FloatingGhost
16d2bfef80
Ensure embeds will not be served if unauthenticated users could not see it
2023-07-17 18:24:53 +01:00
FloatingGhost
c8904f15a2
Correct behaviour of mediaproxy blocklist
2023-07-17 18:17:04 +01:00
FloatingGhost
8fe29bf5d2
Exclude deactivated users from emoji reaction lists
2023-07-17 17:53:03 +01:00
floatingghost
452f9e14fb
Merge pull request 'docs: Update Pleroma references to Akkoma in optional packages guide' ( #550 ) from norm/akkoma:docs/media_graphics_packages into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/550
2023-07-17 16:47:32 +00:00
floatingghost
5fa1cfc513
Merge pull request 'docs: Add Kaiteki to list of clients' ( #548 ) from norm/akkoma:add-kaiteki into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/548
2023-07-17 16:32:38 +00:00
floatingghost
2aac70d690
Merge pull request 'Add config for media subdomain for Caddy' ( #555 ) from norm/akkoma:media-subdomain-caddyfile into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/555
2023-07-17 16:30:42 +00:00
floatingghost
3fa65a5c53
Merge pull request 'docs: Update Pleroma-FE references to Akkoma-FE' ( #551 ) from norm/akkoma:docs/akkoma-fe into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/551
2023-07-17 16:28:41 +00:00
floatingghost
210df6fe92
Merge pull request 'Fix the /embed endpoint' ( #540 ) from mikihau/akkoma:develop into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/540
2023-07-15 20:48:30 +00:00
Norm
8c956bc671
Add OnlyMedia upload filter change to changelog
2023-06-28 01:56:34 +01:00
Mark Felder
5144d6f4ba
Add OnlyMedia Upload Filter to simplify restricting uploads to audio, image, and video types
...
Original: https://git.pleroma.social/pleroma/pleroma/-/merge_requests/3897
2023-06-28 01:56:14 +01:00
floatingghost
3e4a279a1b
Merge pull request 'Implement blocklists for MediaProxy' ( #574 ) from XxXCertifiedForkliftDriverXxX/akkoma:feature/mediaproxy-blocklist into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/574
2023-06-28 00:54:25 +00:00
floatingghost
fc87baf1cf
Merge pull request 'Use OS CA store for Mint HTTP connections' ( #573 ) from XxXCertifiedForkliftDriverXxX/akkoma:fix/use-os-certs into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/573
2023-06-28 00:52:26 +00:00
XxXCertifiedForkliftDriverXxX
767e1272b3
Use OS CA store for Mint HTTP connections
2023-06-26 15:50:49 +02:00
XxXCertifiedForkliftDriverXxX
07b478dc49
Implement blocklists for MediaProxy
2023-06-26 15:18:31 +02:00
floatingghost
67cae52b08
Merge pull request 'Add asdf install guide for debian/ubuntu' ( #559 ) from norm/akkoma:asdf into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/559
2023-06-26 12:58:01 +00:00
floatingghost
4db42f5ab5
Merge pull request 'Adapt some migrations so they can be rolled back' ( #565 ) from ilja/akkoma:fix_some_migrations_for_rollback into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/565
2023-06-26 12:52:22 +00:00
floatingghost
145191ef26
Merge pull request 'Update docker compose commands to Compose V2' ( #570 ) from norm/akkoma:docker-compose into develop
...
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/570
2023-06-26 12:37:38 +00:00
Norm
6674b33d75
update docs with new docker compose commands
2023-06-18 01:44:25 -04:00
Norm
2dfce40117
Update docker compose commands to Compose V2
...
This just replaces all instances of `docker-compose` with `docker
compose` in the docker scripts.
The old Compose V1 program is unsupported since 2021:
https://docs.docker.com/compose/migrate/#will-i-still-be-able-to-use-compose-v1-if-i-really-want-to
2023-06-18 01:37:40 -04:00
tusooa
c0a01e73cf
Enforce unauth restrictions for public streaming endpoints
2023-06-14 22:45:19 +00:00
tusooa
fee6e2aac4
Fix deleting banned users' statuses
2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
8669a0abcb
UploadedMedia: Increase readability via ~s sigil
2023-06-14 22:45:19 +00:00
Haelwenn (lanodan) Monnier
37b0d774fa
UploadedMedia: Add missing disposition_type to Content-Disposition
...
Set it to `inline` because the vast majority of what's sent is multimedia
content while `attachment` would have the side-effect of triggering a
download dialog.
