GitHub Actions run 1094847429 succeeded.

Looks fine to me, nice work!

Relevant comment on this topic on the server: #community-meta message

Basically, while it definitely isn't a great option, there aren't really any better free options. So for people who are making a simple bot for them and a few friends in a small server, which they are happy just about working most of the time, and are happy to put up with a bit of extra setup work, it might be the best option for them - and I think that's ofte...

1dbe804 styles: filtering resources page - dawnofmidnight

587e52e Add commands to turn automatic review posting o... - wookie184
3bdec8e Small code improvements and added 'ar' alias - wookie184
792c5a4 Rename commands from on/off to enable/disable - wookie184
5aa0022 Remove bot prefix from docstring and change sin... - wookie184
def62f6 Add check for redundant change - wookie184

GitHub Actions run 1095130882 succeeded.

Sentry Issue: BOT-130

The response doesn't include an encoding in the headers, so aiohttp has to guess. It sometimes guesses incorrectly, leading to decoding errors. The API does not document what the encoding of responses is. Would it be safe to assume it's always UTF-8?

UnicodeDecodeError: 'charmap' codec can't decode byte 0x81 in position 1009: character maps to 
  File "discord/ext/comma...

Connected!

GitHub Actions run 1095144157 succeeded.

b305874 Force utf-8 decoding when querying metabase - ChrisLovering

Closes #1713

Some discord usernames contain unicode characters, which causes an decoding error as chardet isn't 100% and can't falsely detect the response text as Windows-1254.

GitHub Actions run 1095201814 succeeded.

Sentry Issue: BOT-135

If the cog is reloaded while there are less than the maximum amount of available channels, it makes some channels available until the limit is reached. When a channel is made available, it updates the available_help_channels set. The update_available_help_channels() function will not update this set if it sees that the set already contains elements. This results in onl...

It's still a method, see the following examples
https://github.com/python-discord/bot/blob/4aaf2bbe3f0a866451cf9fc91e771dfd7c54d029/bot/converters.py#L91-L92
https://github.com/python-discord/bot/blob/4aaf2bbe3f0a866451cf9fc91e771dfd7c54d029/bot/converters.py#L107
...
https://github.com/python-discord/bot/blob/4aaf2bbe3f0a866451cf9fc91e771dfd7c54d029/bot/exts/moderation/silence.py#L367-L368
https://github.com/python-discord/bot/blob/4aaf2bbe3f0a866451cf9fc91e771dfd7c54d029/bot/exts/moder...

This also fixes BOT-MC and BOT-MD. Remember to resolve these manually when this PR is merged. I forgot to include these in the commit message.

3504731 CodeSnippets: refactor on_message - MarkKoz
cfbeabb CodeSnippets: move init to the top of the c... - MarkKoz
4753264 CodeSnippets: refactor snippet parsing into a s... - MarkKoz
900bf69 CodeSnippets: don't send snippets if the origin... - MarkKoz

In the examples they might have been called with self but the context was different. In case of silence for example it was called directly there (async def silence(...)) which in fact is not a staticmethod but a normal method. But in my case, I'm calling a staticmethod inside a staticmethod.(Which in fact is strange, but I could not put it into the helpers unfortunately, so I put it directly into the cog as a staticmethod.).
But if you prefer those staticmethod decorators to be removed...

Fixes BOT-13B

The 404 error was not being caught when trying to edit the message to remove embeds. However, I figured that it shouldn't send the snippets at all if the message is deleted.

I also refactored a few things.

a8869b4 Force utf-8 decoding when querying metabase - ChrisLovering

GitHub Actions run 1095309008 succeeded.

Connected!

GitHub Actions run 1095320454 succeeded.

@MarkKoz sorry for taking so long to review it.

The appended advisory looks good. The feature itself looks solid.

As for expired or inactive infractions, I think replacing the expiry value with Expired should be enough. This has the disadvantage of not telling the user when their infraction expired, but this isn't really a case we're planning to use the command in.

Oh sorry, I see now. You do not have self as an argument

GitHub Actions run 1095457046 succeeded.

4772c5e Revert "Fixes Issue Matching Regex" - Vthechamp22
671be99 Revert "Fixes Issue Matching Regex" - Vthechamp22
b4ee10a Add stackoverflow cog with answers - Vthechamp22
5066446 Merge branch 'master' of https://github.com/pyt... - Vthechamp22
37ae939 Merge branch 'master' of https://github.com/Vth... - Vthechamp22

Connected!

GitHub Actions run 1095481418 succeeded.

38add14 Added emoji IDs to constants.py - Xithrius

Adds IDs for the .stackoverflow command, replacing the placeholders that I forgot to replace.

GitHub Actions run 1095511389 succeeded.

My name is ChrisJL and I approve of this PR

good PR

good PR but approved

38add14 Added emoji IDs to constants.py - Xithrius
32b6d0e Merge pull request #796 from python-discord/add... - ChrisLovering

Connected!

GitHub Actions run 1095524569 succeeded.

935b9c6 Time: fix discord_timestamp for relativedeltas - MarkKoz
d8f467b Time: support ISO 8601 and naïve/aware datetime... - MarkKoz
67520a9 Time: remove RFC1123 support - MarkKoz
afa3504 Time: describe input types in discord_timestamp... - MarkKoz
d7d72ad Time: support ISO 8601 strings for discord_time... - MarkKoz

587e52e Add commands to turn automatic review posting o... - wookie184
3bdec8e Small code improvements and added 'ar' alias - wookie184
792c5a4 Rename commands from on/off to enable/disable - wookie184
80861ff Add virtual environment (venv) tag (#1702) - Zedeldi
5aa0022 Remove bot prefix from docstring and change sin... - wookie184

c1fcab3 Fix TypeError when infraction append is not giv... - MarkKoz
6327be7 Merge branch 'main' into bug/mod/1706/infr-appe... - mbaruh
3cc05c6 Merge pull request #1708 from python-discord/bu... - mbaruh

GitHub Actions run 1097358619 succeeded.

