This is the complete system with everything you need to set up Inboxen.
The current maintainer of this repo is Matt Molyneaux
GPG keys used by Inboxen developers to sign releases:
Matt Molyneaux <[email protected]>
19F5 A8DC C917 FD00 E859 02F4 878B 5A2A 1D47 C084
If you find a security issue with Inboxen, email email@example.com. If
you wish to send an encrypted report, then please use key id
Once reported, all security vulnerabilities will be acted on immediately and a fix with full disclosure will go out to everyone at the same time.
You'll need the following tools:
This project comes with a
.editorconfig file - we recommend installing it to
avoid things like mixing tabs/spaces or accidentally saving files with
Set yourself up with a virtual environment and run the following:
git clone https://github.com/Inboxen/Inboxen.git
When you've made your changes, remember to check your code style and run unit tests.
python manage.py test
npx grunt karma
To check code style on Python:
tox -e isort,lint
And finally, check JS code style:
npx grunt jshint
You'll need a
inboxen.config file, for example:
If you want to start a local HTTP server to test out your changes, run the following:
python manage.py runserver
You can connect to it on http://localhost:8000/.
debug=true, you'll have the Django Debug Toolbar enabled and you can
find the Inboxen styleguide at http://localhost:8000/styleguide
pip-tools to help manage its dependencies. The direct
requirements of Inboxen are kept in
requirements.in and then we use the
following command to pin the entire dependency graph:
pip-compile --upgrade --output-file requirements.txt requirements.in
requirements.txt can be installed to a clean virtualenv with
pip to get the exact package versions that Inboxen uses in production. You
can also use the
pip-sync (which comes with
pip-tools) to update an
existing virtualenv as well as remove packages that are no longer required.
The same principal applies to
any files found in
If for any reason you wish to bypass pinning dependencies,
requirements-dev.in are in the format expected by
All development happens in branches off of
main. Each branch should have an
associated issue - if there isn't one for what you're working on then create a
new issue first!
Branch names should be of the format
<issue>is the issue you are working on
<description>is a brief description of what's happening on that branch
129-pin-inboxes was the branch used for implementing the pin
Finished branches are then merged into
main. If there is someone available
to review your branch, your branch should be reviewed and merged by them.
Remember to add a note to CHANGELOG.md when merging!
Hotfixes should be branched from the latest deploy tag, and then be tagged
themselves as a normal deployment before being merged back into
You should follow the pattern of "summary, gap, details, gap, issue references"
``` Blah blah thing
Fixes this thing, changes how we should do something else
fix #345 touch #234 ```
If you are committing on
main, then make sure to end your commit message
with "IN MAIN" so we know who to blame when stuff breaks.
I think this will only reduce to the number of present emails to be at the quota, not below. Also it doesn't account for important flagged emails that will not be deleted i.e. the logic here is too simple
Also the tests for this are perfunctory at best and need refactoring.
Oops, somehow missed that one!
Saw an email today with something like this:
Apparently this refers to an email attachment, though none of the attachments were called
Should be quit easye to transform the attachment into a
data: URL and put that in the HTML, though it will be less easy to find the attachment unless there's a header the CID is specifically referring to that we can search for.
Currently Inboxen relies on logs and Django's "email the admins when something goes wrong" feature. This is fine, but often doesn't provide all the context we'd want to reproduce a bug. It can also lead to issues going unnoticed if no one is checking the logs.
Sentry is a monitoring service that collects error reports and presents them in a way that eases debugging/fixing. It's open source and you. There's a free tier and there's also the possibility of running our own instance.
python emails privacy agplv3 django