9876742358
Return 413 when an actor's banner or background exceeds the size limit
2022-12-11 23:15:08 +01:00
452595baed
Uploading an avatar media exceeding max size returns a 413
...
Until now it was returning a 500 because the upload plug were going
through the changeset and ending in the JSON encoder, which raised
because struct has to @derive the encoder.
2022-12-11 22:54:47 +01:00
204fd6faae
Merge branch 'from/upstream-develop/tusooa/report-fake' into 'develop'
...
Report an Object, not a Create Activity
Closes #2986
See merge request pleroma/pleroma!3788
2022-12-09 14:25:24 +00:00
0f88c2bca4
Change follow_operation schema to use type BooleanLike
2022-11-28 00:13:34 +00:00
542bb17258
ArticleNotePageValidator: fix replies fixing
...
Some software, like GoToSocial, expose replies as ActivityPub
Collections, but do not expose any item array directly in the object,
causing validation to fail via the ObjectID validator. Now, Pleroma will
drop that field in this situation too.
2022-11-27 04:54:19 +01:00
747311f623
fix resolution of GTS user keys
2022-11-27 04:54:18 +01:00
11d5ad24c5
Make local-only posts stream in local timeline
2022-11-27 04:39:32 +01:00
e46c3a0595
Do not stream out Create of ChatMessage
2022-11-27 04:39:32 +01:00
09ab51eebb
Make mutes and blocks behave the same as other lists
2022-11-27 04:21:58 +01:00
7ec3469bea
Transmogrifier: Use validating regex for "mediaType"
2022-11-27 04:21:31 +01:00
8640d217b1
AttachmentValidator: Use custom ecto type and regex for "mediaType"
2022-11-27 04:21:31 +01:00
da71092003
EctoType: Add MIME validator
2022-11-27 04:21:31 +01:00
4504c81080
Delete report notifs when demoting from superuser
...
When someone isn't a superuser any more, they shouldn't see the reporsts any more either.
Here we delete the report notifications from a user when that user gets updated from being a superuser to a non-superuser.
2022-11-27 04:20:11 +01:00
7f0b3161ea
Merge branch 'akoma/deactivated-users' into 'develop'
...
Timeline query performance improvements
See merge request pleroma/pleroma!3779
2022-11-20 23:40:58 +00:00
9d99e76a3a
Fix unit tests
2022-11-20 00:57:04 -05:00
0e0c316c76
Fix report api
2022-11-20 00:35:52 -05:00
a69e9ae2ef
Flag an Object, not an Activity
2022-11-19 23:51:43 -05:00
a31d3589ed
Update http_security_plug.ex
2022-11-17 12:03:01 -05:00
79bd363a68
Update lib/pleroma/web/plugs/http_security_plug.ex
2022-11-17 12:03:01 -05:00
db76ea578a
try to fix ruffle on chrome
2022-11-17 12:03:01 -05:00
a9d991d31e
Merge branch 'develop' into 'akoma/deactivated-users'
...
# Conflicts:
# CHANGELOG.md
2022-11-14 14:03:11 +00:00
0e1356ef9c
Merge branch 'akkoma/delete-improvements' into 'develop'
...
Alter priority of Delete activities to be lowest
See merge request pleroma/pleroma!3782
2022-11-14 07:24:46 +00:00
76ed0da09f
Merge branch 'bugfix/reset-unreachable-on-fetch' into 'develop'
...
Object.Fetcher: Set reachable on successful fetch
See merge request pleroma/pleroma!3780
2022-11-14 07:22:33 +00:00
2e0089dd5c
Alter priority of Delete activities to be lowest
...
This will prevent a user with a large number of posts from negatively affecting performance of the outgoing federation queue if they delete their account.
2022-11-13 14:11:48 -05:00
a2db64b12b
Merge branch 'fix-typo-in-csp-report-to-header-name' into 'develop'
...
Fix typo in CSP Report-To header name
See merge request pleroma/pleroma!3768
2022-11-13 18:53:59 +00:00
47b9847edd
Deletes do not generate notifications of any kind, so skip trying
2022-11-13 12:25:52 -05:00
b2713357b9
Object.Fetcher: Set reachable on successful fetch
2022-11-13 16:51:12 +01:00
edaf0a05f8
Add same optimized join for excluding invisible users
2022-11-12 18:06:28 -05:00
749445dd50
Fix reports which do not have a user
...
The check for deactivated users was being applied to report activities.