Connected!

GitHub Actions run 1097369955 succeeded.

Whether you are the help-channel owner(the one who claimed the channel) or the helper, if the helpdm is on(for the helper), than dm when the channel is closed for any reason to detect wether the channel is closed or not

Just for my understading, the issue here is that log.exception opens an issue on Sentry? as functionality-wise it seems to be working fine already.

Is there a consistent rule for capitalized or un-capitalized "python"?
Lines 26, 31, 32, 33, 35 are un-capitalized, but the others are capitalized.

For line 36, The wording seems a bit clunky. Maybe "What Python level/skill/knowledge do you think you are at: Beginner, Intermediate or Advanced?"

(Just chiming in, wanting to get started with contributing!)

Wdym? They are not capitalized which is incorrect spelling, the others are capitalized because it is the correct spelling because it is a name. Unless I misunderstood you?

• What do you plan on eventually achieving with Python?
  • Was Python your first programming language? If not, what was?
  • What's your favourite aspect of Python development (e.g. backend, web dev, game dev, machine learning, ai)?
  • In what ways has Python Discord helped you with Python?
  • Are you currently using Python professionally, for education, or as a hobby?
  • What is your process when you decide to start a project in Python?
  • Have you ever been unable...

Wdym? They are not capitalized which is incorrect spelling, the others are capitalized because it is the correct spelling because it is a name. Unless I misunderstood you?

I was just unsure if there was some un-written rule of when to use "python" vs "Python". For example I could say I have a python script written in Python. When it is an adjective lower case seems fine, but as a noun it seems more proper to use the capitalization.

Currently, when the bot encounters an error, it sends an error embed containing the error itself, and another embed containing the help for the current command.

To make this consistent, I think we should put those two into one single embed. Like in Sir-Lancebot:

![alt text](https://cdn.discordapp.com/attachments/635950537262759947/8724032962524733...

I think this might be clearer as a multiline string constant defined at the top, then you can use actual newline characters instead of \n, making it more clear what the result will actually look like. Would also mean you don't have to use a mixture of single and double quoted strings.

Also not sure why there are 3 spaces, e.g. between **1** and for on line 310, seems to render with just 1 in discord though, not sure if i'm missing something

Hi @melodicht, are you still interested in finishing this off?

Just for my understanding, the issue here is that log.exception opens an issue on Sentry? as functionality-wise it seems to be working fine already.

The issue being fixed is 403 Forbidden errors being logged as exceptions and creating issues on Sentry.

Gotcha. Looks good to me

Would this change need to be made in sir-lancebot/bot/exts/evergreen/avatar_modification/avatar_modify.py ? I would assume the changes would be to the different functions defined there.

.8bitify : link
.prideavater: [link](https://github.com/python-discord/sir-lancebot/blob/32...

@Xithrius This issue should be closed as we decided to not allow user input for these images anymore.
cc: @ChrisLovering

yes agreed, the parts of commands that allowed this have been thrown into the sun

To expand on this for others: This was a moderation decision that is two-fold.

1. We will no longer allow users to run commands on any other members, unless the other member has opted into it (see the valentines command)
2. We no longer allow arbitrary user inputted images to be rendered and parroted by the bot

Compare changes

587e52e Add commands to turn automatic review posting o... - wookie184
3bdec8e Small code improvements and added 'ar' alias - wookie184
792c5a4 Rename commands from on/off to enable/disable - wookie184
c1fcab3 Fix TypeError when infraction append is not giv... - MarkKoz
80861ff Add virtual environment (venv) tag (#1702) - Zedeldi

c390ca4 Suppress 403 error when sending DEFCON reject D... - MarkKoz

GitHub Actions run 1098313971 succeeded.

Duplicate of #126

Connected!

GitHub Actions run 1098327772 succeeded.

Minor PR, simply changed the slice

Core dev approval: #ot0-psvm’s-eternal-disapproval message

GitHub Actions run 1098357923 succeeded.

            roles = ", ".join(role.mention for role in reversed(user.roles))

I find this easier to read, so it's clear what this is doing to people coming across this code in future.

This also has the benefit of just being a generator, rather than making a whole new list

I agree, but we'll still need a slice for removing the @everyone role, right? That's why the [1:] was there and that's why I didn't do [::-1], but I did [:0:-1]

If we need a slice, THEN a reversed iterator, I believe everything in a slice is better.

Perhaps this can be resolved with a comment explaining the slice, so we get the best of both worlds?

Ah right, yea that would make sense why the :0 is there then. Could you add a comment to explain that? :D

Seeing [:0:-1] just looked wrong to me, but it makes sense now. So I think a comment could really help the next person that glances at this and may think the same

Got it, comment added, resolved!

GitHub Actions run 1098483137 succeeded.

This makes it seem like you sort them. Just say that it reverses the order.

Well, it is sorted - from lowest to highest. -1 makes it highest to lowest. I'll add "instead of the other way around" to the end of the comment to clear any possible confusion.

GitHub Actions run 1098510406 succeeded.

GitHub Actions run 1098510419 succeeded.

Compare changes

I hate to keep complaining about comments like this..

But I was thinking something more like:

            # and the -1 is for reversing the order of the roles (highest to lowest)

It should probably also mention that it's highest to lowest in hierarchy.

Yeah, alright.

We might want to squash merge this.

GitHub Actions run 1098606988 succeeded.

Good enough, thanks!

7586276 Reorder user roles in !user command from highes... - Objectivitix

587e52e Add commands to turn automatic review posting o... - wookie184
3bdec8e Small code improvements and added 'ar' alias - wookie184
792c5a4 Rename commands from on/off to enable/disable - wookie184
c1fcab3 Fix TypeError when infraction append is not giv... - MarkKoz
80861ff Add virtual environment (venv) tag (#1702) - Zedeldi

Connected!

