the current transaction model only rollsback on db failures. this
changeset makes the transaction encapsulate the entire NewPull flow. if
creating the pds record fails, the db is still rolled back.

Add a space between the Discord link and the next word "or". This only
shows up on the timeline if you are not logged in...meaning it's one of
the first things a new user sees.

gotta be more explicit apparently

subsequently, every RenderMarkdown call has been wrapped with
bluemonday sanitization.

This reverts commit 44f2b1f562faf1f36be90385a699a60991db6b86.

this will come in handy when we create repos from firehose records.

avoids path traversal attempts.

Chill, it's not what you think. Helpers and middleware for tracing and
metrics provided by OpenTelemetry.

the pull-source information chip displayed `fork branch` but the two
bits of information were styled differently.

this patch unifies the styles, moves both bits of info into the same
pill, styles them identically, and uses a `:` to separate them
`fork:branch`.

also add classes here and there for leah

This fixes two issues I had when deploying the eeg.cl.cam.ac.uk knot:

1) The permissions on the volumes are currently set at build time, which means that when a fresh volume is mounted it has the wrong permissions. This fixes it to run the chmods on the volumes dynamically at entrypoint time, which lets a fresh volume work with a knotserver.
The error before was:
```
knot-1 | time=2025-05-04T13:58:36.054Z level=ERROR msg="failed to setup db" error="unable to open database file: no such file or directory"
```

2) It's a little odd for the default setup to expose 5555 and insecure http to the Internet, given that the appview will try to connect to the knot over https. This adds a standalone Caddy server as the default and removes port 5555 from being directly explosed. A more advanced user with an existing proxy can easily remove this from the compose file and hook in their own.

The only remaining footgun my users have encountered is that of port 2222 being the default. Almost all the users have forgotten to add the `port 2222` directive in their ssh_config, and the _host_ sshd rejects them. In my local setup, I've swapped the host and knot ports around so that the knot runs on 2222, but a really elegant solution would be for some sort of ssh proxy on the host ssh to redirect the `git` user to the knotserver sshd. I haven't done that yet though!

It's the clients problem now. Also add a tiny exception for svgs since
those get picked up as text/xml otherwise.

i could have sworn chi.URLParam was supposed to do this...

Proxies images against a HMAC signature -- this prevents knot URLs from
directly being hit and possibly spammed. Also caches images in
Cloudflare's global CDN.

this was a known issue, but just ignored until now. when a patch reverts
all changes from an older patch, the combined patch for that file is
nil.

renames jetstream consumer in appview to ingester.

did+rkey can uniquely identify a row for any data record.

off by one

annotated tags have their own custom hashes, but the "target" of the tag
points to the commit they refer to.

Prevents the ugly browser enforced bold that we had all this while.