Oneric
e47c50666d
Fix obfuscation of short domains
...
Fixes https://akkoma.dev/AkkomaGang/akkoma/issues/645
2024-02-02 14:50:13 +00:00
Aria
77000b8ffd
update tests for oauth consumer
2023-12-17 21:48:19 +00:00
Lain Soykaf
c3098e9c56
UserViewTest: Add basice service actor test.
2023-12-15 16:31:51 +00:00
FloatingGhost
6cc523bd23
Correct email links to be absolute URLs
2023-11-02 11:49:03 +00:00
FloatingGhost
033b7b04e0
update captcha version
2023-10-20 13:30:29 +01:00
FloatingGhost
c8e08e9cc3
fix issue with API cascading domain blocks but not honouring them
2023-08-25 11:00:49 +01:00
FloatingGhost
063e3c0d34
Disallow nil hosts in should_federate
2023-08-15 23:12:04 +01:00
FloatingGhost
6cb40bee26
Migrate to phoenix 1.7 ( #626 )
...
Closes #612
Co-authored-by: tusooa <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/626
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-committed-by: FloatingGhost <hannah@coffee-and-dreams.uk>
2023-08-15 10:22:18 +00:00
Joshua Goins
c22ecac567
mastodon_api: Add /api/v1/preferences endpoint
...
Implements the preferences endpoint in the Mastodon API, but returns
default values for most of the preferences right now. The only supported
preference we can access is default post visibility, and a relevant test
is added as well.
2023-08-12 09:28:24 -04:00
FloatingGhost
0c21341156
Fix signature checking
2023-08-07 16:17:17 +01:00
FloatingGhost
7825798e32
Add XML matcher
2023-08-07 11:12:14 +01:00
FloatingGhost
650c0c0f62
Allow max_id to be at the end of the querystring
2023-08-06 16:44:25 +01:00
FloatingGhost
7956cfb091
Another keyword.equal? check
2023-08-06 16:36:18 +01:00
FloatingGhost
215b550317
Fix keyword ordering reliance
2023-08-06 16:27:15 +01:00
FloatingGhost
866672b6a7
Add unordered list equality matcher
2023-08-06 15:58:11 +01:00
FloatingGhost
ef422a8385
Put matchers in matchers subpackage
2023-08-06 15:53:04 +01:00
FloatingGhost
9723264fe5
Add URI matchers
2023-08-06 15:51:21 +01:00
mae
d868348fac
Completely disable xml entity resolution
2023-08-05 12:32:05 +00:00
FloatingGhost
b4399574ca
Merge remote-tracking branch 'norm/config-permissions' into develop
2023-08-04 22:31:11 +01:00
FloatingGhost
9c7409808f
Add unit test for external entity loading
2023-08-04 22:24:32 +01:00
Haelwenn (lanodan) Monnier
749e9f2229
release_runtime_provider_test: chmod config for hardened permissions
...
Git doesn't manages file permissions precisely enough for us.
Original: 65ef8f19c5
2023-08-04 14:14:04 -04:00
FloatingGhost
0b2ec0ccee
Enable AnonymizeFilenames on all uploads
2023-08-04 15:37:15 +01:00
FloatingGhost
723bd123a0
Correct ordering for block/mutes
2023-08-04 15:18:07 +01:00
FloatingGhost
1dc8cc731c
Merge branch 'elixir1.15' into develop
2023-08-04 15:16:14 +01:00
FloatingGhost
64e233ca20
Tag Mock
-tests as "mocked" and run them seperately
2023-08-04 12:50:50 +01:00
Mark Felder
7e45343f81
Resolve information disclosure vulnerability through emoji pack archive download endpoint
2023-08-04 11:34:19 +01:00
FloatingGhost
f4fe4fcbcc
More static stuff
2023-08-03 23:00:30 +01:00
FloatingGhost
02071ab9b4
bah
2023-08-03 18:40:13 +01:00
FloatingGhost
98cb255d12
Support elixir1.15
...
