Commit graph

8888 commits

Author SHA1 Message Date
Paweł Świątkowski d7d159c49f
Fix OpenAPI spec for preferred_frontend endpoint
The spec was copied from another endpoint, including the operation id,
leading to scrubbing the valid parameters from the request and simply
not working.
2024-02-03 14:27:45 +01:00
Oneric e47c50666d Fix obfuscation of short domains
Fixes https://akkoma.dev/AkkomaGang/akkoma/issues/645
2024-02-02 14:50:13 +00:00
Aria 77000b8ffd update tests for oauth consumer 2023-12-17 21:48:19 +00:00
Aria eb0dbf6b79 fix oauth consumer mode
the previous code passed a state parameter to ueberauth with info
about where to go after the user logged in, etc.
since ueberauth 0.7, this parameter is ignored and oauth state is used
for actual CSRF reasons.

we now set a cookie with the state we need to keep track of, and read
it once the callback happens.
2023-12-17 19:27:36 +00:00
Yonle 8a0e797cff ap userview: add outbox field.
Signed-off-by: Yonle <yonle@lecturify.net>
2023-12-15 16:31:51 +00:00
FloatingGhost 6cc523bd23 Correct email links to be absolute URLs 2023-11-02 11:49:03 +00:00
Rohan Kumar 36f4f18aa5
Add more image mimetypes to reverse proxy
Add JPEG-XL, AVIF, and WebP support to the reverse proxy. All three are
supported in WebKit browsers; the latter two are supported in Gecko and
Blink.
2023-11-01 17:47:52 -07:00
FloatingGhost c8e08e9cc3 fix issue with API cascading domain blocks but not honouring them 2023-08-25 11:00:49 +01:00
FloatingGhost 98f0820ca4 MIX FORMAT 2023-08-15 23:26:22 +01:00
FloatingGhost 9bc0345e57 AND THAT ONE TOO AND ALL 2023-08-15 23:26:08 +01:00
FloatingGhost f3cc60b202 INBOX NEEDS TO BE A FULL URL YOU IDIOT AM BAKA I SHOULD JUST COMMIT SUDOKU RIGHT NOW 2023-08-15 23:23:59 +01:00
FloatingGhost 063e3c0d34 Disallow nil hosts in should_federate 2023-08-15 23:12:04 +01:00
FloatingGhost 6cb40bee26 Migrate to phoenix 1.7 (#626)
Closes #612

Co-authored-by: tusooa <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/626
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-committed-by: FloatingGhost <hannah@coffee-and-dreams.uk>
2023-08-15 10:22:18 +00:00
FloatingGhost 1bd3012c2d Fix compiler warnings 2023-08-12 15:03:43 +01:00
Joshua Goins c22ecac567 mastodon_api: Add /api/v1/preferences endpoint
Implements the preferences endpoint in the Mastodon API, but returns
default values for most of the preferences right now. The only supported
preference we can access is default post visibility, and a relevant test
is added as well.
2023-08-12 09:28:24 -04:00
FloatingGhost 165c2485ff Merge branch 'otp26' into develop 2023-08-09 14:35:06 +01:00
Clovis fc3cc61768 Fix invalid Date HTTP header when signing fetch requests
https://akkoma.dev/AkkomaGang/akkoma/issues/503
2023-08-07 12:43:42 +00:00
FloatingGhost 7825798e32 Add XML matcher 2023-08-07 11:12:14 +01:00
FloatingGhost 9723264fe5 Add URI matchers 2023-08-06 15:51:21 +01:00
FloatingGhost 368b22fd2f Ensure we can't crash out on unusual logger backend settings 2023-08-06 15:12:57 +01:00
FloatingGhost 59af68c600 Ensure it doesn't break on elixir1.14 2023-08-05 14:11:27 +01:00
FloatingGhost ec5db753b9 Prevent elixir compiler from yeeting our modules 2023-08-05 14:03:21 +01:00
mae d868348fac Completely disable xml entity resolution 2023-08-05 12:32:05 +00:00
FloatingGhost 31d7cc9a9c Allow Pleroma.HTTP to connect to raw-HTTP without freaking mint out 2023-08-04 23:51:15 +01:00
FloatingGhost 8670d89316 Remove duplicated path
Fixes #604
2023-08-04 22:39:11 +01:00
FloatingGhost b4399574ca Merge remote-tracking branch 'norm/config-permissions' into develop 2023-08-04 22:31:11 +01:00
Mae 1f54bea564 Prevent XML parser from loading external entities 2023-08-04 22:24:17 +01:00
Haelwenn (lanodan) Monnier ae03513934
Config: Restrict permissions of OTP config file
Original: 8cc8100120
2023-08-04 14:13:36 -04:00
FloatingGhost 0b2ec0ccee Enable AnonymizeFilenames on all uploads 2023-08-04 15:37:15 +01:00
FloatingGhost 723bd123a0 Correct ordering for block/mutes 2023-08-04 15:18:07 +01:00
FloatingGhost 1dc8cc731c Merge branch 'elixir1.15' into develop 2023-08-04 15:16:14 +01:00
FloatingGhost 64e233ca20 Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
FloatingGhost 2946bf4011 mix format 2023-08-04 12:04:24 +01:00
FloatingGhost fe8c166b8f Remove IO.inspects 2023-08-04 12:01:52 +01:00
Mark Felder 7e45343f81 Resolve information disclosure vulnerability through emoji pack archive download endpoint 2023-08-04 11:34:19 +01:00
FloatingGhost 98cb255d12 Support elixir1.15
OTP builds to 1.15

