This PR reworks authentication for developing Zed against a local
version of Cloud and/or Collab.
You will still connect the same way—using the `zed-local` script—but
will need to be running an instance of Cloud locally.
Release Notes:
- N/A
This PR temporarily adds back the `GET /user` endpoint to Collab since
we're still using it for local development.
Will remove it again once we update the local development process to
leverage Cloud.
Release Notes:
- N/A
This PR adds a new `GET /users/look_up` endpoint for retrieving users by
various identifiers.
This endpoint can look up users by the following identifiers:
- Zed user ID
- Stripe Customer ID
- Stripe Subscription ID
- Email address
- GitHub login
Release Notes:
- N/A
https://github.com/zed-industries/zed/issues/30972 brought up another
case where our context is not enough to track the actual source of the
issue: we get a general top-level error without inner error.
The reason for this was `.ok_or_else(|| anyhow!("failed to read HEAD
SHA"))?; ` on the top level.
The PR finally reworks the way we use anyhow to reduce such issues (or
at least make it simpler to bubble them up later in a fix).
On top of that, uses a few more anyhow methods for better readability.
* `.ok_or_else(|| anyhow!("..."))`, `map_err` and other similar error
conversion/option reporting cases are replaced with `context` and
`with_context` calls
* in addition to that, various `anyhow!("failed to do ...")` are
stripped with `.context("Doing ...")` messages instead to remove the
parasitic `failed to` text
* `anyhow::ensure!` is used instead of `if ... { return Err(...); }`
calls
* `anyhow::bail!` is used instead of `return Err(anyhow!(...));`
Release Notes:
- N/A
This PR adds a new internal `POST /snowflake/events` endpoint to collab.
This endpoint is protected with the admin token like our other internal
endpoints.
This endpoint accepts a `SnowflakeRow` in the body and writes it to the
AWS Kinesis stream.
Release Notes:
- N/A
https://github.com/user-attachments/assets/78db908e-cfe5-4803-b0dc-4f33bc457840
* starts to extract usernames out of `users/` GitHub API responses, and
pass those along with e-mails in the collab sessions as part of the
`User` data
* adjusts various prefill and seed test methods so that the new data can
be retrieved from GitHub properly
* if there's an active call, where guests have write permissions and
e-mails, allow to trigger `FillCoAuthors` action in the context of the
git panel, that will fill in `co-authored-by:` lines, using e-mail and
names (or GitHub handle names if name is absent)
* the action tries to not duplicate such entries, if any are present
already, and adds those below the rest of the commit input's text
Concerns:
* users with write permissions and no e-mails will be silently omitted
— adding odd entries that try to indicate this or raising pop-ups is
very intrusive (maybe, we can add `#`-prefixed comments?), logging seems
pointless
* it's not clear whether the data prefill will run properly on the
existing users — seems tolerable now, as it seems that we get e-mails
properly already, so we'll see GitHub handles instead of names in the
worst case. This can be prefilled better later.
* e-mails and names for a particular project may be not what the user
wants.
E.g. my `.gitconfig` has
```
[user]
email = mail4score@gmail.com
# .....snip
[includeif "gitdir:**/work/zed/**/.git"]
path = ~/.gitconfig.work
```
and that one has
```
[user]
email = kirill@zed.dev
```
while my GitHub profile is configured so, that `mail4score@gmail.com` is
the public, commit e-mail.
So, when I'm a participant in a Zed session, wrong e-mail will be
picked.
The problem is, it's impossible for a host to get remote's collaborator
git metadata for a particular project, as that might not even exist on
disk for the client.
Seems that we might want to add some "project git URL <-> user name and
email" mapping in the settings(?).
The design of this is not very clear, so the PR concentrates on the
basics for now.
When https://github.com/zed-industries/zed/pull/23308 lands, most of the
issues can be solved by collaborators manually, before committing.
Release Notes:
- N/A
This PR makes the `github_user_created_at` field required at ingress
points into collab.
In practice we already have this value passed up, this change just makes
that explicit.
This is a precursor to making it required in the database.
