6703 commits

Author	SHA1	Message	Date
Atsuko Karagi	e17c71a389	Respect restrict_unauthenticated in /api/v1/accounts/lookup	2022-12-19 20:32:16 +00:00
floatingghost	233c4bb3ba	revert 28ab09d377 ... revert Remove unused dependencies	2022-12-19 02:34:46 +00:00
FloatingGhost	28ab09d377	Remove unused dependencies	2022-12-19 02:26:04 +00:00
FloatingGhost	3d546409b2	remove now-unused test	2022-12-17 23:21:24 +00:00
FloatingGhost	52d8183787	drop admin scopes on create app instead of rejecting	2022-12-17 23:14:49 +00:00
FloatingGhost	b91e671c0d	add remote user count for the heck of it	2022-12-16 17:22:26 +00:00
FloatingGhost	1f5bc4d68a	remove unused variable	2022-12-16 12:36:34 +00:00
FloatingGhost	9a320ba814	make 2fa UI less awful	2022-12-16 11:50:25 +00:00
FloatingGhost	48d302a60f	allow disabling prometheus entirely	2022-12-16 11:17:04 +00:00
FloatingGhost	d1a0d93bf7	document prometheus	2022-12-16 10:24:36 +00:00
FloatingGhost	c2054f82ab	allow users with admin:metrics to read app metrics	2022-12-16 03:32:51 +00:00
FloatingGhost	b8be8192fb	do not allow non-admins to register tokens with admin scopes ... this didn't actually _do_ anything in the past, the users would be prevented from accessing the resource, but they shouldn't be able to even create them	2022-12-16 03:25:14 +00:00
FloatingGhost	e2320f870e	Add prometheus metrics to router	2022-12-15 02:02:07 +00:00
Tim Buchwaldt	29584197bb	Measure stats-data	2022-12-15 01:04:56 +00:00
Tim Buchwaldt	63be819661	Take tesla telemetry	2022-12-15 01:04:56 +00:00
Tim Buchwaldt	0995fa1410	Track oban failures	2022-12-15 01:04:56 +00:00
Tim Buchwaldt	f8d3383179	Fix oban tags	2022-12-15 01:04:56 +00:00
Tim Buchwaldt	a06bb694c1	Listen to loopback	2022-12-15 01:04:56 +00:00
Tim Buchwaldt	1e9c2cd8ef	Fix buckets for query timing	2022-12-15 01:04:56 +00:00
Tim Buchwaldt	33243c56e5	Start adding telemetry	2022-12-15 01:04:55 +00:00
floatingghost	07a48b9293	giant massive dep upgrade and dialyxir-found error emporium (#371) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #371	2022-12-14 12:38:48 +00:00
duponin	3e9c0b380a	Return 413 when an actor's banner or background exceeds the size limit	2022-12-12 17:28:14 -05:00
duponin	c9304962c3	Uploading an avatar media exceeding max size returns a 413 ... Until now it was returning a 500 because the upload plug were going through the changeset and ending in the JSON encoder, which raised because struct has to @derive the encoder.	2022-12-12 17:28:09 -05:00
FloatingGhost	9d9c26b833	Ensure Gun is Gone	2022-12-11 19:26:21 +00:00
FloatingGhost	68894089e8	Do not fetch anything from blocked instances	2022-12-10 00:09:45 +00:00
FloatingGhost	a1515f9a60	Add some extra info around possible nils	2022-12-09 23:45:51 +00:00
FloatingGhost	739ed14f54	Revert "mandate published on notes" ... This reverts commit e49b583147.	2022-12-09 20:59:26 +00:00
FloatingGhost	e49b583147	mandate published on notes ... fixes #356	2022-12-09 20:27:54 +00:00
FloatingGhost	f5a315f04c	Add URL and code to :not_found errors ... Ref #355	2022-12-09 20:13:31 +00:00
FloatingGhost	dcf58a3c53	Do not pass transient undo-y activities through MRF	2022-12-09 20:01:38 +00:00
FloatingGhost	9db4c2429f	Remove FollowBotPolicy	2022-12-09 19:59:27 +00:00
FloatingGhost	6f83ae27aa	extend reject MRF to check if originating instance is blocked	2022-12-09 19:57:29 +00:00
FloatingGhost	d5828f1c5e	Merge remote-tracking branch 'ilja/fix_tagpolicy_to_also_work_on_updates' into develop	2022-12-09 10:31:22 +00:00
FloatingGhost	0eaec57d3f	mix format	2022-12-09 10:24:38 +00:00
ilja	1f863f0a36	Fix MRF policies to also work with Update ... Objects who got updated would just pass through several of the MRF policies, undoing moderation in some situations. In the relevant cases we now check not only for Create activities, but also Update activities. I checked which ones checked explicitly on type Create using `grep '"type" => "Create"' lib/pleroma/web/activity_pub/mrf/*`. The following from that list have not been changed: * lib/pleroma/web/activity_pub/mrf/follow_bot_policy.ex * Not relevant for moderation * lib/pleroma/web/activity_pub/mrf/keyword_policy.ex * Already had a test for Update * lib/pleroma/web/activity_pub/mrf/object_age_policy.ex * In practice only relevant when fetching old objects (e.g. through Like or Announce). These are always wrapped in a Create. * lib/pleroma/web/activity_pub/mrf/reject_non_public.ex * We don't allow changing scope with Update, so not relevant here	2022-12-08 23:22:05 +01:00
