Commit graph

8269 commits

Author SHA1 Message Date
Hugh Rundle
632e3844b9 Don't assume user id is key id minus fragment
Fixes #2801
Related to #2794

It is legitimate to use any url for the user's key id. We have been assuming this id is the user id plus a fragment (#key-id) but this is not always the case, notably in the case of GoToSocial it is at /key-id. This commit instead checks the remote user's information to see if the key id listed matches the key id of the message allegedly received from them.

Whilst troubleshooting this it also became apparent that there is a mismatch between Bookwyrm users' keyId and the KeyId we claim to be using in signed requests (there is a forward slash missing). Since everything after the slash is a fragment, this usually slips through but we should be consistent so I updated that.
2023-04-10 17:32:49 +10:00
Wesley Aptekar-Cassels
912d0a0149 Fix Accept header for requesting ActivityPub objects
This is the header described in the ActivityPub spec, which should fix
some federation problems with GoToSocial and potentially other picky
services.

Related: #2794, superseriousbusiness/gotosocial#1676
2023-04-07 05:57:13 -04:00
Mouse Reeve
4b1012b185
Merge pull request #2788 from WesleyAC/fix-bw-dev-down-help-text
Fix help text for `bw-dev down`
2023-04-06 06:09:23 -07:00
Wesley Aptekar-Cassels
29ac34cb92 Fix help text for bw-dev down 2023-04-06 05:57:21 -04:00
Jascha Ezra Urbach
e909cbfd4a
Merge pull request #2774 from fwalloe/fwalloe-patch-1 2023-04-04 18:38:56 +02:00
Fredrik Walløe
ac17876cb6
Merge branch 'main' into fwalloe-patch-1 2023-04-04 12:15:52 +02:00
Fredrik Walløe
0495da07a4
Update bw-dev
Added 'down' to list of of commands
2023-04-04 12:08:39 +02:00
Mouse Reeve
6e427cf372 Update version number 2023-04-03 21:31:41 -07:00
Fredrik Walløe
b1962ef75d
Added command 'down', to bring down containers
Added the command 'down', which can be used to bring down the docker containers. Equivalent to running 'docker-compose down'
2023-04-01 11:23:27 +02:00
Jascha Ezra Urbach
d35b1d91ba
Merge pull request #2766 from bookwyrm-social/redirect-in-admin
Uses referer redirect for some admin views
2023-04-01 11:06:42 +02:00
Hugh Rundle
499ff58a65
Merge pull request #2698 from rkmdCodes/main
Improving Feed link UI colours
2023-04-01 14:27:04 +11:00
Jascha Ezra Urbach
a68f58e48c
Merge pull request #2773 from bookwyrm-social/dependabot/pip/redis-4.5.4
Bump redis from 4.5.3 to 4.5.4
2023-03-31 16:42:12 +02:00
dependabot[bot]
282f41bdb8
Bump redis from 4.5.3 to 4.5.4
Bumps [redis](https://github.com/redis/redis-py) from 4.5.3 to 4.5.4.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/v4.5.3...v4.5.4)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-31 14:28:59 +00:00
Mouse Reeve
74df7511e7
Merge pull request #2768 from bookwyrm-social/grammar
Fixes effect/affect error
2023-03-29 18:46:14 -07:00
Mouse Reeve
b5d6c94885
Merge pull request #2767 from bookwyrm-social/link-mention-clash
Clashes between links and mentions
2023-03-29 17:06:11 -07:00
Mouse Reeve
b76da26c98 Fixes iteration over mentions dict 2023-03-29 10:13:44 -07:00
Mouse Reeve
f1640399e3 Python formatting 2023-03-29 10:13:44 -07:00
Mouse Reeve
f2ab8c2fe2 Fixes effect/affect error 2023-03-29 10:04:23 -07:00
Mouse Reeve
8cf7c5c392
Merge pull request #2750 from WesleyAC/get-audience-telemetry
Add more detailed telemetry for get_audience
2023-03-29 09:29:05 -07:00
Mouse Reeve
5ed46abcee
Merge branch 'main' into link-mention-clash 2023-03-29 09:25:34 -07:00
Mouse Reeve
935f8b0197
Merge pull request #2763 from bookwyrm-social/esperanto
Adds Esperanto locale
2023-03-29 09:24:32 -07:00
Mouse Reeve
fe856bcf2c Updates regex on mentions and hashtags 2023-03-29 09:20:58 -07:00
Mouse Reeve
4fcb01805e Fixes test comparison string 2023-03-29 09:14:30 -07:00
Mouse Reeve
8a0e88db83 Adds test for links with # symbols 2023-03-29 08:39:41 -07:00
Mouse Reeve
42dd199084 Unit test that identifies clashes between links and mentions 2023-03-29 08:28:45 -07:00
Mouse Reeve
1d383cecff Compiles locales 2023-03-29 07:59:42 -07:00
Rajat Dwivedi
38e3f2e1b8
Merge branch 'main' into main 2023-03-29 16:37:57 +05:30
Rajat Dwivedi
33c13608a8 Refixing light and dark themes 2023-03-29 10:56:08 +00:00
Mouse Reeve
56cc0eb80f Adds Esperanto locale 2023-03-28 15:03:40 -07:00
Mouse Reeve
ab1f08b39d
Merge pull request #2761 from bookwyrm-social/dependabot/pip/redis-4.5.3
Bump redis from 3.4.1 to 4.5.3
2023-03-27 18:58:40 -07:00
dependabot[bot]
e9526ecaea
Bump redis from 3.4.1 to 4.5.3
Bumps [redis](https://github.com/redis/redis-py) from 3.4.1 to 4.5.3.
- [Release notes](https://github.com/redis/redis-py/releases)
- [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES)
- [Commits](https://github.com/redis/redis-py/compare/3.4.1...v4.5.3)

