Commit graph

4400 commits

Author SHA1 Message Date
Nutomic 00f9f79a44
Only allow http(s) scheme for urls (ref #3505) (#3508)
With this change only http(s) schemes are allowed for post.url
field. This is checked for incoming api and federation requests.
Existing posts in database which are sent to clients are not
checked. Neither does it check urls in markdown.
2023-07-06 08:29:51 -04:00
Nutomic c12fedaf1b
Change security contact mail (#3506)
Old one isnt working apparently
2023-07-06 07:27:47 -04:00
Diamond 084f603745
Allow cross-origin requests (#3421)
Co-authored-by: pfg <pfg@pfg.pw>
2023-07-06 07:25:19 -04:00
Dessalines 6840fd64f9
Make sure hot rank sorts for post and community filter by positive hot ranks. (#3497)
* Make sure hot rank sorts for post and community filter by positive hot ranks.

- Context #2994

* Adding a comment.
2023-07-06 13:22:48 +02:00
Dessalines ef11a6ca37
Fixes wrong community moderator ordering. (#3495) 2023-07-06 12:27:25 +02:00
Nutomic ce1ffebeb0
Use fixed prettier version for CI (#3507)
3.0.0 was pushed to docker hub 2 hours ago, thats probably why
builds are breaking now.
2023-07-06 12:23:51 +02:00
phiresky 2158621bda
upgrade markdown-it to fix panic (#3490)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 13:08:53 -04:00
phiresky 45b1a0d4fb
improve performance of community followers inbox query (#3482)
* improve performance of community followers inbox query

* nightly format

* force woodpecker to retry

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 11:50:26 -04:00
Nutomic ebaf69bd70
Cache federation blocklist (#3486)
* Cache federation blocklist

* revert submodule change
2023-07-05 11:08:02 -04:00
Andrew Fields 1e99e8b9dc
Add Prometheus endpoint (#3456)
Add a server for serving Prometheus metrics. Include a configuration
block in the config file. Provide HTTP metrics on the API, along with
process-level metrics and DB pool metrics.
2023-07-05 13:25:19 +02:00
Dessalines 657c2e37c0
Adding a person.admin index, and featured_local/community indexes. (#3479) 2023-07-05 13:00:41 +02:00
Lemmus.org ff47d97bd3
Add feature for enabling json logging (#3462) 2023-07-04 07:11:47 -04:00
Louis GERARD 85dab149a9
fix(posts/comments/search): return error on invalid community name (#3418) 2023-07-04 13:04:38 +02:00
Josephos cdc5b47886
Improved validation of display names (Fixes #3436) (#3437)
* Fixed validation of display names

Fixed validation of display names: reject names beginning with invisible unicode characters.

* Formatting

Formatting fix.

* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.

* Formatting

* Added a comment detailing source of the list of invisible chars.
2023-07-04 12:41:58 +02:00
Dessalines 8bcf2ea7c9
Fixing clippy. (#3471) 2023-07-04 12:15:27 +02:00
Piotr Juszczyk bf62fbe644
Remove not needed anymore http-signature-normalization-actix dependency (#3458) 2023-07-04 12:14:37 +02:00
Dessalines f0e487f18a
300 comment limit. (#3306)
* 300 comment limit.

* Another fix.
2023-07-03 18:02:57 -04:00
Dessalines 7a04971ecd Version 0.18.1-rc.9 2023-07-03 17:16:48 -04:00
JP Moresmau bbca6ef6dc
Do not decrement comment score twice when removing then deleting. (#3196)
Fixes #3004

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 14:13:53 -04:00
perillamint 696cca4ce4
Remove excessive content_type header configuration (#3470) 2023-07-03 13:43:45 -04:00
Dessalines 935b0bf048
Adding rest of community sorts. Fixes #3374 (#3376)
* Adding rest of community sorts. Fixes #3374

* Addressing PR comments.
2023-07-03 13:09:15 -04:00
Nutomic e1494d4683
Dont compare db string errors (fixes #1393) (#3424)
* Dont compare db string errors (fixes #1393)

* cargo fmt

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 11:59:49 -04:00
Simon Bordeyne b8ee9315bc
Add Open links in new tab setting (#3318)
* Add Open links in new tab setting

* reorder because it fixes tests ?
2023-07-03 11:10:25 -04:00
David BELEY efe98158c0
Fix awesome-lemmy owner (#3469) 2023-07-03 16:44:55 +02:00
David BELEY 050216eed9
Add awesome-lemmy to LemmyNet? (#3413)
* Add LemmyNet/awesome-lemmy

* Delete other apps/projects from README.md
2023-07-03 15:15:45 +02:00
Nutomic cb91eedd24
Use serde(skip) instead of skip_serializing, add placeholder values (#3362)
* Use serde(skip) instead of skip_serializing

The latter breaks lemmy_crawler as the field is not included in
the Lemmy API, but is required when attempting to parse API responses.
Should only use serde(skip) to avoid this problem

* use option

* add placeholders

* no unwrap
2023-07-03 15:14:01 +02:00
Nutomic 6405761891
Mark follow as pending when subscribing to remote community (fixes #3384) (#3406) 2023-07-03 12:03:20 +02:00
Felix Ableitner fc60b82f82 Fix formatting for latest nightly (#ref 3467) 2023-07-03 11:45:53 +02:00
Nutomic 3578dab67f
Remove PerformApub trait (#3423)
* Remove PerformApub trait

This is completely useless now that websocket is gone. In the future
I also plan to remove Perform and PerformCrud traits, but it will be
difficult to do that while still compiling crates in parallel.