ilja	ce517ff4e5	Fix tagpolicy to also work with Update ... Objects who got updated would just pass the TagPolicy, undoing the moderation that was set in place for the Actor. Now we check not only for Create activities, but also Update activities.	2022-12-08 21:53:42 +01:00
FloatingGhost	cb3ccf5f47	Add check for null reply_to_user	2022-12-07 13:41:12 +00:00
FloatingGhost	1afba64464	Redirect to standard FE if logged in	2022-12-07 13:35:00 +00:00
FloatingGhost	c7369d6d03	GOOGLE	2022-12-07 11:41:24 +00:00
sfr	7c4b415929	static-fe overhaul (#236) ... makes static-fe look more like pleroma-fe, with the stylesheets matching pleroma-dark and pleroma-light based on `prefers-color-scheme`. - [x] navbar - [x] about sidebar - [x] background image - [x] statuses - [x] "reply to" or "edited" tags - [x] accounts - [x] show more / show less - [x] posts / with replies / media / followers / following - [x] followers/following would require user card snippets - [x] admin/bot indicators - [x] attachments - [x] nsfw attachments - [x] fontawesome icons - [x] clean up and sort css - [x] add pleroma-light - [x] replace hardcoded strings also i forgot - [x] repeated headers how it looks + sneak peek at statuses:  Co-authored-by: Sol Fisher Romanoff <sol@solfisher.com> Reviewed-on: #236 Co-authored-by: sfr <sol@solfisher.com> Co-committed-by: sfr <sol@solfisher.com>	2022-12-07 11:20:53 +00:00
floatingghost	09326ffa56	Diagnostics tasks (#348) ... a bunch of ways to get query plans to help with debugging Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #348	2022-12-07 11:12:34 +00:00
floatingghost	d55de5debf	Remerge of hashtag following (#341) ... this time with less idiot Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #341	2022-12-05 12:58:48 +00:00
floatingghost	ec6bf8c3f7	revert 4a94c9a31e ... revert Add ability to follow hashtags (#336) Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #336	2022-12-04 20:04:09 +00:00
floatingghost	4a94c9a31e	Add ability to follow hashtags (#336) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #336	2022-12-04 17:36:59 +00:00
floatingghost	6b882a2c0b	Purge Rejected Follow requests in daily task (#334) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #334	2022-12-03 23:17:43 +00:00
FloatingGhost	1409f91d50	Add maskable to logo	2022-12-02 12:00:56 +00:00
floatingghost	94b469cab0	Merge pull request 'Add PWA config' (#329) from pwa into develop ... Reviewed-on: #329	2022-12-02 11:13:29 +00:00
floatingghost	8d6cc6cb65	Resolve follow activity from accept/reject without ID (#328) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #328	2022-12-02 11:12:37 +00:00
FloatingGhost	bbf2e3f445	Add PWA info	2022-12-02 11:10:35 +00:00
floatingghost	db60640c5b	Fixing up deletes a bit (#327) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #327	2022-12-01 15:00:53 +00:00
floatingghost	0cfd5b4e89	Add ability to set a default post expiry (#321) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #321	2022-11-28 13:34:54 +00:00
floatingghost	98a21debf9	normalise markup by default (#316) ... why was this _not_ default? honestly i'm surprised pleroma hasn't exploded yet Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #316	2022-11-26 21:06:20 +00:00
@r3g_5z@plem.sapphic.site	565ead8397	minor-changes (#313) ... Only real change here is making MRF rejects log as debug instead of info (#234) I don't know if it's the best way to do it, but it seems it's just MRF using this and almost always this is intended. The rest are just minor docs changes and syncing the restricted nicknames stuff. I compiled and ran my changes with Docker and they all work. Co-authored-by: r3g_5z <june@terezi.dev> Reviewed-on: #313 Co-authored-by: @r3g_5z@plem.sapphic.site <june@girlboss.ceo> Co-committed-by: @r3g_5z@plem.sapphic.site <june@girlboss.ceo>	2022-11-26 19:27:58 +00:00
