Commit graph

15837 commits

Author SHA1 Message Date
294de939cb signing_key: refactor nested case into with statement
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending approval
ci/woodpecker/push/build-arm64 Pipeline is pending approval
ci/woodpecker/push/docs Pipeline is pending approval
ci/woodpecker/push/lint Pipeline is pending approval
ci/woodpecker/push/test Pipeline is pending approval
The error branches were already effectively identical before.
This change is purely cosmetic.
2024-12-08 20:43:57 +00:00
7583eceb38 Make SigningKey data migration future-proof
Bug originally discovered by tudbut
2024-12-08 20:43:10 +00:00
834edfcf96 add changelog
All checks were successful
ci/woodpecker/push/lint Pipeline was successful
ci/woodpecker/push/test Pipeline was successful
ci/woodpecker/push/build-arm64 Pipeline was successful
ci/woodpecker/push/build-amd64 Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
2024-11-26 09:50:04 +00:00
79b282dea6 bump version
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending approval
ci/woodpecker/push/build-arm64 Pipeline is pending approval
ci/woodpecker/push/docs Pipeline is pending approval
ci/woodpecker/push/lint Pipeline is pending approval
ci/woodpecker/push/test Pipeline is pending approval
2024-11-26 09:36:20 +00:00
d1d82782db add signing key index 2024-11-26 09:35:56 +00:00
Haelwenn (lanodan) Monnier
2b1a252cc7 User: truncate remote user fields instead of rejecting 2024-11-26 09:29:44 +00:00
c0a99df06a Merge remote-tracking branch 'oneric/varfixes' into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending approval
ci/woodpecker/push/build-arm64 Pipeline is pending approval
ci/woodpecker/push/docs Pipeline is pending approval
ci/woodpecker/push/lint Pipeline is pending approval
ci/woodpecker/push/test Pipeline is pending approval
2024-10-30 15:15:00 +00:00
0cb4c35ee4 Merge pull request 'Extract keys to their own table, match keyID' (#816) from keys-extraction into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending approval
ci/woodpecker/push/build-arm64 Pipeline is pending approval
ci/woodpecker/push/docs Pipeline is pending approval
ci/woodpecker/push/lint Pipeline is pending approval
ci/woodpecker/push/test Pipeline is pending approval
Reviewed-on: #816
2024-10-30 15:08:11 +00:00
c9b3fcc1d3 allow for OTP code changes in :zip
Some checks are pending
ci/woodpecker/push/lint Pipeline was successful
ci/woodpecker/push/test Pipeline was successful
ci/woodpecker/push/build-arm64 Pipeline was successful
ci/woodpecker/push/build-amd64 Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/pull_request_closed/build-amd64 Pipeline is pending approval
ci/woodpecker/pull_request_closed/build-arm64 Pipeline is pending approval
ci/woodpecker/pull_request_closed/docs Pipeline is pending approval
ci/woodpecker/pull_request_closed/lint Pipeline is pending approval
ci/woodpecker/pull_request_closed/test Pipeline is pending approval
ci/woodpecker/pr/lint Pipeline was successful
ci/woodpecker/pr/test Pipeline was successful
ci/woodpecker/pr/build-amd64 Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/pr/build-arm64 Pipeline was successful
2024-10-30 14:43:18 +00:00
11c5838947 standardise local key id generation
Some checks failed
ci/woodpecker/pr/lint Pipeline was successful
ci/woodpecker/pr/test Pipeline failed
ci/woodpecker/pr/build-arm64 unknown status
ci/woodpecker/pr/build-amd64 unknown status
ci/woodpecker/pr/docs unknown status
2024-10-30 12:44:01 +00:00
180dc8b472 downgrade earmark
Some checks failed
ci/woodpecker/pr/lint Pipeline was successful
ci/woodpecker/pr/test Pipeline failed
ci/woodpecker/pr/build-arm64 unknown status
ci/woodpecker/pr/build-amd64 unknown status
ci/woodpecker/pr/docs unknown status
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
2024-10-26 08:50:38 +01:00
