Commit Graph

2894 Commits

Author SHA1 Message Date
Alya Abbott
052a109ba4 docs: Improve instructions for reporting bugs.
- Create a dedicated "Reporting bugs" page to learly document
where and how bugs should be reported.
- Drop "Reporting issues" section from the Contributing guide.
- Delete "Bug report guidelines" page.
2023-06-12 14:31:45 -07:00
Alex Vandiver
bd217ad31b puppet: Read resolver from /etc/resolv.conf.
04cf68b45e make nginx responsible for downloading (and caching)
files from S3.  As noted in that commit, nginx implements its own
non-blocking DNS resolver, since the base syscall is blocking, so
requires an explicit nameserver configuration.  That commit used
127.0.0.53, which is provided by systemd-resolved, as the resolver.

However, that service may not always be enabled and running, and may
in fact not even be installed (e.g. on Docker).  Switch to parsing
`/etc/resolv.conf` and using the first-provided nameserver.  In many
deployments, this will still be `127.0.0.53`, but for others it will
provide a working DNS server which is external to the host.

In the event that a server is misconfigured and has no resolvers in
`/etc/resolv.conf`, it will error out:
```console
Error: Evaluation Error: Error while evaluating a Function Call, No nameservers found in /etc/resolv.conf!  Configure one by setting application_server.nameserver in /etc/zulip/zulip.conf (file: /home/zulip/deployments/current/puppet/zulip/manifests/app_frontend_base.pp, line: 76, column: 70) on node example.zulipdev.org
```
2023-06-12 20:18:28 +00:00
Tim Abbott
6ca5130cd8 docs: Improve troubleshooting overview intro. 2023-06-12 13:01:50 -07:00
Alya Abbott
582e88544c docs: Clarify instructions for getting help with self-hosting. 2023-06-12 13:01:50 -07:00
Zixuan James Li
4a18552ff8 docs: Document and advocate systemd for WSL 2.
systemd makes it a lot convenient to run services required for Zulip's
development environment on WSL 2. Once enabled, `tools/start_service`
becomes unnecessary.

More info:
https://devblogs.microsoft.com/commandline/systemd-support-is-now-available-in-wsl/

