I agree that avatars are nice to have, and I am confident that refreshing the images once in a while is more than enough.
Thank you Francis for taking care of this! Best regards, Alessandro On Tue, Feb 18, 2025, 00:09 Francis Chuang <francischu...@apache.org> wrote: > I added a small bash script[1] to download the avatars from GitHub into > the `img` folder every time the site is built. > > We build our site relatively often, so the avatars should be pretty > up-to-date most of the time. If this is not sufficient, we can add a > periodic GitHub Action workflow to build the site every x days, which > will re-download the avatars. However, I think the current approach > should work just fine. > > [1] https://github.com/apache/calcite/blob/main/site/download-avatars.sh > > On 18/02/2025 5:21 am, Julian Hyde wrote: > > It’s a shame. The avatars make the site better. And no one’s privacy is > being violated. > > > > Julian > > > >> On Feb 17, 2025, at 05:40, Istvan Toth <st...@cloudera.com.invalid> > wrote: > >> > >> I prefer removing the avatars. > >> Having snapshots for existing ppl is half-solution, and trying to add > some > >> kind of sync mechanism on build would be a waste of energy. > >> > >> Istvan > >> > >>> On Mon, Feb 17, 2025 at 4:45 AM Francis Chuang < > francischu...@apache.org> > >>> wrote: > >>> > >>> There are numerous broken resources on our websites due to the > >>> Content-Security-Policy HTTP header deployed by the ASF [1]. > >>> > >>> The CSP is quite restrictive: default-src 'self' data: blob: > >>> 'unsafe-inline' https://www.apachecon.com/ > >>> https://www.communityovercode.org/ https://analytics.apache.org/; > >>> script-src 'self' 'unsafe-inline' 'unsafe-eval' > >>> https://analytics.apache.org/; style-src 'self' 'unsafe-inline' data:; > >>> frame-ancestors 'self'; frame-src 'self' data: blob:; img-src 'self' > >>> data: https://*.apache.org/; worker-src 'self' data: blob:; > >>> > >>> I was able to fix the Lato font not loading on the Calcite and Avatica > >>> sites by self-hosting it in CALCITE-6843 [2]. > >>> > >>> There are still quite a few resources broken on both the Calcite and > >>> Avatica sites, mostly images. For most images, we can easily self-host > >>> our own copy. However, we use GitHub avatars for the Community and News > >>> pages on both sites. We can either self-host all the avatars (but they > >>> won't be updated if the user changes them on GitHub) or we can get rid > >>> of them. > >>> > >>> What do you guys think? > >>> > >>> Francis > >>> > >>> [1] https://infra.apache.org/csp.html > >>> [2] https://issues.apache.org/jira/browse/CALCITE-6843 > >>> > >> > >> > >> -- > >> *István Tóth* | Sr. Staff Software Engineer > >> *Email*: st...@cloudera.com > >> cloudera.com <https://www.cloudera.com> > >> [image: Cloudera] <https://www.cloudera.com/> > >> [image: Cloudera on Twitter] <https://twitter.com/cloudera> [image: > >> Cloudera on Facebook] <https://www.facebook.com/cloudera> [image: > Cloudera > >> on LinkedIn] <https://www.linkedin.com/company/cloudera> > >> ------------------------------ > >> ------------------------------ > >
