From 97037c0b53472f61f17263f318166f986a25baa5 Mon Sep 17 00:00:00 2001 From: Bryan Fink Date: Fri, 7 Jul 2023 11:35:01 -0500 Subject: [PATCH 01/24] do not fetch if limit_to_local_content is enabled Prior to this change, anyone, authenticated or not, could submit a search query for an activity by URL, and cause the fetcher to go fetch it. That shouldn't happen if `limit_to_local_content` is set to `:all` or if it's set to `:unauthenticated` and the query came from an unauthenticated source. --- lib/pleroma/search/database_search.ex | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/lib/pleroma/search/database_search.ex b/lib/pleroma/search/database_search.ex index 3735a5fab..8f6bf30b4 100644 --- a/lib/pleroma/search/database_search.ex +++ b/lib/pleroma/search/database_search.ex @@ -132,21 +132,29 @@ defmodule Pleroma.Search.DatabaseSearch do ) end - def maybe_restrict_local(q, user) do + def should_restrict_local(user) do limit = Pleroma.Config.get([:instance, :limit_to_local_content], :unauthenticated) case {limit, user} do - {:all, _} -> restrict_local(q) - {:unauthenticated, %User{}} -> q - {:unauthenticated, _} -> restrict_local(q) - {false, _} -> q + {:all, _} -> true + {:unauthenticated, %User{}} -> false + {:unauthenticated, _} -> true + {false, _} -> false + end + end + + def maybe_restrict_local(q, user) do + case should_restrict_local(user) do + true -> restrict_local(q) + false -> q end end defp restrict_local(q), do: where(q, local: true) def maybe_fetch(activities, user, search_query) do - with true <- Regex.match?(~r/https?:/, search_query), + with false <- should_restrict_local(user), + true <- Regex.match?(~r/https?:/, search_query), {:ok, object} <- Fetcher.fetch_object_from_id(search_query), %Activity{} = activity <- Activity.get_create_by_object_ap_id(object.data["id"]), true <- Visibility.visible_for_user?(activity, user) do From e4332d06b5cb94c619ceb9844123f45f08369c7e Mon Sep 17 00:00:00 2001 From: Norm Date: Thu, 17 Oct 2024 02:33:42 -0400 Subject: [PATCH 02/24] update nsfwCensorImage suggestion in config/description.exs Turns out this is also used to set the default values in adminfe. However, this URL may break with newer Akkoma-FE versions. Instead, set this to blank so that it falls back to the default NSFW cover image set at build time on Akkoma-FE. --- config/description.exs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/config/description.exs b/config/description.exs index b69478fdb..7f97740b4 100644 --- a/config/description.exs +++ b/config/description.exs @@ -1184,7 +1184,7 @@ config :pleroma, :config_description, [ logoMask: true, minimalScopesMode: false, noAttachmentLinks: false, - nsfwCensorImage: "/static/img/nsfw.74818f9.png", + nsfwCensorImage: "", postContentType: "text/plain", redirectRootLogin: "/main/friends", redirectRootNoLogin: "/main/all", @@ -1285,7 +1285,7 @@ config :pleroma, :config_description, [ type: {:string, :image}, description: "URL of the image to use for hiding NSFW media attachments in the timeline", - suggestions: ["/static/img/nsfw.74818f9.png"] + suggestions: [""] }, %{ key: :postContentType, From a2e397a79d05af35211f313a12ccb7e5ad800571 Mon Sep 17 00:00:00 2001 From: Norm Date: Tue, 22 Oct 2024 15:56:22 -0400 Subject: [PATCH 03/24] Update asdf install docs in Debian install guide Instead of trying to update the version of asdf being used, just point users to the guide on their website. Ideally we'd do this for Elixir and Erlang as well, but new versions of those packages may sometimes have compatibility issues with Akkoma. For now, update those to the latest OTP and Elixir versions known to be comaptible with Akkoma. --- docs/docs/installation/debian_based_en.md | 26 ++++++++--------------- 1 file changed, 9 insertions(+), 17 deletions(-) diff --git a/docs/docs/installation/debian_based_en.md b/docs/docs/installation/debian_based_en.md index 5dddabe7f..442849e69 100644 --- a/docs/docs/installation/debian_based_en.md +++ b/docs/docs/installation/debian_based_en.md @@ -35,32 +35,24 @@ sudo useradd -r -s /bin/false -m -d /var/lib/akkoma -U akkoma ### Install Elixir and Erlang +#### Using `apt` If your distribution packages a recent enough version of Elixir, you can install it directly from the distro repositories and skip to the next section of the guide: ```shell sudo apt install elixir erlang-dev erlang-nox ``` -Otherwise use [asdf](https://github.com/asdf-vm/asdf) to install the latest versions of Elixir and Erlang. +#### Using `asdf` +If your distribution does not have a recent version of Elxir in their repositories, you can use [asdf](https://asdf-vm.com/) to install a newer version of Elixir and Erlang. First, install some dependencies needed to build Elixir and Erlang: ```shell sudo apt install curl unzip build-essential autoconf m4 libncurses5-dev libssh-dev unixodbc-dev xsltproc libxml2-utils libncurses-dev ``` -Then login to the `akkoma` user and install asdf: -```shell -git clone https://github.com/asdf-vm/asdf.git ~/.asdf --branch v0.11.3 -``` +Then login to the `akkoma` user. -Add the following lines to `~/.bashrc`: -```shell -. "$HOME/.asdf/asdf.sh" -# asdf completions -. "$HOME/.asdf/completions/asdf.bash" -``` - -Restart the shell: +Install asdf by following steps 1 to 3 on [their website](https://asdf-vm.com/guide/getting-started.html), then restart the shell to load asdf: ```shell exec $SHELL ``` @@ -69,15 +61,15 @@ Next install Erlang: ```shell asdf plugin add erlang https://github.com/asdf-vm/asdf-erlang.git export KERL_CONFIGURE_OPTIONS="--disable-debug --without-javac" -asdf install erlang 25.3.2.5 -asdf global erlang 25.3.2.5 +asdf install erlang 26.2.5.4 +asdf global erlang 26.2.5.4 ``` Now install Elixir: ```shell asdf plugin-add elixir https://github.com/asdf-vm/asdf-elixir.git -asdf install elixir 1.15.4-otp-25 -asdf global elixir 1.15.4-otp-25 +asdf install