Signed-off-by: Zixuan James Li <p359101898@gmail.com>
2023-06-12 10:58:11 -07:00
Lauryn Menard
dfb34875f1 docs: Update first point in outreach prioritization section. 2023-06-12 10:54:32 -07:00
Tim Abbott
5e5d151c0c docs: Tweak a few details on the release checklist. 2023-06-07 12:48:25 -07:00
Alex Vandiver
bad600e731 docs: Clarify access to port 25 is needed for local email delivery. 2023-06-07 08:56:01 -07:00
Tim Abbott
0a7d3d3fe2 Update version following 7.0 release. 2023-05-31 13:04:44 -07:00
Tim Abbott
b00ce1bad1 Release Zulip Server 7.0. 2023-05-31 08:48:02 -07:00
Alex Vandiver
9a6529f86a docs: Add language to code blocks. 2023-05-31 08:18:03 -07:00
Alex Vandiver
adb30c4d18 docs: Remove unused link references. 2023-05-31 08:18:03 -07:00
Alex Vandiver
8212dccc91 docs: Fix missing and typo'd link references. 2023-05-31 08:18:03 -07:00
Alex Vandiver
679591ccce docs: Document postgresql.missing_dictionaries. 2023-05-31 08:18:03 -07:00
Alya Abbott
660ccccf68 docs: Add section about mentioning others to commit discipline doc. 2023-05-30 14:55:09 -07:00
Karl Stolley
38c8c374d5 docs: Introduce headings on commit discipline. 2023-05-30 14:54:49 -07:00
Alex Vandiver
d058188fa8 docs: Update documentation for deploy hooks.
ecfb12404a updated how values were passed to hooks, but did not
update the documentation.
2023-05-30 14:52:01 -07:00
Alex Vandiver
9ca4574fae docs: Document zulip_notify deploy hook. 2023-05-30 14:52:01 -07:00
Alex Vandiver
f45a6a6d99 docs: Add missing link in Sentry deploy docs. 2023-05-30 11:25:43 -07:00
Alex Vandiver
54590e67f2 docs: Fix link to sentry deploy hook. 2023-05-30 11:25:43 -07:00
Anders Kaseorg
dc158b18f2 release-checklist: Purge unneeded beta branch.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-29 18:07:54 -07:00
Anders Kaseorg
e3e2691124 Update version following 7.0-beta3 release.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-29 17:14:15 -07:00
Tim Abbott
1af16642d9 Release Zulip Server 7.0-beta3. 2023-05-29 16:35:59 -07:00
Tim Abbott
5f7727888c docs: Fix changelog link to preferred markdown style. 2023-05-29 16:35:19 -07:00
Tim Abbott
00accdc86b docs: Update changelog for changes since 7.0-beta2. 2023-05-29 16:27:29 -07:00
Tim Abbott
e26f9180c1 docs: Remove a duplicate changelog line.
This same line appears near the end of the 7.0 list.
2023-05-29 12:25:47 -07:00
Karl Stolley
4bfbec48dd docs: Clarify where labels are noted.
This will prevent curious readers from scrolling in search of a list
of labels below (as I did initially).
2023-05-29 11:21:51 -07:00
Karl Stolley
a164173acf docs: Close up instances of 'codebase'. 2023-05-29 11:21:51 -07:00
Alya Abbott
fc0f73c1db docs: Link to new PR review process doc from /contributing/reviewable-prs.md. 2023-05-25 13:16:56 -07:00
Alya Abbott
1456691d56 docs: Link to new PR review process doc from /contributing/code-reviewing.md.
Also drop redundant points in "Asking for a code review" section.
2023-05-25 13:16:56 -07:00
Alya Abbott
afc016c0f0 docs: Add a page documenting review process for pull requests.
- Move the "Submitting a pull request" and "Stages of a pull
request" sections of the contributing guide to a dedicated page.
- Add more detail.
2023-05-25 13:16:56 -07:00
Karl Stolley
30782f7aa4 docs: Remove zid reference.
@timabbott note that it's been years since this has posed any problems:
https://github.com/zulip/zulip/pull/25733#discussion_r1203144805
2023-05-24 12:31:11 -07:00
Karl Stolley
04656bf16f docs: Provide an example of dynamic styling. 2023-05-24 12:31:11 -07:00
Karl Stolley
ee7b6f476d docs: Add testing example and supporting links. 2023-05-24 12:31:11 -07:00
Karl Stolley
fe1b7a9bb3 docs: Integrate HTML and CSS style with subsystem doc. 2023-05-24 12:31:11 -07:00
Karl Stolley
735618b9db docs: Restructure CSS introduction.
This better presents the CSS organization for readers, and also
removes a stale reference and link to Bootstrap.

Because postcss-nesting's spec-aligned syntax has tripped up some
contributors, the mention of PostCSS now includes a link to the
postcss-nesting README and the CSS Nesting spec from the W3C, which
PostCSS Nesting attempts to adhere to.
2023-05-24 12:31:11 -07:00
Karl Stolley
3fd621b608 docs: Correct stale Chrome and Handlebars links. 2023-05-24 12:31:11 -07:00
Karl Stolley
3443e1d479 docs: Make surface edits to dangerous constructs. 2023-05-24 12:31:11 -07:00
Karl Stolley
bb78c21fda docs: Rewrite and update JavaScript guidance. 2023-05-24 12:31:11 -07:00
Karl Stolley
5ff853fa71 docs: Update Python guidance in code style. 2023-05-24 12:31:11 -07:00
Karl Stolley
72b16e2fe7 docs: Edit and tighten opening sections. 2023-05-24 12:31:11 -07:00
Karl Stolley
761ae28551 docs: Rewrite and restructure introduction to code style. 2023-05-24 12:31:11 -07:00
Karl Stolley
827dd22fe1 docs: Restructure and rewrite style and conventions headings. 2023-05-24 12:31:11 -07:00
Karl Stolley
c7c9322651 docs: Reorganize code style and conventions doc.
This commit represents an in-place reordering of the document. No
headings or content has been changed (that will happen in subsequent
commits).