Release Notes:
- N/A
This PR makes the `github_user_id` column on the `users` table required
and replaces the index with a unique index.
I have gone through and ensured that all users have a unique
`github_user_id` in the staging and production databases.
Release Notes:
- N/A
This PR restricts usage of the LLM service to accounts older than 30
days.
We now store the GitHub user's `created_at` timestamp to check the
GitHub account age. If this is not set—which it won't be for existing
users—then we use the `created_at` timestamp in the Zed database.
Release Notes:
- N/A
---------
Co-authored-by: Max <max@zed.dev>
This PR introduces a separate backend service for making LLM calls.
It exposes an HTTP interface that can be called by Zed clients. To call
these endpoints, the client must provide a `Bearer` token. These tokens
are issued/refreshed by the collab service over RPC.
We're adding this in a backwards-compatible way. Right now the access
tokens can only be minted for Zed staff, and calling this separate LLM
service is behind the `llm-service` feature flag (which is not
automatically enabled for Zed staff).
Release Notes:
- N/A
---------
Co-authored-by: Marshall <marshall@zed.dev>
Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
This is just a refactor that we're landing ahead of any functional
changes to make sure we haven't broken anything.
Release Notes:
- N/A
Co-authored-by: Marshall <marshall@zed.dev>
Co-authored-by: Jason <jason@zed.dev>
This PR adds a new `POST /billing/subscriptions` endpoint that can be
used to initiate a billing subscription.
The endpoint will use the provided `github_user_id` to look up a user,
generate a Stripe Checkout session, and then return the URL.
The caller would then redirect the user to the URL to initiate the
checkout flow.
Here's an example of how to call it:
```sh
curl -X POST "http://localhost:8080/billing/subscriptions" \
-H "Authorization: <ADMIN_TOKEN>" \
-H "Content-Type: application/json" \
-d '{"github_user_id": 12345}'
```
Release Notes:
- N/A
This PR adds the `renovate[bot]` user to the `GET /contributor` endpoint
so that it passes the CLA check.
I patched this temporarily by adding a case into the `zed.dev` endpoint
the fronts this one, but I think long-term it will be better for collab
to be the source of truth.
Release Notes:
- N/A
Notable things I've had to fix due to 1.78:
- Better detection of unused items
- New clippy lint (`assigning_clones`) that points out places where assignment operations with clone rhs could be replaced with more performant `clone_into`
Release Notes:
- N/A
We've also upgraded `Axum` in order to avoid having two versions of that
library in Collab (one due to Tokio-console).
Release Notes:
- N/A
---------
Co-authored-by: Conrad <conrad@zed.dev>
This lets us run rustc_demangle on the backtrace, which helps the Slack
view significantly.
We're also now uploading files to digital ocean's S3 equivalent (with a
1 month expiry) instead of to Slack.
This PR paves the way for (but does not yet implement) sending this data
to clickhouse too.
Release Notes:
- N/A
Co-Authored-By: Marshall <marshall@zed.dev>
We broke it by deploying two servers simultaneously.
Release Notes:
- N/A
Co-authored-by: Marshall <marshall@zed.dev>
This PR adds a REST API to the collab server for searching and
downloading extensions. Previously, we had implemented this API in
zed.dev directly, but this implementation is better, because we use the
collab database to store the download counts for extensions.
Release Notes:
- N/A
---------
Co-authored-by: Marshall Bowers <elliott.codes@gmail.com>
Co-authored-by: Marshall <marshall@zed.dev>
Co-authored-by: Conrad <conrad@zed.dev>
Don't allow granting guests write access in a call where the channel
or one of its ancestors requires the zed CLA, until that guest has
signed the Zed CLA.
Co-authored-by: Marshall <marshall@zed.dev>
* Use the impersonator id to prevent these tokens from counting
against the impersonated user when limiting the users' total
of access tokens.
* When connecting using an access token with an impersonator
add the impersonator as a field to the tracing span that wraps
the task for that connection.
* Disallow impersonating users via the admin API token in production,
because when using the admin API token, we aren't able to identify
the impersonator.
Co-authored-by: Marshall <marshall@zed.dev>
