Merge branch 'stable-sync/2.1.0' into 'develop'
Merge stable in develop and bump development version Closes #1610, #1621, #1613, #1375, #1374, #1614, #1422, #1595, #1620, #1364, #1640, #1643, #1653, #1624, #764, #1687, #1698, #1670, #1677, #1727, #1559, #1746, #1313, #1810, #751, and #866 See merge request pleroma/pleroma!2928
This commit is contained in:
commit
51844b1e42
|
@ -65,19 +65,21 @@ unit-testing:
|
||||||
- mix ecto.migrate
|
- mix ecto.migrate
|
||||||
- mix coveralls --preload-modules
|
- mix coveralls --preload-modules
|
||||||
|
|
||||||
federated-testing:
|
# Removed to fix CI issue. In this early state it wasn't adding much value anyway.
|
||||||
stage: test
|
# TODO Fix and reinstate federated testing
|
||||||
cache: *testing_cache_policy
|
# federated-testing:
|
||||||
services:
|
# stage: test
|
||||||
- name: minibikini/postgres-with-rum:12
|
# cache: *testing_cache_policy
|
||||||
alias: postgres
|
# services:
|
||||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
# - name: minibikini/postgres-with-rum:12
|
||||||
script:
|
# alias: postgres
|
||||||
- mix deps.get
|
# command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||||
- mix ecto.create
|
# script:
|
||||||
- mix ecto.migrate
|
# - mix deps.get
|
||||||
- epmd -daemon
|
# - mix ecto.create
|
||||||
- mix test --trace --only federated
|
# - mix ecto.migrate
|
||||||
|
# - epmd -daemon
|
||||||
|
# - mix test --trace --only federated
|
||||||
|
|
||||||
unit-testing-rum:
|
unit-testing-rum:
|
||||||
stage: test
|
stage: test
|
||||||
|
|
76
CHANGELOG.md
76
CHANGELOG.md
|
@ -3,7 +3,7 @@ All notable changes to this project will be documented in this file.
|
||||||
|
|
||||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
|
|
||||||
## [unreleased]
|
## [2.1.0] - 2020-08-28
|
||||||
|
|
||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
|
@ -116,11 +116,78 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Migrations not working on OTP releases if the database was connected over ssl
|
- Migrations not working on OTP releases if the database was connected over ssl
|
||||||
- Fix relay following
|
- Fix relay following
|
||||||
|
|
||||||
## [Unreleased (patch)]
|
## [2.0.7] - 2020-06-13
|
||||||
|
|
||||||
|
### Security
|
||||||
|
- Fix potential DoSes exploiting atom leaks in rich media parser and the `UserAllowListPolicy` MRF policy
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
- CSP: not allowing images/media from every host when mediaproxy is disabled
|
||||||
|
- CSP: not adding mediaproxy base url to image/media hosts
|
||||||
|
- StaticFE missing the CSS file
|
||||||
|
|
||||||
|
### Upgrade notes
|
||||||
|
|
||||||
|
1. Restart Pleroma
|
||||||
|
|
||||||
|
## [2.0.6] - 2020-06-09
|
||||||
|
|
||||||
|
### Security
|
||||||
|
- CSP: harden `image-src` and `media-src` when MediaProxy is used
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
- AP C2S: Fix pagination in inbox/outbox
|
||||||
|
- Various compilation errors on OTP 23
|
||||||
|
- Mastodon API streaming: Repeats from muted threads not being filtered
|
||||||
|
|
||||||
|
### Changed
|
||||||
|
- Various database performance improvements
|
||||||
|
|
||||||
|
### Upgrade notes
|
||||||
|
1. Run database migrations (inside Pleroma directory):
|
||||||
|
- OTP: `./bin/pleroma_ctl migrate`
|
||||||
|
- From Source: `mix ecto.migrate`
|
||||||
|
2. Restart Pleroma
|
||||||
|
|
||||||
|
## [2.0.5] - 2020-05-13
|
||||||
|
|
||||||
|
### Security
|
||||||
|
- Fix possible private status leaks in Mastodon Streaming API
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
- Crashes when trying to block a user if block federation is disabled
|
||||||
|