The goal is to open the document with generic advice and guidance
applicable to all Zulip developers across all languages:

1. Consistency, enforced by linters and automated tests, opens the
   document.
2. General, largely language-neutral advice about line length,
   third-party code, translation, paths, and secrets come next.
3. Next up is language-specific advice and conventions: Python,
   followed by JavaScript and TypeScript, followed by HTML and CSS
   (although the HTML and CSS will be moved in a subsequent commit
   to their own file).
4. Closing the file, rather than opening it, is the section on
   Dangerous constructs. Some of these are fairly specialized, so
   it makes sense not to ask readers to read through them before
   presenting, say, our philosophy on line length.

Finally, in trying to come up with a sensible order for all sections
of this document, the "More arbitrary style things" heading has been
removed.
2023-05-24 12:31:11 -07:00
Mateusz Mandera
8fb0fe96c6 saml: Save SessionIndex in session and use when making a LogoutRequest.
This is a useful improvement in general for making correct
LogoutRequests to Idps and a necessary one to make SP-initiated logout
fully work properly in the desktop application. During desktop auth
flow, the user goes through the browser, where they log in through their
IdP. This gives them a logged in  browser session at the IdP. However,
SAML SP-initiated logout is fully conducted within the desktop
application. This means that proper information needs to be given to the
the IdP in the LogoutRequest to let it associate the LogoutRequest with
that logged in session that was established in the browser. SessionIndex
is exactly the tool for that in the SAML spec.
2023-05-23 13:01:15 -07:00
Mateusz Mandera
5dd4dcdebb saml: Make SP-initiated SLO work in the desktop application. 2023-05-23 13:01:15 -07:00
Mateusz Mandera
3f55c10685 saml: Rework SP-initiated logout config to support IdP-level config.
This gives more flexibility on a server with multiple organizations and
SAML IdPs. Such a server can have some organizations handled by IdPs
with SLO set up, and some without it set up. In such a scenario, having
a generic True/False server-wide setting is insufficient and instead
being able to specify the IdPs/orgs for SLO is needed.
2023-05-23 13:01:15 -07:00
Mateusz Mandera
0bb0220ebb saml: Implement SP-initiated Logout.
Closes #20084

This is the flow that this implements:
1. A logged-in user clicks "Logout".
2. If they didn't auth via SAML, just do normal logout. Otherwise:
3. Form a LogoutRequest and redirect the user to
https://idp.example.com/slo-endpoint?SAMLRequest=<LogoutRequest here>
4. The IdP validates the LogoutRequest, terminates its own user session
and redirects the user to
https://thezuliporg.example.com/complete/saml/?SAMLRequest=<LogoutResponse>
with the appropriate LogoutResponse. In case of failure, the
LogoutResponse is expected to express that.
5. Zulip validates the LogoutResponse and if the response is a success
response, it executes the regular Zulip logout and the full flow is
finished.
2023-05-23 13:01:15 -07:00
Alex Vandiver
68722e7d3c release-checklist: Add a mastodon announce step. 2023-05-19 16:55:30 -07:00
Alex Vandiver
68c37c9d7b release-checklist: Adjust for the blogs being in Astro. 2023-05-19 16:55:30 -07:00
Alex Vandiver
e6b1384a05 version: Update version and changelog after 6.2 release. 2023-05-19 16:58:55 -04:00
Toyam Cox
650cdc474d docs: Also set X-Forwarded-Proto in proxies.
Django 4.0 and higher began checking the `Origin` header, which made
it important that Zulip know accurately if the request came over HTTPS
or HTTP; failure to do so would result in "CSRF verification failed"
errors.

For Zulip servers which are accessed via proxies, this means that
`X-Fowarded-Proto` must be set accurately.  Adjust the documentation
for the suggested configurations to add the header.

Fixes: #24599.

Co-authored-by: Alex Vandiver <alexmv@zulip.com>
2023-05-18 17:17:35 -04:00
Alex Vandiver
a95b796a91 supervisor: Drop minfds back down from 1000000 to 40000.
1c76036c61 raised the number of `minfds` in Supervisor from 40k to
1M.  If Supervisor cannot guarantee that number of available file
descriptors, it will fail to start; `/etc/security/limits.conf` was
hence adjusted upwards as well.  However, on some virtualized
environments, including Proxmox LXC, setting
`/etc/security/limits.conf` may not be enough to raise the
system-level limits.  This causes `supervisord` with the larger
`minfds` to fail to start.