OTP builds to 1.15
Changelog entry
Ensure policies are fully loaded
Fix :warn
use main branch for linkify
Fix warn in tests
Migrations for phoenix 1.17
Revert "Migrations for phoenix 1.17"
This reverts commit 6a3b2f15b74ea5e33150529385215b7a531f3999.
Oban upgrade
Add default empty whitelist
mix format
limit test to amd64
OTP 26 tests for 1.15
use OTP_VERSION tag
baka
just 1.15
Massive deps update
Update locale, deps
Mix format
shell????
multiline???
?
max cases 1
use assert_recieve
don't put_env in async tests
don't async conn/fs tests
mix format
FIx some uploader issues
Fix tests
2023-08-03 17:44:09 +01:00
FloatingGhost
b65aafe1e3
Fix tests breaking on config changes
2023-08-02 12:05:30 +01:00
Walter Huf
c38f1aefb1
Add unit tests for Utils.user_name_string
2023-07-28 07:35:00 -07:00
Walter Huf
1377ec33fe
Add a unit test for custom WebFinger domain
2023-07-27 09:01:46 -07:00
Weblate
eba3cce77b
Update translation files
...
Updated by "Squash Git commits" hook in Weblate.
Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/
2023-07-27 13:14:05 +00:00
floatingghost
6db8ab7c94
Merge pull request 'Varied selection of Pleroma cherry-picks' ( #567 ) from XxXCertifiedForkliftDriverXxX/akkoma:cherry-picks into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/567
2023-07-27 12:53:56 +00:00
FloatingGhost
c63ae73bc0
Add embed controller tests
2023-07-17 19:18:21 +01:00
FloatingGhost
8fe29bf5d2
Exclude deactivated users from emoji reaction lists
2023-07-17 17:53:03 +01:00
Mark Felder
5144d6f4ba
Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types
...
Original: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3897
2023-06-28 01:56:14 +01:00
XxXCertifiedForkliftDriverXxX
07b478dc49
Implement blocklists for MediaProxy
2023-06-26 15:18:31 +02:00
tusooa
c0a01e73cf
Enforce unauth restrictions for public streaming endpoints
2023-06-14 22:45:19 +00:00
tusooa
fee6e2aac4
Fix deleting banned users' statuses
2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
8669a0abcb
UploadedMedia: Increase readability via ~s sigil
2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
37b0d774fa
UploadedMedia: Add missing disposition_type to Content-Disposition
...
Set it to `inline` because the vast majority of what's sent is multimedia
content while `attachment` would have the side-effect of triggering a
download dialog.
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3114
2023-06-14 22:45:19 +00:00
tusooa
1def80c2e7
Fix existing tests
2023-06-14 22:45:19 +00:00
tusooa
3095251e6c
Dedupe poll options
2023-06-14 22:45:19 +00:00
tusooa
79a18f761b
Allow with_relationships param for blocks
2023-06-14 22:45:19 +00:00
kPherox
8fb235e71b
fix: append field values to bio before parsing
2023-06-14 19:44:07 +00:00
kPherox
d6271e7613
feat: build rel me tags with profile fields
2023-06-14 19:44:07 +00:00
Alexander Tumin
5adce547d0
Require related object for notifications to filter on content
2023-06-14 19:41:48 +00:00
tusooa
05e80d1879
Fix block_from_stranger setting
2023-06-14 19:41:44 +00:00
tusooa
651979217a
Fix failure when registering a user with no email when approval required
2023-06-14 19:33:58 +00:00
Mark Felder
997551bac9
Fix TwitterCard meta tags
...
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".
Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.
> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]
[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00
Tusooa Zhu
2a290cb331
Lint
2023-06-14 17:20:55 +00:00
Tusooa Zhu
dfd6c96808
Fix SideEffectsTest
2023-06-14 17:20:55 +00:00
Tusooa Zhu
fd38756e92
Do not stream out Announces to public timelines
2023-06-14 17:20:55 +00:00
Tusooa Zhu
5ef7c15d92
Make local-only posts stream in local timeline
2023-06-14 17:18:26 +00:00
Hélène
3227ebf1e1
CommonFixes: more predictable context generation
...