2022-11-12 17:54:11 -05:00
4d321be05c
Extract deactivated users query to a join
2022-11-12 17:52:28 -05:00
3d1828f43b
Merge branch 'oban-timeouts' into 'develop'
...
Define sane Oban Worker timeouts
See merge request pleroma/pleroma!3777
2022-11-12 22:13:28 +00:00
1b0e47b79b
Merge branch 'from/upstream-develop/tusooa/no-strip-report' into 'develop'
...
Give admin the choice to not strip reported statuses
Closes #2887
See merge request pleroma/pleroma!3773
2022-11-12 17:55:50 +00:00
8be7f87e1f
Define sane Oban Worker timeouts
2022-11-11 13:46:27 -05:00
6b87b3f2ea
Remove Quack logging backend
2022-11-11 12:36:29 -05:00
717c5901f8
Render a generated reported activity properly
2022-11-09 23:02:27 -05:00
6f047cc308
Do not strip reported statuses when configured not to
2022-11-09 22:36:57 -05:00
648e012022
ObjectAgePolicy: Make strip_followers behavior for followers-only explicit
2022-11-07 14:58:47 +01:00
bdedc41cbc
Fix typo in CSP Report-To header name
...
The header name was Report-To, not Reply-To.
In any case, that's now being changed to the Reporting-Endpoints HTTP
Response Header.
https://w3c.github.io/reporting/#header
https://github.com/w3c/reporting/issues/177
CanIUse says the Report-To header is still supported by current Chrome
and friends.
https://caniuse.com/mdn-http_headers_report-to
It doesn't have any data for the Reporting-Endpoints HTTP header, but
this article says Chrome 96 supports it.
https://web.dev/reporting-api/
(Even though that's come out one year ago, that's not compatible with
Network Error Logging which's still using the Report-To version of the
API)
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2022-11-04 09:43:13 +01:00
7c64f705f6
Update to Phoenix 1.6 and chase dependencies
...
Also bump minimum Elixir to 1.11
2022-11-03 16:13:07 +00:00
8407e26b0c
rebase fix
2022-11-03 10:06:36 -04:00
5a9ea98baf
XML WebFinger user representation correct domain
2022-11-03 09:48:59 -04:00
4121bca895
expanding WebFinger
2022-11-03 09:48:24 -04:00
da0ef154a6
Merge branch 'from/upstream-develop/tusooa/2930-get-or-fetch' into 'develop'
...
Fix User.get_or_fetch/1 with usernames starting with http
Closes #2930
See merge request pleroma/pleroma!3751
2022-10-30 00:38:21 +00:00
9fbf01f7a9
Merge branch 'push-updates' into 'develop'
...
Push.Impl: support edits
See merge request pleroma/pleroma!3760
2022-10-27 12:51:29 +00:00
7a519b6a66
Merge branch 'fix-deprecation-text' into 'develop'
...
Fix deprecation warning for Gun timeout
See merge request pleroma/pleroma!3759
2022-10-24 14:22:49 +00:00
16b06160ac
CommonAPI: generate ModerationLog for all admin/moderator deletes
...
As a side-effect it also changes the ChatMessage delete ID to an
Activity.id rather than MessageReference.id
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/2958
2022-10-14 18:51:08 +02:00
dd82fd234f
Merge branch 'release/2.4.4' into mergeback/2.4.4
2022-10-08 22:15:09 -04:00
1b238a4fad
Push.Impl: support edits
...
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2022-10-01 23:28:02 +02:00
1958f23fe7
Fix deprecation warning for Gun timeout
2022-09-30 12:22:06 -04:00
3f1c31b7cd
Merge branch 'fix/exclude-deactivated-in-search' into 'develop'
...
User: search: exclude inactive users from user search
See merge request pleroma/pleroma!3755
2022-09-27 23:58:45 +00:00
5d7d623390
Merge branch 'bugfix/elixir-1.14' into 'develop'
...
Bugfix: Elixir 1.14
See merge request pleroma/pleroma!3740
2022-09-27 21:46:03 +00:00
2d7ea263a1
Add extra routes to :users_manage_credentials privilege
2022-09-24 13:52:28 +02:00
1a7107f4a5
Merge branch 'remove_from_followers' into 'develop'
...
MastoAPI: POST /api/v1/accounts/:id/remove_from_followers
See merge request pleroma/pleroma!3647
2022-09-16 23:24:13 +00:00
7f63b4c315
User: search: exclude deactivated users from user search
...