elixir 1.17.3-otp-26 +asdf global elixir 1.17.3-otp-26 ``` Confirm that Elixir is installed correctly by checking the version: From 40da4e88ea24e85ffbd805fdc8d81921a9893cee Mon Sep 17 00:00:00 2001 From: Norm Date: Fri, 25 Oct 2024 11:09:20 -0400 Subject: [PATCH 04/24] Update hashtag prune to account for followed hashtags Currently pruning hashtags with the prune_objects task only accounts for whether that hashtag is associated with an object, but this may lead to a foreign key constraint violation if that hashtag has no objects but is followed by a local user. This adds an additional check to see if that hashtag has any followers before proceeding to delete it. --- lib/mix/tasks/pleroma/database.ex | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/lib/mix/tasks/pleroma/database.ex b/lib/mix/tasks/pleroma/database.ex index 87ccfdff1..f85fe5bea 100644 --- a/lib/mix/tasks/pleroma/database.ex +++ b/lib/mix/tasks/pleroma/database.ex @@ -346,7 +346,10 @@ defmodule Mix.Tasks.Pleroma.Database do DELETE FROM hashtags AS ht WHERE NOT EXISTS ( SELECT 1 FROM hashtags_objects hto - WHERE ht.id = hto.hashtag_id) + WHERE ht.id = hto.hashtag_id + UNION + SELECT 1 FROM user_follows_hashtag ufht + WHERE ht.id = ufht.hashtag_id) """ |> Repo.query!() From 88a8086ad38d7d0fc0992c06aa5dff71597fbb0b Mon Sep 17 00:00:00 2001 From: Norm Date: Fri, 25 Oct 2024 12:25:18 -0400 Subject: [PATCH 05/24] Use LEFT JOIN instead of UNION for hashtag pruning --- lib/mix/tasks/pleroma/database.ex | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/lib/mix/tasks/pleroma/database.ex b/lib/mix/tasks/pleroma/database.ex index f85fe5bea..0a09a1c4a 100644 --- a/lib/mix/tasks/pleroma/database.ex +++ b/lib/mix/tasks/pleroma/database.ex @@ -343,13 +343,16 @@ defmodule Mix.Tasks.Pleroma.Database do %{:num_rows => del_hashtags} = """ - DELETE FROM hashtags AS ht - WHERE NOT EXISTS ( - SELECT 1 FROM hashtags_objects hto - WHERE ht.id = hto.hashtag_id - UNION - SELECT 1 FROM user_follows_hashtag ufht - WHERE ht.id = ufht.hashtag_id) + DELETE FROM hashtags + USING hashtags AS ht + LEFT JOIN hashtags_objects hto + ON ht.id = hto.hashtag_id + LEFT JOIN user_follows_hashtag ufht + ON ht.id = ufht.hashtag_id + WHERE + hashtags.id = ht.id + AND hto.hashtag_id is NULL + AND ufht.hashtag_id is NULL """ |> Repo.query!() From 6ed5be61ff0cf126968c7e76f7c2f2574735ed31 Mon Sep 17 00:00:00 2001 From: Norm Date: Sat, 26 Oct 2024 18:51:45 -0400 Subject: [PATCH 06/24] docs: Note that Elixir 1.17 has been tested as working --- docs/docs/installation/generic_dependencies.include | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/docs/installation/generic_dependencies.include b/docs/docs/installation/generic_dependencies.include index 87669bd23..f3a347ccd 100644 --- a/docs/docs/installation/generic_dependencies.include +++ b/docs/docs/installation/generic_dependencies.include @@ -1,7 +1,7 @@ ## Required dependencies * PostgreSQL 12+ -* Elixir 1.14+ (currently tested up to 1.16) +* Elixir 1.14+ (currently tested up to 1.17) * Erlang OTP 25+ (currently tested up to OTP26) * git * file / libmagic From 0f9c9aac380a3864ee0099e2d398b395feda9fdc Mon Sep 17 00:00:00 2001 From: Oneric Date: Sat, 9 Nov 2024 16:52:12 +0100 Subject: [PATCH 07/24] Completely omit id for anonymous objects MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Current AP spec demands anonymous objects to have an id value, but explicitly set it to JSON null. Howeveras it turns out this is incompatible with JSON-LD requiring `@id` to be a string and thus AP spec is incompatible iwth the Ativity Streams spec it is based on. This is an issue for (the few) AP implementers actually performing JSON-LD processing, like IceShrimp.NET. This was uncovered by IceShrimp.NET’s zotan due to our adoption of anonymous objects for emoj in f1018867097e6f293d8b2b5b6935f0a7ebf99bd0. The issues is being discussed by W3C, and will most likely be resolved via an errata redefining anonymous objects to completely omit the id field just like transient objects already do. See: https://github.com/w3c/activitypub/issues/476 Fixes: https://akkoma.dev/AkkomaGang/akkoma/issues/848 --- lib/pleroma/web/activity_pub/transmogrifier.ex | 3 +-- .../web/activity_pub/transmogrifier/note_handling_test.exs | 1 - test/pleroma/web/activity_pub/views/user_view_test.exs | 1 - 3 files changed, 1 insertion(+), 4 deletions(-) diff --git a/lib/pleroma/web/activity_pub/transmogrifier.ex b/lib/pleroma/web/activity_pub/transmogrifier.ex index 75c1f0f0c..5c4db39b9 100644 --- a/lib/pleroma/web/activity_pub/transmogrifier.ex +++ b/lib/pleroma/web/activity_pub/transmogrifier.ex @@ -950,8 +950,7 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier do "icon" => %{"url" => "#{URI.encode(url)}", "type" => "Image"}, "name" => ":" <> name <> ":", "type" => "Emoji", - "updated" => "1970-01-01T00:00:00Z", - "id" => nil + "updated" => "1970-01-01T00:00:00Z" } end diff --git a/test/pleroma/web/activity_pub/transmogrifier/note_handling_test.exs b/test/pleroma/web/activity_pub/transmogrifier/note_handling_test.exs index 92a096c2d..234a48990 100644 --- a/test/pleroma/web/activity_pub/transmogrifier/note_handling_test.exs +++ b/test/pleroma/web/activity_pub/transmogrifier/note_handling_test.exs @@ -698,7 +698,6 @@ defmodule Pleroma.Web.ActivityPub.Transmogrifier.NoteHandlingTest do assert Transmogrifier.take_emoji_tags(user) == [ %{ "icon" => %{"type" => "Image", "url" => "https://example.org/firefox.png"}, - "id" => nil, "name" => ":firefox:", "type" => "Emoji", "updated" => "1970-01-01T00:00:00Z" diff --git a/test/pleroma/web/activity_pub/views/user_view_test.exs b/test/pleroma/web/activity_pub/views/user_view_test.exs index 7e251e510..4283fb0c8 100644 --- a/test/pleroma/web/activity_pub/views/user_view_test.exs +++ b/test/pleroma/web/activity_pub/views/user_view_test.exs @@ -47,7 +47,6 @@ defmodule