@luna@f.l4.pm	a90c45b7e9	Add Signed Fetch Statistics (#312) ... Close #304. Notes: - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that. - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one. Co-authored-by: Luna <git@l4.pm> Reviewed-on: #312 Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm> Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm>	2022-11-26 19:22:56 +00:00
ave	1c4ca20ff7	Change follow_operation schema to use type BooleanLike (#301) ... Changes follow_operation schema to use BooleanLike instead of :boolean so that strings like "0" and "1" (used by mastodon.py) can be accepted. Rest of file uses the same. For more info please see https://git.pleroma.social/pleroma/pleroma/-/issues/2999 (I'm also sending this here as I'm not hopeful about upstream not ignoring it) Co-authored-by: ave <ave@ave.zone> Reviewed-on: #301 Co-authored-by: ave <ave@noreply.akkoma> Co-committed-by: ave <ave@noreply.akkoma>	2022-11-24 11:27:01 +00:00
floatingghost	6223e2ea3e	Merge pull request 'Additional timeline query improvements from upstream' (#291) from norm/akkoma:timeline-query-improvements into develop ... Reviewed-on: #291	2022-11-20 21:53:24 +00:00
@r3g_5z@plem.sapphic.site	0e4c201f8d	HTTP header improvements (#294) ... - Drop Expect-CT Expect-CT has been redundant since 2018 when Certificate Transparency became mandated and required for all CAs and browsers. This header is only implemented in Chrome and is now deprecated. HTTP header analysers do not check this anymore as this is enforced by default. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT - Raise HSTS to 2 years and explicitly preload The longer age for HSTS, the better. Header analysers prefer 2 years over 1 year now as free TLS is very common using Let's Encrypt. For HSTS to be fully effective, you need to submit your root domain (domain.tld) to https://hstspreload.org. However, a requirement for this is the "preload" directive in Strict-Transport-Security. If you do not have "preload", it will reject your domain. - Drop X-Download-Options This is an IE8-era header when Adobe products used to use the IE engine for making outbound web requests to embed webpages in things like Adobe Acrobat (PDFs). Modern apps are using Microsoft Edge WebView2 or Chromium Embedded Framework. No modern browser checks or header analyser check for this. - Set base-uri to 'none' This is to specify the domain for relative links (`<base>` HTML tag). pleroma-fe does not use this and it's an incredibly niche tag. I use all of these myself on my instance by rewriting the headers with zero problems. No breakage observed. I have not compiled my Elixr changes, but I don't see why they'd break. Co-authored-by: r3g_5z <june@terezi.dev> Reviewed-on: #294 Co-authored-by: @r3g_5z@plem.sapphic.site <june@terezi.dev> Co-committed-by: @r3g_5z@plem.sapphic.site <june@terezi.dev>	2022-11-20 21:20:06 +00:00
r3g_5z	f90552f62e	Drop XSS auditor ... It's deprecated, removed in some, by all modern browsers and is known to create XSS vulnerabilities in itself. Signed-off-by: r3g_5z <june@terezi.dev>	2022-11-19 20:40:20 -05:00
Mark Felder	0022fa7d49	Add same optimized join for excluding invisible users	2022-11-19 15:12:24 -05:00
Mark Felder	11fc1beba5	Fix reports which do not have a user ... The check for deactivated users was being applied to report activities.	2022-11-19 15:12:16 -05:00
floatingghost	e1e0d5d759	microblogpub federation fixes (#288) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #288	2022-11-18 11:14:35 +00:00
floatingghost	2a1f17e3ed	and i yoink (#275) ... Co-authored-by: Mark Felder <feld@feld.me> Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #275	2022-11-14 15:07:26 +00:00
FloatingGhost	89dbc7177b	Chores for 2022.11	2022-11-11 16:12:04 +00:00
FloatingGhost	ac0c00cdee	Add media sources to connect-src if media proxy is enabled	2022-11-10 17:26:51 +00:00
FloatingGhost	bab1ab5b6c	strip \r and \r from content-disposition filenames	2022-11-10 11:54:12 +00:00
