Commit graph

  • c1f0b6b875 Merge pull request 'Accept body parameters for /api/pleroma/notification_settings' (#738) from Oneric/akkoma:notif-setting-parameters into develop 1713265389502709653/tmp_refs/heads/develop 1713265389502709653/develop floatingghost 2024-04-13 22:55:02 +0000
  • f8a53fbe2f bump dependencies Floatingghost 2024-04-12 19:59:30 +0100
  • e36c0f96fc Merge pull request 'Add docker override file to docs and gitignore' (#621) from norm/akkoma:docker-compose-override into develop floatingghost 2024-04-12 18:50:25 +0000
  • 6f3c955aa0 Merge pull request 'elixir1.16 testing' (#742) from elixir1.16 into develop floatingghost 2024-04-12 18:49:33 +0000
  • 024ffadd80 Merge pull request 'Don't list old accounts as aliases in WebFinger' (#713) from erincandescent/akkoma:no-old-account-alias into develop floatingghost 2024-04-12 18:34:14 +0000
  • e2e4f53585 Merge pull request 'Use standard-compliant Accept header when fetching' (#740) from Oneric/akkoma:fetch_std-accept-hdr into develop floatingghost 2024-04-12 18:28:26 +0000
  • d910e8d7d1 Add test suite for elixir1.16 Floatingghost 2024-04-12 19:13:33 +0100
  • df25d86999 Cleaned up FEP-fffd commits a bit Floatingghost 2024-04-12 18:50:57 +0100
  • 4887df12d7 Merge pull request 'Allow for url to be a list' (#718) from helge/akkoma:develop into develop floatingghost 2024-04-12 17:39:38 +0000
  • e6ca2b4d2a Merge pull request 'Fix array-less EmojiReacts' (#739) from Oneric/akkoma:tag-arrayless into develop floatingghost 2024-04-12 17:26:07 +0000
  • 6ba80aaff5 Merge pull request 'Check if data is visible before embedding it in OG tags' (#741) from ograph-restrictions into develop floatingghost 2024-04-12 17:22:59 +0000
  • 8e60177466 Merge pull request 'MRF.InlineQuotePolicy: Add link to post URL, not ID' (#733) from erincandescent/akkoma:quote-url into develop floatingghost 2024-04-12 17:02:52 +0000
  • 75d9e2b375 MRF.InlineQuotePolicy: Add link to post URL, not ID Erin Shepherd 2024-04-02 23:57:27 +0200
  • 05f8179d08 check if data is visible before embedding it in OG tags Floatingghost 2024-04-12 05:16:47 +0100
  • fae0a14ee8 Use standard-compliant Accept header when fetching Oneric 2024-04-11 22:45:45 +0200
  • 1135935cbe Merge remote-tracking branch 'oneric/ipv6' into develop Floatingghost 2024-04-11 20:59:49 +0100
  • 090a77d1af Merge pull request 'static-fe: don’t squeeze non-square images' (#705) from Oneric/akkoma:staticfe-nonsquare-img into develop floatingghost 2024-04-11 18:43:03 +0000
  • 0e066bddae Merge pull request 'Drop base_url special casing in test env' (#737) from Oneric/akkoma:testenv_drop_baseurl_specialcase into develop floatingghost 2024-04-11 18:24:09 +0000
  • bd74ad9ce4 Accept body parameters for /api/pleroma/notification_settings Oneric 2024-04-08 23:00:24 +0200
  • 462225880a Accept EmojiReacts with non-array tag Oneric 2024-04-09 01:04:16 +0200
  • debd686418 Add tests for our own custom emoji format Oneric 2024-04-09 00:52:22 +0200
  • 9598137d32 Drop base_url special casing in test env Oneric 2024-04-07 00:06:29 +0200
  • b8393ad9ed Merge pull request 'context: add featured definition' (#717) from erincandescent/akkoma:context-featured into develop floatingghost 2024-04-03 10:22:09 +0000
  • 554f19a9ed Merge pull request 'Refresh Users much more aggressively when processing Move activities' (#714) from erincandescent/akkoma:move-bust-cache into develop floatingghost 2024-04-03 10:03:14 +0000
  • 9c53a3390e Ensure we have the emoji base path FloatingGhost 2024-04-02 14:12:03 +0100
  • 795524daf1 bump version FloatingGhost 2024-04-02 11:36:47 +0100
