annotate docker/libervia-web-dev-demo/certificates/README @ 4212:5f2d496c633f

core: get rid of `pickle`: Use of `pickle` to serialise data was a technical legacy that was causing trouble to store in database, to update (if a class was serialised, a change could break update), and to security (pickle can lead to code execution). This patch remove all use of Pickle in favour in JSON, notably: - for caching data, a Pydantic model is now used instead - for SQLAlchemy model, the LegacyPickle is replaced by JSON serialisation - in XEP-0373 a class `PublicKeyMetadata` was serialised. New method `from_dict` and `to_dict` method have been implemented to do serialisation. - new methods to (de)serialise data can now be specified with Identity data types. It is notably used to (de)serialise `path` of avatars. A migration script has been created to convert data (for upgrade or downgrade), with special care for XEP-0373 case. Depending of size of database, this migration script can be long to run. rel 443
author Goffi <goffi@goffi.org>
date Fri, 23 Feb 2024 13:31:04 +0100
parents db0f4d419448
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
3511
db0f4d419448 docker: add demo images and compose file
Goffi <goffi@goffi.org>
parents:
diff changeset
1 this certificates are used to enable TLS during tests. Those must be the same as in
db0f4d419448 docker: add demo images and compose file
Goffi <goffi@goffi.org>
parents:
diff changeset
2 backend_e2e (they are generated there)