Commit graph

8723 commits

Author SHA1 Message Date
lain
a4afeed426 Uploads: Sandbox them in the CSP. 2020-05-01 01:37:26 +03:00
Mark Felder
8cf4e1619e Fix Oban not receiving :ok from RichMediaHelper job 2020-05-01 01:11:51 +03:00
Ivan Tashkinov
862d4886c9 [#1682] Fixed Basic Auth permissions issue by disabling OAuth scopes checks when password is provided. Refactored plugs skipping functionality. 2020-05-01 01:00:37 +03:00
rinpatch
da4923f2e5 Merge branch 'authenticated-api-oauth-check-enforcement' into 'develop'
Enforcement of OAuth scopes check for authenticated API endpoints

See merge request pleroma/pleroma!2349
2020-05-01 00:58:40 +03:00
lain
1ebf8db2a5 Merge branch 'fix-object_age_policy' into 'develop'
Fix ObjectAgePolicy

See merge request pleroma/pleroma!2404
2020-05-01 00:55:37 +03:00
Haelwenn (lanodan) Monnier
0d74e38f5f mix.exs: Do not bail out when .git doesn’t exists 2020-05-01 00:55:37 +03:00
Haelwenn
2ff3b85326 Merge branch 'bugfix/1670-user-count' into 'develop'
Stats: Ignore internal users for user count.

Closes #1670

See merge request pleroma/pleroma!2414
2020-05-01 00:55:37 +03:00
Haelwenn
bf4b5f3856 Merge branch 'fix/follow-and-blocks-import' into 'develop'
Fix follower/blocks import when nicknames starts with @

Closes #1698

See merge request pleroma/pleroma!2416
2020-05-01 00:55:37 +03:00
lain
2e58fe08cd CommonAPI: Don't make repeating announces possible 2020-05-01 00:55:34 +03:00
Alex Gleason
6e0b046771 Let blob: pass CSP 2020-05-01 00:40:09 +03:00
eugenijm
78391a00c5 Mastodon API: do not create a following relationship if the corresponding follow request doesn't exist when calling POST /api/v1/follow_requests/:id/authorize 2020-05-01 00:39:23 +03:00
rinpatch
61889e00fc Deactivate local users on deletion instead of deleting the record
Prevents the possibility of re-registration, which allowed to read
DMs of the deleted account.

Also includes a migration that tries to find any already deleted
accounts and insert skeletons for them.

Closes pleroma/pleroma#1687
2020-05-01 00:38:58 +03:00
rinpatch
3b15a0eecc Merge branch 'release/2.0.2' into 'stable'
2.0.2 Release

See merge request pleroma/pleroma!2336
2020-04-08 15:51:56 +00:00
rinpatch
d9f36965f6 pleroma-fe bundle: update to 8e049297ff6a125298ba9d06a3a4a563b231360f 2020-04-08 16:26:06 +03:00
rinpatch
a8d98ba3aa CHANGELOG.md: update 2.0.2 release date 2020-04-08 00:40:08 +03:00
rinpatch
8593867c47 CHANGELOG.md: add 2.0.2 update notes 2020-04-08 00:38:48 +03:00
Mark Felder
c0a630d42f Update AdminFE build in preparation for Pleroma 2.0.2 2020-04-08 00:29:19 +03:00
rinpatch
94240cac4e Merge branch 'fix-auto-link-for-profile-fields' into 'develop'
Use Pleroma.Formatter.linkify/2 instead

See merge request pleroma/pleroma!2352
2020-04-08 00:29:19 +03:00
rinpatch
ae937bcaa1 CHANGELOG.md: add entries for funkwhale-related changes 2020-04-08 00:29:18 +03:00
rinpatch
06444a1501 Merge branch 'bugfix/earmark_renderer_test' into 'develop'
test/earmark_renderer_test.exs: Rename from test/earmark_renderer_test.ex

See merge request pleroma/pleroma!2300
2020-04-02 23:02:32 +03:00
Haelwenn
b0a9a02af3 Merge branch 'feature/funkwhale-audio' into 'develop'
Add support for funkwhale Audio activity

Closes #764 and #1624

See merge request pleroma/pleroma!2287
2020-04-02 23:00:23 +03:00
Haelwenn
01a3f145d5 Merge branch 'bugfix/funkwhale-channel' into 'develop'
Fix profile url for funkwhale channels, removes one source_data use

Closes #1653

See merge request pleroma/pleroma!2333
2020-04-02 22:55:09 +03:00
lain
e97b50d17a Merge branch 'fix-testing' into 'develop'
Fix CI by temporarily removing federated testing

See merge request pleroma/pleroma!2314
2020-03-31 14:09:27 +03:00
rinpatch
a674094ec6 mix.exs bump version to 2.0.2 2020-03-31 14:02:51 +03:00
rinpatch
78b6549611 CHANGELOG.md: Add 2.0.2 entry 2020-03-31 13:59:26 +03:00
Haelwenn
540dd38a5e Merge branch 'docs/mrf_object_age' into 'develop'
Improve documentation of mrf_object_age

See merge request pleroma/pleroma!2305
2020-03-31 13:42:42 +03:00
rinpatch
0c010c292e Merge branch 'fix/ecto_ssl_option' into 'develop'
Fix ssl option on Ecto config breaking release