Changelog entry

Ensure policies are fully loaded

Fix :warn

use main branch for linkify

Fix warn in tests

Migrations for phoenix 1.17

Revert "Migrations for phoenix 1.17"

This reverts commit 6a3b2f15b7.

Oban upgrade

Add default empty whitelist

mix format

limit test to amd64

OTP 26 tests for 1.15

use OTP_VERSION tag

baka

just 1.15

Massive deps update

Update locale, deps

Mix format

shell????

multiline???

?

max cases 1

use assert_recieve

don't put_env in async tests

don't async conn/fs tests

mix format

FIx some uploader issues

Fix tests
2023-08-03 17:44:09 +01:00
FloatingGhost babb4b9a8f Merge branch 'metadata_webfinger' into develop 2023-08-02 12:05:43 +01:00
FloatingGhost 27cbfb8985 Send a NIL body rather than an empty one with GET/HEAD 2023-08-01 11:26:05 +01:00
Walter Huf 7ff9c356f4 Merge remote-tracking branch 'upstream/develop' into metadata_webfinger 2023-07-27 07:43:17 -07:00
Weblate eba3cce77b Update translation files
Updated by "Squash Git commits" hook in Weblate.

Translation: Pleroma fe/Akkoma Backend (Config Descriptions)
Translate-URL: http://translate.akkoma.dev/projects/akkoma/akkoma-backend-config-descriptions/
2023-07-27 13:14:05 +00:00
FloatingGhost fa23098093 Merge branch 'develop' into arm 2023-07-27 14:01:11 +01:00
floatingghost 6db8ab7c94 Merge pull request 'Varied selection of Pleroma cherry-picks' (#567) from XxXCertifiedForkliftDriverXxX/akkoma:cherry-picks into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/567
2023-07-27 12:53:56 +00:00
FloatingGhost 34601065c3 Mix format 2023-07-20 17:34:05 +01:00
FloatingGhost 33e7ae7637 Allow nil attachments 2023-07-17 20:03:31 +01:00
FloatingGhost 900b9b0124 Merge branch 'develop' into active-emoji-reactions 2023-07-17 19:45:43 +01:00
FloatingGhost c63ae73bc0 Add embed controller tests 2023-07-17 19:18:21 +01:00
FloatingGhost 16d2bfef80 Ensure embeds will not be served if unauthenticated users could not see it 2023-07-17 18:24:53 +01:00
FloatingGhost c8904f15a2 Correct behaviour of mediaproxy blocklist 2023-07-17 18:17:04 +01:00
FloatingGhost 8fe29bf5d2 Exclude deactivated users from emoji reaction lists 2023-07-17 17:53:03 +01:00
floatingghost 210df6fe92 Merge pull request 'Fix the /embed endpoint' (#540) from mikihau/akkoma:develop into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/540
2023-07-15 20:48:30 +00:00
Mark Felder 5144d6f4ba Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types
Original: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3897
2023-06-28 01:56:14 +01:00
floatingghost 3e4a279a1b Merge pull request 'Implement blocklists for MediaProxy' (#574) from XxXCertifiedForkliftDriverXxX/akkoma:feature/mediaproxy-blocklist into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/574
2023-06-28 00:54:25 +00:00
XxXCertifiedForkliftDriverXxX 767e1272b3 Use OS CA store for Mint HTTP connections 2023-06-26 15:50:49 +02:00
XxXCertifiedForkliftDriverXxX 07b478dc49 Implement blocklists for MediaProxy 2023-06-26 15:18:31 +02:00
tusooa c0a01e73cf Enforce unauth restrictions for public streaming endpoints 2023-06-14 22:45:19 +00:00
tusooa fee6e2aac4 Fix deleting banned users' statuses 2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier 8669a0abcb UploadedMedia: Increase readability via ~s sigil 2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier 37b0d774fa UploadedMedia: Add missing disposition_type to Content-Disposition
Set it to `inline` because the vast majority of what's sent is multimedia
content while `attachment` would have the side-effect of triggering a
download dialog.

Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3114
2023-06-14 22:45:19 +00:00
tusooa 3095251e6c Dedupe poll options 2023-06-14 22:45:19 +00:00
tusooa 79a18f761b Allow with_relationships param for blocks 2023-06-14 22:45:19 +00:00
kPherox 8fb235e71b fix: append field values to bio before parsing 2023-06-14 19:44:07 +00:00
kPherox d6271e7613 feat: build rel me tags with profile fields 2023-06-14 19:44:07 +00:00
Alexander Tumin 5adce547d0 Require related object for notifications to filter on content 2023-06-14 19:41:48 +00:00
tusooa 05e80d1879 Fix block_from_stranger setting 2023-06-14 19:41:44 +00:00
tusooa 1268dbc562 Fix type of admin_account.is_confirmed 2023-06-14 19:38:22 +00:00
tusooa 651979217a Fix failure when registering a user with no email when approval required 2023-06-14 19:33:58 +00:00
Mark Felder 997551bac9 Fix TwitterCard meta tags
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".

Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.

> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]

[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00
Tusooa Zhu 7b9cc9a9b0 Exclude Announce instead of restricting to Create in visibility_tags 2023-06-14 17:20:55 +00:00
Tusooa Zhu fd38756e92 Do not stream out Announces to public timelines 2023-06-14 17:20:55 +00:00
Tusooa Zhu 5ef7c15d92 Make local-only posts stream in local timeline 2023-06-14 17:18:26 +00:00
Hélène 3227ebf1e1 CommonFixes: more predictable context generation
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2023-06-14 16:22:26 +00:00
Miki Hau 593ddbd796 fix the /embed endpoint 2023-05-31 23:42:08 +00:00
XxXCertifiedForkliftDriverXxX 1b560d547a Stop exposing if a user blocks you over the API. 2023-05-28 23:42:27 +02:00
Haelwenn (lanodan) Monnier 70b0f93865 Apply oembed patch 2023-05-26 20:45:57 +01:00
FloatingGhost a388d2503e revert uploaded-media 2023-05-26 12:06:41 +01:00
FloatingGhost 7fb9960ccd Add CSP to mediaproxy links 2023-05-26 11:46:18 +01:00
FloatingGhost 9d83a1e23f Add csp 2023-05-26 11:41:22 +01:00
FloatingGhost 8c208f751d Fix filtering out incorrect addresses 2023-05-23 13:46:25 +01:00
FloatingGhost 037f881187 Fix create processing in direct message disabled 2023-05-23 13:16:20 +01:00
FloatingGhost ab34680554 switch to using an enum system for DM acceptance 2023-05-23 10:29:08 +01:00
FloatingGhost d310f99d6a Add MRFs for direct message manipulation 2023-05-22 23:53:44 +01:00
floatingghost f72d773cc3 Merge pull request 'Make UserNote comment default to the empty string.' (#530) from provable_ascent/akkoma:provable_ascent-patch-1 into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/530
2023-05-22 21:33:01 +00:00
midnight f1e66b39c7 Return empty string in the event of no detected language 2023-05-08 18:52:19 -04:00
provable_ascent d8bed0ff63 Make UserNote comment default to the empty string.
This make the behavior consistent between when UserNote doesn't exist and when comment is null.

