Mailchimp safe 1169#1171
Conversation
|
Claude generated the change to Dockerfile - and I had Gemini Pro review it for security since it's pretty opaque to me. But I could get docker to build on a fresh machine without this. I have tested user signup on the dev server and it works and doesn't add users to mailchimp until after they verify their email. |
|
I added common/static to .gitignore because in my other branches webpack and storybook are generating lots of files there, but these files shouldn't be added to the repo. |
marlonkeating
left a comment
There was a problem hiding this comment.
Reviewed with help of Claude.
One thing I found during testing on the dev environment, registering threw an error that looks related to database migration when I attempted to sign up:
Jun 28 09:06:36 AM democracy-lab-dev app/web.1 django.db.utils.ProgrammingError: column "newsletter_signup_requested" of relation "democracylab_contributor" does not exist
I had this problem too, until I ran Claude is saying: "his error is happening because the database schema on democracy-lab-dev is out-of-sync and the migration wasn't physically applied to that database during the deploy. We can fix the dev environment by running heroku run python manage.py migrate democracylab or by temporarily reverting and re-applying the migration history on that shared DB." I'm looking into it, but wondering if sharing the same DB with some other server? |
|
The fix for the migration issues was to auto generate migrations for the change to Django 4. The logs show the migrations working now. See those files for a more detailed explanation. I have pushed these changes dev and it's working. |
Problem
We were having trouble with bot emails ending up in mailchimp, and we are closing vulnerability signup and newsletter opt-in flow.
In addtion:
What This PR Changes
connect-srcentries for reCAPTCHA endpoints and documents why.Dev Server Testing
On the dev server we had to set