GitHub Actions run 1098647076 succeeded.

53f8ea4 Catch 404 error when waiting to delete message - MarkKoz
8bfc0d7 Reduce imports in utils/messages by qualifying ... - MarkKoz
47398c9 Merge branch 'main' into bug/bot-1jd/backend/wa... - ChrisLovering
bdc9280 Merge pull request #1709 from python-discord/bu... - ChrisLovering

GitHub Actions run 1098647558 succeeded.

I don't like the debug mode being false as the config default as it should almost always be set for dev; what do you think about making it an env var with defaulting to enabled?

That's a decent idea. The downside is it goes against the concept of the default config being the default values for production, but I don't see a simple way around this.

We could have it as an env var that gets set in the compose file, since that isn't use in prod

Connected!

GitHub Actions run 1098659619 succeeded.

I don't like the debug mode being false as the config default as it should almost always be set for dev; what do you think about making it an env var with defaulting to enabled?

That's a decent idea. The downside is it goes against the concept of the default config being the default values for production, but I don't see a simple way around this.

We could have it as an env var that gets set in the compose file, since that isn't use in prod

It's a parti...

I don't like the debug mode being false as the config default as it should almost always be set for dev; what do you think about making it an env var with defaulting to enabled?

That's a decent idea. The downside is it goes against the concept of the default config being the default values for production, but I don't see a simple way around this.

We could have it as an env var that gets set in the compose file, since that isn't use in prod

...

Do we really need to find a fix? We can just tell people to set the value like we do for most other values. The biggest downside I see is that it’ll leave a possible security vulnerability if the user doesn’t set it, and nothing will tell them so. That being said, I imagine most people are already running these bots in their own test servers, or with people they trust.

I read back the whole issue, starting from the beginning.
I believe most of the times showing one embed with the usage (like in Sir Lancebot's error handler.) is more consistent than the current one (Showing two embeds)
But we can make specific cases for specific errors, like not showing the usage just the error message!(Although, at that point, I don't...

Description

The proposal is that we allow tags to be specified as another argument for the stackoverflow command. Stack Exchange API allows filtering by tags with the query, so if the user would like to specify the tags for a certain query, i,e. .so JSON [tags], the stackoverflow command would add the additional tagged parameter with the Stack Exchange API with the query 'JSON'.

Reasoning

The current stackoverflow command will search for the top 5 results, but it can't ...

@janine9vn Thank you. I will proceed to throw this issue into the sun.

I would guess a flag would be the best way to do this? Maybe -t <tag> <tag> <tag>
Then a user would do .so <search terms> -t <tag> <tag> <tag>

I would guess a flag would be the best way to do this? Maybe -t <tag> <tag> <tag>
Then a user would do .so <search terms> -t <tag> <tag> <tag>

That's true. I can update it to take a flag instead.

c034729 Add codeql workflow - ChrisLovering

Description

Add the codeql workflow, this is mostly auto-generated from the github interface.

Did you:

• [ ] Join the Python Discord Community?
• [ ] Read all the comments in this template?
• [ ] Ensure there is an issue open, or link relevant discord discussions?
• [ ] Read and agree to the contributing guidelines?

GitHub Actions run 1099278272 succeeded.

Could you give context for others why we want to implement this?

I'm not even proposing me merge this at all, currently just test running the workflow to see if it's useful. Probably should have said that in the description.

Compare changes

GitHub Actions run 1099312395 succeeded.

Compare changes

GitHub Actions run 1099328495 succeeded.

c21530d codeql: don't install deps again when initilising - ChrisLovering

GitHub Actions run 1099349690 succeeded.

d2bf53f Add codeql workflow - ChrisLovering

Add the codeql workflow, this inspects the source code for possible vulnerabilities.

I'm not proposing me merge this at all, currently just test running the workflow to see if it's useful.

GitHub Actions run 1099379228 succeeded.

We have decided the extra 4-5 minutes of CI wait time isn't worth the minimal benefits this brings

We have decided the extra 4-5 minutes of CI wait time isn't worth the minimal benefits this brings

a6effc6 Remove "Return Home" button at the bottom of a ... - Bluenix2

Reasoning

The previous Return Home button was placed at the bottom of the form, a user would only see this after filling in the whole form. Why would someone return home after filling in a whole form?

Improvements

I didn't touch the Submit button's style much. It looks visually nice like this in my opinion. Should the button be enlarged to make up for the bigger b...

Compare changes

This is my first shot at it, definitely could clean up the string combination as well as having an embedded error message for more than 5 tags.

    async def stackoverflow(self, ctx: commands.Context, *, search_query: str, ) -> None:
        """Sends the top 5 results of a search query from stackoverflow."""
        def tag_parse(query: str) -> str:

            list_query = query.split()
            if "-t" in list_query:
                stop_index = list_query.index("-t")
...

Compare changes

259d1c0 Time: remove broken enum type check in discord_... - MarkKoz

The implementations had some redundancies. Furthermore, the functions were commonly being used with either datetimes or ISO 8601 strings, but some functions only accepted one of them rather than both types. This resulted in ugly call sites because callers had to perform conversions themselves. Lastly, some functions were more tightly coupled (mostly naming-wise since the switch to Discord timestamps) to infractions than they needed to be.

The changes are described well by the commit hist...

GitHub Actions run 1100105585 succeeded.

We have decided to delete this commend entirely in #778

Duplicate of #788

This is the branding for the Free Comic Book Day event which is on the 14th of August.

Could you add another line here describing that it's usually on on the first Saturday in May, but has been rescheduled for Aug 14th for 2021?

This will help us figuring out what date to change it to each year.

In an event the server icon will only update every 3 days (iirc we had it lower at one point but it caused strange cache problems). I think that means we'll only see one of the icons (chosen randomly) in the event. This is fine, just wanted to make sure you were aware of this.