floatingghost	cc6a076202	Include requested_by in relationship (#260) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #260	2022-11-10 03:16:32 +00:00
FloatingGhost	4e8ab0deeb	fix count of poll voters	2022-11-08 13:50:04 +00:00
FloatingGhost	479aacb1b6	Add fallback for reports that don't have attached activities	2022-11-08 11:01:47 +00:00
FloatingGhost	7bbaa8f8e0	automatically trim loading *. prefixes on domain blocks	2022-11-07 22:33:18 +00:00
floatingghost	31ad09010e	Fix regex usage in MRF (#254) ... fixes #235 fixes #228 Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #254	2022-11-06 23:50:32 +00:00
FloatingGhost	5123b3a5dd	Add enabled check on /translation/languages	2022-11-06 22:55:26 +00:00
floatingghost	b7e8ce2350	Scrape instance nodeinfo (#251) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #251	2022-11-06 22:49:39 +00:00
Thomas Citharel	4d0a51221a	Fix typo in CSP Report-To header name ... The header name was Report-To, not Reply-To. In any case, that's now being changed to the Reporting-Endpoints HTTP Response Header. https://w3c.github.io/reporting/#header https://github.com/w3c/reporting/issues/177 CanIUse says the Report-To header is still supported by current Chrome and friends. https://caniuse.com/mdn-http_headers_report-to It doesn't have any data for the Reporting-Endpoints HTTP header, but this article says Chrome 96 supports it. https://web.dev/reporting-api/ (Even though that's come out one year ago, that's not compatible with Network Error Logging which's still using the Report-To version of the API) Signed-off-by: Thomas Citharel <tcit@tcit.fr>	2022-11-04 15:02:13 +01:00
floatingghost	9038da01cc	Merge pull request 'Push.Impl: support edits' (#244) from norm/akkoma:push-support-edits into develop ... Reviewed-on: #244	2022-11-01 15:14:08 +00:00
nullobsi	cbc693f832	Fix LDAP user registration (#229) ... Simple fix for LDAP user registration. I'm not sure what changed but I managed to get Akkoma running in a debug session and figured out it was missing a match for an extra value at the end. I don't know Elixir all that well so I'm not sure if this was the correct way to do it... but it works. :) Reviewed-on: #229 Co-authored-by: nullobsi <me@nullob.si> Co-committed-by: nullobsi <me@nullob.si>	2022-11-01 14:17:55 +00:00
marcin mikołajczak	6486211064	Push.Impl: support edits ... Signed-off-by: marcin mikołajczak <git@mkljczk.pl>	2022-10-28 01:20:19 -04:00
floatingghost	f36d14818d	Unilateral remove from followers (#232) ... from https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3647/ Co-authored-by: marcin mikołajczak <git@mkljczk.pl> Co-authored-by: Tusooa Zhu <tusooa@kazv.moe> Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #232	2022-10-19 10:01:14 +00:00
floatingghost	edf7d5089f	Merge pull request 'Check that the signature matches the creator' (#230) from domain-blocks into develop ... Reviewed-on: #230	2022-10-14 11:41:34 +00:00
FloatingGhost	03662501c3	Check that the signature matches the creator	2022-10-14 11:48:32 +01:00
FloatingGhost	856c57208b	Ensure deletes are handled after everything else	2022-10-11 14:30:08 +01:00
FloatingGhost	cb9b0d3720	optimise notifications query	2022-10-11 11:40:43 +01:00
FloatingGhost	ca9e6ffc55	Use inner lateral join to not get dropped in :total	2022-10-10 16:45:02 +01:00
FloatingGhost	574f010bc8	Extract deactivated users query to a join	2022-10-10 15:55:58 +01:00
floatingghost	c6e63aaf6b	Backend settings sync (#226) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #226	2022-10-06 16:22:15 +00:00
Norm	561e1f2470	Make backups require its own scope (#218) ... Pulled from https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3721. This makes backups require its own scope (`read:backups`) instead of the `read:accounts` scope. Co-authored-by: Tusooa Zhu <tusooa@kazv.moe> Reviewed-on: #218 Co-authored-by: Norm <normandy@biribiri.dev> Co-committed-by: Norm <normandy@biribiri.dev>	2022-09-19 17:31:35 +00:00
