e99e2407f3
Add background_removal to SimplePolicy MRF
2024-02-16 16:36:45 +01:00
7622aa27ca
Federate user profile background
...
Currently our own frontend doesn’t show backgrounds of other users, this
property is already publicly readable via REST API and likely was always
intended to be shown and federated.
Recently Sharkey added support for profile backgrounds and
immediately made them federate and be displayed to others.
We use the same AP field as Sharkey here which should make
it interoperable both ways out-of-the-box.
Ref.: 4e64397635
2024-02-16 16:35:51 +01:00
0ed815b8a1
Merge branch 'followback' into develop
2024-02-16 13:27:40 +00:00
c5dcd07e08
Merge pull request 'Fix OpenAPI spec for preferred_frontend endpoint' ( #680 ) from katafrakt/akkoma:fix-openapi-spec-for-preferred-frontend into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/680
2024-02-16 12:21:00 +00:00
376f6b15ca
Add ability to auto-approve followbacks
...
Resolves: https://akkoma.dev/AkkomaGang/akkoma/issues/148
2024-02-13 15:42:37 +01:00
df21b61829
Return last_status_at as date, not datetime
2024-02-05 21:42:15 +01:00
e97d08ee98
Merge pull request 'MRF transparency: don’t forget to obfuscate short domains' ( #676 ) from Oneric/akkoma:mrf-obfuscation into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/676
2024-02-05 08:43:43 +00:00
d7d159c49f
Fix OpenAPI spec for preferred_frontend endpoint
...
The spec was copied from another endpoint, including the operation id,
leading to scrubbing the valid parameters from the request and simply
not working.
2024-02-03 14:27:45 +01:00
e47c50666d
Fix obfuscation of short domains
...
Fixes https://akkoma.dev/AkkomaGang/akkoma/issues/645
2024-02-02 14:50:13 +00:00
77000b8ffd
update tests for oauth consumer
2023-12-17 21:48:19 +00:00
c3098e9c56
UserViewTest: Add basice service actor test.
2023-12-15 16:31:51 +00:00
6cc523bd23
Correct email links to be absolute URLs
2023-11-02 11:49:03 +00:00
033b7b04e0
update captcha version
2023-10-20 13:30:29 +01:00
c8e08e9cc3
fix issue with API cascading domain blocks but not honouring them
2023-08-25 11:00:49 +01:00
063e3c0d34
Disallow nil hosts in should_federate
2023-08-15 23:12:04 +01:00
6cb40bee26
Migrate to phoenix 1.7 ( #626 )
...
Closes #612
Co-authored-by: tusooa <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/626
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-committed-by: FloatingGhost <hannah@coffee-and-dreams.uk>
2023-08-15 10:22:18 +00:00
c22ecac567
mastodon_api: Add /api/v1/preferences endpoint
...
Implements the preferences endpoint in the Mastodon API, but returns
default values for most of the preferences right now. The only supported
preference we can access is default post visibility, and a relevant test
is added as well.
2023-08-12 09:28:24 -04:00
0c21341156
Fix signature checking
2023-08-07 16:17:17 +01:00
7825798e32
Add XML matcher
2023-08-07 11:12:14 +01:00
650c0c0f62
Allow max_id to be at the end of the querystring
2023-08-06 16:44:25 +01:00
7956cfb091
Another keyword.equal? check
2023-08-06 16:36:18 +01:00
215b550317
Fix keyword ordering reliance
2023-08-06 16:27:15 +01:00
866672b6a7
Add unordered list equality matcher
2023-08-06 15:58:11 +01:00
ef422a8385
Put matchers in matchers subpackage
2023-08-06 15:53:04 +01:00
9723264fe5
Add URI matchers
2023-08-06 15:51:21 +01:00
d868348fac
Completely disable xml entity resolution
2023-08-05 12:32:05 +00:00
b4399574ca
Merge remote-tracking branch 'norm/config-permissions' into develop
2023-08-04 22:31:11 +01:00
9c7409808f
Add unit test for external entity loading
2023-08-04 22:24:32 +01:00
749e9f2229
release_runtime_provider_test: chmod config for hardened permissions
...
Git doesn't manages file permissions precisely enough for us.
Original: 65ef8f19c5
2023-08-04 14:14:04 -04:00
0b2ec0ccee
Enable AnonymizeFilenames on all uploads
2023-08-04 15:37:15 +01:00
723bd123a0
Correct ordering for block/mutes
2023-08-04 15:18:07 +01:00
1dc8cc731c
Merge branch 'elixir1.15' into develop
2023-08-04 15:16:14 +01:00
64e233ca20
Tag `Mock`-tests as "mocked" and run them seperately
2023-08-04 12:50:50 +01:00
7e45343f81
Resolve information disclosure vulnerability through emoji pack archive download endpoint
2023-08-04 11:34:19 +01:00
f4fe4fcbcc
More static stuff
2023-08-03 23:00:30 +01:00
02071ab9b4
bah
2023-08-03 18:40:13 +01:00
98cb255d12
Support elixir1.15
...
