Commit Graph

3078 Commits

Author SHA1 Message Date
rinpatch a51284b60a Merge branch 'fix/mediaproxy-bypass-emoji' into 'develop'
Fix profile emojis bypassing mediaproxy and harden CSP

Closes #1810

See merge request pleroma/pleroma!2596
2020-06-08 00:58:30 +03:00
lain 3f13437a9c User: Truncate bios when updating a remote user. 2020-05-13 00:33:38 +03:00
lain a8abf1ada6 ActivityPub: Fix non-federating blocks. 2020-05-13 00:33:30 +03:00
lain ec5e057802 Transmogrifier: On incoming follow accept, update follow counts. 2020-05-12 23:05:57 +03:00
href 37c2deb3dd Expand and authorize streams in Streamer directly (backport from !2519) 2020-05-12 21:14:46 +02:00
lain f7c28ae544 Webfinger: Request account info with the acct scheme 2020-05-10 02:09:36 +03:00
lain 45df70e691 AP C2S: Restrict creation to `Note`s for now. 2020-05-10 02:06:38 +03:00
Haelwenn (lanodan) Monnier 797dd3f581 Increase tests on AP C2S
Related: https://git.pleroma.social/pleroma/pleroma/-/issues/954
2020-05-10 01:32:30 +03:00
rinpatch c75840f7b8 Merge branch 'follow-request-notifications' into 'develop'
Follow request notifications enforcement

See merge request pleroma/pleroma!2451
2020-05-02 18:59:12 +03:00
rinpatch 7b05933677 Merge branch '1559-follow-request-notifications' into 'develop'
[#1559] Support for "follow_request" notifications

Closes #1559

See merge request pleroma/pleroma!2354
2020-05-02 18:59:12 +03:00
rinpatch b6ca8cc539 Merge branch 'bugfix/1727-fix-signature-decoding' into 'develop'
Bugfix/1727 fix signature decoding

Closes #1727

See merge request pleroma/pleroma!2454
2020-05-01 22:10:42 +03:00
rinpatch 138e6ece1b Merge branch 'following-relationships-optimizations' into 'develop'
FollowingRelationship storage & performance optimizations

See merge request pleroma/pleroma!2332
2020-05-01 14:31:26 +03:00
Haelwenn fb9ec885cc Merge branch 'feature/1677-need_reboot-flag-endpoint' into 'develop'
Added need_reboot endpoint to admin api

Closes #1677

See merge request pleroma/pleroma!2373
2020-05-01 01:38:25 +03:00
Ivan Tashkinov 862d4886c9 [#1682] Fixed Basic Auth permissions issue by disabling OAuth scopes checks when password is provided. Refactored plugs skipping functionality. 2020-05-01 01:00:37 +03:00
rinpatch da4923f2e5 Merge branch 'authenticated-api-oauth-check-enforcement' into 'develop'
Enforcement of OAuth scopes check for authenticated API endpoints

See merge request pleroma/pleroma!2349
2020-05-01 00:58:40 +03:00
lain 1ebf8db2a5 Merge branch 'fix-object_age_policy' into 'develop'
Fix ObjectAgePolicy

See merge request pleroma/pleroma!2404
2020-05-01 00:55:37 +03:00
Haelwenn 2ff3b85326 Merge branch 'bugfix/1670-user-count' into 'develop'
Stats: Ignore internal users for user count.

Closes #1670

See merge request pleroma/pleroma!2414
2020-05-01 00:55:37 +03:00
Haelwenn bf4b5f3856 Merge branch 'fix/follow-and-blocks-import' into 'develop'
Fix follower/blocks import when nicknames starts with @

Closes #1698

See merge request pleroma/pleroma!2416
2020-05-01 00:55:37 +03:00
lain 2e58fe08cd CommonAPI: Don't make repeating announces possible 2020-05-01 00:55:34 +03:00
eugenijm 78391a00c5 Mastodon API: do not create a following relationship if the corresponding follow request doesn't exist when calling `POST /api/v1/follow_requests/:id/authorize` 2020-05-01 00:39:23 +03:00
rinpatch 61889e00fc Deactivate local users on deletion instead of deleting the record
Prevents the possibility of re-registration, which allowed to read
DMs of the deleted account.

Also includes a migration that tries to find any already deleted
accounts and insert skeletons for them.

Closes pleroma/pleroma#1687
2020-05-01 00:38:58 +03:00
rinpatch 94240cac4e Merge branch 'fix-auto-link-for-profile-fields' into 'develop'
Use Pleroma.Formatter.linkify/2 instead

See merge request pleroma/pleroma!2352
2020-04-08 00:29:19 +03:00
rinpatch 06444a1501 Merge branch 'bugfix/earmark_renderer_test' into 'develop'
test/earmark_renderer_test.exs: Rename from test/earmark_renderer_test.ex

See merge request pleroma/pleroma!2300
2020-04-02 23:02:32 +03:00
Haelwenn b0a9a02af3 Merge branch 'feature/funkwhale-audio' into 'develop'
Add support for funkwhale Audio activity

Closes #764 and #1624

See merge request pleroma/pleroma!2287
2020-04-02 23:00:23 +03:00
Haelwenn 01a3f145d5 Merge branch 'bugfix/funkwhale-channel' into 'develop'
Fix profile url for funkwhale channels, removes one source_data use

Closes #1653

See merge request pleroma/pleroma!2333
2020-04-02 22:55:09 +03:00
rinpatch e99e2a86af Merge branch 'bugfix/profile-bio-newline' into 'develop'
AccountView: fix for other forms of <br> in bio