* params need to use query
2023-07-03 11:01:41 +02:00
drumlinish 682ca55e0c
Fix quoting of max-file in docker-compose.yml (#3442) 2023-07-03 10:59:07 +02:00
phiresky cb28af508d
don't strip, log trace if requested (#3425) 2023-06-30 09:32:43 -04:00
Lemmus.org 810762762f
Update federated posts to not cache sensitive images if not allow by local site (#3253)
* Update federated posts to not cache sensitive images if not allow by local site

* Refactor thumbnail match to simplify logic
2023-06-30 12:42:42 +02:00
Dominic Mazzoni fcc010b5dc
Fix concatenation of audio captcha wav files (#3350)
* Fix concatenation of audio captcha wav files

* Log errors rather than crashing

* Return Result from captcha_as_wav_base64

* Change to return LemmyError

* Check for wav write error, format

* Remove unused import

* Rewrite to avoid clippy warnings
2023-06-30 12:36:38 +02:00
dullbananas 7d3894d5dd
Automatically manage database when running scripts/test.sh (#3389)
* Update .gitignore

* Create start-dev-db.sh

* Rename start-dev-db.sh to start_dev_db.sh

* Update .gitignore

* Update start_dev_db.sh

* Update start_dev_db.sh

* Update start_dev_db.sh

* Update start_dev_db.sh

* h

* Update test.sh

* Update start_dev_db.sh

* made it work

* Make test.sh work when run from scripts dir
2023-06-30 09:50:30 +02:00
Dessalines 3159eedd99 Version 0.18.1-rc.4 2023-06-29 10:45:59 -04:00
Dessalines 6c64cb5233
Fixing release script. (#3398)
* Fixing release script.

* Version 0.18.1-rc.2

* Removing cargo update from release script.

* Fixing topdir location.
2023-06-29 16:17:59 +02:00
Nick Shockey 0464c46d26
Added gitattributes to normalize all files to lf (#3386)
This makes it less annoying to build on windows/mac

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-29 10:16:11 +02:00
Nutomic c216153dfb
Update activitypub-federation crate to 0.4.5 (#3379)
https://github.com/LemmyNet/activitypub-federation-rust/releases/tag/0.4.5
2023-06-28 12:58:23 -04:00
Sander Saarend ec18fd9869
Fix cargo warnings (#3397) 2023-06-28 12:57:49 -04:00
c-andy-candies ffc049078e
Fix missing sorting types (#3370)
* Fix missing sorting types

* Reordered sort_type_enum
2023-06-28 12:44:16 -04:00
Jan Klass 0f91759e4d
docs(api): Add api-common info on generating TypeScript bindings (#3330) 2023-06-28 11:25:46 +02:00
dullbananas bef76630c5
Remove redundant calls to Iterator::collect (#3365)
* Remove redundant calls to `Iterator::collect`

* Update mentions.rs

* Add clippy lints and run fmt

* CI ran on the wrong commit again 
2023-06-28 11:19:26 +02:00
Nutomic e4b739320c
Run cargo update as part of release script (#3369)
To get newest dependency patches and get rid of yanked deps

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-27 08:59:58 -04:00
Dessalines ad6f244b61 Version 0.18.1-rc.1 2023-06-27 08:14:46 -04:00
Nina Blanson e63aa80c3a
Fixes #2900 - Checks slur regex to see if it is too permissive (#3146)
* Fixes #2900 - Checks slur regex to see if it is too permissive along with small validation organization

* Clean up variable names, add handler for valid empty string usecase

* Update tests

* Create validation function and add tests

* Test clean up

* Use payload value vs local site value to prevent stunlocking

* Remove println added while testing

* Fall back to local site regex if not provided from request

* Attempt clean up of flaky comment_view tests

* Pull in latest submodule

* Move application, post check into functions, add more tests and improve test readability

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-06-27 07:03:30 -04:00
Domenic Horner d1d90af0eb
add new flag to api (#3363) 2023-06-27 06:45:26 -04:00
TKilFree 2aef6a5a33
feat: re-added captcha checks (#3289) 2023-06-27 06:38:53 -04:00
Sander Saarend 76a4513774
Limit password resets (#3344) 2023-06-27 11:20:53 +02:00
Dessalines 98482b1564
Fixing the release script. (#3295)
* Fixing the release script.

* Updating the submodules.
2023-06-27 10:28:56 +02:00
Sander Saarend 211e76dc27
Batch hot rank updates (#3175) 2023-06-27 10:13:51 +02:00