It's rare that my deps break their api or that newer versions must be avoided,
and very common that they release new versions which I must tediously
and promptly test and release hackage revisions for or risk falling out
of stackage. Trying it this way for a bit.
The .hledger-web_client_session_key.aes file written at startup is
cluttersome and means hledger-web can only be started from a writable
directory. What do we lose if I disable it ?
https://hackage.haskell.org/package/yesod-core-1.4.33/docs/Yesod-Core.html#v:makeSessionBackend
says "Default: Uses clientsession with a 2 hour timeout."
http://hackage.haskell.org/package/clientsession-0.9.1.2 says
"Securely store session data in a client-side cookie."
I think: hledger-web saves (eg) the state of the sidebar as session
data, in a cookie, and my web browser saves that locally. And this
still seems to work, across server restarts. So what's the purpose of
saving this "client session" file on the server ? Let's disable it and
find out.
This also validates transaction date and description upon form submission. As noted in
the issue, this removes hledger-web's "smart date" functionality. This
functionality can be restored giving the demand but should be tracked in
another issue.
Previous iterations used input[type=date], but it isn't easily
crossbrowser and the polyfill I found had some quirks.
Builtin commands are now gathered more tightly in a single module,
Hledger.Cli.Commands, reducing duplication and facilitating change.
The tests command was difficult and has been dropped for now.
The obsolete convert/info/man commands have been dropped.
cli: refactor: a proper commands list, better Main/Commands separation
The legacy "convert" command has been dropped.
The activity command's module is now named consistently.