d330c57cda make sure we correctly match key objects
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
2024-10-26 08:42:07 +01:00
bd64d07082 ensure migration actually works
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
2024-10-26 07:51:41 +01:00
9d2c558f64 remove unused import 2024-10-26 07:42:43 +01:00
ac25b051ae remove previous "allow user routes" functionality
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
2024-10-26 07:28:43 +01:00
c5a44a59db remove unneeded index
Some checks failed
ci/woodpecker/push/lint Pipeline was successful
ci/woodpecker/push/build-amd64 Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/test Pipeline was successful
ci/woodpecker/push/build-arm64 Pipeline was successful
ci/woodpecker/pr/lint Pipeline was successful
ci/woodpecker/pr/test Pipeline failed
ci/woodpecker/pr/build-amd64 unknown status
ci/woodpecker/pr/docs unknown status
ci/woodpecker/pr/build-arm64 unknown status
2024-10-26 07:00:38 +01:00
58d5d9d7bf fix tests, contain object
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
2024-10-26 06:58:47 +01:00
b6e8fde4dd Merge branch 'develop' into keys-extraction 2024-10-26 06:11:29 +01:00
bee10eab5e correct minor zip behaviour
All checks were successful
ci/woodpecker/push/lint Pipeline was successful
ci/woodpecker/push/test Pipeline was successful
ci/woodpecker/push/build-arm64 Pipeline was successful
ci/woodpecker/push/build-amd64 Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
2024-10-26 06:11:12 +01:00
13215f5f06 remove public key field 2024-10-26 05:28:55 +01:00
430b376ded mix format
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
2024-10-26 05:05:48 +01:00
ccf1007883 Fix about a million tests 2024-10-26 05:05:48 +01:00
6da783b84d Fix http signature plug tests 2024-10-26 05:05:48 +01:00
8f322456a0 Allow unsigned fetches of a user's public key 2024-10-26 05:05:48 +01:00
9c876cea21 Fix some tests 2024-10-26 05:05:48 +01:00
9728e2f8f7 adjust logic to use relation :signing_key 2024-10-26 05:05:47 +01:00
b0f7da9ce0 remove now-unused Keys module 2024-10-26 05:05:28 +01:00
fc99c694e6 Add signing key modules 2024-10-26 05:05:28 +01:00
fbb13fde76 Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
2024-10-26 05:04:27 +01:00
cbd236aeb5 mix format 2024-10-26 05:04:20 +01:00
71d3bbd7be Merge pull request 'Fix wrong type when importing emojis' (#841) from tudbut/akkomafixes:emojis into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
Reviewed-on: #841
2024-10-26 04:00:12 +00:00
98a3dab10a Merge pull request 'Fix fs error while unpacking frontends' (#839) from tudbut/akkomafixes:frontends into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
Reviewed-on: #839
2024-10-26 03:58:40 +00:00
TudbuT
661b7fedb6
fix wrong type when importing emojis
Some checks are pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
2024-10-18 14:57:31 +02:00
TudbuT
8b5aca9619
fix fs error while unpacking frontends
Some checks failed
ci/woodpecker/pr/lint Pipeline failed
ci/woodpecker/pr/test unknown status
ci/woodpecker/pr/build-arm64 unknown status
ci/woodpecker/pr/build-amd64 unknown status
ci/woodpecker/pr/docs unknown status
2024-10-18 14:50:28 +02:00
f101886709 Merge pull request 'Federate emoji as anonymous objects' (#815) from Oneric/akkoma:emoji-id into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
Reviewed-on: #815
2024-10-16 14:58:46 +00:00
09fa7227f6 Merge pull request 'Tweak fetch security checks' (#819) from Oneric/akkoma:id-refetch into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
Reviewed-on: #819
2024-10-16 14:16:14 +00:00
d5b0720596 Allow cross-domain redirects on AP requests
Some checks are pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
Since we now remember the final location redirects lead to
and use it for all further checks since
3e134b07fa, these redirects
can no longer be exploited to serve counterfeit objects.

