Commit graph

5289 commits

Author SHA1 Message Date
mia
cc4a0d3e58 apply patches 2024-04-29 07:55:26 -07:00
Laura Hausmann
febb499fcb
[backend] Compact LD-signed activities against well-known context to defend against spoofing attacks 2024-04-29 16:36:58 +02:00
Laura Hausmann
dcfa69ff9d
[backend/masto-client] Fix user profile html cache not updating 2024-04-27 18:48:03 +02:00
Laura Hausmann
6f3818a8bb
[backend/masto-client] Correctly set meId in FTS query helper 2024-04-24 03:02:24 +02:00
mei23
301c754e95
[backend] Add Cache-Control to Bull Dashboard 2024-04-19 17:11:14 +02:00
Ezeani Emmanuel
3fa791d71f
[backend] Improve custom TypeORM logger with configurable logging options
Co-authored-by: Laura Hausmann <laura@hausmann.dev>
2024-04-11 17:22:45 +02:00
Laura Hausmann
74a3375886
[backend] Add quote_id to mastodon api note responses 2024-04-10 18:21:59 +02:00
Laura Hausmann
5a30581c73
[backend] Fix autofollowedAccount being set to random (possibly non-local) users on update-meta 2024-04-08 20:39:41 +02:00
Laura Hausmann
41cb218aa8
[backend] Set X-Content-Type-Options to nosniff on the drive files endpoint 2024-03-30 13:11:15 +01:00
Laura Hausmann
cf506d3bd9
[backend] Reject anonymous objects in the AP resolver 2024-03-30 13:11:09 +01:00
Laura Hausmann
ac57c58ecf
[backend] Stricter validation of activity identifiers
This resolves a security issue that was disclosed on 2024-03-24 & patched in coordination with other affected software on 2024-03-30.
Huge thanks to Oneric for the detailed security disclosure.
2024-03-30 13:11:03 +01:00
Crimekillz
74df0b3602 Fix bug: Pass reference to Note OBJ when creating notifications for Poll Vote and Poll End so muted threads can be resolved correctly 2024-03-26 16:24:19 +01:00
Lilian
e099582809
[frontend] Align welcome screen reactions to the right
Thanks Yonei!
2024-03-22 22:20:17 +01:00
Laura Hausmann
01fbd1a5c7
[backend] Fix video playback for files hosted from different origins 2024-03-18 15:34:14 +01:00
CookiLover311
ccec3e7e63 [mastodon-client] Add default reaction to /v1/instance 2024-03-01 14:25:41 +01:00
老周部落
3824767cc9 [backend] Fix resolver cannot parse some follows and notes request 2024-02-26 08:49:45 +01:00
naskya
e9ef70e272
fix (backend): check url properly
Co-authored-by: syuilo <Syuilotan@yahoo.co.jp>
2024-02-26 00:11:21 +01:00
Laura Hausmann
e2cff0340f
[backend] When fetching activities, specify the acceptable JSON-LD profile explicitly 2024-02-17 16:11:23 +01:00
Laura Hausmann
099ba9ce65
[backend] Enforce JSON-LD profile when fetching activities 2024-02-17 15:59:24 +01:00
Laura Hausmann
31122636d3
[backend] Fix federation for incoming note edits with an attachment that has no alt text 2024-02-17 04:04:25 +01:00
Laura Hausmann
5f6096c1b7
[backend] Verify object id host matches final URL when fetching remote activities 2024-02-16 18:42:23 +01:00
Laura Hausmann
9fc45f166c
[backend] Verify response content type when fetching remote activities 2024-02-16 18:42:22 +01:00
Laura Hausmann
129cc4408a
[mastodon-client] Register full OAuth scopes as well 2024-02-14 23:56:11 +01:00
Laura Hausmann
3399187302
[mastodon-client] Fix /v2/suggestions endpoint (undocumented API behavior strikes again) 2024-02-14 23:55:50 +01:00
Laura Hausmann
e49d168ecd
[mastodon-client] Add support for quote_id parameter when creating posts (#515) 2024-02-13 16:51:08 +01:00
Laura Hausmann
63fa244ea8
[client] Fix migration page when migrating from/to the same account twice, resolves #514 2024-02-10 15:52:48 +01:00
Laura Hausmann
4b20ab6ad4
[backend] Fix typo in audience.ts isPublic check 2024-02-07 19:56:02 +01:00
Laura Hausmann
1378037384
[backend] Only allow author to see hidden posts 2024-02-04 20:23:42 +01:00
Laura Hausmann
f14c5ed4ef
[backend/frontend] Disable post imports for security reasons 2024-02-04 20:12:51 +01:00
Laura Hausmann
a1460503cf
Make sure unresponsive split domain instances that come back to life don't get stuck isNotResponding 2024-01-30 18:27:06 +01:00
Laura Hausmann
7ed43b76b5
Improve dead instances pruning
This fixes a couple edge cases in which inactive but working instances could be caught by the dead instances filter
2024-01-30 18:00:54 +01:00
Laura Hausmann
0d28b07203
Don't send activities to dead instances
Co-authored-by: Johann150 <johann.galle@protonmail.com>
2024-01-29 21:50:05 +01:00
Laura Hausmann
197002df8a
[backend] Fix emojis with special characters
This is an adaptation of 3968a6ca07 and ada577bde6

Co-authored-by: Johann150 <johann.galle@protonmail.com>
2024-01-04 23:55:00 +01:00
mia
87360eab9c prevent extra colon from showing up 2023-12-21 08:40:45 -08:00
Laura Hausmann
52b0c6c8f8
[backend] Add a new index to the user table for faster notifications queries
This should drastically improve performance of the i/notification endpoint
2023-12-16 17:43:15 +01:00
Laura Hausmann
384fb76a26
[backend] Add a new index to the note table for faster generation of following query heuristics 2023-12-15 23:56:16 +01:00
Tournesol
7aa33f2497 Allow autocompletion of center and small MFM by adding them to the tag list 2023-12-15 15:01:00 +01:00
Laura Hausmann
0cb6f578ad
[backend] Don't join avatar and banner on i/notifications
This was an oversight on the recent database refactor and is no longer required
2023-12-14 20:34:24 +01:00
Laura Hausmann
8a642be6d9
[client] Fix pages and gallery tab navigation
This also adds a much nicer "add new gallery post" button to the gallery page
2023-12-08 15:15:34 +01:00
Pyrox
c5e0dce64d [feat] Upgrade rollup plugins to rollup 4 compatible versions
This updates all rollup plugins to their latest version and ensures that there are no more peer dependency version warnings for rollup.
2023-12-08 13:30:03 +01:00
Pyrox
ee23bd56a3 [feat] Upgrade Rollup to version 4 2023-12-08 13:30:03 +01:00
AntoineÐ
3d2cd873b9 #227 fix apps link 2023-12-04 14:18:08 +01:00
Pyrox
60f7e2cf6a [feat] Remove Twitter Integration 2023-12-04 13:49:36 +01:00
AntoineÐ
042e8c552d enhanced boot.js style 2023-12-04 13:39:46 +01:00
AntoineÐ
d0e995639b fix boot.js color with new branding 2023-12-04 13:39:46 +01:00
Laura Hausmann
4a90408386
[backend] Don't proxy relative URLs
This fixes the instance icon for the local instance not being rendered correctly. Resolves #426
2023-12-04 13:34:36 +01:00
AntoineÐ
1c06b84011 Enhanced switch A11Y
>
>
Co-authored-by: Minybol <aimabol@skiff.com>
2023-12-04 13:17:56 +01:00
Pyrox
70ee2b9258 [iceshrimp-js] Update typescript to 5.1.6
This unifies the typescript version used throughout all packages, which removes 2 packages from the yarn cache and also makes things a bit neater.

We should try to bump this for all packages at the same time in the future.