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2023-06-14 16:22:26 +00:00
XxXCertifiedForkliftDriverXxX
1b560d547a
Stop exposing if a user blocks you over the API.
2023-05-28 23:42:27 +02:00
Haelwenn (lanodan) Monnier
70b0f93865
Apply oembed patch
2023-05-26 20:45:57 +01:00
FloatingGhost
8c208f751d
Fix filtering out incorrect addresses
2023-05-23 13:46:25 +01:00
FloatingGhost
037f881187
Fix create processing in direct message disabled
2023-05-23 13:16:20 +01:00
FloatingGhost
ab34680554
switch to using an enum system for DM acceptance
2023-05-23 10:29:08 +01:00
FloatingGhost
d310f99d6a
Add MRFs for direct message manipulation
2023-05-22 23:53:44 +01:00
floatingghost
f72d773cc3
Merge pull request 'Make UserNote comment default to the empty string.' ( #530 ) from provable_ascent/akkoma:provable_ascent-patch-1 into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/530
2023-05-22 21:33:01 +00:00
provable_ascent
9c4203632d
Add user_note_test.exs.
2023-05-12 02:18:24 +00:00
midnight
f1e66b39c7
Return empty string in the event of no detected language
2023-05-08 18:52:19 -04:00
FloatingGhost
b86b3a9e29
Support public key URIs that incomprehensibly have GET args
...
Fixes #528
2023-04-25 13:30:20 +01:00
FloatingGhost
f2b4e7f86b
Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop
2023-04-14 17:56:56 +01:00
FloatingGhost
522221f7fb
Mix format
2023-04-14 17:56:34 +01:00
Atsuko Karagi
1fa3c0b485
Remove support for outdated Create format
2023-04-14 17:46:22 +01:00
Atsuko Karagi
d2b0d86471
HTTP signatures respect allowlist federation
2023-04-14 17:46:06 +01:00
floatingghost
8c86a06ed1
Merge pull request 'Remove "default" image description' ( #493 ) from ilja/akkoma:remove_default_image_description into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/493
2023-04-14 16:27:41 +00:00
FloatingGhost
4c9c959bb3
Merge branch 'develop' into frontend-switcher-9000
2023-04-14 16:56:10 +01:00
FloatingGhost
1b2c24a19e
fix tests
2023-04-14 15:20:55 +01:00
FloatingGhost
dd44387f1a
Add timeline visibility options
2023-03-17 15:33:28 +00:00
FloatingGhost
2c9e02429a
mix format
2023-03-15 22:19:52 +00:00
FloatingGhost
9464d50562
Add publicTimelineVisibility to nodeinfo
2023-03-15 22:13:18 +00:00
floatingghost
377d1483b6
Merge pull request 'Apply security patch from pleroma to prevent nested file names being uploaded to the server.' ( #507 ) from foxing/akkoma:foxing-patch-2 into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/507
2023-03-13 00:29:51 +00:00
foxing
3f76de76da
Apply Patch
2023-03-12 19:13:56 +00:00
flisk
0c77be9308
don't crash on malformed avatar and banner values
...
weird values in href will cause base64 encoding to fail later down the
line, so let's make sure the value we're passing on is somewhat sane, or
at the very least a binary
this fixes #482
2023-03-12 18:14:05 +01:00
ilja
6c396fcab4
Remove "default" image description
...
When no image description is filled in, Pleroma allowed fallbacks.
Those were (based on a setting) either the filename, or a fixed description.
Neither are good options for image descriptions imo, so here we remove this.
Note that there's two tests removed who supposedly tested something else.
But examining closer, they didn't seem to test what they claimed to test,
so I removed them rather than try to "fix" them.
