Presumably this should be updated?

Hello! This may be a bit dumb question, but still.
When I am switching to the e-petitions project on my server, it gives me the following message:

=> Booting Puma
=> Rails 4.2.2 application starting in development on http://localhost:3000
=> Run rails server -h for more startup options
=> Ctrl-C to shutdown server
Puma 2.11.3 starting...

• Min threads: 0, max threads: 16
• Environment: development
• Listening on tcp://localhost:3000

How and where can I change the settings, so that it runs properly on my server address and not just localhost?

At time of writing, the (arbitrarily picked) petition 241582 is in "gathering support" stage.

Going to https://petition.parliament.uk/petitions/241582.json should return some sort of JSON output, but instead redirects to a HTML webpage. This is strange, as everything else (including error pages) appears to output in JSON if you ask it to.

When signing this petition https://petition.parliament.uk/petitions/241584/

Submission returns 502 bad gateway on the final page of the process (https://petition.parliament.uk/petitions/241584/signatures/thank-you).

For the sake of the UK please do fix this.

I am unable to understand how I have to set it up on a VPS. I have installed Docker. Do I have to clone the repo in a container or something??
Thanks!

I'm looking at the feasibility of forking this for the States of Jersey Government and have running locally with no issues (to start poking around at how it's doing certain things).

A few questions around Constituencies though.

• What role does the check for a Constituency actually do?
• Is it purely for results on the backend (which Constituencies are concerned the most about a petition) or is it tied up with the actual validation of a signature?
• Is this only performed on the signature of a petition you've created or any time you sign one?

As I can currently sign a petition on parliament.uk without an issue using Jersey as a location and a valid Jersey postcode (assuming it be far too easy to limit location to just Jersey and have it all work...).

Thanks for any help.

The locations table is only populated in a migration, which you don't get if you use db:structure:load (which loads in structure.sql which says it includes all the migrations, including 20160210195916, but doesn't appear to include the data created in that migration).

If you instead have empty databases and run db:migrate, it appears to all run okay.

but are not relevant to the decision of whether to submit the petition (at that point)

Since #435 it seems that the signatures_by_country element of the json response is either missing or broken. Countries are missing and those that are there have incorrect signature counts.

The benefits of using a petition from http://epetitions.direct.gov.uk/ for one's campaign are manifest.

Unfortunately, campaigners find themselves subsequently unable to communicate with those people who are manifestly interested in the issue to which the petition pertains.

Would it be possible to add an opt-in "allow $Person_or_organisation" to send me messages about this petition/campaign?

Hi,

The Parallel Parliament server (134.209.27.240) is receiving 403 errors on all e-petition pages. This began around 0800Z on the 21st June 2021.

I presume this block is to do with the level of requests that the site makes on the petition pages. Would it be possible to have some guidance as how we can avoid being restricted in the future, or what issue caused the restrictions to initially be applied?

Hello.

First, couple of small details regarding my environment.

1. OS: Ubuntu 14.04
2. PostgreSQL: 9.3

Error message:

$ rake db:structure:load
(in ~/Projects/Ruby/e-petitions)
psql: FATAL:  password authentication failed for user "postgres"
FATAL:  password authentication failed for user "postgres"
rake aborted!
failed to execute:
psql -q -f ~/Projects/Ruby/e-petitions/db/structure.sql epets_development

Please check the output above for any errors and make sure that `psql` is installed in your PATH and has proper permissions.

Tasks: TOP => db:structure:load
(See full trace by running task with --trace)

Double-checked that the the epets user is available:

postgres=> select * from pg_user;
 usename  | usesysid | usecreatedb | usesuper | usecatupd | userepl |  passwd  | valuntil | useconfig 
----------+----------+-------------+----------+-----------+---------+----------+----------+-----------
 epets    |    16389 | f           | f        | f         | f       | ******** |          | 
 jremes   |    16390 | f           | f        | f         | f       | ******** |          | 
 postgres |       10 | t           | t        | t         | t       | ******** | infinity | 
(3 rows)

Looks like the PostgreSQL user defaults to "postgres" even if "epets" user exists.

Is there particular reason for this behaviour, please?

Thanks in advance.

Has the site become compromised by a botnet attack, which has circumvented the email confirmation stage?

On the 2nd EU referendum petition the constant trickle of new signatures - including throughout the night - would appear to be suspicious.

sharing the email address with everyone

Hello,

I've been trying to install it a few days go but I get stuck at that part :
You will need to set up the config/database.yml. Copy what is in config/database.example.yml and add the password you used earlier for the epets postgres user

I can't find any file named database.example.ymlin the config file.

Could you provide any help?
Thanks!

https://petition.parliament.uk/petitions/173199/signatures/new

This UI flow means that British citizens not living in the UK have a choice between not being able to sign, or having to provide a fraudulent postcode.

Currently I can search for bees in the list of rejected petitions via the following:

https://petition.parliament.uk/petitions.json?q=bees&page=1&state=rejected

Or list debated petitions via:

https://petition.parliament.uk/petitions.json?page=1&state=debated

I wondered if there is any additional parameter which can be passed to the search URL to allow results to be sorted by e.g. creation date, either ascending or descending?

