fc3cc61768
Fix invalid Date HTTP header when signing fetch requests
...
AkkomaGang/akkoma#503
2023-08-07 12:43:42 +00:00
368b22fd2f
Ensure we can't crash out on unusual logger backend settings
2023-08-06 15:12:57 +01:00
59af68c600
Ensure it doesn't break on elixir1.14
2023-08-05 14:11:27 +01:00
ec5db753b9
Prevent elixir compiler from yeeting our modules
2023-08-05 14:03:21 +01:00
mae
d868348fac
Completely disable xml entity resolution
2023-08-05 12:32:05 +00:00
31d7cc9a9c
Allow Pleroma.HTTP to connect to raw-HTTP without freaking mint out
2023-08-04 23:51:15 +01:00
8670d89316
Remove duplicated path
...
Fixes #604
2023-08-04 22:39:11 +01:00
b4399574ca
Merge remote-tracking branch 'norm/config-permissions' into develop
2023-08-04 22:31:11 +01:00
Mae
1f54bea564
Prevent XML parser from loading external entities
2023-08-04 22:24:17 +01:00
Haelwenn (lanodan) Monnier
4f57c87be4
instance gen: Reduce permissions of pleroma directories and config files
...
Original: 69caedc591
2023-08-04 14:13:50 -04:00
Haelwenn (lanodan) Monnier
ae03513934
Config: Restrict permissions of OTP config file
...
Original: 8cc8100120
2023-08-04 14:13:36 -04:00
0b2ec0ccee
Enable AnonymizeFilenames on all uploads
2023-08-04 15:37:15 +01:00
723bd123a0
Correct ordering for block/mutes
2023-08-04 15:18:07 +01:00
1dc8cc731c
Merge branch 'elixir1.15' into develop
2023-08-04 15:16:14 +01:00
64e233ca20
Tag Mock
-tests as "mocked" and run them seperately
2023-08-04 12:50:50 +01:00
2946bf4011
mix format
2023-08-04 12:04:24 +01:00
fe8c166b8f
Remove IO.inspects
2023-08-04 12:01:52 +01:00
7e45343f81
Resolve information disclosure vulnerability through emoji pack archive download endpoint
2023-08-04 11:34:19 +01:00
98cb255d12
Support elixir1.15
...
OTP builds to 1.15
Changelog entry
Ensure policies are fully loaded
Fix :warn
use main branch for linkify
Fix warn in tests
Migrations for phoenix 1.17
Revert "Migrations for phoenix 1.17"
This reverts commit 6a3b2f15b74ea5e33150529385215b7a531f3999.
Oban upgrade
Add default empty whitelist
mix format
limit test to amd64
OTP 26 tests for 1.15
use OTP_VERSION tag
baka
just 1.15
Massive deps update
Update locale, deps
Mix format
shell????
multiline???
?
max cases 1
use assert_recieve
don't put_env in async tests
don't async conn/fs tests
mix format
FIx some uploader issues
Fix tests
2023-08-03 17:44:09 +01:00
babb4b9a8f
Merge branch 'metadata_webfinger' into develop
2023-08-02 12:05:43 +01:00
27cbfb8985
Send a NIL body rather than an empty one with GET/HEAD
2023-08-01 11:26:05 +01:00
7ff9c356f4
Merge remote-tracking branch 'upstream/develop' into metadata_webfinger
2023-07-27 07:43:17 -07:00
Weblate
eba3cce77b
Update translation files
...
Updated by "Squash Git commits" hook in Weblate.
Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/
2023-07-27 13:14:05 +00:00
fa23098093
Merge branch 'develop' into arm
2023-07-27 14:01:11 +01:00
6db8ab7c94
Merge pull request 'Varied selection of Pleroma cherry-picks' ( #567 ) from XxXCertifiedForkliftDriverXxX/akkoma:cherry-picks into develop
...
Reviewed-on: AkkomaGang/akkoma#567
2023-07-27 12:53:56 +00:00
34601065c3
Mix format
2023-07-20 17:34:05 +01:00
33e7ae7637
Allow nil attachments
2023-07-17 20:03:31 +01:00
900b9b0124
Merge branch 'develop' into active-emoji-reactions
2023-07-17 19:45:43 +01:00
c63ae73bc0
Add embed controller tests
2023-07-17 19:18:21 +01:00
16d2bfef80
Ensure embeds will not be served if unauthenticated users could not see it
2023-07-17 18:24:53 +01:00
c8904f15a2
Correct behaviour of mediaproxy blocklist
2023-07-17 18:17:04 +01:00
8fe29bf5d2
Exclude deactivated users from emoji reaction lists
2023-07-17 17:53:03 +01:00
210df6fe92
Merge pull request 'Fix the /embed endpoint' ( #540 ) from mikihau/akkoma:develop into develop
...
Reviewed-on: AkkomaGang/akkoma#540
2023-07-15 20:48:30 +00:00
5144d6f4ba
Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types
...
Original: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3897
2023-06-28 01:56:14 +01:00
3e4a279a1b
Merge pull request 'Implement blocklists for MediaProxy' ( #574 ) from XxXCertifiedForkliftDriverXxX/akkoma:feature/mediaproxy-blocklist into develop
...
Reviewed-on: AkkomaGang/akkoma#574
2023-06-28 00:54:25 +00:00
XxXCertifiedForkliftDriverXxX
767e1272b3
Use OS CA store for Mint HTTP connections
2023-06-26 15:50:49 +02:00
XxXCertifiedForkliftDriverXxX
07b478dc49
Implement blocklists for MediaProxy
2023-06-26 15:18:31 +02:00
tusooa
c0a01e73cf
Enforce unauth restrictions for public streaming endpoints
2023-06-14 22:45:19 +00:00
tusooa
fee6e2aac4
Fix deleting banned users' statuses
2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
8669a0abcb
UploadedMedia: Increase readability via ~s sigil
2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
37b0d774fa
UploadedMedia: Add missing disposition_type to Content-Disposition
...
Set it to `inline` because the vast majority of what's sent is multimedia
content while `attachment` would have the side-effect of triggering a
download dialog.
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3114
2023-06-14 22:45:19 +00:00
tusooa
3095251e6c
Dedupe poll options
2023-06-14 22:45:19 +00:00
tusooa
79a18f761b
Allow with_relationships param for blocks
2023-06-14 22:45:19 +00:00
kPherox
8fb235e71b
fix: append field values to bio before parsing
2023-06-14 19:44:07 +00:00
kPherox
d6271e7613
feat: build rel me tags with profile fields
2023-06-14 19:44:07 +00:00
5adce547d0
Require related object for notifications to filter on content
2023-06-14 19:41:48 +00:00
tusooa
05e80d1879
Fix block_from_stranger setting
2023-06-14 19:41:44 +00:00
tusooa
1268dbc562
Fix type of admin_account.is_confirmed
2023-06-14 19:38:22 +00:00
tusooa
651979217a
Fix failure when registering a user with no email when approval required
2023-06-14 19:33:58 +00:00
997551bac9
Fix TwitterCard meta tags
...
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".
Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.
> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]
[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00