Commit graph

1564 commits

Author SHA1 Message Date
tobi
138cbe4d60
[feature] Ratelimit + serve emoji images on separate router group (#2548)
* [feature] Serve + rate limit emoji files separately from attachments

* add a wee little warning about uploading loads of emojis
2024-01-22 15:17:04 +00:00
tobi
d9729e7d28
[bugfix] Don't return Internal Server Error when searching for URIs that don't return AP JSON (#2550)
* [bugfix] Don't return Internal Server Error when searching for URIs that don't return AP JSON

* don't pass map pointer
2024-01-22 14:38:45 +00:00
dependabot[bot]
b3ba1516a7
[chore]: Bump codeberg.org/gruf/go-mutexes from 1.3.1 to 1.4.0 (#2562)
Bumps codeberg.org/gruf/go-mutexes from 1.3.1 to 1.4.0.

---
updated-dependencies:
- dependency-name: codeberg.org/gruf/go-mutexes
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 14:33:51 +00:00
tobi
9d80f7fd68
[feature] Allow "charset=utf8" in incoming AP POST requests (#2564)
* [feature] Allow "charset=utf8" in incoming AP POST requests

* changed my mind

* document POSTing to a GtS inbox

* correct link
2024-01-22 14:33:01 +00:00
tobi
60d7060895
[docs] use latest cavage link for http signatures (#2565) 2024-01-22 15:29:01 +01:00
mirabilos
7c67021017
[docs] Add a few things to the FAQ. (#2557) 2024-01-22 13:37:34 +01:00
dependabot[bot]
605b2fde91
[chore]: Bump github.com/abema/go-mp4 from 1.1.1 to 1.2.0 (#2559) 2024-01-22 09:42:41 +00:00
dependabot[bot]
a858831387
[chore]: Bump github.com/KimMachineGun/automemlimit from 0.4.0 to 0.5.0 (#2560) 2024-01-22 09:35:23 +00:00
tobi
4e0488acfe
[bugfix] fix array type for also_known_as_uris (#2553) 2024-01-21 16:34:38 +01:00
tobi
bc51ec7d1b
[bugfix/frontend] Break word on profile field names and values (#2551) 2024-01-21 12:21:37 +01:00
Daenney
7f6b37ea4d
[docs] Updates for DB, swap and HTTP/2 on nginx (#2547)
* [docs] Add warning about DBs on network storage

* [docs] Mention tuning swappiness on Linux

* [docs] Mention enabling HTTP/2 on nginx
2024-01-21 11:35:52 +01:00
Daenney
74380ae8a1
[chore] Downgrade OTEL libraries to 1.20 (#2546)
For some reason httpconv seems to have disappeared from 1.21, which
results in a 1.21 runtime with 1.20 semconv/httpconv which seems to
break some things.

For now, this rolls the OTEL dependencies back to 1.20 which should fix
the observability issues. We'll need to take a look at how to upgrade
safely and correctly in the future.

Relates to #2503.
2024-01-21 11:34:12 +01:00
tobi
b2cacd6b01
[bugfix] Prevent URL + URI for same account being used as alias target (#2545)
* [bugfix] Ensure URL and URI for same account can't both be provided as alias

* test whoopsie from previous PR
2024-01-20 12:45:43 +01:00
tobi
33dbd3ab7a
[bugfix] Ensure domain block side effects skipped if allow in place (blocklist mode) (#2542) 2024-01-19 13:13:24 +00:00
tobi
5ca86b1c57
[chore] Harden up boolptr logic on Accounts, warn if not set (#2544) 2024-01-19 13:02:04 +00:00
kim
7ec1e1332e
[performance] overhaul struct (+ result) caching library for simplicity, performance and multiple-result lookups (#2535)
* rewrite cache library as codeberg.org/gruf/go-structr, implement in gotosocial

* use actual go-structr release version (not just commit hash)

* revert go toolchain changes (damn you go for auto changing this)

* fix go mod woes

* ensure %w is used in calls to errs.Appendf()

* fix error checking

* fix possible panic

* remove unnecessary start/stop functions, move to main Cache{} struct, add note regarding which caches require start/stop

* fix copy-paste artifact... 😇

* fix all comment copy-paste artifacts

* remove dropID() function, now we can just use slices.DeleteFunc()

* use util.Deduplicate() instead of collate(), move collate to util

* move orderByIDs() to util package and "generify"

* add a util.DeleteIf() function, use this to delete entries on failed population

* use slices.DeleteFunc() instead of util.DeleteIf() (i had the logic mixed up in my head somehow lol)