If you had a favourite and wanted to make sure that appears, you could remove the other two, or you could also replace them with a gif cycling through them all, although either of those ideas should probably be discu...

GitHub Actions run 1101746662 succeeded.

GitHub Actions run 1102140965 succeeded.

Description:
The tag informs why YouTube or any tutorials are not good to be followed.
Motivation:
There are a lot of users asking for help on code that they were spoonfeeded or simply do not understand and I think this is a good way to tell them to stop and try and understand since all information you want about making a command can be found in docs.
Tag content: (can of course be shortened since this is fairly long)
Tutorials are fundamentally flawed in concept when it com...

Description:
The tag informs why YouTube or any tutorials are not good to be followed.
Motivation:
There are a lot of users asking for help on code that they were spoonfeeded or simply do not understand and I think this is a good way to tell them to stop and try and understand since all information you want about making a command can be found in docs.
Tag content: (can of course be shortened since this is fairly long)
Tutorials are fundamentally flawed in concept when it com...

I have to strongly disagree on this one. I don't see it helpful in any way to say "hey, the way you prefer to learn is not good". I see this as injecting a personal opinion on tutorials/videos and passing it off as canonically accepted. At worst, it's a harmful opinion. In terms of benefits, I don't see this being as constructive in any way. I believe content of specific tutorials or other works, if to be addressed, must be addressed on a case-by-case basis.

Instead, we should encourage ...

Closing as duplicate of #1722

Resource name
ExplorePython

Resource location
https://explorepython.org

Payment type
Free

Why it should be included
As opposed to some other python courses and tutorials, it gives the lessons in bite sized pieces with comprehension tests at the end of each lesson to test their learning. This helps with retention, as well as makes it more fun and entertaining to do.
Also, Kat said it should be here.

Potential limitations
It is missing some vital content ...

Added this

When you type in an invalid argument for the docs command and it says "No documentation found for the requested symbol.", it also lists down the closest matches to what you type so you can see what the name of the argument is. Or could take this a step further and make the bot list the closest matches with corresponding number beside it to which the user can write the number/react to the emote showing that number and it would show the docs for that argument

If you had a favourite and wanted to make sure that appears, you could remove the other two, or you could also replace them with a gif cycling through them all, although either of those ideas should probably be discussed in dev-branding if you want to change to that.

I have replaced the three images with a single GIF that cycles through all three images.

GitHub Actions run 1105549931 succeeded.

f72bb8a Pinned aioredis to 1.3 and relocked dependencies - wookie184
8e653f4 Replace fuzzywuzzy with rapidfuzz - wookie184
fac37b2 Modify code to comply with new linter error N818 - wookie184

Closes #794

I'm not sure why aspecific scorer was specified in the old code here, https://github.com/python-discord/sir-lancebot/commit/8e653f4f6fc64ad78809e5ec1943ee38865bf221#diff-2b56425c5b483af73a4eaf13d49e54eca49dd8338d3b3f6cad5201ecad8d0366L162. The default seems fine, although I can change to use fuzz.ratio if necessary.

Did you:

• [x] Join the Python Discord Community?
• [x] Read all the comments in this template?
• [x] Ensure ther...

GitHub Actions run 1105625336 succeeded.

Description

A user command to search Real Python for a relevant article. The command would take user input and return a short list of articles with the search terms in the title of the Real Python articles. This is heavily inspired by the recent Stackoverflow search command.

Reasoning

Similar to the Stackoverflow command, this would give a shortcut to the information existing on the Real Python website from within the Python Discord server.

Proposed Implementation

N/...

I like this idea as well. Will both tags as commands be pointing to this one embed?

I'm interested in this idea. Does anyone else have thoughts?

Do we just go for the easy, but tedious, solution and update the doc strings?

@ChrisLovering this is probably the best way to do it for now.

@mbaruh status on this PR?

With https://github.com/python-discord/bot/pull/1663 adding tag metadata, at some point we could probably allow tag aliases, but for now I think the only way of having two names point to the same tag is just duplicating the contents.

That's not ideal, but it would probably be confusing to remove one of the names.

looks good to me, tested and works well!

7049a00 Create join_role_stats function in helpers - D0rs4n
a8e30f6 Add Leads role(s) to the server information e... - D0rs4n
bb961b2 Merge branch 'main' into pr/serverinfoleads - ChrisLovering
b2b9d23 Handle non-existent roles in join_role_stats - D0rs4n
ed00aad Modify error handling in join_role_stats and mo... - D0rs4n

GitHub Actions run 1106575386 succeeded.

Connected!

GitHub Actions run 1106583794 succeeded.

Mailing lists embeds don't escape markdown which means Dunder methods are underlined, this PR tries to fix it.
(This is my first PR sorry if I'm making something wrong)

GitHub Actions run 1106654146 failed.

GitHub Actions run 1106658000 succeeded.

19c796a Refactor endpoint paths - Bluenix2
429bf73 Merge insecure.py into general.py - Bluenix2
1ab8d88 Merge branch 'python-discord:main' into main - Bluenix2
52979f6 Move inline comment to line above - Bluenix2
f6321d1 Remove unneccessary tags kwarg to APIRouter - Bluenix2

GitHub Actions run 1106700216 succeeded.

GitHub Actions run 1106703680 succeeded.

19c796a Refactor endpoint paths - Bluenix2
429bf73 Merge insecure.py into general.py - Bluenix2
1ab8d88 Merge branch 'python-discord:main' into main - Bluenix2
52979f6 Move inline comment to line above - Bluenix2
f6321d1 Remove unneccessary tags kwarg to APIRouter - Bluenix2

145279b Implement access- and refresh tokens - Bluenix2
fdacbbd Merge branch 'main' into access-tokens - Bluenix2
504b136 Merge pull request #124 from python-discord/acc... - Bluenix2

GitHub Actions run 1106707111 succeeded.

GitHub Actions run 1106708040 succeeded.