OTP builds to 1.15
Changelog entry
Ensure policies are fully loaded
Fix :warn
use main branch for linkify
Fix warn in tests
Migrations for phoenix 1.17
Revert "Migrations for phoenix 1.17"
This reverts commit 6a3b2f15b74ea5e33150529385215b7a531f3999.
Oban upgrade
Add default empty whitelist
mix format
limit test to amd64
OTP 26 tests for 1.15
use OTP_VERSION tag
baka
just 1.15
Massive deps update
Update locale, deps
Mix format
shell????
multiline???
?
max cases 1
use assert_recieve
don't put_env in async tests
don't async conn/fs tests
mix format
FIx some uploader issues
Fix tests
2023-08-03 17:44:09 +01:00
b65aafe1e3
Fix tests breaking on config changes
2023-08-02 12:05:30 +01:00
c38f1aefb1
Add unit tests for Utils.user_name_string
2023-07-28 07:35:00 -07:00
1377ec33fe
Add a unit test for custom WebFinger domain
2023-07-27 09:01:46 -07:00
eba3cce77b
Update translation files
...
Updated by "Squash Git commits" hook in Weblate.
Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/
2023-07-27 13:14:05 +00:00
6db8ab7c94
Merge pull request 'Varied selection of Pleroma cherry-picks' ( #567 ) from XxXCertifiedForkliftDriverXxX/akkoma:cherry-picks into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/567
2023-07-27 12:53:56 +00:00
c63ae73bc0
Add embed controller tests
2023-07-17 19:18:21 +01:00
8fe29bf5d2
Exclude deactivated users from emoji reaction lists
2023-07-17 17:53:03 +01:00
5144d6f4ba
Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types
...
Original: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3897
2023-06-28 01:56:14 +01:00
07b478dc49
Implement blocklists for MediaProxy
2023-06-26 15:18:31 +02:00
c0a01e73cf
Enforce unauth restrictions for public streaming endpoints
2023-06-14 22:45:19 +00:00
fee6e2aac4
Fix deleting banned users' statuses
2023-06-14 22:45:19 +00:00
8669a0abcb
UploadedMedia: Increase readability via ~s sigil
2023-06-14 22:45:19 +00:00
37b0d774fa
UploadedMedia: Add missing disposition_type to Content-Disposition
...
Set it to `inline` because the vast majority of what's sent is multimedia
content while `attachment` would have the side-effect of triggering a
download dialog.
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3114
2023-06-14 22:45:19 +00:00
1def80c2e7
Fix existing tests
2023-06-14 22:45:19 +00:00
3095251e6c
Dedupe poll options
2023-06-14 22:45:19 +00:00
79a18f761b
Allow with_relationships param for blocks
2023-06-14 22:45:19 +00:00
8fb235e71b
fix: append field values to bio before parsing
2023-06-14 19:44:07 +00:00
d6271e7613
feat: build rel me tags with profile fields
2023-06-14 19:44:07 +00:00
5adce547d0
Require related object for notifications to filter on content
2023-06-14 19:41:48 +00:00
05e80d1879
Fix block_from_stranger setting
2023-06-14 19:41:44 +00:00
651979217a
Fix failure when registering a user with no email when approval required
2023-06-14 19:33:58 +00:00
997551bac9
Fix TwitterCard meta tags
...
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".
Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.
> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]
[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00
2a290cb331
Lint
2023-06-14 17:20:55 +00:00
dfd6c96808
Fix SideEffectsTest
2023-06-14 17:20:55 +00:00
fd38756e92
Do not stream out Announces to public timelines
2023-06-14 17:20:55 +00:00
5ef7c15d92
Make local-only posts stream in local timeline
2023-06-14 17:18:26 +00:00
3227ebf1e1
CommonFixes: more predictable context generation
...
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2023-06-14 16:22:26 +00:00
1b560d547a
Stop exposing if a user blocks you over the API.
2023-05-28 23:42:27 +02:00
70b0f93865
Apply oembed patch
2023-05-26 20:45:57 +01:00
8c208f751d
Fix filtering out incorrect addresses
2023-05-23 13:46:25 +01:00
037f881187
Fix create processing in direct message disabled
2023-05-23 13:16:20 +01:00
ab34680554
switch to using an enum system for DM acceptance
2023-05-23 10:29:08 +01:00
d310f99d6a
Add MRFs for direct message manipulation
2023-05-22 23:53:44 +01:00
f72d773cc3
Merge pull request 'Make UserNote comment default to the empty string.' ( #530 ) from provable_ascent/akkoma:provable_ascent-patch-1 into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/530
2023-05-22 21:33:01 +00:00
9c4203632d
Add user_note_test.exs.