See merge request pleroma/pleroma!2307
2020-03-31 13:42:19 +03:00
rinpatch
e99e2a86af Merge branch 'bugfix/profile-bio-newline' into 'develop'
AccountView: fix for other forms of <br> in bio

Closes #1643

See merge request pleroma/pleroma!2322
2020-03-31 13:42:02 +03:00
lain
c4d3ccc7b9 Merge branch 'admin-api-change-password' into 'develop'
Admin API: `PATCH /api/pleroma/admin/users/:nickname/update_credentials`

See merge request pleroma/pleroma!2149
2020-03-31 13:41:47 +03:00
feld
10b7b2b4a4 Merge branch 'fix/activity-deletion' into 'develop'
Fix activity deletion

Closes #1640

See merge request pleroma/pleroma!2328
2020-03-31 13:40:28 +03:00
rinpatch
0e92aa0025 Merge branch '1364-notifications-sending-control' into 'develop'
[#1364] Ability to opt-out of notifications (in all clients)

Closes #1364

See merge request pleroma/pleroma!2301
2020-03-31 13:39:58 +03:00
rinpatch
bb49d8f5a0 Merge branch 'release/2.0.1' into 'stable'
2.0.1 release

See merge request pleroma/pleroma!2298
2020-03-15 21:54:24 +00:00
rinpatch
8d15d6c3ab CHANGELOG.md: Add upgrade notes for 2.0.1 2020-03-16 00:50:03 +03:00
rinpatch
be500f8c88 CHANGELOG.md: Add remaining entries for 2.0.1 2020-03-16 00:18:16 +03:00
rinpatch
e25197788f static-fe tests: fix to work on stable 2020-03-16 00:17:28 +03:00
rinpatch
c46d035f7b rate limiter: disable based on if remote ip was found, not on if the plug was enabled
The current rate limiter disable logic won't trigger when the remote ip
is not forwarded, only when the remoteip plug is not enabled, which is
not the case on most instances since it's enabled by default. This
changes the behavior to warn and disable  when the remote ip was not forwarded,
even if the RemoteIP plug is enabled.

Also closes #1620
2020-03-16 00:15:21 +03:00
rinpatch
9d09755291 rip out fetch_initial_posts
Every time someone tries to use it, it goes mad and tries to scrape the
entire fediverse for no visible reason, it's better to just remove it
than continue shipping it in it's current state.

idea acked by lain and feld on irc

Closes #1595 #1422
2020-03-16 00:15:11 +03:00
rinpatch
fcf51a77ba Merge branch 'features/staticfe-sanitization' into 'develop'
static_fe: Sanitize HTML

Closes #1614

See merge request pleroma/pleroma!2299
2020-03-16 00:14:04 +03:00
rinpatch
8096bfb891 changelog.md: add 2.0.1 entry 2020-03-15 17:26:58 +03:00
Haelwenn (lanodan) Monnier
306d633b40 pleroma_api_controller.ex: Improve conversations error reporting
Related: https://git.pleroma.social/pleroma/pleroma/issues/1594
2020-03-15 17:01:33 +03:00
Mark Felder
aa4407be93 Update AdminFE 2020-03-15 17:01:16 +03:00
rinpatch
0b823755a2 Merge branch 'fix/cache-control-headers' into 'develop'
Fix Cache Control headers on media

See merge request pleroma/pleroma!2295
2020-03-15 17:01:04 +03:00
Haelwenn (lanodan) Monnier
3f54215219 auth_controller.ex: Add admin scope to MastoFE
Related: https://git.pleroma.social/pleroma/pleroma/issues/1265
2020-03-15 17:00:41 +03:00
Haelwenn (lanodan) Monnier
f9c43a4d9d pleroma_api.md: direct_conversation_id vs. conversation_id
Related: https://git.pleroma.social/pleroma/pleroma/issues/1594
2020-03-15 17:00:30 +03:00
Egor Kislitsyn
ffd636f109 Fix hashtags WebSocket streaming 2020-03-15 17:00:18 +03:00
Phil Hagelberg
bd80ff9a6c Fix static FE plug to handle missing Accept header. 2020-03-15 17:00:06 +03:00
Haelwenn (lanodan) Monnier
5f9fbd7d33 Formatting: Do not use \n and prefer <br> instead
It moves bbcode to bbcode_pleroma as the former is owned by kaniini
and transfering ownership wasn't done in a timely manner.

Closes: https://git.pleroma.social/pleroma/pleroma/issues/1374
Closes: https://git.pleroma.social/pleroma/pleroma/issues/1375
2020-03-15 16:59:52 +03:00
rinpatch
80bc8c2cc9 Revert "Set better Cache-Control header for static content"
On furher investigation it seems like all that did was cause unintuitive
behavior. The emoji request flood that was the reason for introducing it
isn't really that big of a deal either, since Plug.Static only needs to
read file modification time and size to determine the ETag.

Closes #1613
2020-03-15 16:59:39 +03:00
rinpatch
2183d8f849 Merge branch 'docs/new_user' into 'develop'
CLI_tasks/user.md: Fix `pleroma.user new` documentation

Closes #1621

See merge request pleroma/pleroma!2286
2020-03-15 16:59:20 +03:00
feld
e7837bc14e Merge branch 'fix/signup-without-email' into 'develop'
Allow account registration without an email

See merge request pleroma/pleroma!2246
2020-03-15 16:58:51 +03:00