The limit of 1000000 was chosen to be arbitrarily high, assuming it
came without cost; it is not expected to ever be reached on any
deployment.  262b19346e already lowered one aspect of that
changeset, upon determining it did come with a cost.  Potentially
breaking virtualized deployments during upgrade is another cost of
that change.

Lower the `minfds` it back down to 40k, partially reverting
1c76036c61, but allow adjusting it upwards for extremely large
deployments.  We do not expect any except the largest deployments to
ever hit the 40k limit, and a frictionless deployment for the
vanishingly small number of huge deployments is not worth the
potential upgrade hiccups for the much more frequent smaller
deployments.
2023-05-18 13:04:33 -07:00
Anders Kaseorg
12310189ed install: Support Debian 12.
Signed-off-by: Anders Kaseorg <anders@zulip.com>
2023-05-18 11:52:22 -07:00
Alex Vandiver
0117d751c2 docs: Explain Zulip Cloud branch in release lifecycle docs.
Partial fix for #25482.
2023-05-15 14:44:11 -07:00
Alex Vandiver
6cb570f3f0 docs: Upgrade to zulip-cloud-current before exporting to Zulip Cloud.
Partial fix for #25482.
2023-05-15 14:44:11 -07:00
Alex Vandiver
e0c05825ed docs: Importing from Zulip Cloud exports should use zulip-cloud-current.
Partial fix for #25482.
2023-05-15 14:44:11 -07:00
Alex Vandiver
f4683de742 puppet: Switch the rolling_restart setting to use the bool values.
2c5fc1827c standardized which values are "true"; use them.
2023-05-11 15:54:15 -07:00
Alex Vandiver
857f79161f docs: Update documentation on compliance exports. 2023-05-11 12:01:54 -07:00
Tim Abbott
3cc3fbc0c3 docs: Update changelog for changes since 7.0-beta1. 2023-05-10 17:26:02 -07:00
Alex Vandiver
f11350f789 puppet: Add PostgreSQL 15 support.
Instead of copying over a mostly-unchanged `postgresql.conf`, we
transition to deploying a `conf.d/zulip.conf` which contains the
only material changes we made to the file, which were previously
appended to the end.

While shipping separate while `postgresql.conf` files for each
supported version is useful if there is large variety in supported
options between versions, there is not no such variation at current,
and the burden of overriding the entire default configuration is that
it must be keep up to date wit the package's version.
2023-05-10 14:06:02 -07:00
Alex Vandiver
e5ae55637e install: Remove PostgreSQL 11 support.
Django 4.2 removes this support, so Zulip has not installed with
PostgreSQL 11 since 2c20028aa4.
2023-05-05 13:35:32 -07:00
Tim Abbott
18d8fbc74b docs: Update changelog since 6.0 release. 2023-05-02 17:45:07 -07:00
Karl Stolley
aa78d9bf26 docs: Make a few surface fixes. 2023-05-01 16:37:27 -07:00
Karl Stolley
7f06baf360 docs: Polish usage assumptions copy. 2023-05-01 16:37:27 -07:00
Alex Vandiver
8a3236638a docs: Update sharding docs for single-org sharding option.
Co-authored-by: Tim Abbott <tabbott@zulip.com>
2023-05-01 11:28:08 -07:00
Alex Vandiver
510b96046a docs: Update production docs for local S3 caching. 2023-05-01 11:28:08 -07:00
sbansal1999
6b599d521f docs: Update recommended commit summary length to 72 characters.
This commit updates the recommended commit summary length
to 72 characters in the documentation. If the commit message
exceeds this length than GitHub cutoffs the remaining characters.
2023-05-01 10:35:52 -07:00
Karl Stolley
b6c656ed73 docs: Clarify python3 installation requirements.
This should help miscueing users into thinking that the provisioning
steps, etc. are a part of the python3 installation--which is now more
explicitly aimed at Centos, Fedora, and RHEL users.
2023-04-27 13:55:59 -07:00
Karl Stolley
e9315e67b8 docs: Move uninstall warning up top. 2023-04-27 13:55:59 -07:00
AcKindle3
4544eb4576 email: Replace uri with url in templates and backend.
In #23380 we want to change all ocurrences of `uri` to `url`. This
commit changes the ocurrences of `uri` appeared in files related to
email, including templates (`.html`, `.txt`) and backend (`.py`)
codes.

