Commit graph

8954 commits

Author SHA1 Message Date
dcf58a3c53 Do not pass transient undo-y activities through MRF 2022-12-09 20:01:38 +00:00
9db4c2429f Remove FollowBotPolicy 2022-12-09 19:59:27 +00:00
6f83ae27aa extend reject MRF to check if originating instance is blocked 2022-12-09 19:57:29 +00:00
d5828f1c5e Merge remote-tracking branch 'ilja/fix_tagpolicy_to_also_work_on_updates' into develop
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2022-12-09 10:31:22 +00:00
0eaec57d3f mix format
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
2022-12-09 10:24:38 +00:00
ilja
1f863f0a36 Fix MRF policies to also work with Update
Some checks failed
ci/woodpecker/pr/woodpecker Pipeline failed
Objects who got updated would just pass through several of the MRF policies, undoing moderation in some situations.
In the relevant cases we now check not only for Create activities, but also Update activities.

I checked which ones checked explicitly on type Create using `grep '"type" => "Create"' lib/pleroma/web/activity_pub/mrf/*`.

The following from that list have not been changed:
* lib/pleroma/web/activity_pub/mrf/follow_bot_policy.ex
    * Not relevant for moderation
* lib/pleroma/web/activity_pub/mrf/keyword_policy.ex
    * Already had a test for Update
* lib/pleroma/web/activity_pub/mrf/object_age_policy.ex
    * In practice only relevant when fetching old objects (e.g. through Like or Announce). These are always wrapped in a Create.
* lib/pleroma/web/activity_pub/mrf/reject_non_public.ex
    * We don't allow changing scope with Update, so not relevant here
2022-12-08 23:22:05 +01:00
ilja
ce517ff4e5 Fix tagpolicy to also work with Update
Some checks are pending
ci/woodpecker/pr/woodpecker Pipeline is pending
Objects who got updated would just pass the TagPolicy, undoing the moderation that was set in place for the Actor.
Now we check not only for Create activities, but also Update activities.
2022-12-08 21:53:42 +01:00
cb3ccf5f47 Add check for null reply_to_user
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2022-12-07 13:41:12 +00:00
1afba64464 Redirect to standard FE if logged in
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
2022-12-07 13:35:00 +00:00
c7369d6d03 GOOGLE
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2022-12-07 11:41:24 +00:00
sfr
7c4b415929 static-fe overhaul (#236)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
makes static-fe look more like pleroma-fe, with the stylesheets matching pleroma-dark and pleroma-light based on `prefers-color-scheme`.

- [x] navbar
- [x] about sidebar
- [x] background image
- [x] statuses
  - [x] "reply to" or "edited" tags
- [x] accounts
  - [x] show more / show less
  - [x] posts / with replies / media / followers / following
    - [x] followers/following would require user card snippets
  - [x] admin/bot indicators
- [x] attachments
  - [x] nsfw attachments
- [x] fontawesome icons
- [x] clean up and sort css
- [x] add pleroma-light
- [x] replace hardcoded strings

also i forgot
- [x] repeated headers

how it looks + sneak peek at statuses:
![](https://akkoma.dev/attachments/c0d3a025-6987-4630-8eb9-5f4db6858359)

Co-authored-by: Sol Fisher Romanoff <sol@solfisher.com>
Reviewed-on: #236
Co-authored-by: sfr <sol@solfisher.com>
Co-committed-by: sfr <sol@solfisher.com>
2022-12-07 11:20:53 +00:00
09326ffa56 Diagnostics tasks (#348)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
a bunch of ways to get query plans to help with debugging

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #348
2022-12-07 11:12:34 +00:00
b058df3faa Allow dashes in domain name search
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2022-12-06 10:57:10 +00:00
d55de5debf Remerge of hashtag following (#341)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
this time with less idiot

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #341
2022-12-05 12:58:48 +00:00
ec6bf8c3f7 revert 4a94c9a31e
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
revert Add ability to follow hashtags (#336)