- Not being able to start the instance without `erlang-eldap` installed
|
||||||
|
- Users with bios over the limit getting rejected
|
||||||
|
- Follower counters not being updated on incoming follow accepts
|
||||||
|
|
||||||
|
### Upgrade notes
|
||||||
|
|
||||||
|
1. Restart Pleroma
|
||||||
|
|
||||||
|
## [2.0.4] - 2020-05-10
|
||||||
|
|
||||||
|
### Security
|
||||||
|
- AP C2S: Fix a potential DoS by creating nonsensical objects that break timelines
|
||||||
|
|
||||||
|
### Fixed
|
||||||
|
- Peertube user lookups not working
|
||||||
|
- `InsertSkeletonsForDeletedUsers` migration failing on some instances
|
||||||
- Healthcheck reporting the number of memory currently used, rather than allocated in total
|
- Healthcheck reporting the number of memory currently used, rather than allocated in total
|
||||||
- `InsertSkeletonsForDeletedUsers` failing on some instances
|
- LDAP not being usable in OTP releases
|
||||||
|
- Default apache configuration having tls chain issues
|
||||||
|
|
||||||
|
### Upgrade notes
|
||||||
|
|
||||||
|
#### Apache only
|
||||||
|
|
||||||
|
1. Remove the following line from your config:
|
||||||
|
```
|
||||||
|
SSLCertificateFile /etc/letsencrypt/live/${servername}/cert.pem
|
||||||
|
```
|
||||||
|
|
||||||
|
#### Everyone
|
||||||
|
|
||||||
|
1. Restart Pleroma
|
||||||
|
|
||||||
## [2.0.3] - 2020-05-02
|
## [2.0.3] - 2020-05-02
|
||||||
|
|
||||||
|
@ -144,7 +211,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Follow request notifications
|
- Follow request notifications
|
||||||
<details>
|
<details>
|
||||||
<summary>API Changes</summary>
|
<summary>API Changes</summary>
|
||||||
|
|
||||||
- Admin API: `GET /api/pleroma/admin/need_reboot`.
|
- Admin API: `GET /api/pleroma/admin/need_reboot`.
|
||||||
</details>
|
</details>
|
||||||
|
|
||||||
|
@ -179,6 +245,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Static-FE: Fix remote posts not being sanitized
|
- Static-FE: Fix remote posts not being sanitized
|
||||||
|
|
||||||
### Fixed
|
### Fixed
|
||||||
|
=======
|
||||||
|
- Rate limiter crashes when there is no explicitly specified ip in the config
|
||||||
- 500 errors when no `Accept` header is present if Static-FE is enabled
|
- 500 errors when no `Accept` header is present if Static-FE is enabled
|
||||||
- Instance panel not being updated immediately due to wrong `Cache-Control` headers
|
- Instance panel not being updated immediately due to wrong `Cache-Control` headers
|
||||||
- Statuses posted with BBCode/Markdown having unncessary newlines in Pleroma-FE
|
- Statuses posted with BBCode/Markdown having unncessary newlines in Pleroma-FE
|
||||||
|
|
|
@ -7,6 +7,8 @@ defmodule Pleroma.Plugs.RemoteIp do
|
||||||
This is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
|
This is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
|
||||||
"""
|
"""
|
||||||
|
|
||||||
|
import Plug.Conn
|
||||||
|
|
||||||
@behaviour Plug
|
@behaviour Plug
|
||||||
|
|
||||||
@headers ~w[
|
@headers ~w[
|
||||||
|
@ -26,11 +28,12 @@ defmodule Pleroma.Plugs.RemoteIp do
|
||||||
|
|
||||||
def init(_), do: nil
|
def init(_), do: nil
|
||||||
|
|
||||||
def call(conn, _) do
|
def call(%{remote_ip: original_remote_ip} = conn, _) do
|
||||||
config = Pleroma.Config.get(__MODULE__, [])
|
config = Pleroma.Config.get(__MODULE__, [])
|
||||||
|
|
||||||
if Keyword.get(config, :enabled, false) do
|
if Keyword.get(config, :enabled, false) do
|
||||||
RemoteIp.call(conn, remote_ip_opts(config))
|
%{remote_ip: new_remote_ip} = conn = RemoteIp.call(conn, remote_ip_opts(config))
|
||||||
|
assign(conn, :remote_ip_found, original_remote_ip != new_remote_ip)
|
||||||
else
|
else
|
||||||
conn
|
conn
|
||||||
end
|
end
|