In `email.md`, `base_images_uri` is changed to `images_base_url` -
the words `base` and `images` are swapped and plural form is added
for `image`.  This is becasue the former is not found anywhere in
the codebase while the later appears a lot. To reduce confusion,
this doccumentation changed accordingly.
2023-04-26 16:37:16 -07:00
Alex Vandiver
b8a6de95d2 pg_backup_and_purge: Allow adjusting the backup concurrency.
SSDs are good at parallel random reads.
2023-04-26 10:54:51 -07:00
Alex Vandiver
19a11c9556 pg_backup_and_purge: Take backups on replicas, if present.
Taking backups on the database primary adds additional disk load,
which can impact the performance of the application.

Switch to taking backups on replicas, if they exist.  Some deployments
may have multiple replicas, and taking backups on all of them is
wasteful and potentially confusing; add a flag to inhibit taking
nightly snapshots on the host.

If the deployment is a single instance of PostgreSQL, with no
replicas, it takes backups as before, modulo the extra flag to allow
skipping taking them.
2023-04-26 10:54:51 -07:00
Hardik Dharmani
06709bc5da icons: Add new unmute icon SVG.
Added unmute.svg in web/shared/icons. Also added
source and license information for the icon in
docs/THIRDPARTY.

Additionally, used unmute icon for unmute option in
topic_sidebar menu for topics in muted stream.

Fixes #25124
2023-04-25 13:35:38 -07:00
Ujjawal Modi
449febf036 streams: Make stream settings and create stream UI more consistent.
This commit make changes in create stream panel by moving
announce stream option below stream description and adds a
"Stream permissions" section heading just above
"Who can access the stream?" and also rewords the text
"Announce stream".

Also now announce stream option is only shown if the user creating
stream have access to the announcement stream name. When option
is not shown, default behaviour is to announce public and
web-public streams.

Fixes #23327.
2023-04-24 17:02:33 -07:00
Lauryn Menard
3c88db9164 docs: Update development version warning text to be more explicit. 2023-04-20 10:37:30 -07:00
Alex Vandiver
2d5c678614 blueslip: Only show in dev mode, or report to Sentry.
This removes the production reporting to `/json/report/error` upon
`blueslip.error`, and replaces it with reporting to Sentry, if
enabled.  Sentry provides better reporting and grouping for exceptions
than the email- and `#errors`-reporting provided by the
`/json/report/error` endpoint.

The development behaviour of rendering `blueslip.error` messages and
stacktraces immediately, and stopping execution, is preserved.

To better chain exception information, the whole previous exception is
passed to `blueslip.error`, not just the stack, and the second
parameter is formalized to be an object to map to Sentry's "context"
concept.
2023-04-13 14:59:58 -07:00
Alex Vandiver
f9f7c7b114 docs: Document Sentry frontend reporting. 2023-04-13 14:59:58 -07:00
sayamsamal
9f6f77f6bc icons: Change bot icon from GitHub logo to Google material icon.
We currently use the GitHub logo to show the bots settings in both
personal and organization settings. This icon is not a correct
representation since we use have support for several different bots
including but not limited to a GitHub integration bot.

This commit replaces the GitHub logo with Smart Toy material icon
from Google, while also adding the required licencing details at
docs/THIRDPARTY.

Part of #19797.
2023-04-13 10:47:09 -07:00
Alex Vandiver
7c023042cf puppet: Rotate access log files every day, not at 500M.
Since logrotate runs in a daily cron, this practically means "daily,
but only if it's larger than 500M."  For large installs with large
traffic, this is effectively daily for 10 days; for small installs, it
is an unknown amount of time.

Switch to daily logfiles, defaulting to 14 days to match nginx; this
can be overridden using a zulip.conf setting.  This makes it easier to
ensure that access logs are only kept for a bounded period of time.
2023-04-06 14:31:16 -04:00
Daniil Fadeev
2f203f4de1 emails: Inline CSS in emails in build_email.
Previously, we had an architecture where CSS inlining for emails was
done at provision time in inline_email_css.py. This was necessary
because the library we were using for this, Premailer, was extremely
slow, and doing the inlining for every outgoing email would have been
prohibitively expensive.

Now that we've migrated to a more modern library that inlines the
small amount of CSS we have into emails nearly instantly, we are able
to remove the complex architecture built to work around Premailer
being slow and just do the CSS inlining as the final step in sending
each individual email.

