Commit graph

15406 commits

Author SHA1 Message Date
XxXCertifiedForkliftDriverXxX 07b478dc49 Implement blocklists for MediaProxy 2023-06-26 15:18:31 +02:00
floatingghost 67cae52b08 Merge pull request 'Add asdf install guide for debian/ubuntu' (#559) from norm/akkoma:asdf into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/559
2023-06-26 12:58:01 +00:00
floatingghost 4db42f5ab5 Merge pull request 'Adapt some migrations so they can be rolled back' (#565) from ilja/akkoma:fix_some_migrations_for_rollback into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/565
2023-06-26 12:52:22 +00:00
floatingghost 145191ef26 Merge pull request 'Update docker compose commands to Compose V2' (#570) from norm/akkoma:docker-compose into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/570
2023-06-26 12:37:38 +00:00
Norm 6674b33d75
update docs with new docker compose commands 2023-06-18 01:44:25 -04:00
Norm 2dfce40117
Update docker compose commands to Compose V2
This just replaces all instances of `docker-compose` with `docker
compose` in the docker scripts.

The old Compose V1 program is unsupported since 2021:
https://docs.docker.com/compose/migrate/#will-i-still-be-able-to-use-compose-v1-if-i-really-want-to
2023-06-18 01:37:40 -04:00
tusooa c0a01e73cf Enforce unauth restrictions for public streaming endpoints 2023-06-14 22:45:19 +00:00
tusooa fee6e2aac4 Fix deleting banned users' statuses 2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier 8669a0abcb UploadedMedia: Increase readability via ~s sigil 2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier 37b0d774fa UploadedMedia: Add missing disposition_type to Content-Disposition
Set it to `inline` because the vast majority of what's sent is multimedia
content while `attachment` would have the side-effect of triggering a
download dialog.

Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3114
2023-06-14 22:45:19 +00:00
tusooa 1def80c2e7 Fix existing tests 2023-06-14 22:45:19 +00:00
tusooa 3095251e6c Dedupe poll options 2023-06-14 22:45:19 +00:00
tusooa 79a18f761b Allow with_relationships param for blocks 2023-06-14 22:45:19 +00:00
kPherox 8fb235e71b fix: append field values to bio before parsing 2023-06-14 19:44:07 +00:00
kPherox d6271e7613 feat: build rel me tags with profile fields 2023-06-14 19:44:07 +00:00
Alexander Tumin 5adce547d0 Require related object for notifications to filter on content 2023-06-14 19:41:48 +00:00
tusooa 05e80d1879 Fix block_from_stranger setting 2023-06-14 19:41:44 +00:00
tusooa 1268dbc562 Fix type of admin_account.is_confirmed 2023-06-14 19:38:22 +00:00
tusooa 651979217a Fix failure when registering a user with no email when approval required 2023-06-14 19:33:58 +00:00
Mark Felder 997551bac9 Fix TwitterCard meta tags
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".

Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.

> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]

[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00
Tusooa Zhu 2a290cb331 Lint 2023-06-14 17:20:55 +00:00
Tusooa Zhu dfd6c96808 Fix SideEffectsTest 2023-06-14 17:20:55 +00:00
Tusooa Zhu 7b9cc9a9b0 Exclude Announce instead of restricting to Create in visibility_tags 2023-06-14 17:20:55 +00:00
Tusooa Zhu fd38756e92 Do not stream out Announces to public timelines 2023-06-14 17:20:55 +00:00
Tusooa Zhu 5ef7c15d92 Make local-only posts stream in local timeline 2023-06-14 17:18:26 +00:00
Hélène 3227ebf1e1 CommonFixes: more predictable context generation
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2023-06-14 16:22:26 +00:00
Francis Dinh 5e3ca133f2
reword to not mention specific elixir version 2023-06-11 08:46:56 -04:00
ilja 3a13f91fff Adapt some migrations so they can be rolled back
This is useful for people who want to migrate back to Pleroma.
It's also added in the docs, but also noted that this is barely tested and to be used at their own risk.
2023-06-09 22:02:26 +02:00
Norm b99053d2c2 Reload emoji when using mix pleroma.emoji gen-pack and get-packs
I think it makes more sense that the emoji cache gets reloaded in Akkoma if you add or create emoji packs.
2023-06-04 02:43:18 +00:00
Miki Hau 593ddbd796 fix the /embed endpoint 2023-05-31 23:42:08 +00:00
lain 1ae89bddcd Merge branch 'feature/embeddable-posts' into 'develop'
Add embeddable posts

Closes #1288

See merge request pleroma/pleroma!2319
2023-05-31 23:40:16 +00:00
Francis Dinh 5fe41df8aa
docs: Add Kaiteki to list of clients 2023-05-31 18:19:06 -04:00
Francis Dinh 5ce38591e5
fix typo 2023-05-31 09:03:25 -04:00
Francis Dinh 2482d96782
remove one more java dep 2023-05-31 08:59:03 -04:00
Francis Dinh f68b047bf7
remove java and gui dependencies 2023-05-31 08:46:05 -04:00
Francis Dinh 48a0145736
add command to restart shell 2023-05-30 21:21:44 -04:00
Francis Dinh d956dc2f09
Add asdf install guide for debian/ubuntu
Closes #557
2023-05-30 21:17:26 -04:00
Francis Dinh 40627a94d4
Add config for media subdomain for Caddy
A recent group of vulnerabilities have been found in Pleroma (and
inherited by Akkoma) that involve media files either uploaded by local
users or proxied from remote instances (if media proxy is enabled).

It is recommended that media files are served on a separate subdomain
in order to mitigate this class of vulnerabilities.

Based on https://meta.akkoma.dev/t/another-vector-for-the-injection-vulnerability-found/483/2
2023-05-29 14:04:00 -04:00
floatingghost fb8081e1a3 Merge pull request 'Stop exposing if a user blocks you over the API.' (#553) from XxXCertifiedForkliftDriverXxX/akkoma:feature/hide-blocked_by into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/553
2023-05-28 22:02:33 +00:00
XxXCertifiedForkliftDriverXxX 1b560d547a Stop exposing if a user blocks you over the API. 2023-05-28 23:42:27 +02:00
Francis Dinh 0e5f55deea
more references being updated 2023-05-26 22:54:12 -04:00
Francis Dinh f0f0c76805
docs: Update Pleroma-FE references to Akkoma-FE
The frontend got renamed a while back, so the docs should be updated to
reflect that.
2023-05-26 22:36:27 -04:00
Francis Dinh b3fc098b83
docs: Update Pleroma references to Akkoma in optional packages guide
This apparently slipped past though all of the doc updates from a while
back.
2023-05-26 22:26:14 -04:00
FloatingGhost 39b3d92cd8 Bump version 2023-05-26 20:46:38 +01:00
Haelwenn (lanodan) Monnier 70b0f93865 Apply oembed patch 2023-05-26 20:45:57 +01:00
FloatingGhost a388d2503e revert uploaded-media 2023-05-26 12:06:41 +01:00
FloatingGhost 7fb9960ccd Add CSP to mediaproxy links 2023-05-26 11:46:18 +01:00
FloatingGhost 9d83a1e23f Add csp 2023-05-26 11:41:22 +01:00
FloatingGhost 82ca7a6470 bump version 2023-05-23 14:10:01 +01:00
FloatingGhost 9e9cf58fdf or not 2023-05-23 13:54:22 +01:00