GitHub Actions run 1106708959 succeeded.

Explanation

It's like SQL injection, but for URLs. Carelessly formatting user input into a URL template can allow attackers construct a specific string to do something nasty.

To fix

https://github.com/python-discord/sir-lancebot/blob/main/bot/exts/evergreen/movie.py
URL formatting partially using f-strings (line 145). I wasn't able to find a vulnerability, but no check is made to ensure that the substitution is safe

https://github.com/python-discord/sir-lancebot/blob/main/bot...

51e6314 Fix type annotations - decorator-factory

This PR aims to improve type annotations (type hints) in the project, including:

• change old-style annotations (like typing.List[int])
• fix annotations that are just wrong
• replace weak types (like dict[str, Any]) with strong types (like making a dataclass)

GitHub Actions run 1107029204 succeeded.

Description

I want to change some type annotations

Reasoning

Good type hints make code easier to understand, and bad type hints are misleading and should be fixed.

Would you like to implement this yourself?

• [x] I'd like to implement this feature myself
• [ ] Anyone can implement this feature

WIP PR

https://github.com/python-discord/sir-lancebot/pull/802

Several users have expressed a desire to interact with files with their executed code. I believe such feature is in scope and that it would be a great feature. Supporting it would require a way to mount an isolated, size-capped r/w directory for each NsJail instance. Implementation details need to be investigated to determine the feasability of this feature.

Someone made me realise that shared memory could be accessed across NsJail instances. Can you think of a way have isolated mounts for each instance?

@Xithrius It still lives, just taking me a bit to get to it.

I don't think I am having enough time to look into this and it has been stale for quite a while now, so whoever wants can take over the PR, and deliver the feature!

I'm unassigning myself. The issue is waiting for #1527 to be merged and can then be worked on, I'm not sure how soon I'll have time.

How could that happen? We create a new tmpfs for every nsjail instance — it's not shared.

Looks good. Simple design but it's effective.
I may investigate in the future converting it to a table so we can enable :hover properties.

I see nothing wrong, but perhaps instead of saying "GitHub" (they're all hosted on GitHub) it could say either simply "Repository" or the repository name (as in n0remac/Acute-Alligators-2021-Summer-Code-Jam or BoraxTheClean/adaptable-antelopes)

This isn't great for accessibility. Text readers will read out loud the link text, which is "GitHub" for every team. Can we also include the team name?

You mean duplicate the team name?

Yes, or give them a title attribute

6a7e4b2 "That can mean a lot of things" -> "It's usuall... - swfarnsworth

How could that happen? We create a new tmpfs for every nsjail instance — it's not shared.

Is it really a new one or is it just mounting the same directory over and over?

Is that what is_bind false does?

Is it really a new one or is it just mounting the same directory over and over?

https://github.com/python-discord/snekbox/blob/e6cf1c4dce96e45313f125473dc30582f4d443ef/config/snekbox.cfg#L107-L113

If this works the same way that it would in the equivalent fstab, it will be a new tmpfs instance for each execution. I'm having trouble reading through how nsjail actually allocates this though, I can't tell if it is doing something special or just mounting a filesystem in the typical way.
...

I'd like to grab this! 👍

Compare changes

GitHub Actions run 1108429560 succeeded.

That's a good approach. In in favour.

From what I remember, the package does sometimes produce table classes instead of models (for non-trivial situations). Still, it should get us 90% of the way there, and we probably convert those tables manually.

The end goal was always to have a solid base migration that we can then use as the basis for future migrations. This means that @jb3 doesn't have to be our human migration manager.

84aee9f Add titles to hyperlinks - mbaruh

GitHub Actions run 1108488287 succeeded.

            <p class="has-text-centered"><a href="https://github.com/n0remac/Acute-Alligators-2021-Summer-Code-Jam" title="Acute Alligators' Repository">GitHub</a></p>

The chairs' repository (plural, possesive).

This needs to be done for all links

Looks good, I think I only caught 1 or 2 things that could mistakes, but you be the judge of that.

I approach this as a PR that intends to make better use of PEP 585. Therefore I was mostly looking for regression; I haven't verified that all existing hints are correct.

I think segment_length_range should be tuple[int, int]. That is the default & indices 0 and 1 are touched in the func's body.

Why have you decided to keep the str annotation on the line above?

I believe these can be list[int]? They are drawn using randint above. Same on L295.

Lgtm, waiting on @Bluenix2's change to be applied to merge

Relevant Issues

Closes #801
<!-- Link the issue by typing: "Closes #" (Closes #0 to close issue 0 for example). -->

Description

I applied the built in tools from aiohttp wherever I could to properly sanitize the inputs, in case of the GithubInfo Cog, because of the API architecture I had to use a different approach, but by switching to quote_plus I managed to fix the issue.
The cogs fixed:

• Movie
• Githubinfo
• Wikipedia
• Hacktoberstats (get_october_prs function in...

GitHub Actions run 1108640958 succeeded.

I would do {"q": query_params}

I think you should add a check that movie is actually an integer, either here or after line 135 where it's fetched, but not validated

I would use a literal: {**WIKI_PARAMS, "srlimit": 10, "srsearch": search} or WIKI_PARAMS | {"srlimit": 10, "srsearch": search}

GitHub Actions run 1108682003 succeeded.

The biggest downside I see is that it’ll leave a possible security vulnerability if the user doesn’t set it, and nothing will tell them so

Yeah, that's the concern, and I think it's a completely valid point. I'm thinking that production could just "take the hit" and set the env var to False explicitly. It has to set other env vars anyway.

LGTM

The indentation here looks messed up.

This looks good, thank you for the PR

That's a visual indent.

That said, I do guess you could do a hanging indent like this:

                embed.add_field(
                    name="Gists",
                    value=f"[{gists}](https://gist.github.com/{quote_plus(username, safe='')})"
                )

Fair point, I wanted to pass the linting. I'll push a change shortly.