This way we don't pollute search results with deactivated and deleted users
2022-09-16 00:49:16 +03:00
ea60c4e709
Fix wrong relationship direction
2022-09-14 20:24:04 -04:00
0b19625bfb
ObjectView: do not fetch an object for its ID
...
Non-Create/Listen activities had their associated object field
normalized and fetched, but only to use their `id` field, which is both
slow and redundant. This also failed on Undo activities, which delete
the associated object/activity in database.
Undo activities will now render properly and database loads should
improve ever so slightly.
2022-09-11 04:54:04 +02:00
50923f5438
Fix User.get_or_fetch/1 with usernames starting with http
2022-09-08 11:58:17 -04:00
b8d6cb5845
Merge branch 'from/upstream-develop/tusooa/2892-backup-scope' into 'develop'
...
Make backups require its own scope
Closes #2892
See merge request pleroma/pleroma!3721
2022-09-05 15:42:02 +00:00
346c130ddc
Merge branch 'fix/user-private-key-generation' into 'develop'
...
User: generate private keys on user creation
See merge request pleroma/pleroma!3737
2022-09-05 15:38:15 +00:00
f7c2073103
Merge branch 'bump/min-elixir-1.10' into 'develop'
...
Bump minimum Elixir version to 1.10
See merge request pleroma/pleroma!3741
2022-09-05 15:19:34 +00:00
9874b4c985
Merge branch 'develop' into 'from/upstream-develop/tusooa/2892-backup-scope'
...
# Conflicts:
# CHANGELOG.md
2022-09-05 15:00:19 +00:00
cd237d22f1
User: generate private keys on user creation
...
This fixes a race condition bug where keys could be regenerated
post-federation, causing activities and HTTP signatures from an user to
be dropped due to key differences.
2022-09-05 03:51:17 +02:00
f8afba95b2
Merge branch 'fix/gts-federation' into 'develop'
...
GoToSocial federation fixes
See merge request pleroma/pleroma!3725
2022-09-05 01:10:34 +00:00
20347898e2
Merge branch 'fix/federation-context-issues' into 'develop'
...
Fix reply context fixing (Pleroma replies to Misskey threads) and removal of context objects
See merge request pleroma/pleroma!3717
2022-09-04 18:43:36 +00:00
c63cf954de
Merge branch 'from/upstream-develop/tusooa/streaming-fix' into 'develop'
...
Streaming fix
Closes #2796
See merge request pleroma/pleroma!3738
2022-09-03 18:24:28 +00:00
4477c6baff
Metadata/Utils: use summary as description if set
...
When generating OpenGraph and TwitterCard metadata for a post, the
summary field will be used first if it is set to generate the post
description.
2022-09-03 17:17:48 +02:00
257601d67d
Merge branch 'ssh-bbs-improvements' into 'develop'
...
BBS: add functionnalities and readability
See merge request pleroma/pleroma!3675
2022-09-03 11:15:07 +00:00
299255b9bb
Merge branch 'from/upstream-develop/tusooa/assoc-object-id' into 'develop'
...
Add function to calculate associated object id
Closes #2307
See merge request pleroma/pleroma!3692
2022-09-03 02:50:40 +00:00
e40c221c31
Merge branch 'from/upstream-develop/tusooa/edits' into 'develop'
...
Editing
Closes #1429 , #2859 , and #2288
See merge request pleroma/pleroma!3678
2022-09-03 02:16:42 +00:00
07ef72f493
Merge branch 'from/develop/tusooa/2807-remote-xact-post' into 'develop'
...
Remote interaction with posts
Closes #2807 and #978
See merge request pleroma/pleroma!3587
2022-09-03 02:03:48 +00:00
ec80a1e405
Bump minimum Elixir version to 1.10
...
1.9 being end-of-life
2022-09-03 03:58:22 +02:00
e124776d14
Elixir 1.14 formatting
2022-09-03 03:58:22 +02:00
21ab7369ca
Bump minimum Elixir version to 1.10
...
With the release of Elixir 1.14, Elixir 1.9 is now end-of-life.