The current behavior may return null in APIs, which misleads some clients doing feature detection into thinking the server does not support comments.
For example, see https://codeberg.org/husky/husky/issues/92
2023-04-27 05:22:12 +00:00
FloatingGhost b86b3a9e29 Support public key URIs that incomprehensibly have GET args
Fixes #528
2023-04-25 13:30:20 +01:00
FloatingGhost f2b4e7f86b Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop 2023-04-14 17:56:56 +01:00
FloatingGhost 522221f7fb Mix format 2023-04-14 17:56:34 +01:00
Atsuko Karagi 1fa3c0b485 Remove support for outdated Create format 2023-04-14 17:46:22 +01:00
Atsuko Karagi d2b0d86471 HTTP signatures respect allowlist federation 2023-04-14 17:46:06 +01:00
FloatingGhost f12d3cce39 ensure only pickable frontends can be returned 2023-04-14 17:42:40 +01:00
floatingghost 8c86a06ed1 Merge pull request 'Remove "default" image description' (#493) from ilja/akkoma:remove_default_image_description into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/493
2023-04-14 16:27:41 +00:00
FloatingGhost 4c9c959bb3 Merge branch 'develop' into frontend-switcher-9000 2023-04-14 16:56:10 +01:00
FloatingGhost 9e8e7cc13e Add note telling people to refresh 2023-04-14 16:55:48 +01:00
FloatingGhost a079ec3a3c in dev, allow dev FE 2023-04-14 16:36:40 +01:00
FloatingGhost 1b2c24a19e fix tests 2023-04-14 15:20:55 +01:00
FloatingGhost 66d162bb9e Add debug logs to timeline rendering to assist debugging 2023-03-29 12:01:16 +01:00
FloatingGhost d85d1e128a we don't actually need the object on redirect 2023-03-29 11:44:03 +01:00
sadposter 3f340cbc43 Only even attempt to fetch local activities by object_id
TODO: PLEASE FOR THE LOVE OF KANATAN CACHE THIS
2023-03-29 03:32:24 +01:00
FloatingGhost de64c6c54a add selection UI 2023-03-28 12:44:52 +01:00
floatingghost 281c4636fa Merge pull request 'Show bubble_timeline in the api if any instances are set in it' (#502) from foxing/akkoma:foxing-patch-1 into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/502
2023-03-21 10:13:41 +00:00
FloatingGhost dd44387f1a Add timeline visibility options 2023-03-17 15:33:28 +00:00
FloatingGhost fe7045632b also put publicVisibility in preloaded nodeinfo 2023-03-15 22:59:58 +00:00
FloatingGhost 9464d50562 Add publicTimelineVisibility to nodeinfo 2023-03-15 22:13:18 +00:00
foxing bd040fe96a Merge branch 'develop' into foxing-patch-1 2023-03-13 03:41:15 +00:00
foxing ba635e97c8 Use enum empty instead 2023-03-13 03:40:20 +00:00
floatingghost 377d1483b6 Merge pull request 'Apply security patch from pleroma to prevent nested file names being uploaded to the server.' (#507) from foxing/akkoma:foxing-patch-2 into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/507
2023-03-13 00:29:51 +00:00
FloatingGhost 643b8c5f15 ensure we send the right files for preferred fe 2023-03-12 23:59:10 +00:00
FloatingGhost 3d964a9970 Add frontend preference route 2023-03-12 23:24:07 +00:00
foxing c2ae3273d5 Merge branch 'develop' into foxing-patch-2 2023-03-12 19:23:22 +00:00
foxing 3f76de76da Apply Patch 2023-03-12 19:13:56 +00:00
flisk 0c77be9308 don't crash on malformed avatar and banner values
weird values in href will cause base64 encoding to fail later down the
line, so let's make sure the value we're passing on is somewhat sane, or
at the very least a binary

this fixes #482
2023-03-12 18:14:05 +01:00
ilja 6c396fcab4 Remove "default" image description
When no image description is filled in, Pleroma allowed fallbacks.
Those were (based on a setting) either the filename, or a fixed description.
Neither are good options for image descriptions imo, so here we remove this.

