Commit graph

16681 commits

Author SHA1 Message Date
Mark Felder
1d0e3b1355 Dialyzer: The pattern variable _ can never match the type, because it is covered by previous clauses. 2024-09-06 11:24:37 -04:00
Mark Felder
06d6febff9 Dialyzer: The pattern variable _e@1 can never match the type, because it is covered by previous clauses. 2024-09-06 11:19:24 -04:00
Mark Felder
7eb579c191 Dialyzer: invalid contract 2024-09-06 11:18:12 -04:00
Mark Felder
bc16f09d7b Dialyzer: the pattern can never match the type
The original error was for the chat controller:

lib/pleroma/web/pleroma_api/controllers/chat_controller.ex:104:pattern_match The pattern can never match the type {:error, :content_too_long | :forbidden | :no_content | :not_found} | {:user, nil}.

Improve typespecs for the Pipeline and apply them where it could be encountered
2024-09-06 11:12:15 -04:00
Mark Felder
fc3ea94a1c Dialyzer: the pattern can never match the type 2024-09-06 09:58:03 -04:00
feld
2c916ccd89 Merge branch 'following-state-bug' into 'develop'
Fix Following status bug

See merge request pleroma/pleroma!4251
2024-09-06 13:27:06 +00:00
feld
25db1a5d67 Merge branch 'oauth-app-spam2' into 'develop'
OAuth App Spam, revisited

See merge request pleroma/pleroma!4250
2024-09-05 21:19:09 +00:00
Mark Felder
5f573b4095 Credo: comment line length 2024-09-05 17:11:02 -04:00
Mark Felder
e51cd31a57 Bump credo to prevent it from crashing 2024-09-05 17:06:53 -04:00
Mark Felder
1797f5958a App orphans should only be removed if they are older than 15 mins 2024-09-05 20:55:28 +00:00
Mark Felder
4d76692db3 Fix Following status bug 2024-09-05 16:14:13 -04:00
Mark Felder
fb376ce005 Test Account View does not indicate following if a FollowingRelationship is missing 2024-09-05 16:14:06 -04:00
Mark Felder
53744bf146 Limit the number of orphaned to delete at 100 every 10 mins due to the cascading queries that have to check oauth_authorizations and oauth_tokens tables.
This should keep ahead of most app registration spam and not overwhelm lower powered servers.
2024-09-04 11:45:05 -04:00
Mark Felder
a1951f3af7 Add Cron worker to clean up orphaned apps hourly 2024-09-04 10:59:58 -04:00
Mark Felder
7bd0750787 Ensure apps are assigned to users 2024-09-04 10:40:37 -04:00
Mark Felder
427da7a99a Rate Limit the OAuth App spam 2024-09-04 09:22:58 -04:00
feld
fbcfbde833 Merge branch 'revert-9077d092' into 'develop'
Revert "Merge branch 'oauth-app-spam' into 'develop'"

See merge request pleroma/pleroma!4249
2024-09-04 02:41:31 +00:00
feld
92d5f0ac14 Revert "Merge branch 'oauth-app-spam' into 'develop'"
This reverts merge request !4244
2024-09-04 02:22:25 +00:00
marcin mikołajczak
fecfe8bf89 Merge branch 'scrubbers-allow-mention-hashtag' into 'develop'
scrubbers/default: Allow "mention hashtag" classes used by Mastodon

See merge request pleroma/pleroma!4245
2024-09-02 11:08:33 +00:00
marcin mikołajczak
37397a43be scrubbers/default: Allow "mention hashtag" classes used by Mastodon
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-02 12:39:29 +02:00
feld
9077d0925b Merge branch 'oauth-app-spam' into 'develop'
Fix OAuth app spam

See merge request pleroma/pleroma!4244
2024-09-01 18:24:06 +00:00
feld
61e4be396f Merge branch 'drop-unknown-deletes' into 'develop'
Drop unwanted activities from unknown actors