Pleroma.Web.ActivityPub.UserViewTest do "tag" => [ %{ "icon" => %{"type" => "Image", "url" => "/test"}, - "id" => nil, "name" => ":bib:", "type" => "Emoji", "updated" => "1970-01-01T00:00:00Z" From 4c7ef1e027177f41305e95ca9999482126d5be1d Mon Sep 17 00:00:00 2001 From: Norm Date: Sat, 9 Nov 2024 18:24:53 -0500 Subject: [PATCH 08/24] Update supported OTP version to 27 in docs The minor incompatibility should have been fixed with commit bee10eab5ebf6aa4d50238afd3d9c37a014dd745 and PRs #839 and #841. --- docs/docs/installation/generic_dependencies.include | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/docs/installation/generic_dependencies.include b/docs/docs/installation/generic_dependencies.include index 87669bd23..8bf55237b 100644 --- a/docs/docs/installation/generic_dependencies.include +++ b/docs/docs/installation/generic_dependencies.include @@ -2,7 +2,7 @@ * PostgreSQL 12+ * Elixir 1.14+ (currently tested up to 1.16) -* Erlang OTP 25+ (currently tested up to OTP26) +* Erlang OTP 25+ (currently tested up to OTP27) * git * file / libmagic * gcc (clang might also work) From 932810c35ecba9d11fa4f11112c3444b62c45b65 Mon Sep 17 00:00:00 2001 From: Oneric Date: Sat, 16 Nov 2024 00:43:38 +0100 Subject: [PATCH 09/24] mrf/object_age: fix handling of non-public objects MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Current logic unconditionally adds public adressing to "cc" and follower adressing to "to" after attempting to strip it from the other one. This creates serious problems: First the bug prompting this investigation and fix, unconditional addition creates duplicates when adressing URIs already were in their intended final field; e.g. this is prominently the case for all "unlisted" posts. Since List.delete only removes the first occurence, this then broke follower-adress stripping later on making the policy ineffective. It’s also just not safe in general wrt to non-public adressing: e.g. pre-existing duplicates didn’t get fully stripped, bespoke adressing modes with only one of public addressing or follower addressing are mangled — and most importantly: any belatedly received DM or follower-only post also got public adressing added! Shockingly this last point was actually asserted as "correct" in tests; it appears to be a mistake from mindless match adjustments while fixing crashes on nil adressing in 10c792110e6ea8ed21f739ef8f4f0eff4659ebf9. Clean up this sloppy logic up, making sure no more duplicates are added by us, all instances of relevant adresses are purged and only readded when they actually existed to begin with. --- CHANGELOG.md | 2 ++ .../web/activity_pub/mrf/object_age_policy.ex | 34 ++++++++++++++----- .../mrf/object_age_policy_test.exs | 2 +- 3 files changed, 29 insertions(+), 9 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f1644dad..3959f66f8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - AP objects with additional JSON-LD profiles beyond ActivityStreams can now be fetched - Single-selection polls no longer expose the voter_count; MastoAPI demands it be null and this confused some clients leading to vote distributions >100% +- ObjectAge policy no longer lets unlisted posts slip through +- ObjectAge policy no longer leaks belated DMs and follower-only posts ## Changed - Refactored Rich Media to cache the content in the database. Fetching operations that could block status rendering have been eliminated. diff --git a/lib/pleroma/web/activity_pub/mrf/object_age_policy.ex b/lib/pleroma/web/activity_pub/mrf/object_age_policy.ex index 02c9b18ed..b0c940339 100644 --- a/lib/pleroma/web/activity_pub/mrf/object_age_policy.ex +++ b/lib/pleroma/web/activity_pub/mrf/object_age_policy.ex @@ -34,16 +34,34 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy do end end + @spec delete_and_count(list(), term()) :: {integer(), list()} + defp delete_and_count(list, element), do: delete_and_count(list, element, {0, [], list}) + + defp delete_and_count([], _element, {0, _nlist, olist}), do: {0, olist} + defp delete_and_count([], _element, {count, nlist, _olist}), do: {count, Enum.reverse(nlist)} + + defp delete_and_count([h | r], h, {count, nlist, olist}), + do: delete_and_count(r, h, {count + 1, nlist, olist}) + + defp delete_and_count([h | r], element, {count, nlist, olist}), + do: delete_and_count(r, element, {count, [h | nlist], olist}) + + defp insert_if_needed(list, oldcount, element) do + if oldcount <= 0 || Enum.member?(list, element) do + list + else + [element | list] + end + end + defp check_delist(message, actions) do if :delist in actions do with %User{} = user <- User.get_cached_by_ap_id(message["actor"]) do - to = - List.delete(message["to"] || [], Pleroma.Constants.as_public()) ++ - [user.follower_address] + {pubcnt, to} = delete_and_count(message["to"] || [], Pleroma.Constants.as_public()) + {flwcnt, cc} = delete_and_count(message["cc"] || [], user.follower_address) - cc = - List.delete(message["cc"] || [], user.follower_address) ++ - [Pleroma.Constants.as_public()] + cc = insert_if_needed(cc, pubcnt, Pleroma.Constants.as_public()) + to = insert_if_needed(to, flwcnt, user.follower_address) message = message @@ -65,8 +83,8 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy do defp check_strip_followers(message, actions) do if :strip_followers in actions do with %User{} = user <- User.get_cached_by_ap_id(message["actor"]) do - to = List.delete(message["to"] || [], user.follower_address) - cc = List.delete(message["cc"] || [], user.follower_address) + {_, to} = delete_and_count(message["to"] || [], user.follower_address) + {_, cc} = delete_and_count(message["cc"] || [], user.follower_address) message = message diff --git a/test/pleroma/web/activity_pub/mrf/object_age_policy_test.exs b/test/pleroma/web/activity_pub/mrf/object_age_policy_test.exs index 2f649a0a4..9b61d31f4 100644 --- a/test/pleroma/web/activity_pub/mrf/object_age_policy_test.exs +++ b/test/pleroma/web/activity_pub/mrf/object_age_policy_test.exs @@ -79,7 +79,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.ObjectAgePolicyTest do {:ok, data} = ObjectAgePolicy.filter(data) - assert Visibility.get_visibility(%{data: data}) == "unlisted" + assert Visibility.get_visibility(%{data: data}) == "direct" end test "it delists an old post" do From 416aebb76a6b8a307d844f25f8d962830ef0fdff Mon Sep 17 00:00:00 2001 From: Oneric Date: Tue, 19 Nov 2024 19:25:31 +0100 Subject: [PATCH 10/24] Fix NodeInfo content-type Fixes: https://akkoma.dev/AkkomaGang/akkoma/issues/852 --- lib/pleroma/web/nodeinfo/nodeinfo_controller.ex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex b/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex index ea2d86f92..9975b8dbb 100644 --- a/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex +++ b/lib/pleroma/web/nodeinfo/nodeinfo_controller.ex @@ -31,7 +31,7 @@ defmodule Pleroma.Web.Nodeinfo.NodeinfoController do conn |> put_resp_header( "content-type", - "application/json; profile=http://nodeinfo.diaspora.software/ns/schema/2.0#; charset=utf-8" + "application/json; profile=\"http://nodeinfo.diaspora.software/ns/schema/#{version}#\"; charset=utf-8" ) |> json(Nodeinfo.get_nodeinfo(version)) end From f048e0cf1bc7a2ca4c415bb29ae80bdea13d1d4b Mon Sep 17 00:00:00 2001 From: Calvin Lee Date: Mon, 25 Nov 2024 23:18:52 +0000 Subject: [PATCH 11/24] Allow MathML core tags in sanitized content --- config/config.exs | 1 + priv/scrubbers/default.ex | 113 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 114 insertions(+) diff --git a/config/config.exs b/config/config.exs index e919910b3..bca7211d5 100644 --- a/config/config.exs +++ b/config/config.exs @@ -302,6 +302,7 @@ config :pleroma, :markup, allow_headings: false, allow_tables: false, allow_fonts: false, + allow_math: true, scrub_policy: [ Pleroma.HTML.Scrubber.Default, Pleroma.HTML.Transform.MediaProxy diff --git a/priv/scrubbers/default.ex b/priv/scrubbers/default.ex index 74de910fd..96473203e 100644 --- a/priv/scrubbers/default.ex +++ b/priv/scrubbers/default.ex @@ -124,6 +124,119 @@ defmodule Pleroma.HTML.Scrubber.Default do Meta.allow_tag_with_these_attributes(:font, ["face"]) end + if Pleroma.Config.get!([:markup, :allow_math]) do + Meta.allow_tag_with_these_attributes("annotation", ["encoding"]) + Meta.allow_tag_with_these_attributes(:"annotation-xml", ["encoding"]) + + Meta.allow_tag_with_these_attributes(:math, [ + "display", + "displaystyle", + "mathvariant", + "scriptlevel" + ]) + + basic_math_tags = [ + "maction", + "merror", + :mi, + "mmultiscripts", + :mn, + "mphantom", + "mprescripts", + "mroot", + "mrow", + "ms", + "msqrt", + "mstyle", + "msub", + "msubsup", + "msup", + "mtable", + "mtext", + "mtr", + "semantics" + ] + + for tag <- basic_math_tags do + Meta.allow_tag_with_these_attributes(unquote(tag), [ + "mathvariant", + "displaystyle", + "scriptlevel" + ]) + end + + Meta.allow_tag_with_these_attributes("mfrac", [ + "displaystyle", + "linethickness", + "mathvariant", + "scriptlevel" + ]) + + Meta.allow_tag_with_these_attributes(:mo, [ + "displaystyle", + "form", + "largeop", + "lspace", + "mathvariant", + "minsize", + "movablelimits", + "rspace", + "scriptlevel", + "stretchy", + "symmetric" + ]) + + Meta.allow_tag_with_these_attributes("mover", [ + "accent", + "displaystyle", + "mathvariant", + "scriptlevel" + ]) + + Meta.allow_tag_with_these_attributes("mpadded", [ + "depth", + "displaystyle", + "height", + "lspace", + "mathvariant", + "scriptlevel", + "voffset", + "width" + ]) + + Meta.allow_tag_with_these_attributes("mspace", [ + "depth", + "displaystyle", + "height", + "mathvariant", + "scriptlevel", + "width" + ]) + + Meta.allow_tag_with_these_attributes("mtd", [ + "columnspan", + "displaystyle", + "mathvariant", + "rowspan", + "scriptlevel" + ]) + + Meta.allow_tag_with_these_attributes("munder", [ + "accentunder", + "displaystyle", + "mathvariant", + "scriptlevel" + ]) + + Meta.allow_tag_with_these_attributes("munderover", [ + "accent", + "accentunder", + "displaystyle", + "mathvariant", + "scriptlevel" + ]) + end + Meta.allow_tag_with_these_attributes(:center, []) Meta.allow_tag_with_these_attributes(:small, []) From 834edfcf96cd7149adffec6d81724ff4be3c18ac Mon Sep 17 00:00:00 2001 From: Floatingghost Date: Tue, 26 Nov 2024 09:49:37 +0000 Subject: [PATCH 12/24] add changelog --- CHANGELOG.md | 2 +- changelog.d/bugfix-truncate-remote-user-fields.fix | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) delete mode 100644 changelog.d/bugfix-truncate-remote-user-fields.fix diff --git a/CHANGELOG.md b/CHANGELOG.md index 0f1644dad..74a925a3f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). -## UNRELEASED +## 3.13.3 ## BREAKING - Minimum PostgreSQL version is raised to 12 diff --git a/changelog.d/bugfix-truncate-remote-user-fields.fix b/changelog.d/bugfix-truncate-remote-user-fields.fix deleted file mode 100644 index 239a3c224..000000000 --- a/changelog.d/bugfix-truncate-remote-user-fields.fix +++ /dev/null @@ -1 +0,0 @@ -Truncate remote user fields, avoids them getting rejected From 7583eceb38c3bcfa8a10d31c12963667178fd2ec Mon Sep 17 00:00:00 2001 From: Oneric Date: Sun, 1 Dec 2024 01:40:52 +0100 Subject: [PATCH 13/24] Make SigningKey data migration future-proof Bug originally discovered by tudbut --- .../migrations/20240625220752_move_signing_keys.exs | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/priv/repo/migrations/20240625220752_move_signing_keys.exs b/priv/repo/migrations/20240625220752_move_signing_keys.exs index 9104b7c29..f5569ce09 100644 --- a/priv/repo/migrations/20240625220752_move_signing_keys.exs +++ b/priv/repo/migrations/20240625220752_move_signing_keys.exs @@ -8,13 +8,14 @@ defmodule Pleroma.Repo.Migrations.MoveSigningKeys do # we do not handle remote users here! # because we want to store a key id -> user id mapping, and we don't # currently store key ids for remote users... - query = - from(u in User) - |> where(local: true) - - Repo.stream(query, timeout: :infinity) + # Also this MUST use select, else the migration will fail in future installs with new user fields! + from(u in Pleroma.User, + where: u.local == true, + select: {u.id, u.keys, u.ap_id} + ) + |> Repo.stream(timeout: :infinity) |> Enum.each(fn - %User{id: user_id, keys: private_key, local: true, ap_id: ap_id} -> + {user_id, private_key, ap_id} -> IO.puts("Migrating user #{user_id}") # we can precompute the public key here... # we do use it on every user view which makes it a bit of a dos attack vector From 294de939cb262e35f5979988ddbe479ba4089ea1 Mon Sep 17 00:00:00 2001 From: Oneric Date: Wed, 30 Oct 2024 23:05:57 +0100 Subject: [PATCH 14/24] signing_key: refactor nested case into with statement The error branches were already effectively identical before. This change is purely cosmetic. --- lib/pleroma/user/signing_key.ex | 39 ++++++++++++++------------------- 1 file changed, 16 insertions(+), 23 deletions(-) diff --git a/lib/pleroma/user/signing_key.ex b/lib/pleroma/user/signing_key.ex index f25489068..87149aa58 100644 --- a/lib/pleroma/user/signing_key.ex +++ b/lib/pleroma/user/signing_key.ex @@ -194,31 +194,24 @@ defmodule Pleroma.User.SigningKey do """ def fetch_remote_key(key_id) do Logger.debug("Fetching remote key: #{key_id}") - resp = Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id(key_id) - case resp do - {:ok, _body} -> - case handle_signature_response(resp) do - {:ok, ap_id, public_key_pem} -> - Logger.debug("Fetched remote key: #{ap_id}") - # fetch the user - {:ok, user} = User.get_or_fetch_by_ap_id(ap_id) - # store the key - key = %__MODULE__{ - user_id: user.id, - public_key: public_key_pem, - key_id: key_id - } + with {:ok, _body} = resp <- + Pleroma.Object.Fetcher.fetch_and_contain_remote_object_from_id(key_id), + {:ok, ap_id, public_key_pem} <- handle_signature_response(resp) do + Logger.debug("Fetched remote key: #{ap_id}") + # fetch the user + {:ok, user} = User.get_or_fetch_by_ap_id(ap_id) + # store the key + key = %__MODULE__{ + user_id: user.id, + public_key: public_key_pem, + key_id: key_id + } - Repo.insert(key, on_conflict: :replace_all, conflict_target: :key_id) - - e -> - Logger.debug("Failed to fetch remote key: #{inspect(e)}") - {:error, "Could not fetch key"} - end - - _ -> - Logger.debug("Failed to fetch remote key: #{inspect(resp)}") + Repo.insert(key, on_conflict: :replace_all, conflict_target: :key_id) + else + e -> + Logger.debug("Failed to fetch remote key: #{inspect(e)}") {:error, "Could not fetch key"} end end From 7632765b4365511bfde1797f4eb81cf5b45628d0 Mon Sep 17 00:00:00 2001 From: nopjmp Date: Sun, 15 Dec 2024 16:12:37 -0600 Subject: [PATCH 15/24] Only proxy HTTP and HTTP urls via Media Proxy We make an assumption that we are only proxying HTTP/HTTPS hosted media through the media proxy endpoint. Fixes: #859 --- lib/pleroma/web/media_proxy.ex | 6 ++++-- test/pleroma/web/media_proxy_test.exs | 4 ++++ 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/lib/pleroma/web/media_proxy.ex b/lib/pleroma/web/media_proxy.ex index 61b6f2a62..9e48dda74 100644 --- a/lib/pleroma/web/media_proxy.ex +++ b/lib/pleroma/web/media_proxy.ex @@ -52,11 +52,11 @@ defmodule Pleroma.Web.MediaProxy do @spec url_proxiable?(String.t()) :: boolean() def url_proxiable?(url) do - not local?(url) and not whitelisted?(url) and not blocked?(url) + not local?(url) and not whitelisted?(url) and not blocked?(url) and http_scheme?(url) end def preview_url(url, preview_params \\ []) do - if preview_enabled?() do + if preview_enabled?() and url_proxiable?(url) do encode_preview_url(url, preview_params) else url(url) @@ -71,6 +71,8 @@ defmodule Pleroma.Web.MediaProxy do def local?(url), do: String.starts_with?(url, Endpoint.url()) + def http_scheme?(url), do: String.starts_with?(url, ["http:", "https:"]) + def whitelisted?(url) do %{host: domain} = URI.parse(url) diff --git a/test/pleroma/web/media_proxy_test.exs b/test/pleroma/web/media_proxy_test.exs index bd5efe4c9..1a6e9a521 100644 --- a/test/pleroma/web/media_proxy_test.exs +++ b/test/pleroma/web/media_proxy_test.exs @@ -37,6 +37,10 @@ defmodule Pleroma.Web.MediaProxyTest do assert MediaProxy.url(local_root) == local_root end + test "ignores data url" do + assert MediaProxy.url("data:image/png;base64,") == "data:image/png;base64," + end + test "encodes and decodes URL" do url = "https://pleroma.soykaf.com/static/logo.png" encoded = MediaProxy.url(url) From ff5d1973411b62dea0e54e71315c7479ff35f9cd Mon Sep 17 00:00:00 2001 From: nopjmp Date: Sun, 15 Dec 2024 17:36:24 -0600 Subject: [PATCH 16/24] Update CHANGELOG.md --- CHANGELOG.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 74a925a3f..86269583c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,11 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). +## UNRELEASED + +## Fixed +- Media proxy no longer attempts to proxy embedded images + ## 3.13.3 ## BREAKING From f19d5d13809f044580018d1ff65fa41e0335fa31 Mon Sep 17 00:00:00 2001 From: Norm Date: Tue, 17 Dec 2024 18:30:01 -0500 Subject: [PATCH 17/24] Set customize_hostname_check for Swoosh.Adapters.SMTP This should hopefully fix issues with connecting to SMTP servers with wildcard TLS certificates. Taken from https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/ssl Fixes https://akkoma.dev/AkkomaGang/akkoma/issues/660 --- lib/pleroma/emails/mailer.ex | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/lib/pleroma/emails/mailer.ex b/lib/pleroma/emails/mailer.ex index 6a79a7694..af513f1f1 100644 --- a/lib/pleroma/emails/mailer.ex +++ b/lib/pleroma/emails/mailer.ex @@ -84,8 +84,14 @@ defmodule Pleroma.Emails.Mailer do cacerts: os_cacerts, versions: [:"tlsv1.2", :"tlsv1.3"], verify: :verify_peer, - # some