||||||
|
|
2
mix.exs
2
mix.exs
|
@ -4,7 +4,7 @@ defmodule Pleroma.Mixfile do
|
||||||
def project do
|
def project do
|
||||||
[
|
[
|
||||||
app: :pleroma,
|
app: :pleroma,
|
||||||
version: version("2.0.50"),
|
version: version("2.1.50"),
|
||||||
elixir: "~> 1.9",
|
elixir: "~> 1.9",
|
||||||
elixirc_paths: elixirc_paths(Mix.env()),
|
elixirc_paths: elixirc_paths(Mix.env()),
|
||||||
compilers: [:phoenix, :gettext] ++ Mix.compilers(),
|
compilers: [:phoenix, :gettext] ++ Mix.compilers(),
|
||||||
|
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1 +1 @@
|
||||||
<!DOCTYPE html><html><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><meta name=renderer content=webkit><meta name=viewport content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no"><title>Admin FE</title><link rel="shortcut icon" href=favicon.ico><link href=chunk-elementUI.1abbc9b8.css rel=stylesheet><link href=chunk-libs.5cf7f50a.css rel=stylesheet><link href=app.61bb0915.css rel=stylesheet></head><body><div id=app></div><script type=text/javascript src=static/js/runtime.aaeb14f8.js></script><script type=text/javascript src=static/js/chunk-elementUI.2de79b84.js></script><script type=text/javascript src=static/js/chunk-libs.76802be9.js></script><script type=text/javascript src=static/js/app.ad6a566b.js></script></body></html>
|
<!DOCTYPE html><html><head><meta charset=utf-8><meta http-equiv=X-UA-Compatible content="IE=edge,chrome=1"><meta name=renderer content=webkit><meta name=viewport content="width=device-width,initial-scale=1,maximum-scale=1,user-scalable=no"><title>Admin FE</title><link rel="shortcut icon" href=favicon.ico><link href=chunk-elementUI.40545a1f.css rel=stylesheet><link href=chunk-libs.0380664d.css rel=stylesheet><link href=app.07a1f8db.css rel=stylesheet></head><body><div id=app></div><script type=text/javascript src=static/js/runtime.04c4fa2f.js></script><script type=text/javascript src=static/js/chunk-elementUI.8e5c404c.js></script><script type=text/javascript src=static/js/chunk-libs.f842b12e.js></script><script type=text/javascript src=static/js/app.1df22cde.js></script></body></html>
|
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
|
@ -1 +1 @@
|
||||||
<!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1,user-scalable=no"><title>Pleroma</title><!--server-generated-meta--><link rel=icon type=image/png href=/favicon.png><link href=/static/css/app.77b1644622e3bae24b6b.css rel=stylesheet><link href=/static/fontello.1597327457363.css rel=stylesheet></head><body class=hidden><noscript>To use Pleroma, please enable JavaScript.</noscript><div id=app></div><script type=text/javascript src=/static/js/vendors~app.811c8482146cad566f7e.js></script><script type=text/javascript src=/static/js/app.032cb80dafd1f208df1c.js></script></body></html>
|
<!DOCTYPE html><html lang=en><head><meta charset=utf-8><meta name=viewport content="width=device-width,initial-scale=1,user-scalable=no"><title>Pleroma</title><!--server-generated-meta--><link rel=icon type=image/png href=/favicon.png><link href=/static/css/app.77b1644622e3bae24b6b.css rel=stylesheet><link href=/static/fontello.1598361006087.css rel=stylesheet></head><body class=hidden><noscript>To use Pleroma, please enable JavaScript.</noscript><div id=app></div><script type=text/javascript src=/static/js/vendors~app.bc5812c087f5dbcb914d.js></script><script type=text/javascript src=/static/js/app.154c25316542278028a6.js></script></body></html>
|
Binary file not shown.
Binary file not shown.
Before Width: | Height: | Size: 28 KiB After Width: | Height: | Size: 28 KiB |
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Binary file not shown.
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue