Commit graph

8498 commits

Author SHA1 Message Date
Mouse Reeve
fad8e8bdb8
Merge pull request #2687 from chdorner/configurable-csp
Add config variable for additional CSP hosts
2023-02-22 08:57:56 -08:00
Mouse Reeve
d57ebe43af
Merge pull request #2688 from 0x29a/fix-discovery-page
fix: missing expand variable
2023-02-22 08:53:36 -08:00
Mouse Reeve
0a07607240 Improves discover page test so it catches errors
Without `select_subclasses` in the mock, it wasn't actually collecting
any statuses to display, so errors on that view weren't caught in this
test.
2023-02-22 08:43:13 -08:00
0x29a
9b94c1c288 fix: missing expand variable 2023-02-22 17:25:11 +01:00
Mouse Reeve
d2e590a3c2
Merge pull request #2685 from bookwyrm-social/broadcast-queue
Use a separate queue for broadcasts
2023-02-22 08:20:33 -08:00
Christof Dorner
3814cb5b58 Add config variable for additional CSP hosts 2023-02-21 22:02:52 +01:00
Christof Dorner
5df0ead776
Merge pull request #1753 from nycterent/security/key-size
increasing rsa key size
2023-02-20 22:37:02 +01:00
Mouse Reeve
b167364c5c Use a separate queue for broadcasts
I think this will go a long way to solve the federation delay problems
we're seeing on b.s. I'm not sure at what point adding more queues will
create more problems than it solves, but I do think in this case the
queues are out of balance and moving broadcasts (which are the most
common type of `medium_priority` task at the moment) to their own queue
will be an improvement.
2023-02-20 12:58:41 -08:00
Martynas Sklizmantas
2093c4760b increasing rsa key size 2023-02-20 21:51:50 +01:00
Mouse Reeve
216be2aeea Fixes pylint complaints
"fixes" as in silences, sorry
2023-02-20 12:24:53 -08:00
Mouse Reeve
12ed0f46f3 Fixes mocks for tests 2023-02-20 12:23:18 -08:00
Mouse Reeve
0211dee0ff Avoid unnecessary errors when a remote re-sends an Accept 2023-02-20 11:09:42 -08:00
Mouse Reeve
779d2b0694 Attempt to complete inbox requests synchronously
When an inbox activity comes in from another fediverse instance, the
behavior prior to this commit was always to immediately give a 200
response to the external server and then create a celery activity
(usually in the MEDIUM_PRIORITY queue) to complete it.

Instead, this would receive a request and try to complete it without
making any http requests (which would make the request take too long to
process). If an external request is required to complete the activity, a
task is created and added to the queue.

Ideally, this will cause some tasks to happen very promptly, and reduce
the load on celery, which would help queued tasks happen more quickly as
well.

One downside is that this will make completing http requests from
external servers slowing (since it's doing a bunch of thinking before
responding).
2023-02-20 11:05:18 -08:00
Mouse Reeve
db207065ce Update version number 2023-02-20 09:15:38 -08:00
Christof Dorner
4b3849e4e0
Merge pull request #2681 from chdorner/fix/sitesettings-ondelete 2023-02-18 20:24:41 +01:00
Christof Dorner
dc5b797796 Fix SiteSettings.default_user_auth_group FK on_delete value
The migration uses `RESTRICT` instead of `PROTECT`, which is both more
correct, but also those values need to be identical, otherwise Django
thinks that there's a migration missing and will refuse to apply any
new migrations.
2023-02-18 19:33:25 +01:00
Chris Young
d123cc6b0c Add default values if not in .env 2023-02-17 11:36:21 +00:00
Chris Young
9460553086 Read TOTP variables from .env 2023-02-17 09:40:31 +00:00
Hugh Rundle
702c79496b
Merge pull request #2652 from chdorner/fix/status-get-no-trim
Always expand content status on single status view
2023-02-17 15:18:05 +11:00
Christof Dorner
a5892fa531
Merge pull request #2667 from bookwyrm-social/dependabot/pip/django-3.2.18
chore(deps): bump django from 3.2.17 to 3.2.18
2023-02-16 10:25:58 +01:00
dependabot[bot]
173d7ba9bf
chore(deps): bump django from 3.2.17 to 3.2.18
Bumps [django](https://github.com/django/django) from 3.2.17 to 3.2.18.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.17...3.2.18)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-15 19:45:09 +00:00
Chris Young
867b2ff542 Specify TOTP validity window in settings.py 2023-02-13 15:17:54 +00:00
Mouse Reeve
2c2daf5fdf
Merge pull request #2644 from rrgeorge/rrgeorge/csp
Add Content-Security-Policy headers and secure cookies
2023-02-10 16:37:39 -08:00
Mouse Reeve
cc9e94261c
Merge pull request #2637 from MeecoLabs/mobile/dropdown-larger-size
UI: larger dropdown size for mobile devices
2023-02-10 15:57:03 -08:00
Chris Young
5bae00b3fe Expand TOTP validity window 2023-02-09 12:49:05 +00:00
Hugh Rundle
e88f1f0b8c
Merge pull request #2616 from MeecoLabs/book-series-v1
Book Series v1: a very simple version to link to book series by name\