Hélène	1acd38fe7f	OAuthPlug: use user cache instead of joining ... As this plug is called on every request, this should reduce load on the database by not requiring to select on the users table every single time, and to instead use the by-ID user cache whenever possible.	2022-09-11 19:55:55 +01:00
Hélène	8683252fc5	Metadata/Utils: use summary as description if set ... When generating OpenGraph and TwitterCard metadata for a post, the summary field will be used first if it is set to generate the post description.	2022-09-11 19:55:38 +01:00
Hélène	0b14f02ed2	User: generate private keys on user creation ... This fixes a race condition bug where keys could be regenerated post-federation, causing activities and HTTP signatures from an user to be dropped due to key differences.	2022-09-11 19:54:37 +01:00
Hélène	e88f36f72b	ObjectView: do not fetch an object for its ID ... Non-Create/Listen activities had their associated object field normalized and fetched, but only to use their `id` field, which is both slow and redundant. This also failed on Undo activities, which delete the associated object/activity in database. Undo activities will now render properly and database loads should improve ever so slightly.	2022-09-11 19:52:59 +01:00
Norm	a6d85003fe	Remote interaction with posts (#198) ... Grabbed from https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3587 Co-authored-by: Tusooa Zhu <tusooa@kazv.moe> Reviewed-on: #198 Co-authored-by: Norm <normandy@biribiri.dev> Co-committed-by: Norm <normandy@biribiri.dev>	2022-09-08 10:19:22 +00:00
floatingghost	2641dcdd15	Post editing (#202) ... Rebased from #103 Co-authored-by: Tusooa Zhu <tusooa@kazv.moe> Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #202	2022-09-06 19:24:02 +00:00
FloatingGhost	6c80977b06	turn inlineQuotePolicy on by default	2022-09-05 17:22:33 +01:00
FloatingGhost	1c7d7845c3	fix compilation warnings	2022-09-05 00:39:32 +01:00
floatingghost	1b826eea54	Allow reacting with remote emoji when they exist on the post (#200) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #200	2022-09-04 23:31:41 +00:00
floatingghost	8e4de118c1	Don't persist local undone follow (#194) ... same deal but backwards this time Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #194	2022-08-31 18:00:36 +00:00
floatingghost	decbca0c91	add seperate source and dest entries in language listing (#193) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #193	2022-08-30 16:59:33 +00:00
floatingghost	c3fde9577d	Allow listing languages, setting source language (#192) ... Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #192	2022-08-30 14:58:54 +00:00
floatingghost	df39cab9c1	Automatic status translation (#187) ... Fixes #115 Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #187	2022-08-29 19:42:22 +00:00
Tusooa Zhu	95e4018c1a	Disconnect streaming sessions when token is revoked ... Use Websockex to replace websocket_client Test that server will disconnect websocket upon token revocation Lint Execute session disconnect in background Refactor streamer test allow multi-streams rebase websocket change	2022-08-27 19:07:48 +01:00
floatingghost	772c209914	GTS: cherry-picks and collection usage (#186) ... https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3725?commit_id=61254111e59f02118cad15de49d1e0704c07030e what is this, a yoink of a yoink? good times Co-authored-by: Hélène <pleroma-dev@helene.moe> Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk> Reviewed-on: #186	2022-08-27 18:05:48 +00:00
FloatingGhost	85137f591f	Add ability to obfuscate domains in MRF transparency	2022-08-27 11:57:57 +01:00
floatingghost	e4f2251e0f	Add support for setting language in instance metadata (#183) ... Reviewed-on: #183	2022-08-25 16:11:21 +00:00
floatingghost	618cf7ff7f	reuse valid oauth tokens (#182) ... Reviewed-on: #182	2022-08-25 14:37:51 +00:00
FloatingGhost	8d7b63a766	Revert "Fix oauth2 (for real) (#179)" ... This reverts commit aa681d7e15.	2022-08-21 17:52:02 +01:00
floatingghost	aa681d7e15	Fix oauth2 (for real) (#179) ... Reviewed-on: #179	2022-08-21 16:24:37 +00:00
FloatingGhost	b0130bfa7b	Revert "oauth2 fixes (#177)" ... This reverts commit 429e2ac832.	2022-08-21 16:22:15 +01:00
floatingghost	d72f9e39d9	add visibility check on quote (#178) ... Reviewed-on: #178	2022-08-21 15:17:01 +00:00