I have searched first before raising this question but couldn't see anything, so maybe it's not an option?

Thanks

Jim

because we have the signature ID in the URL

With the popularity of the recent 'revoke article 50' petition and rumours of signatories from other countries, fake signatories etc. I thought i'd take a look at the service to see how it all ticks.

It's occurred to me that all you need to sign a petition is a valid post code and an email address. Terribly poor integrity, if the purpose of the service was to verify that the petition was signed by a citizen.

Did you ever consider taking a NINO or passport number to prove citizenship? If there's a NINO -> Address database somewhere that would be even more formidable.

As it stands I think the service is easily disrupted, and as a result easily dismissed by the politicians it's meant to influence - was this an intentional strategy? I'd love to work to make it better. Even a 'i'm not a robot' button would go someway towards prevent fraudsters abusing the service.

https://petition.parliament.uk/petitions/104372

They're ugly and draw attention to petitions that might not warrant it

suggest:

• automated (but non blocking) warning when user creates petition with high percentage caps
• automated (but non blocking) warning when admin OKs petition with high percentage caps

Am getting this error: KeyError: key not found: "EPETITIONS_HOST"

This isn't really an issue, but more of a question..

I understand there is a REST API available for the website however I can't seem to find any documentation around the API... Is this available somewhere?

If it was in a really obvious place then my bad but if not then maybe it would be a good idea to provide a developer portal or some help pages referencing to it?

Thanks,
Liam

A search on twitter shows people are sharing the user-specific "/signatures/" URLs on social media, rather than the intended "/petitions/" link.

• https://twitter.com/search?q=petition.parliament.uk%2Fsignatures%2F&src=typd

Example: https://twitter.com/kerrycumiskey/status/623150244612702208 links to https://petition.parliament.uk/signatures/4688/signed/C6joqh4Feb4SYAWbphCa which returns the message

"We've added your signature to the petition: To debate a vote of no confidence in Health Secretary the Right Hon Jeremy Hunt"

Which is confusing to a user, since it give the impression that just by following the link they have "signed". Which may not have been their intention.

Also, as an aside I note that this also leaks the signer's constituency, which in some circumstance may be undesirable.

Proposal:

• Add journaling per petition to record the signature count hourly
• To keep it performant you could have daily rows with 24 columns, one for each hour
• The signing rate could be easily calculated, just the difference between one hour's count and the previous count
• We could then add this data to the existing json for each petition (eg https://petition.parliament.uk/petitions/124333.json)

This would let people see the signing history of petitions and make mashups where you could see trending petitions against events in the news

Hey!

I've been trying to send emails with a different SMTP server compared to the usual mailcatcher. I've changed the usual config in the development.rb env config to remove the if statement and just have:

    config.action_mailer.delivery_method = :smtp
    config.action_mailer.smtp_settings = {
      address: ENV.fetch('SMTP_HOST'),
      port: ENV.fetch('SMTP_PORT'),
      username: ENV.fetch('SMTP_USERNAME'),
      password: ENV.fetch('SMTP_PASSWORD'),
      authentication: 'login',
      enable_starttls_auto: true
    }

All the variables have been written out in both .env.development and docker-compose.yml. However, when something happens that's meant to send an email nothing gets received. I've tested the SMTP details and everything and it works fine, just nothing is sending from here? Is it even possible to do this?

Help would be appreciated 😄

In the JSON data feed, the 'signatures_by_country' element is not updated on this petition - https://petition.parliament.uk/petitions/131215

The total of this column does not equal the total number of votes in the e-petition. Not sure if this is issue #437 ( #437 ) coming back again.

When there is a revised government response, return the original government response in the Json feed. Currently only the revised government response is in the Json feed.

Just a heads up, in case you weren't already aware, that the GOV.UK crown is being updated soon to match the new royal cypher: alphagov/govuk-frontend#4058

Petitions uses the crown in several places, eg on government responses: https://petition.parliament.uk/petitions/636546?reveal_response=yes#response-threshold

Affected images are:

https://github.com/alphagov/e-petitions/blob/master/app/assets/images/graphics/graphic_crown.png
https://github.com/alphagov/e-petitions/blob/master/app/assets/images/graphics/graphic_crown-white.png
https://github.com/alphagov/e-petitions/blob/master/app/assets/images/graphics/graphic_crown-2x.png
https://github.com/alphagov/e-petitions/blob/master/app/assets/images/graphics/graphic_crown-white-2x.png

Probably due to this issue: rails/rails#21948

Hi,

They haven't been any move on that repo since a few years. Is this an up to date repo or has the dev moved elsewhere?

Hi!

Thanks for maintaining this project!

I'm receiving a 403 forbidden error while querying the petition.json files, which I believe is due to exceeding the rate limits for the website. I was querying for all 465 pages of the petition data available.

Could these rate limits be explicitly stated to ensure that such issues can be circumvented in future?