Resolves #644
2023-02-08 21:14:51 +11:00
Dustin Steiner
d1f85e4317 fix: books can have non-decimal series numbers 2023-02-07 12:05:20 +00:00
Dustin
b20b52af7f
Merge branch 'main' into book-series-v1 2023-02-07 11:57:39 +00:00
Giebisch
21575fbf3f Unused variable fix 2023-02-06 14:09:53 +01:00
Giebisch
248eab22ed Merge branch 'main' into page-range 2023-02-06 14:02:05 +01:00
Giebisch
f65e0b7632 Add Quotation endposition test 2023-02-06 14:00:04 +01:00
Christof Dorner
6af1be28f3 Always expand content status on single status view
On the feed view along with other statuses, the body will be trimmed,
but on the single view, there's no need to trim it. This preserves the
logic for spoiler alerts.
2023-02-04 12:52:09 +01:00
Mouse Reeve
d94b9f9e30
Merge pull request #2648 from bookwyrm-social/dependabot/pip/django-3.2.17
Bump django from 3.2.16 to 3.2.17
2023-02-03 15:02:51 -08:00
dependabot[bot]
b43f1eab38
Bump django from 3.2.16 to 3.2.17
Bumps [django](https://github.com/django/django) from 3.2.16 to 3.2.17.
- [Release notes](https://github.com/django/django/releases)
- [Commits](https://github.com/django/django/compare/3.2.16...3.2.17)

---
updated-dependencies:
- dependency-name: django
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-02-03 22:18:41 +00:00
Robert George
b82231202c lint 2023-02-03 12:03:52 -08:00
Robert George
297738dbb1 Merge branch 'rrgeorge/csp' of github.com:rrgeorge/bookwyrm into rrgeorge/csp 2023-02-03 11:53:52 -08:00
Robert George
afe651cd6d Added img-src * csp exception to search 2023-02-03 11:53:41 -08:00
Christof Dorner
f9a916db09
Merge pull request #2639 from bookwyrm-social/celery-ping
Celery ping
2023-02-03 09:40:25 +01:00
Mouse Reeve
fd59fea94e
Update bookwyrm/views/admin/celery_status.py
Co-authored-by: Christof Dorner <christof@chdorner.com>
2023-02-02 16:46:36 -08:00
Mouse Reeve
739c384715
Merge branch 'main' into rrgeorge/csp 2023-02-02 16:41:18 -08:00
Mouse Reeve
213984cd78
Merge pull request #2645 from chdorner/dev/black-versions
Pin black versions
2023-02-02 16:33:38 -08:00
Christof Dorner
5887a3e246
Merge pull request #2646 from 0x29a/improve-search
Improve search results
2023-02-02 22:11:12 +01:00
0x29a
22eeee7368 Urlencode search query 2023-02-02 21:02:57 +01:00
Christof Dorner
60a0075bf4 Pin Github Actions black to 22.12.0 2023-02-02 12:36:46 +01:00
Christof Dorner
aecd4d2a4f Upgrade development black to 22.12.0 2023-02-02 12:36:34 +01:00
Robert George
6b97702cc4 Fix long line 2023-02-01 13:19:57 -08:00
Robert George
36605efd20 Added support for secure cookies and django-csp 2023-02-01 12:59:10 -08:00
Dustin Steiner
610a4e8a66
chore: run styling 2023-01-31 18:44:09 +00:00
Dustin Steiner
96097f3b58
chore: use bulma override for mobile dropdown instead of classes 2023-01-31 18:33:44 +00:00
Dustin Steiner
90f996ac90
chore: multi line comment for linter 2023-01-31 10:16:44 +00:00