GitHub Actions run 1108728078 succeeded.

oh yeah I missed that, looks like something an autoformatter would do :eyes:

What Bluenix showed is the way it should be done. This is what's specified in our style guide, but I am not sure how strict this project is with enforcing that. In any case, I'm not going to make you push a second commit.

Yeah I agree with Mark, I prefer the hanging indent over visual

I can push another commit, it's not a problem! :)

GitHub Actions run 1108759095 succeeded.

                embed.add_field(
                    name="Gists",
                    value=f"[{gists}](https://gist.github.com/"f"{quote_plus(username, safe='')})"
                )

I'm not very familiar with URL injections, but you may have missed some:

There are three different places in the wolfram cog; this is just one of them
https://github.com/python-discord/sir-lancebot/blob/32b6d0e386350ea12ab9e745e2bede844d289d07/bot/exts/evergreen/wolfram.py#L111-L122

This one might be okay since there's no user input, but it could still be passed via the params kwarg
https://github.com/python-discord/sir-lancebot/blob/32b6d0e386350ea12ab9e745e2bede844d289d07/bot...

I see, as for the Wolfram, I was told that it was out of the scope of this issue, but I'm happy to push patches to all of those.

Does anyone know why it is out of scope? I wasn't involved in that discussion.

Because, there were other kind of sanitization measures applied.
In case of wolfram that was parse.urlencode.

b9f2733 Time: fix format_with_duration passing None to ... - MarkKoz

@D0rs4n
Feel free to fix these consistency issues if you want to

GitHub Actions run 1108785192 succeeded.

Compare changes

Because, there were other kind of sanitization measures applied.
In case of wolfram that was parse.urlencode.

Well, that was also the case with the movie cog but you made changes anyway.

GitHub Actions run 1108788993 succeeded.

Are these standard semantics for tmpfs? For the sake of my curiosity, is it even possible to mount the same tmpfs under different directories?

As for expired or inactive infractions, I think replacing the expiry value with Expired should be enough. This has the disadvantage of not telling the user when their infraction expired, but this isn't really a case we're planning to use the command in.

Can we defer this to after #1721 is merged? I think it would make this slightly easier.

I realised that the advisory may get truncated if the reason is too long. I might have to add a separate parameter for an advisory than ap...

You can achieve that through symlinking, I don't think there is a "same tmpfs" due to the nature of tmpfs allocation (a new tmpfs for every mountpoint, as far as I understand).

Okay, great. Just need to address the comments I left a couple weeks ago.

If this is copied from discord.utils.escape_markdown, why aren't we using it?

Doc item doc_item.symbol_id='environment-variables' present in loaded documentation inventories not found on site, inventories may need to be refreshed.

Actually I removed most of the code it's not really the same function anymore. We don't because apparently we want to keep some markdown
#dev-contrib message

I should remove this comment

Because, there were other kind of sanitization measures applied.
In case of wolfram that was parse.urlencode.

Well, that was also the case with the movie cog but you made changes anyway.

Fair point, I pushed some changes to improve consistency! Hopefully everything's going to be fine! :)

GitHub Actions run 1108836960 succeeded.

GitHub Actions run 1108840071 succeeded.

Sounds like a Polish surname if you ask me
I think STACKOVERFLOW or SO makes more sense

d1a58ef Incidents: catch 404s - MarkKoz
867d9f3 Code block: catch 404s when editing or deleting... - MarkKoz
c602795 Duck pond: abort if reaction's message or autho... - MarkKoz

Fixes Sentry issues BOT-ZN, BOT-J2, and BOT-1J7

Compare changes

GitHub Actions run 1108865997 succeeded.

GitHub Actions run 1108867901 succeeded.

GitHub Actions run 1108875853 succeeded.

Yeah this looks good now, thank you.

Sentry issue: BOT-YW

Thanks for the PR, crisis overted

What alternative to tutorials do you propose? Make people learn the tools they need using the reference? That is not effective teaching, and that's not how we teach anything else.

In elementary school, you didn't learn addition from first principles, that would be ridiculous. You started off with doing simple examples by help, and only then you learned "how it actually works".

People learn by recognizing patterns and doing things in practice...

Our staff team decided that we will not seriously consider this tag.

I can't really test hacktoberstats since the event isn't going on right now.

This somehow broke the command. It fails to find the repo with .gh repo python/cpython, but that works fine on the main branch.

Yeah, I should have only used it when we are looking up usernames, this piece of code right now encodes the / sign.

GitHub Actions run 1109018742 succeeded.

9ffd7c8 Update the movie cog to use aiohttp get params - D0rs4n
8532b40 Update the Wikipedia Cog to use aiohttp get params - D0rs4n
fd33adf Use quote_plus instead of quote in the Githubin... - D0rs4n
7adb181 Update Hacktoberstats' get_october_prs function... - D0rs4n
22abc00 Improve code consistency in Movie, Wikipedia an... - D0rs4n

Connected!

GitHub Actions run 1109028388 succeeded.

@Xithrius It still lives, just taking me a bit to get to it.

Thank you for the update! :heart:

Setting this to low as the last code jam that needed these utilities occurred not to long ago, and the next code jam probably won't happen for a while.

Good stuff. Tested, works well.

I'm glad! 👍 Shall I open a new issue to keep things consistent?

I'm going to go ahead and close this as regex101 is now included in a development branch for this project.

@anand2312 feel free to open a new issue for regexone.

This is loaded incorrectly (not according to what we want it to be) as : syntax makes it a dictionary.

    - "How good would you say you are at Python so far: beginner, intermediate or advanced?"

Isn't web dev included with backend? You cannot do frontend with it...

Doesn't follow the python discord style guide, this section.

            await ctx.send(
                embed=self.error_embed(
            	    f"There was an error when communicating with the {error.api}",
                    NEGATIVE_REPLIES
                )
            )

Good addition, can we add status_code and an optional argument that contains the error message received by the API too?

