edX developers. This should remove some friction from the Open edX development setup process, which previously required that users provision using local producation containers (`tutor local quickstart`) but then stop them and switch to dev containers (`tutor local stop && tutor dev start -d`).
- 💥[Improvement] Make it possible to run `tutor k8s exec <command with multiple arguments>` (#636). As a consequence, it is no longer possible to run quoted commands: `tutor k8s exec "<some command>"`. Instead, you should remove the quotes: `tutor k8s exec <some command>`.

9
tutor/templates/build/openedx/Dockerfile
View File

@ -42,10 +42,10 @@ WORKDIR /openedx/edx-platform
RUN git config --global user.email "tutor@overhang.io" \
&& git config --global user.name "Tutor"
{% if patch("openedx-dockerfile-git-patches-default") %}
{%- if patch("openedx-dockerfile-git-patches-default") %}
# Custom edx-platform patches
{{ patch("openedx-dockerfile-git-patches-default") }}
{% else %}
{%- else %}
# Patch edx-platform
# Fix forum notification for questions
# https://github.com/openedx/edx-platform/pull/29611
@ -53,7 +53,10 @@ RUN git fetch --depth=2 https://github.com/open-craft/edx-platform/ 03731f19459e
# SAML security fix
# https://github.com/overhangio/edx-platform/tree/overhangio/sec-fix-saml-vulnerability
RUN git fetch --depth=2 https://github.com/overhangio/edx-platform/ 3b985f207853e88090d68a81acd52866b71f5af7 && git cherry-pick 3b985f207853e88090d68a81acd52866b71f5af7
{% endif %}
# Rate limiting security fix
# https://github.com/overhangio/edx-platform/tree/overhangio/sec-rate-limiting
RUN git fetch --depth=2 https://github.com/overhangio/edx-platform/ b5723e416e628cac4fa84392ca13e1b72817674f && git cherry-pick b5723e416e628cac4fa84392ca13e1b72817674f
{%- endif %}
{# Example: RUN git fetch --depth=2 https://github.com/openedx/edx-platform <GITSHA1> && git cherry-pick <GITSHA1> #}
{{ patch("openedx-dockerfile-post-git-checkout") }}