id,node_id,number,state,locked,title,user,body,created_at,updated_at,closed_at,merged_at,merge_commit_sha,assignee,milestone,draft,head,base,author_association,repo,url,merged_by,auto_merge 295711504,MDExOlB1bGxSZXF1ZXN0Mjk1NzExNTA0,554,closed,0,Fix static mounts using relative paths and prevent traversal exploits,3243482,"While debugging why my static mounts using a relative path (`--static mystatic:rel/path/to/dir`) not working, I noticed that the requests fail no matter what, returning 404 errors. The reason is that datasette tries to prevent traversal exploits by checking if the path is relative to its registered directory. This check fails when the mount is a relative directory, because `/abs/dir/file` obviously not under `dir/file`. https://github.com/simonw/datasette/blob/81fa8b6cdc5457b42a224779e5291952314e8d20/datasette/utils/asgi.py#L303-L306 This also has the consequence of returning any requested file, because when `/abs/dir/../../evil.file` resolves `aiofiles` happily returns it to the client after it resolves the path itself. The solution is to make sure we're checking relativity of paths after they're fully resolved. I've implemented the mentioned changes and also updated the tests.",2019-07-09T11:32:02Z,2019-07-11T16:29:26Z,2019-07-11T16:13:19Z,2019-07-11T16:13:19Z,74ecf8a7cc45cabf369e510c7214f5ed85c8c6d8,,,0,fa7ddea3ea6c9378bee7d5f5c93fe05d735a0afb,81fa8b6cdc5457b42a224779e5291952314e8d20,CONTRIBUTOR,107914493,https://github.com/simonw/datasette/pull/554,, 295748268,MDExOlB1bGxSZXF1ZXN0Mjk1NzQ4MjY4,556,closed,0,Add support for running datasette as a module,3243482,"This PR allows running datasette using `python -m datasette` command in addition to just running the executable. This function is quite useful when debugging a plugin in a project because IDEs like PyCharm can easily start a debug session when datasette is run as a module in contrast to trying to attach a debugger to a running process. ![image](https://user-images.githubusercontent.com/3243482/60890448-fc4ede80-a263-11e9-8b42-d2a3db8d1a59.png) ",2019-07-09T13:13:30Z,2019-07-11T16:07:45Z,2019-07-11T16:07:44Z,2019-07-11T16:07:44Z,9ca860e54fe480d0a365c0c1d8d085926d12be1e,,,0,056a7eac9480cb814d9c453b983e6b2b831e0ca1,81fa8b6cdc5457b42a224779e5291952314e8d20,CONTRIBUTOR,107914493,https://github.com/simonw/datasette/pull/556,, 442505088,MDExOlB1bGxSZXF1ZXN0NDQyNTA1MDg4,883,open,0,Skip counting hidden tables,3243482,"Potential fix for https://github.com/simonw/datasette/issues/859. Disabling table counts for hidden tables speeds up database page quite a bit. In my setup it reduced load time by 2/3 (~300 -> ~90ms)",2020-07-01T07:38:08Z,2020-07-02T00:25:44Z,,,527624338acd38b97bb33b0a0b913d80e8345fee,,,0,251884f58895faf8056b3dfdeae3bb92c5bc58ac,676bb64c877d73f8ff496cef4632f5a8a5a9283c,CONTRIBUTOR,107914493,https://github.com/simonw/datasette/pull/883,, 530125695,MDExOlB1bGxSZXF1ZXN0NTMwMTI1Njk1,1122,closed,0,Fix misaligned table actions cog,3243482,Fixes https://github.com/simonw/datasette/issues/1121,2020-12-01T08:41:46Z,2020-12-03T10:56:40Z,2020-12-03T00:33:37Z,2020-12-03T00:33:36Z,daae35be46ec5cb8a207aa20986a4fa62e94777e,,,0,94ea22f7b6b6c55b490c97b385f6eb6c1ea2121c,a970276b9999687b96c5e11ea1c817d814f5d267,CONTRIBUTOR,107914493,https://github.com/simonw/datasette/pull/1122,, 532342025,MDExOlB1bGxSZXF1ZXN0NTMyMzQyMDI1,1128,closed,0,Fix startup error on windows,3243482,"Fixes https://github.com/simonw/datasette/issues/1094 This import isn't used at all, and causes error on startup on Windows.",2020-12-04T07:12:26Z,2020-12-06T08:41:45Z,2020-12-05T19:35:04Z,2020-12-05T19:35:04Z,705d1a1555c4791e9be3b884285b047223ab184f,,,0,7004c3b1462675ba3845b1efc82c816f1d2199e0,49d8fc056844d5a537d6cfd96dab0dd5686fe718,CONTRIBUTOR,107914493,https://github.com/simonw/datasette/pull/1128,, 532348919,MDExOlB1bGxSZXF1ZXN0NTMyMzQ4OTE5,1130,open,0,Fix footer not sticking to bottom in short pages,3243482,Fixes https://github.com/simonw/datasette/issues/1129,2020-12-04T07:29:01Z,2021-06-15T13:27:48Z,,,07bc05c58b6a295e6584f8c4015ec5fedb0050c4,,,0,8d4c69c6fb0ef741a19070f5172017ea3522e83c,49d8fc056844d5a537d6cfd96dab0dd5686fe718,CONTRIBUTOR,107914493,https://github.com/simonw/datasette/pull/1130,, 647552141,MDExOlB1bGxSZXF1ZXN0NjQ3NTUyMTQx,1335,closed,0,Fix small typo,3243482,,2021-05-19T11:17:04Z,2021-05-22T23:53:34Z,2021-05-22T23:53:34Z,2021-05-22T23:53:34Z,459259175eddeed727fd8f08dc19a332779a4f6b,,,0,d91c18dcd956b414b57eaa2763d2b8f5f6f6427f,9b3b7e280ca718254b4ca15d40864297146a85b3,CONTRIBUTOR,107914493,https://github.com/simonw/datasette/pull/1335,,