  • b5d97e7d85 Don't error out if we're not using the local uploader FloatingGhost 2024-04-02 11:36:26 +0100
  • f592090206 Fix tests that relied on no base_url in the uploader FloatingGhost 2024-04-02 11:23:57 +0100
  • 61621ebdbc Add tests for extra warnings about media subdomains FloatingGhost 2024-04-02 10:54:53 +0100
  • 4cd299bd83 Add extra warnings if the uploader is on the same domain as the main application FloatingGhost 2024-04-02 10:20:59 +0100
  • 8fbd771d6e context: add featured & backgroundUrl definitions Erin Shepherd 2024-03-02 21:32:15 +0100
  • 464db9ea0b Don't list old accounts as aliases in WebFinger Erin Shepherd 2024-02-29 20:56:32 +0100
  • 2d439034ca Ensure that spoof-inserted does not time out FloatingGhost 2024-03-30 12:55:22 +0000
  • 087d88f787 bump version FloatingGhost 2024-03-30 11:45:07 +0000
  • 3650bb0370 Changelog entry FloatingGhost 2024-03-30 11:44:34 +0000
  • ee7d98b093 Update Changelog Oneric 2024-03-28 20:24:02 -0100
  • 0648d9ebaa Add mix tasks to detect spoofed posts and users Oneric 2024-03-17 20:07:16 -0100
  • d441101200 Add mix task to detect uploaded spoof payloads Oneric 2024-03-17 15:29:23 -0100
  • 31f90bbb52 Register APNG MIME type Oneric 2024-03-26 15:44:44 -0100
  • 61ec592d66 Drop obsolete pixelfed workaround Oneric 2024-03-26 15:11:06 -0100
  • 8684964c5d Only allow exact id matches Oneric 2024-03-15 23:00:19 -0100
  • 48b3a35793 Update user reference after fetch Oneric 2024-03-20 19:03:39 -0100
  • 9061d148be Ensure object id doesn’t change on refetch Oneric 2024-03-24 17:32:28 -0100
  • 3e134b07fa fetcher: return final URL after redirects from get_object Oneric 2024-03-15 18:57:09 -0100
  • f07eb4cb55 Sanity check fetched user data Oneric 2024-03-15 20:31:45 -0100
  • 59a142e0b0 Never fetch resource from ourselves Oneric 2024-03-13 21:00:23 -0100
  • fee57eb376 Move actor check into fetch_and_contain_remote_object_from_id Oneric 2024-03-13 20:21:19 -0100
  • c4cf4d7f0b Reject cross-domain redirects when fetching AP objects Oneric 2024-03-13 20:12:17 -0100
  • baaeffdebc Update spoofed activity test Oneric 2024-03-13 20:04:31 -0100
  • 2bcf633dc2 Document Pleroma.Object.Fetcher Oneric 2024-03-13 19:42:51 -0100
  • 93ab6a018e mix: fix docs task Oneric 2024-03-13 19:41:14 -0100
  • c806adbfdb Refactor Fetcher.get_object for readability Oneric 2024-03-11 22:52:46 +0100
  • ddd79ff22d Proactively harden emoji pack against path traversal Oneric 2024-03-10 07:15:26 +0100
  • d6d838cbe8 StealEmoji: check remote size before downloading Oneric 2024-03-10 01:35:35 +0100
  • 6d003e1acd test/steal_emoji: consolidate configuration setup Oneric 2024-03-10 01:14:51 +0100
  • d1ce5fd911 test/steal_emoji: reduce code duplication with mock macro Oneric 2024-03-10 00:44:12 +0100
  • a4fa2ec9af StealEmoji: make final paths infeasible to predict Oneric 2024-03-09 22:41:26 +0100
  • ee5ce87825 test: use pack functions to check for emoji Oneric 2024-03-09 21:39:25 +0000
  • d1c4d07404 Convert StealEmoji to pack.json Oneric 2024-03-08 03:06:40 +0100
  • fa98b44acf Fill out path for newly created packs Oneric 2024-03-09 22:18:00 +0100
  • 5b126567bb StealEmoji: drop superfluous basename Oneric 2024-03-07 23:39:00 +0100
  • a8c6c780b4 StealEmoji: use Content-Type and reject non-images Oneric 2024-03-07 23:35:05 +0100
  • 111cdb0d86 Split steal_emoji function for better readability Oneric 2024-03-07 13:07:02 +0100
  • af041db6dc Limit emoji stealer to alphanum, dash, or underscore characters Norm 2024-02-20 15:11:26 -0500
  • fb54c47f0b Update example nginx config Oneric 2024-03-10 19:01:17 +0000