2023-12-04 13:17:36 +01:00
Laura Hausmann
2e8598acb5
[mastodon-client] Fix /v1/accounts/relationships for clients that don't use the id[] parameter 2023-11-30 16:45:00 +01:00
Laura Hausmann
4794702e6f
[client] isUpdateAvailable should not block UI rendering 2023-11-29 21:21:34 +01:00
Laura Hausmann
cd8809e927
[client] Fix update check 2023-11-29 17:59:47 +01:00
Laura Hausmann
aaed62bde1
[mastodon-client] Fix html cache prewarm not including quote uris 2023-11-28 17:52:28 +01:00
Laura Hausmann
58137c9482
[mastodon-client] Preserve state parameter during OAuth
This fixes login with clients that require the state parameter to be preserved during /oauth/authorize.
2023-11-27 23:31:07 +01:00
Laura Hausmann
89bc799765
[mastodon-client] Fix login with clients that leave a trailing + in the scope parameter 2023-11-27 23:11:54 +01:00
Laura Hausmann
7c5bc06bb8
[backend] Actually utilize packed user cache in notes.packMany 2023-11-27 22:33:06 +01:00
Laura Hausmann
913f1659b3
[backend] Use correct identifier for filteredNoteCache 2023-11-27 22:22:24 +01:00
Laura Hausmann
436fb826ac
[client] Fix copyToClipboard so it no longer copies things with weird formatting
This also switches to a non-deprecated clipboard API
2023-11-27 22:20:14 +01:00
Laura Hausmann
8a7c7cb0c9
[backend] Increase length of database columns containing hostnames 2023-11-27 21:58:26 +01:00
Laura Hausmann
03cdf4ec4a
[mastodon-client] Add basic support for filters
Currently you have to configure these in the web ui, but this will eventually be implemented as well
2023-11-27 21:41:09 +01:00
Laura Hausmann
ef3463e8dc
[backend] Rework note hard mutes
It's been shown that the current approach doesn't scale. This implementation should scale perfectly fine.
2023-11-27 19:43:45 +01:00
Laura Hausmann
2d475cb632
[backend] Fix html cache dbFallback for user profiles 2023-11-27 14:38:16 +01:00
Laura Hausmann
683e01d286
[backend] Improve updateUserProfileData
Now only runs updateMentions once, and correctly triggers prewarmCacheById
2023-11-27 01:37:00 +01:00
Laura Hausmann
58d70d005f
[mastodon-client] Handle html cache misses properly 2023-11-27 01:02:12 +01:00
Laura Hausmann
7ab7edeefd
[mastodon-client] Improve html cache performance 2023-11-27 00:07:24 +01:00
Laura Hausmann
61c532a854
[mastodon-client] Add html cache for user profiles and note contents 2023-11-26 21:41:20 +01:00
Laura Hausmann
6832347b6c
[backend] Set updatedAt on local user update 2023-11-26 21:41:19 +01:00
Laura Hausmann
8890902675 [backend] Fix HTTP signature validation
Co-authored-by: perillamint <perillamint@silicon.moe>
Co-authored-by: yunochi <yuno@yunochi.com>
2023-11-26 20:34:25 +01:00
PrivateGER
b814ebcdfb Add setting for an autofollowed account on signup 2023-11-25 18:50:54 +01:00
AntoineÐ
4f9b5d9f72 fix branding gradient angle 2023-11-25 18:50:19 +01:00
Laura Hausmann
13e93dc461
[backend] [client] Import the proper userland punycode module 2023-11-25 03:58:30 +01:00
Laura Hausmann
9cc900faae
[backend] Use happy-dom in generic mfm-to-html as well 2023-11-25 03:47:44 +01:00
Laura Hausmann
026538f8a1
[backend] Add support for a second config file containing secrets
This is required for some packaging scenarios
2023-11-25 03:08:15 +01:00
Laura Hausmann
5490137f44
[mastodon-client] Fix user profile aggregate when only target is self 2023-11-25 02:12:02 +01:00