This fixes:
 - display URLs from independent webapp clients
   redirecting to the canonical domain
 - Peertube display URLs for remote content
   (acting like the above)
2024-10-14 01:42:51 +02:00
940792f8ba Refetch on AP ID mismatch
As hinted at in the commit message when strict checking
was added in 8684964c5d,
refetching is more robust than display URL comparison
but in exchange is harder to implement correctly.

A similar refetch approach is also employed by
e.g. Mastodon, IceShrimp and FireFish.

To make sure no checks can be bypassed by forcing
a refetch, id checking is placed at the very end.

This will fix:
 - Peertube display URL arrays our transmogrifier fails to normalise
 - non-canonical display URLs from alternative frontends
   (theoretical; we didnt’t get any actual reports about this)

It will also be helpful in the planned key handling overhaul.

The modified user collision test was introduced in
https://git.pleroma.social/pleroma/pleroma/-/merge_requests/461
and unfortunately the issues this fixes aren’t public.
Afaict it was just meant to guard against someone serving
faked data belonging to an unrelated domain. Since we now
refetch and the id actually is mocked, lookup now succeeds
but will use the real data from the authorative server
making it unproblematic. Instead modify the fake data further
and make sure we don’t end up using the spoofed version.
2024-10-14 01:42:43 +02:00
3c72b48a05 Merge pull request 'Fix busywait on docker-entrypoint script' (#832) from cevado/akkoma:fix-busy-wait-docker-entrypoint into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
Reviewed-on: #832
2024-09-24 23:52:07 +00:00
6475cf127e Merge pull request 'Overhaul OpenRC service file and disable busy wait by default' (#834) from Oneric/akkoma:openrc-upd into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
Reviewed-on: #834
2024-09-24 23:50:48 +00:00
a8a231c5b2 Don't busy wait in default from-source service files
Some checks are pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
2024-09-24 17:36:54 +02:00
2901fda29c openrc: recompile with lower CPU prio 2024-09-24 16:58:54 +02:00
bd14440386 openrc: overhaul service file
- pass env vars the proper™ way
- write log to file
- drop superfluous command_background
- make settings easily overwritable via conf.d
  to avoid needing to edit the service file directly
  if e.g. Akkoma was installed to another location
2024-09-24 16:58:35 +02:00
cevado
b312edac4c
Fix busywait on docker-entrypoint script
Some checks are pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
2024-08-20 19:29:11 -03:00
3bb31117e6 Merge pull request 'Handle domain mutes on the backend' (#804) from domain-mute-backend-processing into develop
Some checks are pending
ci/woodpecker/push/build-amd64 Pipeline is pending
ci/woodpecker/push/build-arm64 Pipeline is pending
ci/woodpecker/push/docs Pipeline is pending
ci/woodpecker/push/lint Pipeline is pending
ci/woodpecker/push/test Pipeline is pending
Reviewed-on: #804
2024-08-20 10:32:47 +00:00
2c5c531c35 readd comment about domain mutes
All checks were successful
ci/woodpecker/push/lint Pipeline was successful
ci/woodpecker/push/test Pipeline was successful
ci/woodpecker/push/build-amd64 Pipeline was successful
ci/woodpecker/push/build-arm64 Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/pr/lint Pipeline was successful
ci/woodpecker/pr/test Pipeline was successful
ci/woodpecker/pr/build-amd64 Pipeline was successful
ci/woodpecker/pr/build-arm64 Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
2024-08-20 11:05:36 +01:00
a3101a435b Fix swagger-ui
Some checks are pending
ci/woodpecker/pr/lint Pipeline was successful
ci/woodpecker/pr/test Pipeline was successful
ci/woodpecker/pr/build-amd64 Pipeline was successful
ci/woodpecker/pr/build-arm64 Pipeline was successful
ci/woodpecker/pr/docs Pipeline was successful
ci/woodpecker/pull_request_closed/build-amd64 Pipeline is pending approval
ci/woodpecker/pull_request_closed/build-arm64 Pipeline is pending approval
ci/woodpecker/pull_request_closed/docs Pipeline is pending approval
ci/woodpecker/pull_request_closed/lint Pipeline is pending approval
ci/woodpecker/pull_request_closed/test Pipeline is pending approval
Ever since the browser frontend switcher was introduced in
de64c6c54a /akkoma counts as
an API prefix and thus gets skipped by frontend plugs
breaking the old swagger ui path of /akkoma/swagger-ui.

Do the simple thing and change the frontend path to
/pleroma/swaggerui which isn't an API path and can't collide
with frontend user paths given pleroma is areserved nickname.

Reported in
  https://meta.akkoma.dev/t/view-all-endpoints/269/7
  https://meta.akkoma.dev/t/swagger-ui-not-loading/728
2024-06-27 18:29:45 +02:00
d488cf476e Fix voters count field
Mastodon API demands this be null unless it’s a multi-selection poll.
Not abiding by this can mess up display in some clients.

Fixes: #190
2024-06-27 18:29:45 +02:00
ca182a0ae7 Correctly parse content types with multiple profiles
Multiple profiles can be specified as a space-separated list
and the possibility of additional profiles is explicitly brought up
in ActivityStream spec
2024-06-27 18:29:45 +02:00
495a1a71e8 strip_metadata: skip BMP files
Not _yet_ supported as of exiftool 12.87, though
at first glance it seems like standard BMP files
can't store any metadata besides colour profiles

Fixes the specific case from
AkkomaGang/akkoma-fe#396
although the frontend shouldn’t get bricked regardless.
2024-06-27 18:29:45 +02:00