Merge branch 'main' into rel

davidfischer · davidfischer · commit d467ef48007e · 2025-10-28T15:32:53.000-07:00
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -6,6 +6,17 @@ CHANGELOG
 .. This is included by docs/developer/changelog.rst
 
 
+Version v5.29.1
+---------------
+
+This release contained only minor changes to dependencies and logging/validation.
+
+:Date: October 28, 2025
+
+ * @davidfischer: Adds gevent as a production option (#1090)
+ * @davidfischer: Minor changes to logging and validation (#1089)
+
+
 Version v5.29.0
 ---------------
 
diff --git a/adserver/api/serializers.py b/adserver/api/serializers.py
@@ -124,8 +124,7 @@ def validate_url(self, url):
             validator(url)  # Throws ValidationError on invalid
             return url
         except ValidationError:
-            log.warning("Invalid ad decision referring URL: %s", url)
-            return None
+            raise serializers.ValidationError("Invalid ad referring URL")
 
     def validate_user_ip(self, ip):
         if ip and "," in ip:
diff --git a/adserver/api/views.py b/adserver/api/views.py
@@ -306,8 +306,7 @@ def decision(self, request, data):
                 keywords = []
 
             if rotations > 1:
-                # This is a temporary log record to see how frequently ads are rotated
-                log.warning(
+                log.info(
                     "Ad rotation. rotations=%s, publisher=%s, url=%s,",
                     rotations,
                     publisher.slug,
diff --git a/adserver/tests/test_api.py b/adserver/tests/test_api.py
@@ -1590,19 +1590,14 @@ def test_offer_url(self):
         self.assertIsNotNone(offer)
         self.assertEqual(offer.url, post_url)
 
-        # Invalid URL
+        # Invalid URL - rejected
         self.data["url"] = "invalid-url"
         resp = self.client.post(
             self.url,
             json.dumps(self.data),
             content_type="application/json",
         )
-        self.assertEqual(resp.status_code, 200, resp.content)
-        offer = Offer.objects.filter(id=resp.json()["nonce"]).first()
-
-        # Offer is accepted - URL is set to None
-        self.assertIsNotNone(offer)
-        self.assertIsNone(offer.url)
+        self.assertEqual(resp.status_code, 400, resp.content)
 
         # Missing URL
         del self.data["url"]
diff --git a/adserver/views.py b/adserver/views.py
@@ -1122,11 +1122,12 @@ def ignore_tracking_reason(self, request, advertisement, offer):
             log.log(self.log_level, "Ad impression for unknown publisher")
             reason = "Unknown publisher"
         elif not advertisement.flight.show_to_geo(geo_data):
-            # This is very rare but it is visible in ad reports
+            # Check again that the geo-targeting matches
             # I believe the most common cause for this is somebody uses a VPN and is served an ad
             # Then they turn off their VPN and click on the ad
+            # These should not be billed to advertisers and can be safely ignored.
             log.log(
-                self.log_security_level,
+                self.log_level,
                 "Invalid geo targeting for ad [%s]. Country: [%s], Region: [%s], Metro: [%s]",
                 advertisement,
                 geo_data.country,
diff --git a/docker-compose/django/start b/docker-compose/django/start
@@ -10,3 +10,8 @@ set -o nounset
 # Don't auto-migrate locally because this can cause weird issues when testing migrations
 # python manage.py migrate
 python manage.py runserver 0.0.0.0:5000
+
+# In production, we use gunicorn
+# This gets us close to that setting for development and testing
+# https://docs.gunicorn.org/en/stable/settings.html
+#gunicorn config.wsgi --bind 0.0.0.0:5000 --reload --log-file - --access-logfile -
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "ethical-ad-server",
-  "version": "5.29.0",
+  "version": "5.29.1",
   "description": "",
   "main": "index.js",
   "engines": {
diff --git a/requirements/production.in b/requirements/production.in
@@ -1,7 +1,11 @@
 -r base.in
 
 # Gunicorn is the WSGI server used to run Django
-gunicorn
+# For an app where the vast majority of requests are I/O bound API requests
+# gevent may be a good choice for increased concurrency
+# https://docs.gunicorn.org/en/stable/design.html#choosing-a-worker-type
+# https://docs.gunicorn.org/en/stable/settings.html#worker-class
+gunicorn[gevent]
 
 # Database driver
 # https://www.psycopg.org/psycopg3/docs/basic/install.html
diff --git a/requirements/production.txt b/requirements/production.txt
@@ -120,7 +120,11 @@ frozenlist==1.8.0
     #   aiosignal
 geoip2==5.1.0
     # via -r base.in
-gunicorn==23.0.0
+gevent==25.9.1
+    # via gunicorn
+greenlet==3.2.4
+    # via gevent
+gunicorn[gevent]==23.0.0
     # via -r production.in
 hiredis==3.3.0
     # via redis
@@ -156,9 +160,9 @@ propcache==0.4.1
     # via
     #   aiohttp
     #   yarl
-psycopg[binary,pool]==3.2.10
+psycopg[binary,pool]==3.2.11
     # via -r production.in
-psycopg-binary==3.2.10
+psycopg-binary==3.2.11
     # via psycopg
 psycopg-pool==3.2.6
     # via psycopg
@@ -185,7 +189,7 @@ requests==2.32.5
     #   django-slack
     #   geoip2
     #   stripe
-sentry-sdk==2.42.0
+sentry-sdk==2.42.1
     # via -r production.in
 six==1.17.0
     # via python-dateutil
@@ -234,3 +238,10 @@ whitenoise==6.11.0
     # via -r base.in
 yarl==1.22.0
     # via aiohttp
+zope-event==6.0
+    # via gevent
+zope-interface==8.0.1
+    # via gevent
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "ethical-ad-server",`
`3`		`- "version": "5.29.0",`
	`3`	`+ "version": "5.29.1",`
`4`	`4`	`"description": "",`
`5`	`5`	`"main": "index.js",`
`6`	`6`	`"engines": {`