versions have supposedly issues verifying wildcard certs without this server_name_indication: relay, + # This allows wildcard ceritifcates to be verified properly. + # The :https parameter simply means to use the HTTPS wildcard format + # (as opposed to say LDAP). SMTP servers tend to use the same type of + # certs as HTTPS ones so this should work for most. + customize_hostname_check: [ + match_fun: :public_key.pkix_verify_hostname_match_fun(:https) + ], # the default of 10 is too restrictive depth: 32 ] From 7615a11a1ef826ccf12455e4ad149f9da7f0f7bb Mon Sep 17 00:00:00 2001 From: Oneric Date: Fri, 3 Jan 2025 20:33:41 +0100 Subject: [PATCH 18/24] changelog: fix shuffled and add missing entries --- CHANGELOG.md | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 744e77dc8..3306f47c4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## Fixed - Media proxy no longer attempts to proxy embedded images +- ObjectAge policy no longer lets unlisted posts slip through +- ObjectAge policy no longer leaks belated DMs and follower-only posts +- the NodeINfo endpoint now uses the correct content type + +## Changed +- Anonymous objects now federate completely without an id + adopting a proposed AP spec errata and restoring federation + with e.g. IceShrimp.NET and fedify-based implementations ## 3.13.3 @@ -28,8 +36,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - AP objects with additional JSON-LD profiles beyond ActivityStreams can now be fetched - Single-selection polls no longer expose the voter_count; MastoAPI demands it be null and this confused some clients leading to vote distributions >100% -- ObjectAge policy no longer lets unlisted posts slip through -- ObjectAge policy no longer leaks belated DMs and follower-only posts ## Changed - Refactored Rich Media to cache the content in the database. Fetching operations that could block status rendering have been eliminated. From f2e45d4d4bd7a87b5b6aa5abb975244c5eff31b5 Mon Sep 17 00:00:00 2001 From: Oneric Date: Thu, 10 Oct 2024 00:22:40 +0000 Subject: [PATCH 19/24] Teach admin-fe about custom source URLs Matching https://akkoma.dev/AkkomaGang/akkoma-fe/pulls/421 --- CHANGELOG.md | 4 ++++ config/description.exs | 16 +++++++++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 744e77dc8..238e23ef8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,10 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## UNRELEASED +## Added +- It is now possible to display custom source URLs in akkoma-fe; + the settings are part of the frontend configuration + ## Fixed - Media proxy no longer attempts to proxy embedded images diff --git a/config/description.exs b/config/description.exs index b69478fdb..63113439a 100644 --- a/config/description.exs +++ b/config/description.exs @@ -1194,7 +1194,9 @@ config :pleroma, :config_description, [ showInstanceSpecificPanel: false, subjectLineBehavior: "email", theme: "pleroma-dark", - webPushNotifications: false + webPushNotifications: false, + backendCommitUrl: "", + frontendCommitUrl: "" } ], children: [ @@ -1398,6 +1400,18 @@ config :pleroma, :config_description, [ label: "Stop Gifs", type: :boolean, description: "Whether to pause animated images until they're hovered on" + }, + %{ + key: :backendCommitUrl, + label: "Backend Commit URL", + type: :string, + description: "URL prefix for backend commit hashes" + }, + %{ + key: :frontendCommitUrl, + label: "Frontend Commit URL", + type: :string, + description: "URL prefix for frontend commit hashes" } ] }, From bcfbfbcff594d3b4dc9241ad38df5c1ca5729145 Mon Sep 17 00:00:00 2001 From: Oneric Date: Sun, 2 Jun 2024 21:42:36 +0200 Subject: [PATCH 20/24] Don't try to cleanup remote attachments MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The cleanup attachment worker was run for every deleted post, even if it’s a remote post whose attachments we don't even store. This was especially bad due to attachment cleanup involving a particularly heavy query wasting a bunch of database perf for nil. This was uncovered by comparing statistics from https://akkoma.dev/AkkomaGang/akkoma/issues/784 and https://akkoma.dev/AkkomaGang/akkoma/issues/765#issuecomment-12256 --- CHANGELOG.md | 2 + lib/pleroma/object.ex | 15 +---- .../workers/attachments_cleanup_worker.ex | 49 ++++++++++++--- .../attachments_cleanup_worker_test.exs | 60 +++++++++++++++++++ 4 files changed, 103 insertions(+), 23 deletions(-) create mode 100644 test/pleroma/workers/attachments_cleanup_worker_test.exs diff --git a/CHANGELOG.md b/CHANGELOG.md index 744e77dc8..04186f771 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## Fixed - Media proxy no longer attempts to proxy embedded images +- Fix significant uneccessary overhead of attachment cleanup; + it no longer attempts to cleanup attachments of deleted remote posts ## 3.13.3 diff --git a/lib/pleroma/object.ex b/lib/pleroma/object.ex index 379b361f8..5d84bb286 100644 --- a/lib/pleroma/object.ex +++ b/lib/pleroma/object.ex @@ -9,7 +9,6 @@ defmodule Pleroma.Object do import Ecto.Changeset alias Pleroma.Activity - alias Pleroma.Config alias Pleroma.Hashtag alias Pleroma.Object alias Pleroma.Object.Fetcher @@ -241,23 +240,11 @@ defmodule Pleroma.Object do with {:ok, _obj} = swap_object_with_tombstone(object), deleted_activity = Activity.delete_all_by_object_ap_id(id), {:ok, _} <- invalid_object_cache(object) do - cleanup_attachments( - Config.get([:instance, :cleanup_attachments]), - %{object: object} - ) - + AttachmentsCleanupWorker.enqueue_if_needed(object.data) {:ok, object, deleted_activity} end end - @spec cleanup_attachments(boolean(), %{required(:object) => map()}) :: - {:ok, Oban.Job.t() | nil} - def cleanup_attachments(true, %{object: _} = params) do - AttachmentsCleanupWorker.enqueue("cleanup_attachments", params) - end - - def cleanup_attachments(_, _), do: {:ok, nil} - def prune(%Object{data: %{"id" => _id}} = object) do