Note that there's two tests removed who supposedly tested something else.
But examining closer, they didn't seem to test what they claimed to test,
so I removed them rather than try to "fix" them.
2023-03-12 08:42:33 +01:00
foxing e17d8f744e Merge branch 'develop' into foxing-patch-1 2023-03-11 19:09:14 +00:00
FloatingGhost 70803d7966 Remove mix.env reference 2023-03-11 18:24:44 +00:00
FloatingGhost 5ca22c2459 ensure we can't have a null in appends 2023-03-11 17:24:49 +00:00
foxing 19eb826424 Show bubble_timeline in the api if any instances are set in it, do not show if none are set 2023-03-11 03:26:48 +00:00
FloatingGhost 9977588612 we should probably use || 2023-03-10 18:49:08 +00:00
floatingghost e124a109c1 Remove _misskey_reaction matching (#500)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/500
2023-03-10 18:46:49 +00:00
FloatingGhost 08dfce98be Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop 2023-03-10 03:51:45 +00:00
FloatingGhost b2112302ce Add more information about failed verifications 2023-03-10 03:51:24 +00:00
foxing 964a855319 Display Quote posts in the api features list to allow external clients to enable compatibility with it. (#496)
Expose quote posting in the api as a feature.

Copies what the quote post PR for pleroma does to allow external clients to enable and disable features based on the feature-set of the instance.

As far as I am aware, akkoma doesn't allow you to disable quote posting, so this doesn't need anything fancy and it's just a hard on switch.

I tried to get one for the bubble tl to work also, but I'm not quite sure how to do it so that it switches off the feature when the bubble tl is disabled. I would argue that it could and ideally should be done as well though.

I also discovered a pretty tame bug in the testing of it, that deleting the DB entry for the bubble tl does not stop the bubble TL from actually working and it will continue to display the panel on the about page, I'll just leave it as a note here.

Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/496
Co-authored-by: foxing <foxing@noreply.akkoma>
Co-committed-by: foxing <foxing@noreply.akkoma>
2023-03-09 20:40:28 +00:00
FloatingGhost 8a4437d2be Allow expires_at in filter requests
Fixes #492
2023-03-09 19:13:14 +00:00
FloatingGhost 87d5e5b06a Allow moderators to get the admin scope again
Fixes #463
2023-03-08 17:39:35 +00:00
FloatingGhost b88e6560e0 Reblog content should be ""
Fixes #450
2023-03-02 11:04:27 +00:00
FloatingGhost d3089ec399 Ensure we can update contentMap on update 2023-02-23 11:00:55 +00:00
ilja b4952a81fe Interpret \n as newline for MFM
Markdown doesn't generally consider `\n` a newline,
but Misskey does for MFM.

Now we do to for MFM (and not for Markdown) :)
2023-02-18 19:56:11 +01:00
ilja b71db2f82d create_service_actor is now type Application
This is used for internal fetch and for relay. Both represent the instance and therefore are an aplication.
2023-02-04 21:00:21 +00:00
floatingghost aeb68a0ad1 paginate follow requests (#460)
matches https://docs.joinmastodon.org/methods/follow_requests/#get mostly

Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/460
2023-02-04 20:51:17 +00:00
Walter Huf 54fdf3a5de Use any custom WebFinger domain for page metadata 2023-01-22 16:26:41 -08:00
FloatingGhost d394ab0a8a Merge branch 'develop' of akkoma.dev:AkkomaGang/akkoma into develop 2023-01-15 18:58:26 +00:00
FloatingGhost 90088cce11 Support TLD wildcards in MRF matches
Fixes #431
2023-01-15 18:57:49 +00:00
floatingghost 63ce25f32c Merge pull request 'Correct og:description tag in static-fe' (#373) from sfr/akkoma:fix/og-description into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/373
2023-01-15 18:15:20 +00:00
sfr 20cd8a0fc4 URL encode remote emoji pack names (#362)
fix #246