* add note about how collate differs from deduplicate
2024-01-19 12:57:29 +00:00
kim
67e11a1a61
[chore] chore rationalise http return codes for activitypub handlers (#2540)
* some small code fixups and changes

* add check in ResolveIncomingActivity for transient activity types (i.e. activity ID is nil)

* update test to handle new transient behaviour
2024-01-18 17:11:13 +01:00
kim
906639ad7e
[chore] update viper version (#2539)
* update viper version

* removes our last uses of the slice package

* fix tests
2024-01-17 14:54:30 +00:00
tobi
c5eced5fd1
[bugfix] Better Postgres search case insensitivity (#2526)
* [bugfix] Better Postgres search case insensitivity

* use ilike for postgres
2024-01-16 18:50:17 +01:00
tobi
486585890d
[feature] Move + alias account via settings panel (#2519)
* [feature] Move + alias account via settings panel

* lint

* type a bit more diligently
2024-01-16 18:28:56 +01:00
tobi
c36f9ac37b
[feature] Account alias / move API + db models (#2518)
* [feature] Account alias / move API + db models

* go fmt

* fix little cherry-pick issues

* update error checking, formatting

* add and use new util functions to simplify alias logic
2024-01-16 16:22:44 +00:00
tobi
ebf550b7c1
[chore] Move to codeberg's exif-terminator (#2536) 2024-01-15 20:54:32 +00:00
tobi
07aee57af2
[bugfix] Replace named unique constraint on header filter header with generic unique directive (#2525)
* [bugfix] Replace named unique constraint on header filter header with generic unique directive

* add migration retry

* the old fixie uppie

* fix constraint name

* my goodness
2024-01-15 15:39:10 +00:00
tobi
02668756a7
[docs] Update roadmap for 2024 onwards (#2521) 2024-01-15 14:17:17 +00:00
dependabot[bot]
d6eb7caae7
[chore]: Bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 (#2531) 2024-01-15 13:31:30 +00:00
tobi
6433a50582
[chore] update bun + extras v1.1.16 -> v1.1.17 (#2534) 2024-01-15 14:08:07 +01:00
dependabot[bot]
a43ce99da9
[chore]: Bump github.com/tdewolff/minify/v2 from 2.20.12 to 2.20.14 (#2530)
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.20.12 to 2.20.14.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.20.12...v2.20.14)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-15 14:02:40 +01:00
dependabot[bot]
637a57f2de
[chore]: Bump github.com/jackc/pgx/v5 from 5.5.1 to 5.5.2 (#2532)
Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.5.1 to 5.5.2.
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v5.5.1...v5.5.2)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-15 14:02:02 +01:00
dependabot[bot]
b70ec68499
[chore]: Bump golang.org/x/net from 0.19.0 to 0.20.0 (#2533)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.19.0 to 0.20.0.
- [Commits](https://github.com/golang/net/compare/v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-15 14:01:35 +01:00
tobi
9607b482cc
[chore/docs] Replace specific year range of copyright notice (#2520) 2024-01-13 16:33:53 +01:00
kim
dfc7656579
[bugfix] fix higher-level explicit domain rules causing issues with lower-level domain blocking (#2513)
* fix the sort direction of domain cache child nodes ...

* add more domain cache test cases

* add specific test for this bug to database domain test suite (thanks for writing this @tsmethurst!)

* remove unused field (this was a previous attempt at a fix)

* remove debugging println statements 😇
2024-01-09 13:12:43 +00:00
dependabot[bot]
87bb596a02
Bump follow-redirects from 1.15.3 to 1.15.4 in /web/source (#2512)
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.3 to 1.15.4.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.3...v1.15.4)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:32:39 +00:00
dependabot[bot]
d9127f5630
[chore]: Bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 (#2507)
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.17.0 to 1.18.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.17.0...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:30:01 +00:00
kim
10660e566d
[bugfix] misc dereferencer fixes (#2475)
* only perform status-up-to-date checks if no statusable has been provided

* copy over the same style of freshness checking from status deref -> accounts

* change some var names

* check for empty account domain
2024-01-09 10:42:39 +01:00
tobi
7cce1a7cc6
[bugfix] Outdent placeholder from <aside> when returning unknown media attachments (#2485)
* [bugfix] Outdent placeholder from `<aside>`

