* perf: add cache-control headers on private files
- Client(browser) side cache
- 1 hr expiry
- 1 day revalidation
- etagged by nginx in default config (so no data transfer on expiry still)
In conjunction with https://github.com/frappe/agent/pull/157
* fix: Don't override existing headers
Developers can easily enable `can_cache` without knowing what it
entails. Public cache means proxy can likely cache things without
talking to backend.
Obviously many endpoints which can be cached on client side should
probably not be cached in proxy.
E.g. linked PR to the PR that added this feature suggest caching
notification log for short time... we don't want to leak one user's
cached notification to another user.
I don't buy that developers should know about cache implementation to
ensure it's secure or correct to enable it on certain endpoint. In
addition to that, we have very few mechanisms to burst cache
inside proxy. End user hitting ctrl+shift+r won't do anything if proxy
wants to serve stale response.
We should figure out better way to instruct FW about final cache
control headers than hardcoding it IMO.
* feat: Add deprecation_dumpster.py file
* docs: add jovial and jocose docstring for frappe/deprecation_dumpster.py
* refactor: fill the dumpster with its own kind
* refactor: move to the deprecation dumpster
* chore: color coding class
* fix: only check import error when import errors
num2words - 260KB - Used frequently on ERPNext sites.
babel - 1.1MB Gets imported because of dates, localization
sentry - 2.8MB should be loaded only if envvar is set
gettext - required for reading translations
- There is code that depends on "commit", everything that happens with `db.after_commit`.
- There are operations that will not write anything to DB but just
enqueue the function, if it's enqueue_after_commit then it will break.
There can be external APIs like webhooks that only send array request,
in which case Frappe has no mechanism to accept such requests.
After this PR such request data can be accessed using `data` list
argument on function.
I've considered directly storing list in form_dict but it's not
feasible:
1. It breaks semantics, "form_dict" can't be a list. That ship has long
sailed.
2. Way too much code expects form_dict to be a dict.
- better boot config name
- send sentry after - because frappe namespce doesn't exist if it starts
first
- remove import in app.py because __init__ is always imported so no
need.
- leave telemetry JS always present, this is used even when telemetry is
not enabled.
Inspired primarily from sentry's generic WSGI integration
Environment variable `FRAPPE_SENTRY_DSN` needs to be enabled as well
as explicit opt-in from the user's side in system sid telemetry
settings
Conditionally include telemetry JS bundles
Signed-off-by: Akhil Narang <me@akhilnarang.dev>
* reafctor: force ipv4 localhost
Replacing "localhost" with "127.0.0.1" in the codebase; sometimes the name localhost force-resolves to ipv6
* revert: leave localhost usage in oauth tests
Change not required.
---------
Co-authored-by: Ankush Menat <ankush@frappe.io>
This lets developer run gunicorn in development setup while still being
able to use statics/assets.
While this is not "first class" support, it's usable for me. I don't see
need for more right now. Making this default in developer mode isn't
ideal IMO as it's quite heavy compared to werkzeug (and no debugger or
decent request logging)
To use in development mode swap `bench serve` with gunicorn command,
refer gunicorn config docs for more info.
```diff
- web: bench serve --port 8000
+ unicorn: gunicorn -b 127.0.0.1:8000 -w 1 --chdir /home/user/benches/develop/sites 'frappe.app:application_with_statics()' --preload
```
`no-docs`
* fix: Remove re cache internals manipulation
* fix: Purge re cache after module loads
Empty cache would work better as we already got our pre-compiled
patterns at the top level of every module. This leaves the cache open
for dynamically generated patterns which are in better need of it. Over
time, workers would converge to this anyway. This change only reduces
the cache hit and eviction effort.
I'd improve this by executing `re.purge` on every module import but
complexity tradeoff lol. I'd prefer if re didn't cache patterns
generated by `re.compile` but I dont see this behaviour or any escape
hatches so this will have to do for now.
* perf: preload more modules
- bleach is used frequently for sanitization
- File gets imported anytime a private file is viewed. Indirect import
of PIL is costly in each worker.
* test: warm up perf test