Co-authored-by: Sol Fisher Romanoff <sol@solfisher.com>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/362
Co-authored-by: sfr <sol@solfisher.com>
Co-committed-by: sfr <sol@solfisher.com>
2023-01-15 18:14:04 +00:00
Brian Underwood 7ca9ce9d67 fix: Give error message to users when address has already been validated
Plus other errors.
2023-01-12 22:08:10 +01:00
FloatingGhost ff5793198f add inbound language test 2023-01-11 15:42:13 +00:00
FloatingGhost 78c44f31ca fix no-language-specified federation 2023-01-11 15:25:34 +00:00
FloatingGhost 22068f0853 fix unused variable warnings 2023-01-10 10:58:17 +00:00
FloatingGhost cc63a89b5d Fix tests 2023-01-10 10:29:17 +00:00
FloatingGhost f86bf16430 Add language support on /api/v1/statuses 2023-01-10 10:29:17 +00:00
floatingghost 357f80a714 Merge pull request 'Changed references of "Pleroma" to "Akkoma" in email text' (#428) from knova/akkoma:develop into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/428
2023-01-09 22:13:45 +00:00
darkkirb a8cd859ef9 Use actual ISO8601 timestamps for masto API (#425)
Some users post posts with spoofed timestamp, and some clients will have issues with certain dates. Tusky for example crashes if the date is any sooner than 1 BCE (“year zero” in the representation).

I limited the range of what is considered a valid date to be somewhere between the years 1583 and 9999 (inclusive).

The numbers have been chosen because:

- ISO 8601 only allows years before 1583 with “mutual agreement”
- Years after 9999 could cause issues with certain clients as well

Co-authored-by: Charlotte 🦝 Delenk <lotte@chir.rs>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/425
Co-authored-by: darkkirb <lotte@chir.rs>
Co-committed-by: darkkirb <lotte@chir.rs>
2023-01-09 22:12:28 +00:00
knova 13d943667e Changed references of "Pleroma" to "Akkoma" in email text
I know this is probably small peanuts in the grand scheme of things, but it bugged me when I was messing around with my own Akkoma instance.
2023-01-08 03:29:09 +00:00
Charlotte 🦝 Delenk f2b925f32c
exiftool doesn’t support JPEG XL either 2023-01-07 14:49:58 +01:00
ihor b98fe4476c fix "exiftool not support svg files' (#421)
Faced with this issue today, Pleroma responds with status 400 (Bad request) if Exiftool.StripLocation is added to the list of filter modules for uploads. Here is logs:

```
13:27:25.201 [info] POST /api/v1/media

13:27:25.232 request_id=FzdspaAnrA6cyv0APgVR [error] Elixir.Pleroma.Upload.Filter: Filter Elixir.Pleroma.Upload.Filter.Exiftool.StripLocation failed: {:error, "Elixir.Pleroma.Upload.Filter.Exiftool.StripLocation: %ErlangError{original: :enoent}"}

13:27:25.232 request_id=FzdspaAnrA6cyv0APgVR [error] Elixir.Pleroma.Upload store (using Pleroma.Uploaders.Local) failed: "Elixir.Pleroma.Upload.Filter.Exiftool.StripLocation: %ErlangError{original: :enoent}"
```

# This fix solves this problem.

Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/421
Co-authored-by: ihor <ikandreew@gmail.com>
Co-committed-by: ihor <ikandreew@gmail.com>
2023-01-05 15:22:48 +00:00
FloatingGhost 336d06b2a8 Significantly tighten HTTP CSP 2023-01-02 15:21:19 +00:00
FloatingGhost 57e51fe62c Migrate Pleroma.Web to phoenix 1.6 formats 2023-01-02 03:29:02 +00:00
FloatingGhost 6e646c4cbc Use a genserver to periodically fetch metrics
Ref https://github.com/beam-telemetry/telemetry_metrics_prometheus_core/issues/52
2023-01-01 18:32:14 +00:00
FloatingGhost c4b46ca460 Add /api/v1/followed_tags 2022-12-31 18:09:34 +00:00
ilja 745e15468e Use same context for quote posts as the post that's being quoted (#379)
See https://akkoma.dev/AkkomaGang/akkoma/pulls/350#issuecomment-6109

When making quotes through Mast-API, they will now have the same context as the quoted post. This also results in them being showed when fetching the thread. I checked Misskey to see how it's there, and they show the quotes there as well, see e.g. <https://mk.toast.cafe/notes/98u1g0tulg>.