with {:ok, object} <- Repo.delete(object), {:ok, _} <- invalid_object_cache(object) do diff --git a/lib/pleroma/workers/attachments_cleanup_worker.ex b/lib/pleroma/workers/attachments_cleanup_worker.ex index f5090dae7..58bbda94b 100644 --- a/lib/pleroma/workers/attachments_cleanup_worker.ex +++ b/lib/pleroma/workers/attachments_cleanup_worker.ex @@ -5,30 +5,61 @@ defmodule Pleroma.Workers.AttachmentsCleanupWorker do import Ecto.Query + alias Pleroma.Config alias Pleroma.Object alias Pleroma.Repo use Pleroma.Workers.WorkerHelper, queue: "attachments_cleanup" + @doc """ + Takes object data and if necessary enqueues a job, + deleting all attachments of the post eligible for cleanup + """ + @spec enqueue_if_needed(map()) :: {:ok, Oban.Job.t()} | {:ok, :skip} | {:error, any()} + def enqueue_if_needed(%{ + "actor" => actor, + "attachment" => [_ | _] = attachments + }) do + with true <- Config.get([:instance, :cleanup_attachments]), + true <- URI.parse(actor).host == Pleroma.Web.Endpoint.host(), + [_ | _] <- attachments do + enqueue("cleanup_attachments", %{"actor" => actor, "attachments" => attachments}) + else + _ -> {:ok, :skip} + end + end + + def enqueue_if_needed(_), do: {:ok, :skip} + @impl Oban.Worker def perform(%Job{ args: %{ "op" => "cleanup_attachments", - "object" => %{"data" => %{"attachment" => [_ | _] = attachments, "actor" => actor}} + "attachments" => [_ | _] = attachments, + "actor" => actor } }) do - if Pleroma.Config.get([:instance, :cleanup_attachments], false) do - attachments - |> Enum.flat_map(fn item -> Enum.map(item["url"], & &1["href"]) end) - |> fetch_objects - |> prepare_objects(actor, Enum.map(attachments, & &1["name"])) - |> filter_objects - |> do_clean - end + attachments + |> Enum.flat_map(fn item -> Enum.map(item["url"], & &1["href"]) end) + |> fetch_objects + |> prepare_objects(actor, Enum.map(attachments, & &1["name"])) + |> filter_objects + |> do_clean {:ok, :success} end + # Left over already enqueued jobs in the old format + # This function clause can be deleted once sufficient time passed after 3.14 + def perform(%Job{ + args: %{ + "op" => "cleanup_attachments", + "object" => %{"data" => data} + } + }) do + enqueue_if_needed(data) + end + def perform(%Job{args: %{"op" => "cleanup_attachments", "object" => _object}}), do: {:ok, :skip} defp do_clean({object_ids, attachment_urls}) do diff --git a/test/pleroma/workers/attachments_cleanup_worker_test.exs b/test/pleroma/workers/attachments_cleanup_worker_test.exs new file mode 100644 index 000000000..2212db927 --- /dev/null +++ b/test/pleroma/workers/attachments_cleanup_worker_test.exs @@ -0,0 +1,60 @@ +# Akkoma: Magically expressive social media +# Copyright © 2024 Akkoma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Workers.AttachmentsCleanupWorkerTest do + use Pleroma.DataCase, async: false + use Oban.Testing, repo: Pleroma.Repo + + import Pleroma.Factory + + alias Pleroma.Workers.AttachmentsCleanupWorker + + setup do + clear_config([:instance, :cleanup_attachments], true) + + file = %Plug.Upload{ + content_type: "image/jpeg", + path: Path.absname("test/fixtures/image.jpg"), + filename: "an_image.jpg" + } + + user = insert(:user) + + {:ok, %Pleroma.Object{} = attachment} = + Pleroma.Web.ActivityPub.ActivityPub.upload(file, actor: user.ap_id) + + {:ok, attachment: attachment, user: user} + end + + test "does not enqueue remote post" do + remote_data = %{ + "id" => "https://remote.example/obj/123", + "actor" => "https://remote.example/user/1", + "content" => "content", + "attachment" => [ + %{ + "type" => "Document", + "mediaType" => "image/png", + "name" => "marvellous image", + "url" => "https://remote.example/files/image.png" + } + ] + } + + assert {:ok, :skip} = AttachmentsCleanupWorker.enqueue_if_needed(remote_data) + end + + test "enqueues local post", %{attachment: attachment, user: user} do + local_url = Pleroma.Web.Endpoint.url() + + local_data = %{ + "id" => local_url <> "/obj/123", + "actor" => user.ap_id, + "content" => "content", + "attachment" => [attachment.data] + } + + assert {:ok, %Oban.Job{}} = AttachmentsCleanupWorker.enqueue_if_needed(local_data) + end +end From e8bf4422ff6440d4404ba6a5ed4092e717649f5e Mon Sep 17 00:00:00 2001 From: Oneric Date: Mon, 3 Jun 2024 23:07:10 +0200 Subject: [PATCH 21/24] Delay attachment deletion MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Otherwise attachments have a high chance to disappear with akkoma-fe’s “delete & redraft” feature when cleanup is enabled in the backend. Since we don't know whether a deletion was intended to be part of a redraft process or even if whether the redraft was abandoned we still have to delete attachments eventually. A thirty minute delay should provide sufficient time for redrafting. Fixes: https://akkoma.dev/AkkomaGang/akkoma/issues/775 --- CHANGELOG.md | 4 +++ config/config.exs | 1 + docs/docs/configuration/cheatsheet.md | 1 + .../workers/attachments_cleanup_worker.ex | 6 ++++- .../attachments_cleanup_worker_test.exs | 26 +++++++++++++++++++ 5 files changed, 37 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 04186f771..bd4bcccf9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,10 +6,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## UNRELEASED +## Added +- New config option `:instance, :cleanup_attachments_delay` + ## Fixed - Media proxy no longer attempts to proxy embedded images - Fix significant uneccessary overhead of attachment cleanup; it no longer attempts to cleanup attachments of deleted remote posts +- Fix “Delete & Redraft” often losing attachments if attachment cleanup was enabled ## 3.13.3 diff --git a/config/config.exs b/config/config.exs index e919910b3..39b53a010 100644 --- a/config/config.exs +++ b/config/config.exs @@ -255,6 +255,7 @@ config :pleroma, :instance, external_user_synchronization: true, extended_nickname_format: true, cleanup_attachments: false, + cleanup_attachments_delay: 1800, multi_factor_authentication: [ totp: [ # digits 6 or 8 diff --git a/docs/docs/configuration/cheatsheet.md b/docs/docs/configuration/cheatsheet.md index 916e1cc0c..9a50fc2bb 100644 --- a/docs/docs/configuration/cheatsheet.md +++ b/docs/docs/configuration/cheatsheet.md @@ -58,6 +58,7 @@ To add configuration to your config file, you can copy it from the base config. * `registration_reason_length`: Maximum registration reason length (default: `500`). * `external_user_synchronization`: Enabling following/followers counters synchronization for external users. * `cleanup_attachments`: Remove attachments along with statuses. Does not affect duplicate files and attachments without status. Enabling this will increase load to database when deleting statuses on larger instances. +* `cleanup_attachments_delay`: How many seconds to wait after post deletion before attempting to deletion; useful for “delete & redraft” functionality (default: `1800`) * `show_reactions`: Let favourites and emoji reactions be viewed through the API (default: `true`). * `password_reset_token_validity`: The time after which reset tokens aren't accepted anymore, in seconds (default: one day). * `local_bubble`: Array of domains representing instances closely related to yours. Used to populate the `bubble` timeline. e.g `["example.com"]`, (default: `[]`) diff --git a/lib/pleroma/workers/attachments_cleanup_worker.ex b/lib/pleroma/workers/attachments_cleanup_worker.ex index 58bbda94b..f1204a861 100644 --- a/lib/pleroma/workers/attachments_cleanup_worker.ex +++ b/lib/pleroma/workers/attachments_cleanup_worker.ex @@ -23,7 +23,11 @@ defmodule Pleroma.Workers.AttachmentsCleanupWorker do with true <- Config.get([:instance, :cleanup_attachments]), true <- URI.parse(actor).host == Pleroma.Web.Endpoint.host(), [_ | _] <- attachments do - enqueue("cleanup_attachments", %{"actor" => actor, "attachments" => attachments}) + enqueue( + "cleanup_attachments", + %{"actor" => actor, "attachments" => attachments}, + schedule_in: Config.get!([:instance, :cleanup_attachments_delay]) + ) else _ -> {:ok, :skip} end diff --git a/test/pleroma/workers/attachments_cleanup_worker_test.exs b/test/pleroma/workers/attachments_cleanup_worker_test.exs index 2212db927..d180763fb 100644 --- a/test/pleroma/workers/attachments_cleanup_worker_test.exs +++ b/test/pleroma/workers/attachments_cleanup_worker_test.exs @@ -8,7 +8,9 @@ defmodule Pleroma.Workers.AttachmentsCleanupWorkerTest do import Pleroma.Factory + alias Pleroma.Object alias Pleroma.Workers.AttachmentsCleanupWorker + alias Pleroma.Tests.ObanHelpers setup do clear_config([:instance, :cleanup_attachments], true) @@ -57,4 +59,28 @@ defmodule Pleroma.Workers.AttachmentsCleanupWorkerTest do assert {:ok, %Oban.Job{}} = AttachmentsCleanupWorker.enqueue_if_needed(local_data) end + + test "doesn't delete immediately", %{attachment: attachment, user: user} do + delay = 6000 + clear_config([:instance, :cleanup_attachments_delay], delay) + + note = insert(:note, %{user: user, data: %{"attachment" => [attachment.data]}}) + + uploads_dir = Pleroma.Config.get!([Pleroma.Uploaders.Local, :uploads]) + %{"url" => [%{"href" => href}]} = attachment.data + path = "#{uploads_dir}/#{Path.basename(href)}" + + assert File.exists?(path) + + Object.delete(note) + Process.sleep(2000) + + assert File.exists?(path) + + ObanHelpers.perform(all_enqueued(worker: Pleroma.Workers.AttachmentsCleanupWorker)) + + assert Object.get_by_id(note.id).data["deleted"] + assert Object.get_by_id(attachment.id) == nil + refute File.exists?(path) + end end From d8c7ed70d0152059d60cd7d492927a7a407675ff Mon Sep 17 00:00:00 2001 From: eviloatmeal Date: Fri, 3 Jan 2025 21:17:32 +0100 Subject: [PATCH 22/24] openbsd: update service file Changes suggested and tested by eviloatmeal Fixes: https://akkoma.dev/AkkomaGang/akkoma/issues/864 --- installation/openbsd/rc.d/akkomad | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/installation/openbsd/rc.d/akkomad b/installation/openbsd/rc.d/akkomad index 68be46c9a..fa3c19b2b 100755 --- a/installation/openbsd/rc.d/akkomad +++ b/installation/openbsd/rc.d/akkomad @@ -11,11 +11,13 @@ # daemon="/usr/local/bin/elixir" -daemon_flags="--detached -S /usr/local/bin/mix phx.server" +daemon_flags="-S /usr/local/bin/mix phx.server" daemon_user="_akkoma" +daemon_execdir="/home/_akkoma/akkoma" . /etc/rc.d/rc.subr +rc_bg="YES" rc_reload=NO pexp="phx.server" @@ -24,7 +26,7 @@ rc_check() { } rc_start() { - ${rcexec} "cd akkoma; ${daemon} ${daemon_flags}" + rc_exec "${daemon} ${daemon_flags}" } rc_stop() { From 7ed52838f457a0ce20235892a35b56523ed0afee Mon Sep 17 00:00:00 2001 From: Floatingghost Date: Sun, 5 Jan 2025 16:22:38 +0000 Subject: [PATCH 23/24] fix test --- test/pleroma/web/mastodon_api/views/status_view_test.exs | 1 + 1 file changed, 1 insertion(+) diff --git a/test/pleroma/web/mastodon_api/views/status_view_test.exs b/test/pleroma/web/mastodon_api/views/status_view_test.exs index 6421df132..6315a4806 100644 --- a/test/pleroma/web/mastodon_api/views/status_view_test.exs +++ b/test/pleroma/web/mastodon_api/views/status_view_test.exs @@ -588,6 +588,7 @@ defmodule Pleroma.Web.MastodonAPI.StatusViewTest do end test "put the url advertised in the Activity in to the url attribute" do + Pleroma.Config.put([:instance, :limit_to_local_content], false) id = "https://wedistribute.org/wp-json/pterotype/v1/object/85810" [activity] = Activity.search(nil, id) From ae40ccb8caf330456f1709065fe25ec452857fcc Mon Sep 17 00:00:00 2001 From: Floatingghost Date: Sun, 5 Jan 2025 16:23:09 +0000 Subject: [PATCH 24/24] add changelog entry --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index e463b33b6..1ca19e9c7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). -## UNRELEASED +## 2025.01 ## Added - New config option `:instance, :cleanup_attachments_delay`