See merge request pleroma/pleroma!4236
2024-09-01 18:08:07 +00:00
Mark Felder
751d63d4bb Support OAuth App updating the website URL 2024-09-01 13:55:45 -04:00
Mark Felder
e3a7c1d906 Test that app scopes can be updated 2024-09-01 12:37:59 -04:00
Mark Felder
5a1144208d Prevent OAuth App flow from creating duplicate entries 2024-09-01 12:27:16 -04:00
Mark Felder
bb235f913f Update changelog 2024-08-30 10:05:12 -04:00
Mark Felder
11ee94ae17 InboxGuardPlug: Add early rejection of unknown activity types 2024-08-30 10:05:09 -04:00
Mark Felder
e38f5f1a81 Add recognized activity types to a constant and use it in the test 2024-08-30 09:47:45 -04:00
feld
5205e846eb Update allowed activity types from strangers
Move is emitted from the old account
EmojiReact is ~ Like
Announced TBD
2024-08-30 09:30:33 -04:00
Mark Felder
094da5d634 Update changelog 2024-08-29 16:05:40 -04:00
Mark Felder
012132303f Test more types we do not want to receive from strangers 2024-08-29 16:05:40 -04:00
Mark Felder
2b39956acb Fix test title to be more specific as it has a broader but incorrect meaning 2024-08-29 16:05:40 -04:00
Mark Felder
990b2058df Remove unnecessary error match in ReceiverWorker 2024-08-29 16:05:40 -04:00
Mark Felder
e2cdae2c88 Change relay inbox response when not federating to a 403 for consistency 2024-08-29 16:05:40 -04:00
Mark Felder
16a9b34876 Convert to an Plug called InboxGuard 2024-08-29 16:05:36 -04:00
Mark Felder
06deacd58e Formatting 2024-08-29 11:59:42 -04:00
Mark Felder
7bcc21ad6f Switch test to the inbox 2024-08-29 11:59:42 -04:00
feld
27fcc42171 Use Pleroma.Object.Containment.get_actor/1 to reliably find the actor of an incoming activity or object 2024-08-29 11:59:42 -04:00
Mark Felder
1c394dd18c Move the check to the inbox 2024-08-29 11:59:42 -04:00
Mark Felder
4bc6f334f4 Revert unintentional change 2024-08-29 11:59:42 -04:00
Mark Felder
ceffb8a891 Drop incoming Delete activities from unknown actors 2024-08-29 11:59:42 -04:00
feld
62856ab18f Merge branch 'todo-fixes' into 'develop'
Clean up Elixir 1.13 TODOs

See merge request pleroma/pleroma!4233
2024-08-29 15:27:53 +00:00
Mark Felder
b5814dc9b3 Merge remote-tracking branch 'origin/develop' into todo-fixes 2024-08-29 11:01:02 -04:00
feld
8d07034608 Merge branch 'pleroma-http-stream' into 'develop'
Pleroma.HTTP: support streaming response bodies

See merge request pleroma/pleroma!4239
2024-08-29 14:54:01 +00:00
Mark Felder
c17a78c55a Rich Media: add stream byte counting as an extra protection against malicious URLs 2024-08-29 09:37:11 -04:00
Mark Felder
d01569822e Changelog 2024-08-28 19:57:18 -04:00
Mark Felder
8ab4dd20df Update comments, remove solved TODO 2024-08-28 19:52:29 -04:00
Mark Felder
0bf82a1745 Add an AdapterHelper for Finch so we can support streaming request bodies 2024-08-28 19:50:51 -04:00
feld
7910b235c7 Merge branch 'user-refresh-oban-tests' into 'develop'
ReceiverWorker: tests, improvements

See merge request pleroma/pleroma!4241
2024-08-28 23:24:33 +00:00
Mark Felder
1821ef4f15 Move user active check into Federator.perform/1 2024-08-28 18:35:09 -04:00