diff --git a/api/requirements.txt b/api/requirements.txt
index 2cc2bee06..0f362327b 100644
--- a/api/requirements.txt
+++ b/api/requirements.txt
@@ -1,13 +1,13 @@
captcha~=0.6.0
celery~=5.4.0
-coverage~=7.6.8
-cryptography~=43.0.3
-Django~=5.1.3
+coverage~=7.6.9
+cryptography~=44.0.0
+Django~=5.1.4
django-cors-headers~=4.6.0
djangorestframework~=3.14.0
django-celery-email~=3.0.0
django-netfields~=1.3.2
-django-pgtrigger~=4.13.2
+django-pgtrigger~=4.13.3
django-prometheus~=2.3.1
dnspython~=2.7.0
httpretty~=1.0.5 # 1.1 breaks tests. Does not run in production, so stick to it.
diff --git a/www/webapp/src/views/CrudListToken.vue b/www/webapp/src/views/CrudListToken.vue
index 897007380..a1c963ba4 100644
--- a/www/webapp/src/views/CrudListToken.vue
+++ b/www/webapp/src/views/CrudListToken.vue
@@ -42,18 +42,6 @@ export default {
datatype: GenericText.name,
searchable: true,
},
- perm_manage_tokens: {
- name: 'item.perm_manage_tokens',
- text: 'Can manage tokens',
- align: 'left',
- sortable: true,
- value: 'perm_manage_tokens',
- readonly: false,
- writeOnCreate: true,
- datatype: GenericSwitchbox.name,
- searchable: false,
- advanced: true,
- },
perm_create_domain: {
name: 'item.perm_create_domain',
text: 'Can create domains',
@@ -76,6 +64,18 @@ export default {
datatype: GenericSwitchbox.name,
searchable: false,
},
+ perm_manage_tokens: {
+ name: 'item.perm_manage_tokens',
+ text: 'Can manage tokens',
+ align: 'left',
+ sortable: true,
+ value: 'perm_manage_tokens',
+ readonly: false,
+ writeOnCreate: true,
+ datatype: GenericSwitchbox.name,
+ searchable: false,
+ advanced: true,
+ },
allowed_subnets: {
name: 'item.allowed_subnets',
text: 'Client subnets',
diff --git a/www/webapp/src/views/HomePage.vue b/www/webapp/src/views/HomePage.vue
index 6005e3f4b..09b84f64f 100644
--- a/www/webapp/src/views/HomePage.vue
+++ b/www/webapp/src/views/HomePage.vue
@@ -287,6 +287,7 @@ export default {
host: 'lhr-1.c.desec.io',
left: '45%',
top: '20%',
+ adopted_by: 'Jason Liquorish',
},
{
name: 'Singapore (ns2.desec.org)',
@@ -337,6 +338,7 @@ export default {
host: 'fra-1.a.desec.io',
left: '48.5%',
top: '23.5%',
+ adopted_by: 'Liip AG',
},
{
name: 'Johannesburg (ns1.desec.io)',
diff --git a/www/webapp/src/views/TermsPage.vue b/www/webapp/src/views/TermsPage.vue
index 8224e87cf..081d79579 100644
--- a/www/webapp/src/views/TermsPage.vue
+++ b/www/webapp/src/views/TermsPage.vue
@@ -65,35 +65,35 @@ export default {
data: () => ({
terms_of_use: [
{
- title: 'Keep Server Load Low',
- text: 'Only send update requests when there is something to update, and use reasonable TTLs. Accounts ' +
+ title: 'Keep Server Load Low / Expiration',
+ text: 'a) Only send update requests when there is something to update, and use reasonable TTLs. Accounts ' +
'that cause extraordinarily high load or cost may be disabled or throttled. Account ' +
- 'holders will be asked for cooperation to resolve the issue.',
+ 'holders will be asked for cooperation to resolve the issue.
' +
+ 'b) Dynamic DNS domains that are not updated for six months or longer will be ' +
+ 'deleted after a warning with 4 weeks notice. The notice contains instructions for owners to confirm ' +
+ 'active use and prevent deletion.',
},
{
title: 'Users Must be Responsive',
text: 'Users are required to register with an email address which will be used for authentication and ' +
'maintenance purposes. Control of the mailbox is strictly required for authentication with deSEC ' +
'support, e.g. for account recovery. Users are obliged to read and react to our emails. For users who do ' +
- 'not react or cooperate, deSEC reserves the right to disable the account and/or zone in order to ensure ' +
+ 'not react or cooperate, deSEC reserves the right to disable the account and/or domain in order to ensure ' +
'smooth operation of deSEC services.',
},
{
- title: 'Expiration of Inactive dynDNS Domains',
- text: 'Dynamic DNS domains that are not updated for six months or longer will be ' +
- 'deleted after a warning with 4 weeks notice. The notice contains instructions for owners to confirm ' +
- 'active use and prevent deletion.',
+ title: 'Withdrawal / Transfer to User with Proven Control',
+ text: 'Anyone who can prove control of a domain at the parent (upstream registry) may claim control over ' +
+ 'that domain at all deSEC nameservers. If the domain has been created in the deSEC platform by another ' +
+ 'user, we will notify that user via email and ask whether the domain should be transferred including its ' +
+ 'currently configured DNS records, or whether it should first be purged. In case the email cannot be ' +
+ 'delivered or we do not hear back within 48 hours, the transfer may be done including DNS records.',
},
{
title: 'Secure Delegation Required',
text: 'Domains created at deSEC which do not include deSEC\'s nameservers in their set of authoritative ' +
'nameservers ("NS records") or which fail to establish a DNSSEC chain of trust may receive a deletion ' +
- 'warning and may be deleted four weeks thereafter if that condition still applies.
' +
- 'Anyone who can prove ownership of a domain name by an upstream registry may claim control over this ' +
- 'domain at all deSEC nameservers, even if a corresponding deSEC zone has been created by another user. ' +
- 'During the transfer of control, the zone\'s DNS information and signing keys will be deleted; a backup ' +
- 'of the zone\'s record sets will be made available to the user account that previously held the domain ' +
- 'at deSEC.',
+ 'warning and may be deleted four weeks thereafter if that condition still applies.',
},
{
title: 'Domains with Illegal Activity',