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #336
2022-12-04 20:04:09 +00:00
4a94c9a31e Add ability to follow hashtags (#336)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #336
2022-12-04 17:36:59 +00:00
6b882a2c0b Purge Rejected Follow requests in daily task (#334)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #334
2022-12-03 23:17:43 +00:00
1409f91d50 Add maskable to logo
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2022-12-02 12:00:56 +00:00
94b469cab0 Merge pull request 'Add PWA config' (#329) from pwa into develop
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Reviewed-on: #329
2022-12-02 11:13:29 +00:00
8d6cc6cb65 Resolve follow activity from accept/reject without ID (#328)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #328
2022-12-02 11:12:37 +00:00
bbf2e3f445 Add PWA info 2022-12-02 11:10:35 +00:00
db60640c5b Fixing up deletes a bit (#327)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #327
2022-12-01 15:00:53 +00:00
0cfd5b4e89 Add ability to set a default post expiry (#321)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #321
2022-11-28 13:34:54 +00:00
ee7059c9cf Spin off imports into n oban jobs
Some checks failed
ci/woodpecker/push/woodpecker Pipeline is pending
ci/woodpecker/pr/woodpecker Pipeline failed
2022-11-27 21:45:41 +00:00
98a21debf9 normalise markup by default (#316)
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
why was this _not_ default?

honestly i'm surprised pleroma hasn't exploded yet

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #316
2022-11-26 21:06:20 +00:00
e3085c495c fix tests broken by relay defaults changing (#314)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #314
2022-11-26 20:45:47 +00:00
@r3g_5z@plem.sapphic.site
565ead8397 minor-changes (#313)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Only real change here is making MRF rejects log as debug instead of info (#234)

I don't know if it's the best way to do it, but it seems it's just MRF using this and almost always this is intended.

The rest are just minor docs changes and syncing the restricted nicknames stuff.

I compiled and ran my changes with Docker and they all work.

Co-authored-by: r3g_5z <june@terezi.dev>
Reviewed-on: #313
Co-authored-by: @r3g_5z@plem.sapphic.site <june@girlboss.ceo>
Co-committed-by: @r3g_5z@plem.sapphic.site <june@girlboss.ceo>
2022-11-26 19:27:58 +00:00
a90c45b7e9 Add Signed Fetch Statistics (#312)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Close #304.

Notes:
 - This patch was made on top of Pleroma develop, so I created a separate cachex worker for request signature actions, instead of Akkoma's instance cache. If that is a merge blocker, I can attempt to move logic around for that.
 - Regarding the `has_request_signatures: true -> false` state transition: I think that is a higher level thing (resetting instance state on new instance actor key) which is separate from the changes relevant to this one.

Co-authored-by: Luna <git@l4.pm>
Reviewed-on: #312
Co-authored-by: @luna@f.l4.pm <akkoma@l4.pm>
Co-committed-by: @luna@f.l4.pm <akkoma@l4.pm>
2022-11-26 19:22:56 +00:00
2fe1484ed3 http timeout config (#307)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Ref https://meta.akkoma.dev/t/increase-timeout-on-libretranslate-request-how/156/2

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #307
2022-11-24 12:27:16 +00:00
ave
1c4ca20ff7 Change follow_operation schema to use type BooleanLike (#301)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Changes follow_operation schema to use BooleanLike instead of :boolean so that strings like "0" and "1" (used by mastodon.py) can be accepted. Rest of file uses the same. For more info please see https://git.pleroma.social/pleroma/pleroma/-/issues/2999

(I'm also sending this here as I'm not hopeful about upstream not ignoring  it)

Co-authored-by: ave <ave@ave.zone>
Reviewed-on: #301
Co-authored-by: ave <ave@noreply.akkoma>
Co-committed-by: ave <ave@noreply.akkoma>
2022-11-24 11:27:01 +00:00
6223e2ea3e Merge pull request 'Additional timeline query improvements from upstream' (#291) from norm/akkoma:timeline-query-improvements into develop
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Reviewed-on: #291
2022-11-20 21:53:24 +00:00
@r3g_5z@plem.sapphic.site
0e4c201f8d HTTP header improvements (#294)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
- Drop Expect-CT