An example from Akkoma:

Co-authored-by: ilja <git@ilja.space>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/379
Reviewed-by: floatingghost <hannah@coffee-and-dreams.uk>
Co-authored-by: ilja <akkoma.dev@ilja.space>
Co-committed-by: ilja <akkoma.dev@ilja.space>
2022-12-31 18:09:27 +00:00
FloatingGhost b8f280b4b5 Rich media doesn't need to be a map 2022-12-31 03:53:52 +00:00
FloatingGhost bf7ff6a337 Put rich media processing in a Task 2022-12-30 20:11:53 +00:00
Sol Fisher Romanoff 1d884fd914
Correct og:description tag in static-fe 2022-12-30 07:14:54 +02:00
FloatingGhost 5d4c291d52 update references to pleroma in docs 2022-12-30 03:43:35 +00:00
floatingghost 9be6caf125 argon2 password hashing (#406)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/406
2022-12-30 02:46:58 +00:00
floatingghost a5e98083f2 Add link verification in profile fields (#405)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/405
2022-12-29 20:56:06 +00:00
FloatingGhost af7c3fab98 Do not crash on invalid atom in configDB 2022-12-21 00:16:39 +00:00
Atsuko Karagi 4a78c431cf Simplified HTTP signature processing 2022-12-19 20:41:48 +00:00
Atsuko Karagi e17c71a389 Respect restrict_unauthenticated in /api/v1/accounts/lookup 2022-12-19 20:32:16 +00:00
ilja c092fc9fd6 Add translation module for Argos Translate (#351)
Argos Translate is a Python module for translation and can be used as a command line tool.

This is also the engine for LibreTranslate, for which we already have a module.
Here we can use the engine directly from our server without doing requests to a third party or having to install our own LibreTranslate webservice (obviously you do have to install Argos Translate).

One thing that's currently still missing from Argos Translate is auto-detection of languages (see <https://github.com/argosopentech/argos-translate/issues/9>). For now, when no source language is provided, we just return the text unchanged, supposedly translated from the target language. That way you get a near immediate response in pleroma-fe when clicking Translate, after which you can select the source language from a dropdown.

Argos Translate also doesn't seem to handle html very well. Therefore we give admins the option to strip the html before translating. I made this an option because I'm unsure if/how this will change in the future.