This can be paired up with the above log into a single log, also the language this has sounds a bit like user forward, where it is telling them to try it again.

Maybe something like this, (add a := to if statement, if error:=raw_data.get("errors"):)

                    log.info(f"Got an error while communicating with Wikipedia API: {error}.")

And this doesn't follow the python discord style guide, [this section](https://pythondiscord.com/pages/guides/pydis-guid...

The user is not necessarily python-discord and would be different repo_issue.organisation is specified.

Good point, right now it's too specific to the Wikipedia API
(that returns 200 even if it sends back an error :D )

Discussed and approved in [server](#dev-contrib message)

Reasoning:

GitHub Actions run 1110153594 succeeded.

c4e0fae change dockerfile python version to latest 3.9.x - onerandomusername
ec04cb7 Merge pull request #1727 from onerandomusername... - jb3

Connected!

GitHub Actions run 1110172859 succeeded.

Tag Name- VPS
The tag covers what is a VPS and some examples of good ones
Tag content:
If you need to run your bot 24/7 (with no downtime), you should consider one a cheap VPS.
The following is a list of recommended services that many people on the server have used.
They are reliable and good value for money. Their specs should be sufficient for running Discord bots.

https://www.scaleway.com/

• Cheap VPS
• Based in Europe.

https://www.digitalocean.com/

• Cheap V...

GitHub Actions run 1110192485 succeeded.

9bb4c5b Create tag about arrays vs lists. - swfarnsworth

This PR would add a tag explaining the difference between lists and arrays and why the two terms shouldn't be used interchangeably.

How about translating the site into Korean?
There is no discord.py guide in Korean, so many beginners are having a hard time. How about translating the discord.py guide to Korean for beginners?

GitHub Actions run 1110264831 succeeded.

I believe we have a pin to this effect in the discord-bots channel.

I am following the holy PEP 8

Be consistent in return statements. Either all return statements in a function should return an expression, or none of them should. If any return statement returns an expression, any return statements where no value is returned should explicitly state this as return None, and an explicit return statement should be present at the end of the function (if reachable)

You're right, I'll change it to dict[str, Any]. That's what is expected to be returned from this function.

On the other hand, 69 is valid JSON too.

Yes, that's right. I think the lack of validation of received data is a bit of an issue across the whole project, but that's out of scope here.

On the next lines, floats are added to the these lists. And points has floats in it because it's populated by floats on line 303.

You are right

That's a mistake on my part, I'll fix it

5ef8026 Fix type annotation inconsistencies - decorator-factory

9ffd7c8 Update the movie cog to use aiohttp get params - D0rs4n
8532b40 Update the Wikipedia Cog to use aiohttp get params - D0rs4n
fd33adf Use quote_plus instead of quote in the Githubin... - D0rs4n
7adb181 Update Hacktoberstats' get_october_prs function... - D0rs4n
22abc00 Improve code consistency in Movie, Wikipedia an... - D0rs4n

GitHub Actions run 1110307973 succeeded.

Mmm I wasn't aware of this, thanks for explaining.

Thanks for clarifying.

Looks LGTM to me, good changes overall.

The notion of imposing better validation on data coming from external sources is attractive, though on the other hand Lancebot is primarily aimed at beginners. I don't know whether it'd make sense to put in the effort of making existing features more resilient if the same level of resilience isn't required from new contributions.

I think it's a good idea to teach beginners about validation, security and all that stuff. Lancebot being a learning project, we want to teach people good practices. Second, the bot is running on our hardware and has access to some of our secrets, so we wouldn't want to introduce vulnerabilities (#801)

According to PEP 585, just like with List, Dict, etc. importing this kind of type from typing is also deprecated; collections.abc should be used. You should refer to that PEP for the full list.

This is still not following the style guide, look at the above comment.

Looks like when you where resolving git conflicts, you merged both the changes. Kindly remove one.

There wasn't a need to change this line as it is in one line and doesn't fall over to the next line. Basically what I meant was, instead of:

await ctx.send(embed=self.error_embed("This is a long message",
               argument_2)

And it should rather be:

await ctx.send(
    embed=self.error_embed("This is a long message",
    argument_2
)

Oh dear god, you are correct. That's a big list. I'll implement that tomorrow

GitHub Actions run 1110447246 succeeded.

As a pure code review, this looks good to me

Thank you for you review! I should've paid more attention to the style guide! 👍
Learned my lesson!

Technically web dev could just be frontend, but for clarity I think I'll just replace web dev with frontend

To be honest i'm not quite sure of the use of this tag, in many online tutorials array and list are used interchangeably, and I don't see the benefit of making this distinction.

I would probably say most of the time when people say array in PyDis they're referring to a Python list, unless they've already explicitly said they're working with numpy.

The code example there is also a bit confusing imo as it suggests the different multiplication behaviour is a feature of a list vs an a...

5d1ae21 Softening of the wording. - swfarnsworth

GitHub Actions run 1110548758 succeeded.

We discussed this in a staff channel and don't agree on the intended use case, so I'm going to withdraw this.

Isn't it just adding a condition at https://github.com/python-discord/bot/blob/d914046dc5b661d144537715dbf80ae6b361b0e8/bot/exts/moderation/infraction/_utils.py#L219 checking two fields in the infraction object?

Maybe I'm missing something

Compare changes

GitHub Actions run 1110752391 succeeded.

@NIRDERIi @Shivansh-007 fixed up.

@NIRDERIi So just to be clear if you have help dms on or you are the channel claimant you should receive and dm when the channel is closed?

Yes, keeping track of channels you helped with, can be really helpful if you don't know where the channel went. If you were helping, maybe a message will be sent: #channel-mention is not closed, Thank you for helping and for the channel claimant it'll be Your help channel was closed due to inactivity or something like that

Hey, thanks for the suggestion! I will have to shoot this proposal (as well as other translations) for a few reasons:

• A translation is a lot of work, from finding people to do the initial translation, to finding reviewers so people don’t slip in their own “thoughts” in there.
• Maintenance is going to be very hard, because each change would require the same requirements as the initial conversion.