This has several significant benefits:

* Removes a fiddly provisioning step that made the edit/refresh cycle
  for modifying email templates confusing; there's no longer a CSS
  inlining step that, if you forget to do it, results in your testing a
  stale variant of the email templates.
* Fixes internationalization problems related to translators working
  with pre-CSS-inlined emails, and then Django trying to apply the
  translators to the post-CSS-inlined version.
* Makes the send_custom_email pipeline simpler and easier to improve.

Signed-off-by: Daniil Fadeev <fadeevd@zulip.com>
2023-04-05 12:22:29 -07:00
Alex Vandiver
a77c89f610 docs: Always suggest start-server, now that it is safer. 2023-04-04 10:58:56 -07:00
Alex Vandiver
5b9fb582e2 docs: Remove now-unnecessary reactivate_realm step after import.
113a8c4782 made this step unnecessary.
2023-04-04 10:58:56 -07:00
Mateusz Mandera
7ca08cb84b docs: Link to SCIM docs from SAML instructions. 2023-04-03 17:06:05 -07:00
Tim Abbott
ee673f1f5e docs: Add SCIM page to list of new production/ pages. 2023-04-03 17:06:05 -07:00
Mateusz Mandera
1bfe48bce6 docs: Add ReadTheDocs documentation for SCIM. 2023-04-03 17:01:05 -07:00
Daniil Fadeev
5c6f842b28 emails: Replace Premailer with CSS-inline.
Primary goal of library replacement is improving execution speed.
This commit should not affect the functionality of the system
or make any changes to it.
2023-04-03 15:15:05 -07:00
Tim Abbott
3f199d570d docs: Update changelog to cover changes already staged for 7.0. 2023-04-02 23:28:10 -07:00
Alya Abbott
e136636715 docs: Clarify "Should I follow this installation guide?" instructions. 2023-03-30 09:08:48 -07:00
Karl Stolley
deabb8ed53 docs: Document preference for hyphenated class and ID values.
This clarifies that kebab case should be the preferred style for
multiword classes in HTML and CSS.
2023-03-27 17:31:31 -07:00
YashRE42
4853a9a736 navbar: Use feathericon close icon.
This uses the new close icon which we prefer over the one made available
from bootstrap. It also adds a reference to the icon in THIRDPARTY.
2023-03-24 16:30:15 -07:00
YashRE42
e3ad9c10bb navbar: Add Ionic search icon and use for navbar search.
This adds a new search icon which we prefer over the one made
available from bootstrap, and replaces search icons in navbar
search with the Ionic icon.
2023-03-24 16:30:15 -07:00
Alex Vandiver
164d58bec9 web: Save a 301 redirect from /help to /help/. 2023-03-24 14:51:01 -07:00
Alex Vandiver
14d19c00d7 web: Save a 301 redirect from /features to /features/. 2023-03-24 14:51:01 -07:00
Alex Vandiver
d9daeb13e0 web: Save a needless 301 redirect from /apps to /apps/. 2023-03-24 14:51:01 -07:00
Alex Vandiver
61adc9cfcc web: Save a needless 301 redirect from /team to /team/. 2023-03-24 14:51:01 -07:00
Alex Vandiver
c686c5ed0f web: Save a needless 301 redirect from /plans to /plans/. 2023-03-24 14:51:01 -07:00
Alex Vandiver
a1570ff3dd web: Save a needless 301 redirect from /integrations to /integrations/. 2023-03-24 14:51:01 -07:00
oribe1115
26691a3bd1
docs: Add a Japanese translation style guide.
Co-authored-by: Sutou Kouhei <kou@cozmixng.org>
Co-authored-by: Greg Price <gnprice@gmail.com>
2023-03-24 12:36:48 -07:00
Alex Vandiver
262b19346e puppet: Decrease default nginx worker_connections.
Increasing worker_connections has a memory cost, unlike the rest of
the changes in 1c76036c61d8; setting it to 1 million caused nginx to
consume several GB of memory.

Reduce the default down to 10k, and allow deploys to configure it up
if necessary.  `worker_rlimit_nofile` is left at 1M, since it has no
impact on memory consumption.
2023-03-23 15:59:23 -07:00