floatingghost	429e2ac832	oauth2 fixes (#177) ... Reviewed-on: #177	2022-08-21 14:46:52 +00:00
floatingghost	e9f1897cfd	parser MFM server-side (#172) ... Reviewed-on: #172	2022-08-18 03:14:48 +00:00
floatingghost	aaf78e2b52	only put linked mfm in source (#171) ... Reviewed-on: #171	2022-08-17 09:35:11 +00:00
floatingghost	11ec9daa5b	API compatibility with fedibird, frontend config (#163) ... Reviewed-on: #163	2022-08-17 00:22:59 +00:00
FloatingGhost	55179d4214	set soapbox-fe v2 by default ... fixes #157	2022-08-11 10:25:03 +01:00
FloatingGhost	5d23df84c9	Mix format	2022-08-07 20:49:56 +01:00
Hélène	b3e4d81362	StatusView: implement pleroma.context field ... This field replaces the now deprecated conversation_id field, and now exposes the ActivityPub object `context` directly via the MastoAPI instead of relying on StatusNet-era data concepts.	2022-08-07 20:48:08 +01:00
Hélène	b9bb093600	StatusView: clear MSB on calculated conversation_id ... This field seems to be a left-over from the StatusNet era. If your application uses `pleroma.conversation_id`: this field is deprecated. It is currently stubbed instead by doing a CRC32 of the context, and clearing the MSB to avoid overflow exceptions with signed integers on the different clients using this field (Java/Kotlin code, mostly; see Husky and probably other mobile clients.) This should be removed in a future version of Pleroma. Pleroma-FE currently depends on this field, as well.	2022-08-07 20:47:59 +01:00
floatingghost	62e179f446	make conversation-id deterministic (#154) ... Reviewed-on: #154	2022-08-06 20:59:15 +00:00
floatingghost	ec162b496b	/notice signing checks on redirect (#150) ... Reviewed-on: #150	2022-08-05 19:31:32 +00:00
floatingghost	0ec3a11895	don't persist undo of follows (#149) ... Reviewed-on: #149	2022-08-05 13:28:56 +00:00
Hélène	c1e15ff6f8	Transmogrifier: fix reply context fixing ... Incoming Pleroma replies to a Misskey thread were rejected due to a broken context fix, which caused them to not be visible until a non-Pleroma user interacted with the replies. This fix properly sets the post-fix object context to its parent Create activity as well, if it was changed.	2022-08-04 12:57:48 +01:00
floatingghost	c9600dbbbf	local-only-fixed (#138) ... Reviewed-on: #138	2022-08-02 14:46:46 +00:00
floatingghost	ca000f8301	Merge mrf_simple-reject with quarantine (#137) ... Reviewed-on: #137	2022-08-02 14:19:24 +00:00
Joel Beckmeyer	e26388a01c	Support reaching user@sub.domain.tld at user@domain.tld (#134) ... Reviewed-on: #134 Co-authored-by: Joel Beckmeyer <joel@beckmeyer.us> Co-committed-by: Joel Beckmeyer <joel@beckmeyer.us>	2022-08-02 13:54:22 +00:00
floatingghost	c3eea8dc7d	expose bubble instances via nodeinfo (#136) ... Reviewed-on: #136	2022-08-02 09:11:22 +00:00
floatingghost	19a27ff006	allow small/center tags in misskeymarkdown (#132) ... Reviewed-on: #132	2022-08-01 12:46:52 +00:00
Yukkuri	38659e5610	Use uppercase HTTP HEAD method for media preview proxy request (#128) ... Reviewed-on: #128 Co-authored-by: Yukkuri <iamtakingiteasy@eientei.org> Co-committed-by: Yukkuri <iamtakingiteasy@eientei.org>	2022-07-30 21:58:14 +00:00
FloatingGhost	db99edacfe	do the same for soapbox	2022-07-29 10:10:12 +01:00
FloatingGhost	4f6caae209	ensure we can't run the same clause of fix_quote_url more than once	2022-07-29 10:08:40 +01:00
FloatingGhost	bf3f934275	add guards around fix misskey content	2022-07-29 10:04:04 +01:00
floatingghost	405406601f	Fix emoji qualification (#124) ... Reviewed-on: #124	2022-07-28 12:02:36 +00:00
floatingghost	2796a9acaf	backend-i18n (#121) ... Reviewed-on: #121	2022-07-27 21:56:59 +00:00
floatingghost	645f0390bc	Prepare for ubuntu22 murdering openssl (#120) ... Reviewed-on: #120	2022-07-27 21:48:13 +00:00
floatingghost	a3501cab86	ensure quote fetching obeys max thread distance (#119) ... Reviewed-on: #119	2022-07-26 17:28:47 +00:00
FloatingGhost	0a55c37182	don't error out if the featured collection has a string ID	2022-07-26 15:08:35 +01:00
floatingghost	1f6deb0ef4	include local instance in bubble timeline (#117) ... Reviewed-on: #117	2022-07-26 12:22:49 +00:00
floatingghost	90c4785b89	remove public post quarantine exception (#114) ... Reviewed-on: #114	2022-07-26 11:09:13 +00:00
floatingghost	1419eee5df	Quote posting (#113) ... Reviewed-on: #113	2022-07-25 16:30:06 +00:00
floatingghost	cb6e7359af	add bubble timeline (#100) ... Reviewed-on: #100	2022-07-22 14:55:38 +00:00
floatingghost	0c542e58aa	Remove instrumentors (#98) ... Reviewed-on: #98	2022-07-21 11:32:17 +00:00
FloatingGhost	0f132b802d	purge chat and shout endpoints	2022-07-21 11:29:28 +01:00
floatingghost	07ea4d73e1	update mastofe paths (#95) ... Reviewed-on: #95	2022-07-20 20:13:50 +00:00
FloatingGhost	3b8bf8464f	update features array	2022-07-20 15:43:41 +01:00
floatingghost	729f45ccd2	purge ldap authenticator (#92) ... Reviewed-on: #92	2022-07-20 12:49:13 +00:00
floatingghost	dc9f66749c	remove all endpoints marked as deprecated (#91) ... Reviewed-on: #91	2022-07-20 12:00:58 +00:00
FloatingGhost	cf0ad02ea9	Remove scrobbling support	2022-07-19 15:07:45 +01:00
floatingghost	54ed8760ff	Merge branch 'from/upstream-develop/tusooa/server-announcements' into 'develop' (#85) ... Reviewed-on: #85	2022-07-18 13:08:36 +00:00
floatingghost	5b4d77eaa7	maintenance: dependency upgrade (#81) ... Reviewed-on: #81	2022-07-18 00:56:35 +00:00
FloatingGhost	d598c7a834	remove anonymous function from plug	2022-07-14 11:17:14 +01:00
FloatingGhost	4aee900ae8	fix compilation	2022-07-14 10:48:27 +01:00
floatingghost	37ae047e16	Add swaggerUI options (#66) ... Reviewed-on: #66	2022-07-13 15:09:35 +00:00
Tusooa Zhu	4c5bc3e9f7	Pass remote follow avatar into media proxy	2022-07-12 15:44:38 -04:00
floatingghost	8215434c65	also resolve @full@tags in mfm (#62) ... Reviewed-on: #62	2022-07-11 13:48:43 +00:00
floatingghost	ff6c8455fb	[#58] ensure all users are linked in MFM content (#61) ... Reviewed-on: #61	2022-07-11 11:48:29 +00:00
floatingghost	5ad256f170	[#58] pre-link MFM content (#59) ... Reviewed-on: #59	2022-07-10 17:06:25 +00:00
floatingghost	82fa766ed7	Remove precompiled javascript (#55) ... Reviewed-on: #55	2022-07-08 13:03:18 +00:00
floatingghost	bc6bfe383f	Add configurable theme color (#53) ... Reviewed-on: #53	2022-07-06 20:00:43 +00:00
floatingghost	364b6969eb	Use finch everywhere (#33) ... Reviewed-on: #33	2022-07-04 16:30:38 +00:00
sfr	058bf96798	implement Move activities (#45) ... Reviewed-on: #45 Co-authored-by: sfr <sol@solfisher.com> Co-committed-by: sfr <sol@solfisher.com>	2022-07-04 16:29:39 +00:00
FloatingGhost	95ef3a8b1e	Use Akkoma modification for collections	2022-07-03 19:36:30 +01:00
FloatingGhost	0a3a552696	Add support for a first reference in pinned objects	2022-07-03 17:25:20 +01:00
floatingghost	3f7c64f30b	Fix broken attachments from owncast (#31) ... Reviewed-on: #31	2022-07-01 11:14:55 +00:00
FloatingGhost	1ecdb19de5	Refactor ES on top of search behaviour	2022-06-30 16:28:31 +01:00
Ekaterina Vaartis	7f53aa400b	Don't try removing deleted users and such from index as posts	2022-06-29 20:49:45 +01:00
Ekaterina Vaartis	c128798418	Rename Activity.Search to Search.DatabaseSearch	2022-06-29 20:49:44 +01:00
Ekaterina Vaartis	ea582fbf93	Rename search.ex to database_search.ex and add search/2	2022-06-29 20:49:00 +01:00
Ekaterina Vaartis	d99a2be351	Only add local posts to index in activity_pub ... Remote ones are already added in another place	2022-06-29 20:48:44 +01:00
Ekaterina Vaartis	37913c8ddf	Use proper deleted object for removing from index	2022-06-29 20:48:44 +01:00
Ekaterina Vaartis	a937a98df5	Don't try removing from index again in common_api ... It's already removed in the side effects of the pipeline	2022-06-29 20:48:44 +01:00
Ekaterina Vaartis	b3401ba7bd	Also index incoming federated posts	2022-06-29 20:48:29 +01:00
Ekaterina Vaartis	e5ac2ffa07	Ensure only indexing public posts and implement clearing and delete	2022-06-29 20:48:29 +01:00
Ekaterina Vaartis	e961cf2689	Initial meilisearch implementation, doesn't delete posts yet	2022-06-29 20:48:28 +01:00
Hélène	8f140deb8f	StealEmojiPolicy: fix String rejected_shortcodes ... * rejected_shortcodes is defined as a list of strings in the configuration description. As such, database-based configuration was led to handle those settings as strings, and not as the actually expected type, Regex. * This caused each message passing through this MRF, if a rejected shortcode was set and the emoji did not exist already on the instance, to fail federating, as an exception was raised, swiftly caught and mostly silenced. * This commit fixes the issue by introducing new behavior: strings are now handled as perfect matches for an emoji shortcode (meaning that if the emoji-to-be-pulled's shortcode is in the blacklist, it will be rejected), while still supporting Regex types as before.	2022-06-29 20:47:45 +01:00
Ilja	661d0ba481	Also use actor_type to determine if an account is a bot in antiFollowbotPolicy	2022-06-29 20:47:44 +01:00
Tusooa Zhu	3fd87b6a75	Skip cache when /objects or /activities is authenticated ... Ref: fix-local-public	2022-06-29 20:47:27 +01:00
Tusooa Zhu	932e5df19e	Allow to skip cache in Cache plug ... Ref: fix-local-public	2022-06-29 20:47:26 +01:00
Tusooa Zhu	33d821256e	Fix incorrect fallback when English is set to first language	2022-06-29 20:47:10 +01:00
Tusooa Zhu	2df25e6666	Support fallbacking to other languages	2022-06-29 20:47:10 +01:00
Tusooa Zhu	fcfb5a4967	Lint	2022-06-29 20:47:10 +01:00
Tusooa Zhu	07bd35227a	Support multiple locales from userLanguage cookie	2022-06-29 20:47:10 +01:00
Tusooa Zhu	fa95bc8725	Support multiple locales formally ... elixir gettext current does not fully support fallback to another language [0]. But it might in the future. We adapt it so that all languages in Accept-Language headers are received by Pleroma.Web.Gettext. User.languages is now a comma-separated list. [0]: https://github.com/elixir-gettext/gettext/issues/303	2022-06-29 20:47:10 +01:00
Tusooa Zhu	845e5769ce	Make lint happy	2022-06-29 20:47:10 +01:00
Tusooa Zhu	ef73f61b07	Fallback to a variant if the language in general is not supported ... For an example, here, zh is not supported, but zh_Hans and zh_Hant are. If the user asks for zh, we should choose a variant for them instead of fallbacking to default. Some browsers (e.g. Firefox) does not allow users to customize their language codes. For example, there is no zh-Hans, but only zh, zh-CN, zh-TW, zh-HK, etc. This provides a workaround for those users suffering from bad design decisions.	2022-06-29 20:47:10 +01:00
Tusooa Zhu	72bdb0640f	Allow user to register with custom language	2022-06-29 20:46:51 +01:00
Tusooa Zhu	1b77308644	Allow update_credentials to update User.language	2022-06-29 20:45:35 +01:00
Tusooa Zhu	7726148472	Send emails i18n'd using backend-stored user language	2022-06-29 20:45:19 +01:00
Tusooa Zhu	63a0536d55	Make mail and mailer translatable	2022-06-29 20:45:05 +01:00
Tusooa Zhu	39cfecb188	Make static fe translatable	2022-06-29 20:45:05 +01:00
Tusooa Zhu	03aac29531	Fix tests	2022-06-29 20:45:05 +01:00
Tusooa Zhu	c6652fccae	Make mfa pages translatable	2022-06-29 20:45:03 +01:00
Tusooa Zhu	8f8d2abb12	Make oauth pages translatable	2022-06-29 20:44:48 +01:00
Tusooa Zhu	793922f1d8	Use proper lang attributes in htmls	2022-06-29 20:44:16 +01:00
Tusooa Zhu	ec57e3480c	Make tag feed translatable	2022-06-29 20:44:16 +01:00
Tusooa Zhu	50913c4dc5	Make password reset pages translatable	2022-06-29 20:44:16 +01:00
Tusooa Zhu	8f08c902a5	Make lint happy	2022-06-29 20:44:16 +01:00
Tusooa Zhu	ed1d9e91bc	Make remote follow pages translatable	2022-06-29 20:44:15 +01:00
Tusooa Zhu	775f997c40	Prefer userLanguage cookie over Accept-Language header in detecting locale ... https://git.pleroma.social/pleroma/pleroma-meta/-/issues/60	2022-06-29 20:43:41 +01:00
floatingghost	2342fface1	Add visibility check in context path (#26) ... Reviewed-on: #26	2022-06-29 09:33:57 +00:00
FloatingGhost	064c36274c	Purge gopher frontend	2022-06-27 17:31:16 +01:00
FloatingGhost	d392fafa06	Remove debug prints	2022-06-25 18:43:19 +01:00
FloatingGhost	f2ff05637f	Allow for embedding object data in publish	2022-06-25 18:41:26 +01:00
FloatingGhost	45b7d18871	update api spec for custom emoji reaction	2022-06-25 15:45:10 +01:00