2023-05-12 02:18:24 +00:00
f1e66b39c7
Return empty string in the event of no detected language
2023-05-08 18:52:19 -04:00
b86b3a9e29
Support public key URIs that incomprehensibly have GET args
...
Fixes #528
2023-04-25 13:30:20 +01:00
f2b4e7f86b
Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop
2023-04-14 17:56:56 +01:00
522221f7fb
Mix format
2023-04-14 17:56:34 +01:00
1fa3c0b485
Remove support for outdated Create format
2023-04-14 17:46:22 +01:00
d2b0d86471
HTTP signatures respect allowlist federation
2023-04-14 17:46:06 +01:00
8c86a06ed1
Merge pull request 'Remove "default" image description' ( #493 ) from ilja/akkoma:remove_default_image_description into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/493
2023-04-14 16:27:41 +00:00
4c9c959bb3
Merge branch 'develop' into frontend-switcher-9000
2023-04-14 16:56:10 +01:00
1b2c24a19e
fix tests
2023-04-14 15:20:55 +01:00
dd44387f1a
Add timeline visibility options
2023-03-17 15:33:28 +00:00
2c9e02429a
mix format
2023-03-15 22:19:52 +00:00
9464d50562
Add publicTimelineVisibility to nodeinfo
2023-03-15 22:13:18 +00:00
377d1483b6
Merge pull request 'Apply security patch from pleroma to prevent nested file names being uploaded to the server.' ( #507 ) from foxing/akkoma:foxing-patch-2 into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/507
2023-03-13 00:29:51 +00:00
3f76de76da
Apply Patch
2023-03-12 19:13:56 +00:00
0c77be9308
don't crash on malformed avatar and banner values
...
weird values in href will cause base64 encoding to fail later down the
line, so let's make sure the value we're passing on is somewhat sane, or
at the very least a binary
this fixes #482
2023-03-12 18:14:05 +01:00
6c396fcab4
Remove "default" image description
...
When no image description is filled in, Pleroma allowed fallbacks.
Those were (based on a setting) either the filename, or a fixed description.
Neither are good options for image descriptions imo, so here we remove this.
Note that there's two tests removed who supposedly tested something else.
But examining closer, they didn't seem to test what they claimed to test,
so I removed them rather than try to "fix" them.
2023-03-12 08:42:33 +01:00
e124a109c1
Remove _misskey_reaction matching ( #500 )
...
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/500
2023-03-10 18:46:49 +00:00
b2112302ce
Add more information about failed verifications
2023-03-10 03:51:24 +00:00
8a4437d2be
Allow expires_at in filter requests
...
Fixes #492
2023-03-09 19:13:14 +00:00
87d5e5b06a
Allow moderators to get the admin scope again
...
Fixes #463
2023-03-08 17:39:35 +00:00
b88e6560e0
Reblog content should be ""
...
Fixes #450
2023-03-02 11:04:27 +00:00
b4952a81fe
Interpret `\n` as newline for MFM
...
Markdown doesn't generally consider `\n` a newline,
but Misskey does for MFM.
Now we do to for MFM (and not for Markdown) :)
2023-02-18 19:56:11 +01:00
b71db2f82d
create_service_actor is now type Application
...
This is used for internal fetch and for relay. Both represent the instance and therefore are an aplication.
2023-02-04 21:00:21 +00:00
aeb68a0ad1
paginate follow requests ( #460 )
...
matches https://docs.joinmastodon.org/methods/follow_requests/#get mostly
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/460
2023-02-04 20:51:17 +00:00
d394ab0a8a
Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop
2023-01-15 18:58:26 +00:00
90088cce11
Support TLD wildcards in MRF matches
...
Fixes #431
2023-01-15 18:57:49 +00:00
20cd8a0fc4
URL encode remote emoji pack names ( #362 )
...
fix #246
Co-authored-by: Sol Fisher Romanoff <sol@solfisher.com>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/362
Co-authored-by: sfr <sol@solfisher.com>
Co-committed-by: sfr <sol@solfisher.com>
2023-01-15 18:14:04 +00:00
975bc6d7e8
Merge pull request 'fix: Give error message to users when address has already been validated' ( #435 ) from cheerfulstoic/akkoma:develop into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/435
2023-01-15 18:06:12 +00:00
Oneric