2023-03-12 08:42:33 +01:00
floatingghost
e124a109c1
Remove _misskey_reaction matching ( #500 )
...
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/500
2023-03-10 18:46:49 +00:00
FloatingGhost
b2112302ce
Add more information about failed verifications
2023-03-10 03:51:24 +00:00
FloatingGhost
8a4437d2be
Allow expires_at in filter requests
...
Fixes #492
2023-03-09 19:13:14 +00:00
FloatingGhost
87d5e5b06a
Allow moderators to get the admin scope again
...
Fixes #463
2023-03-08 17:39:35 +00:00
FloatingGhost
b88e6560e0
Reblog content should be ""
...
Fixes #450
2023-03-02 11:04:27 +00:00
ilja
b4952a81fe
Interpret \n
as newline for MFM
...
Markdown doesn't generally consider `\n` a newline,
but Misskey does for MFM.
Now we do to for MFM (and not for Markdown) :)
2023-02-18 19:56:11 +01:00
ilja
b71db2f82d
create_service_actor is now type Application
...
This is used for internal fetch and for relay. Both represent the instance and therefore are an aplication.
2023-02-04 21:00:21 +00:00
floatingghost
aeb68a0ad1
paginate follow requests ( #460 )
...
matches https://docs.joinmastodon.org/methods/follow_requests/#get mostly
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/460
2023-02-04 20:51:17 +00:00
FloatingGhost
d394ab0a8a
Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop
2023-01-15 18:58:26 +00:00
FloatingGhost
90088cce11
Support TLD wildcards in MRF matches
...
Fixes #431
2023-01-15 18:57:49 +00:00
sfr
20cd8a0fc4
URL encode remote emoji pack names ( #362 )
...
fix #246
Co-authored-by: Sol Fisher Romanoff <sol@solfisher.com>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/362
Co-authored-by: sfr <sol@solfisher.com>
Co-committed-by: sfr <sol@solfisher.com>
2023-01-15 18:14:04 +00:00
floatingghost
975bc6d7e8
Merge pull request 'fix: Give error message to users when address has already been validated' ( #435 ) from cheerfulstoic/akkoma:develop into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/435
2023-01-15 18:06:12 +00:00
FloatingGhost
f3c118ca23
Mix format
2023-01-15 18:00:03 +00:00
Brian Underwood
7ca9ce9d67
fix: Give error message to users when address has already been validated
...
Plus other errors.
2023-01-12 22:08:10 +01:00
FloatingGhost
ff5793198f
add inbound language test
2023-01-11 15:42:13 +00:00
FloatingGhost
cc63a89b5d
Fix tests
2023-01-10 10:29:17 +00:00
FloatingGhost
f86bf16430
Add language support on /api/v1/statuses
2023-01-10 10:29:17 +00:00
darkkirb
a8cd859ef9
Use actual ISO8601 timestamps for masto API ( #425 )
...
Some users post posts with spoofed timestamp, and some clients will have issues with certain dates. Tusky for example crashes if the date is any sooner than 1 BCE (“year zero” in the representation).
I limited the range of what is considered a valid date to be somewhere between the years 1583 and 9999 (inclusive).
The numbers have been chosen because:
- ISO 8601 only allows years before 1583 with “mutual agreement”
- Years after 9999 could cause issues with certain clients as well
Co-authored-by: Charlotte 🦝 Delenk <lotte@chir.rs>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/425
Co-authored-by: darkkirb <lotte@chir.rs>
Co-committed-by: darkkirb <lotte@chir.rs>
2023-01-09 22:12:28 +00:00
FloatingGhost
336d06b2a8
Significantly tighten HTTP CSP
2023-01-02 15:21:19 +00:00
FloatingGhost
6e646c4cbc
Use a genserver to periodically fetch metrics
...
Ref https://github.com/beam-telemetry/telemetry_metrics_prometheus_core/issues/52
2023-01-01 18:32:14 +00:00