Closes #1643

See merge request pleroma/pleroma!2322
2020-03-31 13:42:02 +03:00
lain c4d3ccc7b9 Merge branch 'admin-api-change-password' into 'develop'
Admin API: `PATCH /api/pleroma/admin/users/:nickname/update_credentials`

See merge request pleroma/pleroma!2149
2020-03-31 13:41:47 +03:00
feld 10b7b2b4a4 Merge branch 'fix/activity-deletion' into 'develop'
Fix activity deletion

Closes #1640

See merge request pleroma/pleroma!2328
2020-03-31 13:40:28 +03:00
rinpatch 0e92aa0025 Merge branch '1364-notifications-sending-control' into 'develop'
[#1364] Ability to opt-out of notifications (in all clients)

Closes #1364

See merge request pleroma/pleroma!2301
2020-03-31 13:39:58 +03:00
rinpatch e25197788f static-fe tests: fix to work on stable 2020-03-16 00:17:28 +03:00
rinpatch c46d035f7b rate limiter: disable based on if remote ip was found, not on if the plug was enabled
The current rate limiter disable logic won't trigger when the remote ip
is not forwarded, only when the remoteip plug is not enabled, which is
not the case on most instances since it's enabled by default. This
changes the behavior to warn and disable  when the remote ip was not forwarded,
even if the RemoteIP plug is enabled.

Also closes #1620
2020-03-16 00:15:21 +03:00
rinpatch 9d09755291 rip out fetch_initial_posts
Every time someone tries to use it, it goes mad and tries to scrape the
entire fediverse for no visible reason, it's better to just remove it
than continue shipping it in it's current state.

idea acked by lain and feld on irc

Closes #1595 #1422
2020-03-16 00:15:11 +03:00
rinpatch fcf51a77ba Merge branch 'features/staticfe-sanitization' into 'develop'
static_fe: Sanitize HTML

Closes #1614

See merge request pleroma/pleroma!2299
2020-03-16 00:14:04 +03:00
rinpatch 0b823755a2 Merge branch 'fix/cache-control-headers' into 'develop'
Fix Cache Control headers on media

See merge request pleroma/pleroma!2295
2020-03-15 17:01:04 +03:00
Egor Kislitsyn ffd636f109 Fix hashtags WebSocket streaming 2020-03-15 17:00:18 +03:00
Haelwenn (lanodan) Monnier 5f9fbd7d33 Formatting: Do not use \n and prefer <br> instead
It moves bbcode to bbcode_pleroma as the former is owned by kaniini
and transfering ownership wasn't done in a timely manner.

Closes: https://git.pleroma.social/pleroma/pleroma/issues/1374
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1375
2020-03-15 16:59:52 +03:00
rinpatch 80bc8c2cc9 Revert "Set better Cache-Control header for static content"
On furher investigation it seems like all that did was cause unintuitive
behavior. The emoji request flood that was the reason for introducing it
isn't really that big of a deal either, since Plug.Static only needs to
read file modification time and size to determine the ETag.

Closes #1613
2020-03-15 16:59:39 +03:00
feld e7837bc14e Merge branch 'fix/signup-without-email' into 'develop'
Allow account registration without an email

See merge request pleroma/pleroma!2246
2020-03-15 16:58:51 +03:00
Mark Felder f8dc597c51 Fix enforcement of character limits 2020-03-15 16:58:13 +03:00
rinpatch 423cfaf141 Merge branch 'fix/1610-release-compilation-config-fix' into 'develop'
Merging default release config on app start

Closes #1610

See merge request pleroma/pleroma!2288
2020-03-15 16:57:59 +03:00
Alexander Strizhakov 7cf7083076 relay list shows hosts without accepted follow 2020-03-15 16:55:20 +03:00
lain f1750b4658 Admin API tests: Fix wrong test. 2020-03-05 12:42:02 +01:00
lain 4bce13fa2f MastodonController: Return 404 errors correctly. 2020-03-04 18:09:06 +01:00
lain 6f7a8c43a2 Merge branch 'fix/no-email-no-fail' into 'develop'
Do not fail when user has no email

See merge request pleroma/pleroma!2249
2020-03-04 12:43:06 +00:00
Mark Felder 5592db4757 Older copyright updates 2020-03-03 16:46:45 -06:00
Mark Felder 05da5f5cca Update Copyrights 2020-03-03 16:44:49 -06:00
Haelwenn 764a50f8a6 Merge branch 'feature/1482-activity_pub_transactions' into 'develop'
ActivityPub actions & side-effects in transaction

Closes #1482

See merge request pleroma/pleroma!2089
2020-03-02 07:58:01 +00:00
Haelwenn (lanodan) Monnier 6da6540036
Bump copyright years of files changed after 2020-01-07
Done via the following command:
git diff fcd5dd259a --stat --name-only | xargs sed -i '/Pleroma Authors/c# Copyright © 2017-2020 Pleroma Authors <https:\/\/pleroma.social\/>'
2020-03-02 06:08:45 +01:00
Haelwenn (lanodan) Monnier 6c0d869d9d
Bump copyright years of files changed after 2019-01-01
Done via the following command:
git diff 1e6c102b --stat --name-only | cat - | xargs sed -i 's/2017-2018 Pleroma Authors/2017-2019 Pleroma Authors/'
2020-03-02 05:54:56 +01:00
Alexander Strizhakov 32d1e04817
ActivityPub actions & side-effects in transaction 2020-03-01 12:01:39 +03:00