Add patch avoiding request flood in one common'ish scenario

3.13.3’s raison d'être

patches/series

@@ -23,6 +23,9 @@ pr851_fix-mrf-object-age.patch
 pr853_fix_nodeinfo_contenttype.patch
 # internal.fetch advertised follow* collection IDs but those didn’t actually resolve
 pr856_drop-internal-actor-flw-collections.patch
+# Quick-fix to prevent rapid refetch req flood for at least a specific kind of
+# rejected user profile apparently common with misskey.io
+up-2b1a252cc78dbb3ff8a34a8365b8c049c0b531fb_truncate-remote-user-fields.patch
 # testing various perf tweaks
 wip_01_workers-make-custom-filtering-ahead-of-enqueue-possi.patch
 wip_02_Don-t-create-noop-SearchIndexingWorker-jobs-for-pass.patch

patches/up-2b1a252cc78dbb3ff8a34a8365b8c049c0b531fb_truncate-remote-user-fields.patch

@@ -0,0 +1,76 @@
+From 2b1a252cc78dbb3ff8a34a8365b8c049c0b531fb Mon Sep 17 00:00:00 2001
+From: "Haelwenn (lanodan) Monnier" <contact@hacktivis.me>
+Date: Tue, 13 Aug 2024 20:06:01 +0200
+Subject: [PATCH] User: truncate remote user fields instead of rejecting
+
+---
+ lib/pleroma/user.ex                               |  2 ++
+ test/pleroma/user_test.exs                        | 15 +++++++++++++++
+ .../transmogrifier/user_update_handling_test.exs  |  4 ++--
+ 3 files changed, 19 insertions(+), 2 deletions(-)
+ create mode 100644 changelog.d/bugfix-truncate-remote-user-fields.fix
+
+diff --git a/lib/pleroma/user.ex b/lib/pleroma/user.ex
+index bf8717ffb..dfeab0410 100644
+--- a/lib/pleroma/user.ex
++++ b/lib/pleroma/user.ex
+@@ -443,6 +443,7 @@ defp fix_follower_address(params), do: params
+   def remote_user_changeset(struct \\ %User{local: false}, params) do
+     bio_limit = Config.get([:instance, :user_bio_length], 5000)
+     name_limit = Config.get([:instance, :user_name_length], 100)
++    fields_limit = Config.get([:instance, :max_remote_account_fields], 0)
+ 
+     name =
+       case params[:name] do
+@@ -456,6 +457,7 @@ def remote_user_changeset(struct \\ %User{local: false}, params) do
+       |> Map.put_new(:last_refreshed_at, NaiveDateTime.utc_now())
+       |> truncate_if_exists(:name, name_limit)
+       |> truncate_if_exists(:bio, bio_limit)
++      |> Map.update(:fields, [], &Enum.take(&1, fields_limit))
+       |> truncate_fields_param()
+       |> fix_follower_address()
+ 
+diff --git a/test/pleroma/user_test.exs b/test/pleroma/user_test.exs
+index cf9cc7519..ac886aaf9 100644
+--- a/test/pleroma/user_test.exs
++++ b/test/pleroma/user_test.exs
+@@ -966,6 +966,21 @@ test "it is invalid given a local user" do
+ 
+       refute cs.valid?
+     end
++
++    test "it truncates fields" do
++      clear_config([:instance, :max_remote_account_fields], 2)
++
++      fields = [
++        %{"name" => "One", "value" => "Uno"},
++        %{"name" => "Two", "value" => "Dos"},
++        %{"name" => "Three", "value" => "Tres"}
++      ]
++
++      cs = User.remote_user_changeset(@valid_remote |> Map.put(:fields, fields))
++
++      assert [%{"name" => "One", "value" => "Uno"}, %{"name" => "Two", "value" => "Dos"}] ==
++               Ecto.Changeset.get_field(cs, :fields)
++    end
+   end
+ 
+   describe "followers and friends" do
+diff --git a/test/pleroma/web/activity_pub/transmogrifier/user_update_handling_test.exs b/test/pleroma/web/activity_pub/transmogrifier/user_update_handling_test.exs
+index b1a064772..35a5fe03d 100644
+--- a/test/pleroma/web/activity_pub/transmogrifier/user_update_handling_test.exs
++++ b/test/pleroma/web/activity_pub/transmogrifier/user_update_handling_test.exs
+@@ -119,8 +119,8 @@ test "it works with custom profile fields" do
+     user = User.get_cached_by_ap_id(user.ap_id)
+ 
+     assert user.fields == [
+-             %{"name" => "foo", "value" => "updated"},
+-             %{"name" => "foo1", "value" => "updated"}
++             %{"name" => "foo", "value" => "bar"},
++             %{"name" => "foo11", "value" => "bar11"}
+            ]
+ 
+     update_data =
+-- 
+2.39.5
+