---
updated-dependencies:
- dependency-name: redis
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-27 21:57:11 +00:00
Mouse Reeve
b2801d44a5
Merge pull request #2752 from lostfictions/patch-1
Add message about shelf privacy in user settings
2023-03-27 06:21:33 -07:00
Mouse Reeve
30a3096b25
Merge pull request #2749 from bookwyrm-social/redirects
Add helper to refer views back to http referers safely
2023-03-27 06:20:26 -07:00
Jascha Ezra Urbach
bbed08e182
Merge branch 'main' into main 2023-03-21 05:49:52 +01:00
s
a70417a07f
Add message about shelf privacy in user settings 2023-03-20 22:10:50 -04:00
Wesley Aptekar-Cassels
7efbdb1865 Add more detailed telemetry for get_audience
This is still slow in some cases, despite #2723, so this information
should give useful data about how it could be optimized more.

This also adds some abstraction around getting the tracer, just to
follow the advice in the OpenTelemetry documentation not to use __name__
directly to set the tracer name. The advice is ignored in most of their
examples, so it probably doesn't matter, but IDK, seems reasonable to
try to follow it.

Related: #2720
2023-03-20 20:51:20 -04:00
Wesley Aptekar-Cassels
ef64fedbd9 Only enable OTLP exporter when configured
This wasn't a problem in the past, since we only enabled automatic
instrumentation when this was set up, but it does cause errors when
trying to add manual instrumentation.
2023-03-20 20:51:20 -04:00
Mouse Reeve
e9d08e7424
Merge pull request #2744 from WesleyAC/opentelemetry-console-exporter
Add OpenTelemetry console exporter option
2023-03-20 14:26:24 -07:00
Mouse Reeve
89bb541bef
Merge pull request #2704 from tebriel/azure-support
Enable Azure BlobStorage as an alternative to AWS S3
2023-03-20 14:12:57 -07:00
Mouse Reeve
6f1e80be60
Merge pull request #2741 from WesleyAC/optimize-csv-export-query
Optimize CSV export query
2023-03-20 14:11:46 -07:00
Mouse Reeve
018cadf0cc
Merge pull request #2746 from WesleyAC/env-var-improvements
Env var improvements
2023-03-20 14:04:11 -07:00
Mouse Reeve
05e154f93e Uses referer redirect for some admin views 2023-03-20 13:58:20 -07:00
Mouse Reeve
0cebc4388c Adds unit tests for referer helper 2023-03-20 12:47:21 -07:00
Mouse Reeve
219f78755f Fixes args in list view redirect 2023-03-20 11:15:27 -07:00
Mouse Reeve
4e9fad2091 Updates views that currently use the validator to use the redirect
helper
2023-03-20 10:27:52 -07:00
Mouse Reeve
2de115fc1e Add helper to refer views back to http referers safely
In most cases, we want to return back to where we came from after
performing an action. It's not safe to return to an arbitrary referer,
so this streamlines using the util validator to verify the redirect and
fall back on regular redirect params if the referer is outside our
domain.
2023-03-20 10:25:38 -07:00
Rajat Dwivedi
349c61f698 Updated the _tabs.scss file 2023-03-20 04:11:44 +00:00
Wesley Aptekar-Cassels
63ab3abe67 Add setting for OpenTelemetry console exporter
This is primarily useful for debugging changes to the OpenTelemetry
setup.
2023-03-18 15:47:30 -04:00
Wesley Aptekar-Cassels
fea3b67a55 Raise error if using default SECRET_KEY in production 2023-03-18 15:44:20 -04:00
Wesley Aptekar-Cassels
5bb5d120f0 Set default FLOWER_PORT 2023-03-18 15:35:41 -04:00