- Change SocialMediaLink.url and NavigationMenuItem.link_url from
URLField to CharField(max_length=500) to support internal paths
like /feed/ that fail URLField validation
- Replace destructive reverse_seed (deleted ALL rows) with
RunPython.noop to prevent data loss on rollback
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Create a static SVG favicon replicating the nav logo — a forward slash
on a dark (#09090b) square with the brand light (#fafafa) text colour.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Update TagMetadata CSS classes to use brand colours with translucent
backgrounds matching the wireframe design:
- cyan: bg-brand-cyan/10 text-brand-cyan
- pink: bg-brand-pink/10 text-brand-pink
- neutral: bg-zinc-800 text-white (dark: bg-zinc-100 text-black)
Previously used muted Tailwind defaults (bg-cyan-100/text-cyan-900)
which appeared as soft pastels instead of the intended neon look.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Tag colour classes (bg-cyan-100, text-cyan-900, etc.) are generated
dynamically in TagMetadata.get_css_classes() in apps/blog/models.py.
Tailwind's content scanner only covered HTML templates, so these classes
were purged from the CSS build — rendering tags as white-on-white.
Add apps/blog/models.py to the Tailwind content array so the JIT
compiler detects and retains the dynamic colour classes.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Pillow 11.0.x did not include native AVIF support — that was added in
11.1.0. The ~=11.0.0 pin restricted upgrades to 11.0.x, so the
libavif-dev system package installed in the Dockerfile was never used
(pip installs pre-compiled wheels that bundle their own libraries).
Bump to Pillow ~=12.1 which ships native AVIF encoding/decoding in its
PyPI wheels out of the box.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Pillow 11 supports AVIF natively but requires libavif to be installed
at the system level. Without it, uploading AVIF images via Wagtail's
image chooser causes an unhandled 500 error.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The SecurityHeadersMiddleware applied a strict style-src policy to all
responses, blocking inline styles that Wagtail admin relies on for
layout. Skip the custom CSP for /cms/ and /django-admin/ paths.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The Makefile used bare 'docker compose' which picks up the dev
docker-compose.yml when run from the app directory on prod. Point
it at the absolute path to docker-compose.prod.yml instead.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Replace nav inline newsletter form with Subscribe CTA link per wireframe
- Remove newsletter form from footer; add Connect section with social/RSS links
- Fix honeypot inputs using hidden attribute (inline style blocked by CSP)
- Add available_tags to HomePage.get_context for Explore Topics section
- Add data-comment-form attribute to main comment form for reliable locating
- Seed approved comment in E2E content for reply flow testing
- Expand test_comments.py: moderation message, not-immediately-visible,
missing fields, reply form visible, reply submission
- Make COMMENT_RATE_LIMIT_PER_MINUTE configurable; set 100 in dev to prevent
E2E test exhaustion; update rate limit unit test with override_settings
- Update newsletter/home E2E tests to reflect nav form removal
- Update unit test to assert no nav/footer newsletter forms
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Django 5.1+ removes STATICFILES_STORAGE in favour of the STORAGES dict.
The old setting was silently ignored on Django 5.2, causing StaticFilesStorage
(the default) to be used instead of CompressedManifestStaticFilesStorage.
Result: no content-hashed filenames, no staticfiles.json manifest, and
Cloudflare caching /static/css/styles.css indefinitely with no cache
busting on deploy.
Fix: use STORAGES in base.py (CompressedManifestStaticFilesStorage) and
development.py (plain StaticFilesStorage, whitenoise disabled in dev).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
style-src and font-src were 'self' only, blocking fonts.googleapis.com
stylesheet and fonts.gstatic.com font files. Add both origins so
Space Grotesk, Inter and Fira Code load correctly in production.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1. Typography: install @tailwindcss/typography and add to plugins so prose
classes render correctly in article/about/legal templates.
2. Callout block: fix icon branches to match CalloutBlock.ICON_CHOICES
(info/warning/trophy/tip). Previous template branched on error/success
which are unreachable; info fell through to else silently.
3. Nav newsletter feedback: remove 'hidden' class from desktop nav
data-newsletter-message element. JS sets textContent only; hidden
class prevented message from ever being visible.
4. Popular Articles sidebar: add numbered Popular Articles widget to home
page sidebar matching wireframe, using latest_articles context with
alternating cyan/pink number accents and read_time_mins.
Rebuild CSS: typography plugin grows output from 24KB to 47KB.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Playwright strict mode requires exactly one match for form[data-newsletter-form]
inside nav. Having desktop + mobile forms both inside <nav> caused a strict
violation. Mobile menu div is now outside the closing </nav> tag; JS toggle
uses getElementById so position doesn't matter.
Rebuild CSS to match template changes.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- nav: add functional mobile menu panel with JS toggle
- nav: hamburger now shows/hides mobile-menu with aria-expanded state
- about_page: full styled layout (header, prose body, author aside)
- legal_page: full styled layout (header with last-updated, max-w-3xl prose)
- article: fix aside newsletter label to 'Subscribe' for E2E test
- CSS: rebuild after all template changes (4.8KB → 24.3KB)
Committed CSS must match CI build — rebuilt after ALL template edits
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- nav: replace hidden newsletter form + Subscribe link with visible inline form
- nav: fix theme toggle aria-label to 'Toggle theme' (was 'Toggle Dark Mode')
- article_page: wrap share buttons in <section aria-label='Share this article'>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
docker compose stats the cwd when parsing compose files; if cwd is
not accessible to the deploy user the command fails.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
deploy user has no sudo for systemctl. Instead:
- Use 'docker compose up -d --force-recreate' to recreate the web
container without needing systemctl
- Change Restart=always so systemd re-attaches after the container
is recreated
- Replace 'sudo journalctl' with 'docker compose logs' in error path
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
ALLOWED_HOSTS doesn't include localhost, so curl with default Host
header always gets a 400 and the health check fails.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
YAML folded block scalar (>) was preserving newlines for more-indented
continuation lines, so gunicorn received no arguments and defaulted to
binding on 127.0.0.1:8000. Replace with an explicit entrypoint script
so all args are passed correctly.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The compose file lives in /srv/sum/nohype/ while the code is in
/srv/sum/nohype/app/ so the Dockerfile is at app/Dockerfile.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Remove WhiteNoise from MIDDLEWARE in development: it intercepts /static/
requests and serves from STATIC_ROOT, which is empty without collectstatic.
Django's runserver serves static files natively with DEBUG=True.
- Switch to StaticFilesStorage in dev: no manifest required.
- Add media URL pattern in DEBUG mode: runserver does not serve MEDIA_ROOT
automatically, so uploaded images were 404ing in local dev.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
CompressedManifestStaticFilesStorage requires collectstatic to generate a
manifest before it can serve anything. Dev containers never run collectstatic
so every static asset 404s. Override to StaticFilesStorage in dev so Django
serves files directly from STATICFILES_DIRS and app static directories.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