Translation and providing people with good content is a good cause, but it isn’t feasibl...

Looks great for me!

Why would anyone but the channel's claimant care about the channel being closed? If anything, I think this DM should only be sent to claimants.

Isn't it just adding a condition at

https://github.com/python-discord/bot/blob/d914046dc5b661d144537715dbf80ae6b361b0e8/bot/exts/moderation/infraction/_utils.py#L219
checking two fields in the infraction object?

Maybe I'm missing something

I'd like to do something nicer where the expiration date, duration, and whether it's expired are all included.

I know that when I help, I go back and see if the other user still needs help, and if the user closed the channel, I will kinda have to search for the channel. I think it's a nice feature, and again, if you didn't really care, you can just turn DM help off in a simple command

The project currently enforces typehinting, but discord.py uses annotations for its own purposes which makes some annotations on command callbacks invalid typehints.

@MarkKoz proposed in #dev-contrib that converters could inherit from the type they return to alleviate this issue, but this is more limited than normal typehinting (although still better than the current hints which are just wrong and cause warnings during development).

The typing.Annotated type allows us to attach metada...

I know that when I help, I go back and see if the other user still needs help, and if the user closed the channel, I will kinda have to search for the channel.

But won't they receive a notification for the new message? Receive a DM for a new message = this person still needs help. Don't receive a DM = they probably don't need any more help.

if you didn't really care, you can just turn DM help off in a simple command

What if the helper cares about the current notifications but not...

Wdym for the new message? And what current notifications? Isn't help dms only for when you write the first message to help in a channel?

Very cool; I like this approach. I'm fine with patching discord.py since the precedent has already been set (implementing root aliases). This patch isn't that bad anyway because it's not really dealing with any internal/private APIs. That being said, we would have to ensure the setter is in sync for all the special cases (like the greedy converter).

How do you think we should name the typing.Annotated aliases and the converters? I'm thinking that call converters should be named like `Dat...

Wdym for the new message? And what current notifications? Isn't help dms only for when you write the first message to help in a channel?

You're right. I misread the code.

Still, I don't see this as particularly useful for helpers but then again I never though the helpdm command was that useful to begin with. I think you should shove aside by opinion and instead gather thoughts from people who actually use that feature.

A) Not related, but how do you respond to a specific line?
B) The same thing could be said about if we did the channel closed instead of the initial message, which is why both seem to be same importance level because they both keep you tracking the help channels. Personally, the channel closed is a much important feature, because you know when you type a message in a certain channel.

A) Not related, but how do you respond to a specific line?

Copy and paste that line, then prepend a > to it.

And for example, while commenting here, I helped three people with their problems. Took me a little while to find out where the channel is, because I first tried to look in open channels, and only then go to the dm and see the channel.

Copy and paste that line, then prepend a > to it.>
Thanks

That being said, we would have to ensure the setter is in sync for all the special cases (like the greedy converter).

I don't anticipate any more cases like that as we're really just modifying what's in the loaded params, with the greedy being some kind of an early fail according to a comment in the source. When I looked at the current master branch it looked like it was still the only piece that immediately acts on the changed annotation. But if something does pop up it shouldn't be har...

GitHub Actions run 1110940053 succeeded.

GitHub Actions run 1110942316 succeeded.

GitHub Actions run 1110955630 failed.

Do you want to go ahead with a PR or wait for some more voices?

GitHub Actions run 1110960242 succeeded.

GitHub Actions run 1110969953 succeeded.

GitHub Actions run 1110970607 succeeded.

GitHub Actions run 1110974937 succeeded.

Is there any way to enforce the annotated type to be correct, such as preventing Annotated[int, DateConverter]? Not sure if that's necessary, but would be nice.

I found this hack: https://gist.github.com/decorator-factory/718a6b6bf514c496baf385f0c0cfcdaa
It doesn't require monkey patching discord.py, and it makes sure the converter class actually produces the desired type.

But unfortunately, it only works on pyright. If anyone could make it work with mypy, that would be great

GitHub Actions run 1111066326 succeeded.

GitHub Actions run 1111066977 succeeded.

Do you want to go ahead with a PR or wait for some more voices?

I'll start working on it tomorrow.
What module would be the most fitting place to define and apply the patch in? The bot module's init?

Yeah, that's where the other patch is., though some are not fans of having significant amounts of code in init. You could consider creating a patch module and defining functions like "apply_x_patch" that get called from init. We used to have a similar system to patch a bug in d.py, but it was all removed once it got fixed upstream. You could also try to find that for inspiration. I don't have a concrete idea of the best approach.

The format of the templates was discussed a long time ago in python-discord/organisation#268 but never actioned. I don't think we really came to a conclusion. I personally think some templates need changes. We should also invest in https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/configuring-issue-templates-for-your-repository as Chris mentioned in that issue.

I don't have much experience with the file previews, but they sound like the perfect solution for this feature. It gives a lot more headroom compared to the message length limit. I know they work on Desktop, Web, and Android.

GitHub Actions run 1112060373 failed.

GitHub Actions run 1112067360 succeeded.

GitHub Actions run 1112598113 succeeded.

a316b90 Update readme to include local dev setup instru... - ChrisLovering

GitHub Actions run 1112903431 succeeded.

GitHub Actions run 1112904512 succeeded.

06aca03 Bump fastapi from 0.63.0 to 0.65.2 - dependabot[bot]
1633e1c Merge pull request #57 from python-discord/depe... - vcokltfre

b45e6a0 feat: allow all origins, methods, headers with ... - vcokltfre

This PR allows quackstack to be used in javascript frontends

This looks like it should work. LGTM.