  • fc36b04016 Drop media proxy same-domain default for base_url Oneric 2024-03-10 18:57:40 +0000
  • 11ae8344eb Sanitise Content-Type of media proxy URLs Oneric 2024-03-10 18:57:19 +0000
  • bcc528b2e2 Never automatically assign privileged content types Oneric 2024-03-07 01:02:32 -0100
  • e88d0a2853 Fix Content-Type of our schema Oneric 2024-03-07 00:18:00 +0100
  • ba558c0c24 Limit instance emoji to image types Oneric 2024-03-07 00:00:25 +0100
  • 0ec62acb9d Always insert Dedupe upload filter Oneric 2024-03-04 18:39:08 +0100
  • fef773ca35 Drop media base_url default and recommend different domain Oneric 2024-03-04 17:50:22 +0100
  • bdefbb8fd9 plug/upload_media: query config only once on init Oneric 2024-03-05 02:20:16 +0100
  • f7c9793542 Sanitise Content-Type of uploads Oneric 2024-03-04 17:50:21 +0100
  • 7ef93c0b6d Add set_content_type to Plug.StaticNoCT Oneric 2024-03-04 17:50:20 +0100
  • dbb6091d01 Import copy of Plug.Static from Plug 1.15.3 Oneric 2024-03-04 17:50:20 +0100
  • 5d467af6c5 Update notes on security exploit handling Oneric 2024-03-04 17:50:19 +0100
  • 5d89e0c917 Allow for url to be a list Helge 2024-03-03 09:11:45 +0100
  • f18e2ba42c Refresh Users much more aggressively when processing Move activities Erin Shepherd 2024-02-29 21:08:25 +0100
  • fc95519dbf Allow fetching over IPv6 Oneric 2024-02-25 23:27:10 +0100
  • 889b57df82 2024.02 release FloatingGhost 2024-02-24 13:54:21 +0000
  • 34ffb92db4 Update translation files Weblate 2023-10-22 11:53:48 +0000
  • c6dceb1802 Translated using Weblate (Polish) Weblate 2023-10-22 11:53:48 +0000
  • caaf2deb22 Translated using Weblate (Polish) Weblate 2023-10-22 11:53:48 +0000
  • 7d61fb0906 Merge pull request 'Fix static-fe Twitter metadata / URL previews' (#700) from Oneric/akkoma:staticfe-metadata into develop floatingghost 2024-02-24 13:42:55 +0000
  • cdf73e0ac8 Merge pull request 'Better document database differences for Pleroma migrations' (#699) from Oneric/akkoma:doc_pleroma-migration-db into develop floatingghost 2024-02-24 04:33:43 +0000
  • 967e6b8ade Merge pull request 'Docs: Add description for mrf_reject_newly_created_account_notes' (#695) from YokaiRick/akkoma:doc_mrf_reject_acc_notes into develop floatingghost 2024-02-24 04:31:28 +0000
  • d7c8e9df27 static-fe: don’t squeeze non-square avatars Oneric 2024-02-23 23:39:44 +0000
  • a0daec6ea1 static-fe: don’t squeeze non-square emoji Oneric 2024-02-20 17:33:38 +0100
  • bff2812a93 More prominently document db migrations in migrations from Pleroma Oneric 2024-02-19 17:53:11 +0100
  • 7964272c98 Document how to avoid data loss on migration from Pleroma Oneric 2024-02-19 17:33:14 +0100
  • c08f49d88e Add tests for static-fe metadata tags Oneric 2024-02-21 00:33:32 +0000
  • 3111181d3c mix format FloatingGhost 2024-02-20 15:09:04 +0000
  • 2f9aad0e65 Merge pull request '[Security] StealEmojiPolicy: Sanitize shortcodes' (#701) from erincandescent/akkoma:stealemojipolicy-sanitize into develop floatingghost 2024-02-20 15:08:54 +0000
  • b387f4a1c1 Don't steal emoji who's shortcodes have dots or colons in their name Erin Shepherd 2024-02-20 11:31:29 +0100
  • 7d94476dd6 StealEmojiPolicy: Sanitize shortcodes Haelwenn (lanodan) Monnier 2024-02-20 08:45:48 +0100
  • c25cfe9b7a fixed spelling rick 2024-02-19 23:25:20 +0100
  • 41dd37d796 doc/cheatsheet: add missing MRFs Oneric 2024-02-19 00:13:10 +0100
  • 9830d54fa1 doc/cheatsheet: sort main MRF list alphabetically Oneric 2024-02-18 23:29:43 +0100
  • f254e4f530 doc/cheatsheet: add missing MRF config detail docs Oneric 2024-02-18 23:18:50 +0100