Closes: https://git.pleroma.social/pleroma/pleroma/-/issues/3114
2023-06-14 22:45:19 +00:00
tusooa
1def80c2e7
Fix existing tests
2023-06-14 22:45:19 +00:00
tusooa
3095251e6c
Dedupe poll options
2023-06-14 22:45:19 +00:00
tusooa
79a18f761b
Allow with_relationships param for blocks
2023-06-14 22:45:19 +00:00
kPherox
8fb235e71b
fix: append field values to bio before parsing
2023-06-14 19:44:07 +00:00
kPherox
d6271e7613
feat: build rel me tags with profile fields
2023-06-14 19:44:07 +00:00
Alexander Tumin
5adce547d0
Require related object for notifications to filter on content
2023-06-14 19:41:48 +00:00
tusooa
05e80d1879
Fix block_from_stranger setting
2023-06-14 19:41:44 +00:00
tusooa
1268dbc562
Fix type of admin_account.is_confirmed
2023-06-14 19:38:22 +00:00
tusooa
651979217a
Fix failure when registering a user with no email when approval required
2023-06-14 19:33:58 +00:00
Mark Felder
997551bac9
Fix TwitterCard meta tags
...
TwitterCard meta tags are supposed to use the attributes "name" and "content".
OpenGraph tags use the attributes "property" and "content".
Twitter itself is smart enough to detect broken meta tags and discover the TwitterCard
using "property" and "content", but other platforms that only implement parsing of TwitterCards
and not OpenGraph may fail to correctly detect the tags as they're under the wrong attributes.
> "Open Graph protocol also specifies the use of property and content attributes for markup while
> Twitter cards use name and content. Twitter’s parser will fall back to using property and content,
> so there is no need to modify existing Open Graph protocol markup if it already exists." [0]
[0] https://developer.twitter.com/en/docs/twitter-for-websites/cards/guides/getting-started
2023-06-14 19:30:19 +00:00
Tusooa Zhu
2a290cb331
Lint
2023-06-14 17:20:55 +00:00
Tusooa Zhu
dfd6c96808
Fix SideEffectsTest
2023-06-14 17:20:55 +00:00
Tusooa Zhu
7b9cc9a9b0
Exclude Announce instead of restricting to Create in visibility_tags
2023-06-14 17:20:55 +00:00
Tusooa Zhu
fd38756e92
Do not stream out Announces to public timelines
2023-06-14 17:20:55 +00:00
Tusooa Zhu
5ef7c15d92
Make local-only posts stream in local timeline
2023-06-14 17:18:26 +00:00
Hélène
3227ebf1e1
CommonFixes: more predictable context generation
...
`context` fields for objects and activities can now be generated based
on the object/activity `inReplyTo` field or its ActivityPub ID, as a
fallback method in cases where `context` fields are missing for incoming
activities and objects.
2023-06-14 16:22:26 +00:00
Francis Dinh
5e3ca133f2
reword to not mention specific elixir version
2023-06-11 08:46:56 -04:00
ilja
3a13f91fff
Adapt some migrations so they can be rolled back
...
This is useful for people who want to migrate back to Pleroma.
It's also added in the docs, but also noted that this is barely tested and to be used at their own risk.
2023-06-09 22:02:26 +02:00
Miki Hau
593ddbd796
fix the /embed endpoint
2023-05-31 23:42:08 +00:00
lain
1ae89bddcd
Merge branch 'feature/embeddable-posts' into 'develop'
...
Add embeddable posts
Closes #1288
See merge request pleroma/pleroma!2319
2023-05-31 23:40:16 +00:00
Francis Dinh
5fe41df8aa
docs: Add Kaiteki to list of clients
2023-05-31 18:19:06 -04:00
Francis Dinh
5ce38591e5
fix typo
2023-05-31 09:03:25 -04:00
Francis Dinh
2482d96782
remove one more java dep
2023-05-31 08:59:03 -04:00
Francis Dinh
f68b047bf7
remove java and gui dependencies
2023-05-31 08:46:05 -04:00
Francis Dinh
48a0145736
add command to restart shell
2023-05-30 21:21:44 -04:00
Francis Dinh
d956dc2f09
Add asdf install guide for debian/ubuntu
...
Closes #557
2023-05-30 21:17:26 -04:00
Francis Dinh
40627a94d4
Add config for media subdomain for Caddy
...
A recent group of vulnerabilities have been found in Pleroma (and
inherited by Akkoma) that involve media files either uploaded by local
users or proxied from remote instances (if media proxy is enabled).
It is recommended that media files are served on a separate subdomain
in order to mitigate this class of vulnerabilities.
Based on https://meta.akkoma.dev/t/another-vector-for-the-injection-vulnerability-found/483/2
2023-05-29 14:04:00 -04:00