Laura Hausmann
f350755721
[mastodon-client] Switch to happy-dom 2023-11-25 02:11:44 +01:00
Laura Hausmann
60a6e08c0b
[mastodon-client] Add note.user joins to all timeline queries 2023-11-25 01:50:49 +01:00
Laura Hausmann
b1d3e1d05f
[mastodon-client] Aggregate applicable fields in NoteConverter and UserConverter 2023-11-25 01:37:23 +01:00
Laura Hausmann
3ccfd0417b
[backend] Improve renote status aggregate query 2023-11-24 21:14:17 +01:00
Laura Hausmann
8a6101059f
[client] Revert pull-to-refresh changes for now 2023-11-24 18:30:05 +01:00
Laura Hausmann
cbedd28724
[client] Upgrade vue and vite to their respective latest versions 2023-11-24 05:08:11 +01:00
Laura Hausmann
706ff84d8d
[client] Reset lastFetchScrollTop on MkPagination reload 2023-11-24 04:31:27 +01:00
Laura Hausmann
55f5966343
[client] Add custom pull-to-refresh component to MkPagination 2023-11-24 04:08:19 +01:00
Laura Hausmann
7aa3bdb641
[backend] Use more efficient home timeline heuristics query 2023-11-24 04:08:10 +01:00
Laura Hausmann
d408bdd6aa
[client] Further adjust timeline prefetch parameters 2023-11-24 00:33:34 +01:00
Laura Hausmann
dc7d06ff74
[client] Remove debug logging 2023-11-24 00:20:56 +01:00
Laura Hausmann
c742729796
[client] Adjust timeline prefetch parameters 2023-11-24 00:20:07 +01:00
Laura Hausmann
8ed1bda017
[backend] Don't emit followRequestAccepted if followee is not locked
Resolves #395
2023-11-23 22:22:05 +01:00
Laura Hausmann
e5276e2765
[backend] Add environment variables to configure config file location, files directory and custom assets directory 2023-11-23 20:31:08 +01:00
Laura Hausmann
f9f7553ecd
[client] Improve prefetchMore debounce 2023-11-23 19:35:50 +01:00
Laura Hausmann
248bf22b94
[client] Use defaultStore instead of $store, debounce fetches 2023-11-23 19:08:37 +01:00
Laura Hausmann
9a34c38d0b
[client] Fix smart timeline fetching 2023-11-23 18:36:07 +01:00
Laura Hausmann
151e7499c3
[client] Smarter timeline fetching 2023-11-23 18:18:05 +01:00
Laura Hausmann
c347eca737
[client] Remove url card animation 2023-11-23 17:17:29 +01:00
Laura Hausmann
789fd97512
[client] Allow async+lazy rendering of all images in timeline views 2023-11-23 17:16:52 +01:00
Laura Hausmann
3cb46cd6fc
[backend] Update re2 dependency
re2 was updated to include https://github.com/uhop/node-re2/pull/198 which fixes build on nixOS
2023-11-23 14:59:49 +01:00
Laura Hausmann
b4214d257f
[client] Disable overscroll for root element 2023-11-23 01:16:02 +01:00
Laura Hausmann
5132411e76
[client] Provide option to use vue devtools despite NODE_ENV=production
In theory we wouldn't need this but since the UI is completely unresponsive if NODE_ENV is set to development, this provides partial frontend debugging support until that issue is fixed.
2023-11-22 23:18:40 +01:00
Laura Hausmann
fd6ee32832
[backend] Don't fetch more notes than requested 2023-11-22 20:25:47 +01:00
Laura Hausmann
735fd37707
[backend] Only pack each user once per request 2023-11-22 20:25:47 +01:00
Laura Hausmann
4e6e22633e
[backend] Rework media proxying for better performance 2023-11-22 19:23:51 +01:00
Laura Hausmann
c00e28712e
[backend] Revert postgres geqo threshold and collapse limits to defaults
This is no longer required due to the refactored user table requiring significantly less table joins in more complex queries
2023-11-22 18:59:38 +01:00