Commit graph

6571 commits

Author SHA1 Message Date
7ca9ce9d67 fix: Give error message to users when address has already been validated
Plus other errors.
2023-01-12 22:08:10 +01:00
ff5793198f add inbound language test 2023-01-11 15:42:13 +00:00
78c44f31ca fix no-language-specified federation 2023-01-11 15:25:34 +00:00
22068f0853 fix unused variable warnings 2023-01-10 10:58:17 +00:00
cc63a89b5d Fix tests 2023-01-10 10:29:17 +00:00
f86bf16430 Add language support on /api/v1/statuses 2023-01-10 10:29:17 +00:00
a8cd859ef9 Use actual ISO8601 timestamps for masto API (#425)
Some users post posts with spoofed timestamp, and some clients will have issues with certain dates. Tusky for example crashes if the date is any sooner than 1 BCE (“year zero” in the representation).

I limited the range of what is considered a valid date to be somewhere between the years 1583 and 9999 (inclusive).

The numbers have been chosen because:

- ISO 8601 only allows years before 1583 with “mutual agreement”
- Years after 9999 could cause issues with certain clients as well

Co-authored-by: Charlotte 🦝 Delenk <lotte@chir.rs>
Reviewed-on: AkkomaGang/akkoma#425
Co-authored-by: darkkirb <lotte@chir.rs>
Co-committed-by: darkkirb <lotte@chir.rs>
2023-01-09 22:12:28 +00:00
336d06b2a8 Significantly tighten HTTP CSP 2023-01-02 15:21:19 +00:00
57e51fe62c Migrate Pleroma.Web to phoenix 1.6 formats 2023-01-02 03:29:02 +00:00
6e646c4cbc Use a genserver to periodically fetch metrics
Ref https://github.com/beam-telemetry/telemetry_metrics_prometheus_core/issues/52
2023-01-01 18:32:14 +00:00
c4b46ca460 Add /api/v1/followed_tags 2022-12-31 18:09:34 +00:00
745e15468e Use same context for quote posts as the post that's being quoted (#379)
See AkkomaGang/akkoma#350 (comment)

When making quotes through Mast-API, they will now have the same context as the quoted post. This also results in them being showed when fetching the thread. I checked Misskey to see how it's there, and they show the quotes there as well, see e.g. <https://mk.toast.cafe/notes/98u1g0tulg>.

An example from Akkoma:

Co-authored-by: ilja <git@ilja.space>
Reviewed-on: AkkomaGang/akkoma#379
Reviewed-by: floatingghost <hannah@coffee-and-dreams.uk>
Co-authored-by: ilja <akkoma.dev@ilja.space>
Co-committed-by: ilja <akkoma.dev@ilja.space>
2022-12-31 18:09:27 +00:00
b8f280b4b5 Rich media doesn't need to be a map 2022-12-31 03:53:52 +00:00
bf7ff6a337 Put rich media processing in a Task 2022-12-30 20:11:53 +00:00
5d4c291d52 update references to pleroma in docs 2022-12-30 03:43:35 +00:00
9be6caf125 argon2 password hashing (#406)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: AkkomaGang/akkoma#406
2022-12-30 02:46:58 +00:00
a5e98083f2 Add link verification in profile fields (#405)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: AkkomaGang/akkoma#405
2022-12-29 20:56:06 +00:00
Atsuko Karagi
4a78c431cf Simplified HTTP signature processing 2022-12-19 20:41:48 +00:00
Atsuko Karagi
e17c71a389 Respect restrict_unauthenticated in /api/v1/accounts/lookup 2022-12-19 20:32:16 +00:00
233c4bb3ba revert 28ab09d377
revert Remove unused dependencies
2022-12-19 02:34:46 +00:00
28ab09d377 Remove unused dependencies 2022-12-19 02:26:04 +00:00
3d546409b2 remove now-unused test 2022-12-17 23:21:24 +00:00
52d8183787 drop admin scopes on create app instead of rejecting 2022-12-17 23:14:49 +00:00
b91e671c0d add remote user count for the heck of it 2022-12-16 17:22:26 +00:00
1f5bc4d68a remove unused variable 2022-12-16 12:36:34 +00:00
9a320ba814 make 2fa UI less awful 2022-12-16 11:50:25 +00:00
48d302a60f allow disabling prometheus entirely 2022-12-16 11:17:04 +00:00
d1a0d93bf7 document prometheus 2022-12-16 10:24:36 +00:00
c2054f82ab allow users with admin:metrics to read app metrics 2022-12-16 03:32:51 +00:00
b8be8192fb do not allow non-admins to register tokens with admin scopes
this didn't actually _do_ anything in the past,
the users would be prevented from accessing the resource,
but they shouldn't be able to even create them
2022-12-16 03:25:14 +00:00
e2320f870e Add prometheus metrics to router 2022-12-15 02:02:07 +00:00
Tim Buchwaldt
29584197bb Measure stats-data 2022-12-15 01:04:56 +00:00
Tim Buchwaldt
63be819661 Take tesla telemetry 2022-12-15 01:04:56 +00:00
Tim Buchwaldt
0995fa1410 Track oban failures 2022-12-15 01:04:56 +00:00
Tim Buchwaldt
f8d3383179 Fix oban tags 2022-12-15 01:04:56 +00:00
Tim Buchwaldt
a06bb694c1 Listen to loopback 2022-12-15 01:04:56 +00:00
Tim Buchwaldt
1e9c2cd8ef Fix buckets for query timing 2022-12-15 01:04:56 +00:00
Tim Buchwaldt
33243c56e5 Start adding telemetry 2022-12-15 01:04:55 +00:00
07a48b9293 giant massive dep upgrade and dialyxir-found error emporium (#371)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: AkkomaGang/akkoma#371
2022-12-14 12:38:48 +00:00
duponin
3e9c0b380a
Return 413 when an actor's banner or background exceeds the size limit 2022-12-12 17:28:14 -05:00
duponin
c9304962c3
Uploading an avatar media exceeding max size returns a 413
Until now it was returning a 500 because the upload plug were going
through the changeset and ending in the JSON encoder, which raised
because struct has to @derive the encoder.
2022-12-12 17:28:09 -05:00
9d9c26b833 Ensure Gun is Gone 2022-12-11 19:26:21 +00:00
68894089e8 Do not fetch anything from blocked instances 2022-12-10 00:09:45 +00:00
a1515f9a60 Add some extra info around possible nils 2022-12-09 23:45:51 +00:00
739ed14f54 Revert "mandate published on notes"
This reverts commit e49b583147.
2022-12-09 20:59:26 +00:00
e49b583147 mandate published on notes
fixes #356
2022-12-09 20:27:54 +00:00
f5a315f04c Add URL and code to :not_found errors
Ref #355
2022-12-09 20:13:31 +00:00
dcf58a3c53 Do not pass transient undo-y activities through MRF 2022-12-09 20:01:38 +00:00
9db4c2429f Remove FollowBotPolicy 2022-12-09 19:59:27 +00:00
6f83ae27aa extend reject MRF to check if originating instance is blocked 2022-12-09 19:57:29 +00:00