Elixir 1.10 Release Notes:
https://github.com/elixir-lang/elixir/releases/tag/v1.10.0
2022-09-02 22:53:54 +02:00
20a0dd6516
Exclude Announce instead of restricting to Create in visibility_tags
2022-08-31 22:14:54 -04:00
ffd379456b
Do not stream out Announces to public timelines
2022-08-31 15:57:06 -04:00
f9b86c3c22
Make local-only posts stream in local timeline
2022-08-27 19:34:56 -04:00
3afa1903ee
Do not stream out Create of ChatMessage
2022-08-27 17:51:41 -04:00
a546e6f042
Merge branch 'feature/emoji-15-support' into 'develop'
...
emoji-test: update to latest 15.0 draft
See merge request pleroma/pleroma!3726
2022-08-27 00:59:22 +00:00
59109f8f74
Merge branch 'fix_flaky_test_user_relationship_test.exs_81' into 'develop'
...
fix flaky test_user_relationship_test.exs:81
See merge request pleroma/pleroma!3697
2022-08-24 15:24:07 +00:00
47e3a72b6e
fix flaky test_user_relationship_test.exs:81
2022-08-24 15:24:07 +00:00
439c1baf25
OAuthPlug: use user cache instead of joining
...
As this plug is called on every request, this should reduce load on the
database by not requiring to select on the users table every single
time, and to instead use the by-ID user cache whenever possible.
2022-08-24 03:40:05 +02:00
c59ee1f172
Expose availability of GET /main/ostatus via instance
2022-08-20 21:19:31 -04:00
4ec9eeb3f8
Make remote interaction page translatable
2022-08-20 21:14:26 -04:00
1218adacc5
Display status link in remote interaction form
2022-08-20 21:13:52 -04:00
b7c75db0f7
Lint
2022-08-20 21:13:51 -04:00
779457d9a4
Add GET endpoints for remote subscription forms
...
There are two reasons for adding a GET endpoint:
0: Barely displaying the form does not change anything on the server.
1: It makes frontend development easier as they can now use a link,
instead of a form, to allow remote users to interact with local ones.
2022-08-20 21:13:51 -04:00
a243a217a7
Fix form item name in status_interact.html
2022-08-20 21:13:51 -04:00
2701628786
Add remote interaction ui for posts
2022-08-20 21:13:51 -04:00
3885ee182a
Switch to associated_object_id index
2022-08-20 20:43:46 -04:00
a31d6bb52c
Execute session disconnect in background
2022-08-19 20:24:24 -04:00
f459c1260b
Lint
2022-08-19 20:24:24 -04:00
c62a4f1c17
Disconnect streaming sessions when token is revoked
2022-08-19 20:22:45 -04:00
0cee3c6e93
emoji-test: update to latest 15.0 draft
2022-08-20 00:21:07 +02:00
4661b56720
ArticleNotePageValidator: fix replies fixing
...
Some software, like GoToSocial, expose replies as ActivityPub
Collections, but do not expose any item array directly in the object,
causing validation to fail via the ObjectID validator. Now, Pleroma will
drop that field in this situation too.
2022-08-19 02:45:49 +02:00
61254111e5
HttpSignaturePlug: accept standard (request-target)
...
The (request-target) used by Pleroma is non-standard, but many HTTP
signature implementations do it this way due to a misinterpretation of
the draft 06 of HTTP signatures: "path" was interpreted as not having
the query, though later examples show that it must be the absolute path
with the query part of the URL as well.
This behavior is kept to make sure most software (Pleroma itself,
Mastodon, and probably others) do not break, but Pleroma now accepts
signatures for a (request-target) containing the query, as expected by
many HTTP signature libraries, and clarified in the draft 11 of HTTP
signatures.
Additionally, the new draft renamed (request-target) to @request-target.
We now support both for incoming requests' signatures.
2022-08-18 17:01:34 +02:00
f41d970a59
fix resolution of GTS user keys
2022-08-16 18:51:34 +02:00
88c1c76d3e
Migrations: delete contexts with BaseMigrator
...
Due to the lengthiness of this task, the migration has been adapted into
a BaseMigrator migration, running in the background instead.
2022-08-15 01:47:09 +02:00
bb02ee99f5
CommonFixes: more predictable context generation
...
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2022-08-15 01:46:55 +02:00
06f9324afe
Merge branch 'from/upstream-develop/tusooa/2912-receiver-reject-mrf' into 'develop'
...
Treat MRF rejects as success in Oban worker
Closes #2912
See merge request pleroma/pleroma!3720
2022-08-12 01:37:40 +00:00
837d4dc87f
Merge branch 'fix_flaky_tests_where_we_sometimes_loose_db_connections' into 'develop'
...
Fix flaky tests with DB connections; Allow higher amount of restarts for Pleroma.Repo during testing
See merge request pleroma/pleroma!3696
2022-08-12 01:36:11 +00:00
duponin