Expect-CT has been redundant since 2018 when Certificate Transparency became mandated and required for all CAs and browsers. This header is only implemented in Chrome and is now deprecated. HTTP header analysers do not check this anymore as this is enforced by default. See https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Expect-CT

- Raise HSTS to 2 years and explicitly preload

The longer age for HSTS, the better. Header analysers prefer 2 years over 1 year now as free TLS is very common using Let's Encrypt.
For HSTS to be fully effective, you need to submit your root domain (domain.tld) to https://hstspreload.org. However, a requirement for this is the "preload" directive in Strict-Transport-Security. If you do not have "preload", it will reject your domain.

- Drop X-Download-Options

This is an IE8-era header when Adobe products used to use the IE engine for making outbound web requests to embed webpages in things like Adobe Acrobat (PDFs). Modern apps are using Microsoft Edge WebView2 or Chromium Embedded Framework. No modern browser checks or header analyser check for this.

- Set base-uri to 'none'

This is to specify the domain for relative links (`<base>` HTML tag). pleroma-fe does not use this and it's an incredibly niche tag.

I use all of these myself on my instance by rewriting the headers with zero problems. No breakage observed.

I have not compiled my Elixr changes, but I don't see why they'd break.

Co-authored-by: r3g_5z <june@terezi.dev>
Reviewed-on: #294
Co-authored-by: @r3g_5z@plem.sapphic.site <june@terezi.dev>
Co-committed-by: @r3g_5z@plem.sapphic.site <june@terezi.dev>
2022-11-20 21:20:06 +00:00
r3g_5z
f90552f62e
Drop XSS auditor
All checks were successful
ci/woodpecker/pr/woodpecker Pipeline was successful
It's deprecated, removed in some, by all modern browsers and is known
to create XSS vulnerabilities in itself.

Signed-off-by: r3g_5z <june@terezi.dev>
2022-11-19 20:40:20 -05:00
0022fa7d49
Add same optimized join for excluding invisible users
Some checks failed
ci/woodpecker/pr/woodpecker Pipeline failed
2022-11-19 15:12:24 -05:00
11fc1beba5
Fix reports which do not have a user
The check for deactivated users was being applied to report activities.
2022-11-19 15:12:16 -05:00
e1e0d5d759 microblogpub federation fixes (#288)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #288
2022-11-18 11:14:35 +00:00
Haelwenn (lanodan) Monnier
3e0a5851e5 Set instance reachable on fetch
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2022-11-15 17:23:47 +00:00
2a1f17e3ed and i yoink (#275)
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Co-authored-by: Mark Felder <feld@feld.me>
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #275
2022-11-14 15:07:26 +00:00
c1127e321b Add configurable timeline per oban job (#273)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Heavily inspired by https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3777

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #273
2022-11-13 23:55:51 +00:00
89dbc7177b Chores for 2022.11
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
ci/woodpecker/pr/woodpecker Pipeline is pending
2022-11-11 16:12:04 +00:00
ac0c00cdee Add media sources to connect-src if media proxy is enabled
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
2022-11-10 17:26:51 +00:00
bab1ab5b6c strip \r and \r from content-disposition filenames 2022-11-10 11:54:12 +00:00
cc6a076202 Include requested_by in relationship (#260)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #260
2022-11-10 03:16:32 +00:00
0681a26dbb Remove unused pattern
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
2022-11-08 13:54:43 +00:00
4e8ab0deeb fix count of poll voters
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
2022-11-08 13:50:04 +00:00
2e895b6c02 make metdata check a debug log
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
2022-11-08 11:03:43 +00:00
479aacb1b6 Add fallback for reports that don't have attached activities
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
2022-11-08 11:01:47 +00:00
a0b8e3c842 Don't mess with the cache on metadata update
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
2022-11-08 10:39:01 +00:00
7bbaa8f8e0 automatically trim loading *. prefixes on domain blocks
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
2022-11-07 22:33:18 +00:00
31ad09010e Fix regex usage in MRF (#254)
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
fixes #235
fixes #228

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: #254
2022-11-06 23:50:32 +00:00