Co-authored-by: ilja <git@ilja.space>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/351
Co-authored-by: ilja <akkoma.dev@ilja.space>
Co-committed-by: ilja <akkoma.dev@ilja.space>
2022-12-19 13:06:39 +00:00
floatingghost 233c4bb3ba revert 28ab09d377
revert Remove unused dependencies
2022-12-19 02:34:46 +00:00
FloatingGhost 28ab09d377 Remove unused dependencies 2022-12-19 02:26:04 +00:00
FloatingGhost 3d546409b2 remove now-unused test 2022-12-17 23:21:24 +00:00
FloatingGhost 52d8183787 drop admin scopes on create app instead of rejecting 2022-12-17 23:14:49 +00:00
FloatingGhost dcac8adb3d Add option to modify HTTP pool size 2022-12-16 18:33:00 +00:00
FloatingGhost 7b76fdeed3 update stats every 5 minutes 2022-12-16 17:22:56 +00:00
FloatingGhost b91e671c0d add remote user count for the heck of it 2022-12-16 17:22:26 +00:00
FloatingGhost 1f5bc4d68a remove unused variable 2022-12-16 12:36:34 +00:00
FloatingGhost 9a320ba814 make 2fa UI less awful 2022-12-16 11:50:25 +00:00
FloatingGhost 48d302a60f allow disabling prometheus entirely 2022-12-16 11:17:04 +00:00
FloatingGhost d1a0d93bf7 document prometheus 2022-12-16 10:24:36 +00:00
FloatingGhost c2054f82ab allow users with admin:metrics to read app metrics 2022-12-16 03:32:51 +00:00
FloatingGhost b8be8192fb do not allow non-admins to register tokens with admin scopes
this didn't actually _do_ anything in the past,
the users would be prevented from accessing the resource,
but they shouldn't be able to even create them
2022-12-16 03:25:14 +00:00
FloatingGhost e2320f870e Add prometheus metrics to router 2022-12-15 02:02:07 +00:00
Tim Buchwaldt 29584197bb Measure stats-data 2022-12-15 01:04:56 +00:00
Tim Buchwaldt 63be819661 Take tesla telemetry 2022-12-15 01:04:56 +00:00
Tim Buchwaldt 0995fa1410 Track oban failures 2022-12-15 01:04:56 +00:00
Tim Buchwaldt f8d3383179 Fix oban tags 2022-12-15 01:04:56 +00:00
Tim Buchwaldt a06bb694c1 Listen to loopback 2022-12-15 01:04:56 +00:00
Tim Buchwaldt 1e9c2cd8ef Fix buckets for query timing 2022-12-15 01:04:56 +00:00
Tim Buchwaldt 33243c56e5 Start adding telemetry 2022-12-15 01:04:55 +00:00
floatingghost 07a48b9293 giant massive dep upgrade and dialyxir-found error emporium (#371)
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/371
2022-12-14 12:38:48 +00:00
duponin 3e9c0b380a
Return 413 when an actor's banner or background exceeds the size limit 2022-12-12 17:28:14 -05:00
duponin c9304962c3
Uploading an avatar media exceeding max size returns a 413
Until now it was returning a 500 because the upload plug were going
through the changeset and ending in the JSON encoder, which raised
because struct has to @derive the encoder.
2022-12-12 17:28:09 -05:00
FloatingGhost 77e9a52450 allow http AS profile in ld+json header 2022-12-12 19:06:04 +00:00
FloatingGhost 9c71782861 Test removed HTTP adapter 2022-12-11 23:50:31 +00:00
FloatingGhost 503827a3d9 Allow mock in http adapter checking 2022-12-11 23:33:58 +00:00
FloatingGhost f752126427 Remove quack, ensure adapter is finch 2022-12-11 23:22:35 +00:00
FloatingGhost e6da301296 Add diagnostics http 2022-12-11 22:57:18 +00:00
FloatingGhost 9d9c26b833 Ensure Gun is Gone 2022-12-11 19:26:21 +00:00
FloatingGhost affc910372 Remove hackney/gun in favour of finch 2022-12-11 19:19:31 +00:00
FloatingGhost 68894089e8 Do not fetch anything from blocked instances 2022-12-10 00:09:45 +00:00
FloatingGhost a1515f9a60 Add some extra info around possible nils 2022-12-09 23:45:51 +00:00
floatingghost 2144ce5188 Merge pull request 'Magical patches' (#357) from magical-patches into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/357
2022-12-09 21:12:49 +00:00
FloatingGhost 739ed14f54 Revert "mandate published on notes"
This reverts commit e49b583147.
2022-12-09 20:59:26 +00:00
FloatingGhost e49b583147 mandate published on notes
fixes #356
2022-12-09 20:27:54 +00:00
FloatingGhost f5a315f04c Add URL and code to :not_found errors
Ref #355
2022-12-09 20:13:31 +00:00
FloatingGhost bc265bfd54 Underscore unused variable 2022-12-09 20:04:48 +00:00
FloatingGhost dcf58a3c53 Do not pass transient undo-y activities through MRF 2022-12-09 20:01:38 +00:00
FloatingGhost 9db4c2429f Remove FollowBotPolicy 2022-12-09 19:59:27 +00:00
FloatingGhost 6f83ae27aa extend reject MRF to check if originating instance is blocked 2022-12-09 19:57:29 +00:00