* visually separate placeholder note from body

* fix test
2024-01-09 10:41:32 +01:00
tobi
aad3384c98
[feature] Log pubKeyID for http-signed requests (#2501) 2024-01-09 10:41:15 +01:00
dependabot[bot]
022bfda52a
[chore]: Bump golang.org/x/image from 0.14.0 to 0.15.0 (#2506)
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.14.0 to 0.15.0.
- [Commits](https://github.com/golang/image/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/image
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:40:59 +01:00
dependabot[bot]
f0c3533862
[chore]: Bump github.com/tdewolff/minify/v2 from 2.20.9 to 2.20.12 (#2509)
Bumps [github.com/tdewolff/minify/v2](https://github.com/tdewolff/minify) from 2.20.9 to 2.20.12.
- [Release notes](https://github.com/tdewolff/minify/releases)
- [Commits](https://github.com/tdewolff/minify/compare/v2.20.9...v2.20.12)

---
updated-dependencies:
- dependency-name: github.com/tdewolff/minify/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09 10:40:38 +01:00
tobi
72d0f46b0b
[feature] Allow webp emoji uploads / derefs (#2484) 2024-01-05 13:39:53 +01:00
tobi
d5e3996a18
[feature] Parse instance descriptors as markdown, show T&C on /about (#2481)
* [feature] Parse instance descriptors as markdown, show T&C on /about

* lint

* remove unnecessary nullzero tags
2024-01-05 13:39:31 +01:00
kim
511ad97fe7
[bugfix] fix check for closed poll to account for non-zero closed time but in the future (#2486) 2024-01-03 18:42:58 +01:00
dependabot[bot]
0cb1dd493c
[chore]: Bump github.com/minio/minio-go/v7 from 7.0.65 to 7.0.66 (#2467)
Bumps [github.com/minio/minio-go/v7](https://github.com/minio/minio-go) from 7.0.65 to 7.0.66.
- [Release notes](https://github.com/minio/minio-go/releases)
- [Commits](https://github.com/minio/minio-go/compare/v7.0.65...v7.0.66)

---
updated-dependencies:
- dependency-name: github.com/minio/minio-go/v7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: kim <89579420+NyaaaWhatsUpDoc@users.noreply.github.com>
2024-01-03 10:34:54 +00:00
kim
31481fad35
[bugfix] increases sleep time before check in throttle test, to give more leeway (#2482) 2024-01-03 10:27:55 +00:00
Daenney
a15415b1a2
[docs] Describe how to block IPs using a firewall (#2459)
* [docs] Describe how to block IPs using a firewall

This adds some documentation on how to block one, multiple or whole IP
ranges using the firewall. This can be helpful to protect from DDoS
attacks or block certain parties from being able to communicate with
your instance at all.

* [docs] Fix indenting of nft rule

* [docs] Split iptables and nftables into sections
2024-01-03 10:14:38 +00:00
dependabot[bot]
3ab6214449
[chore]: Bump github.com/jackc/pgx/v5 from 5.5.0 to 5.5.1 (#2468)
Bumps [github.com/jackc/pgx/v5](https://github.com/jackc/pgx) from 5.5.0 to 5.5.1.
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v5.5.0...v5.5.1)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:03:16 +00:00
dependabot[bot]
d685e86432
[chore]: Bump github.com/google/uuid from 1.4.0 to 1.5.0 (#2469)
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:03:06 +00:00
dependabot[bot]
0e56867d8b
[chore]: Bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#2478)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:02:49 +00:00
dependabot[bot]
ed1a656be9
[chore]: Bump modernc.org/sqlite from 1.27.0 to 1.28.0 (#2470)
Bumps [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) from 1.27.0 to 1.28.0.
- [Commits](https://gitlab.com/cznic/sqlite/compare/v1.27.0...v1.28.0)

---
updated-dependencies:
- dependency-name: modernc.org/sqlite
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-03 10:01:54 +00:00
tobi
0ff52b71f2
[chore] Refactor HTML templates and CSS (#2480)
* [chore] Refactor HTML templates and CSS

* eslint

* ignore "Local"

* rss tests

* fiddle with OG just a tiny bit

* dick around with polls a bit more so SR stops saying "clickable"

* remove break

* oh lord

* don't lazy load avatar

* fix ogmeta tests

* clean up some cruft

* catch remaining calls to c.HTML

* fix error rendering + stack overflow in tag

* allow templating attributes

* fix indent

* set aria-hidden on status complementary content, since it's already present in the label anyway

* tidy up templating calls a little

* try to make styling a bit more consistent + readable

* fix up some remaining CSS issues

* fix up reports
2023-12-27 11:23:52 +01:00
kim
97a1fd9a29
[bugfix] 😇 (#2476) 2023-12-18 16:40:29 +00:00