pleroma

mirror of https://git.pleroma.social/pleroma/pleroma.git synced 2024-09-22 03:20:08 +00:00

Author	SHA1	Message	Date
marcin mikołajczak	37397a43be	scrubbers/default: Allow "mention hashtag" classes used by Mastodon Signed-off-by: marcin mikołajczak <git@mkljczk.pl>	2024-09-02 12:39:29 +02:00
feld	9077d0925b	Merge branch 'oauth-app-spam' into 'develop' Fix OAuth app spam See merge request pleroma/pleroma!4244	2024-09-01 18:24:06 +00:00
feld	61e4be396f	Merge branch 'drop-unknown-deletes' into 'develop' Drop unwanted activities from unknown actors See merge request pleroma/pleroma!4236	2024-09-01 18:08:07 +00:00
Mark Felder	751d63d4bb	Support OAuth App updating the website URL	2024-09-01 13:55:45 -04:00
Mark Felder	e3a7c1d906	Test that app scopes can be updated	2024-09-01 12:37:59 -04:00
Mark Felder	5a1144208d	Prevent OAuth App flow from creating duplicate entries	2024-09-01 12:27:16 -04:00
Mark Felder	bb235f913f	Update changelog	2024-08-30 10:05:12 -04:00
Mark Felder	11ee94ae17	InboxGuardPlug: Add early rejection of unknown activity types	2024-08-30 10:05:09 -04:00
Mark Felder	e38f5f1a81	Add recognized activity types to a constant and use it in the test	2024-08-30 09:47:45 -04:00
feld	5205e846eb	Update allowed activity types from strangers Move is emitted from the old account EmojiReact is ~ Like Announced TBD	2024-08-30 09:30:33 -04:00
Mark Felder	094da5d634	Update changelog	2024-08-29 16:05:40 -04:00
Mark Felder	012132303f	Test more types we do not want to receive from strangers	2024-08-29 16:05:40 -04:00
Mark Felder	2b39956acb	Fix test title to be more specific as it has a broader but incorrect meaning	2024-08-29 16:05:40 -04:00
Mark Felder	990b2058df	Remove unnecessary error match in ReceiverWorker	2024-08-29 16:05:40 -04:00
Mark Felder	e2cdae2c88	Change relay inbox response when not federating to a 403 for consistency	2024-08-29 16:05:40 -04:00
Mark Felder	16a9b34876	Convert to an Plug called InboxGuard	2024-08-29 16:05:36 -04:00
Mark Felder	06deacd58e	Formatting	2024-08-29 11:59:42 -04:00
Mark Felder	7bcc21ad6f	Switch test to the inbox	2024-08-29 11:59:42 -04:00
feld	27fcc42171	Use Pleroma.Object.Containment.get_actor/1 to reliably find the actor of an incoming activity or object	2024-08-29 11:59:42 -04:00
Mark Felder	1c394dd18c	Move the check to the inbox	2024-08-29 11:59:42 -04:00
Mark Felder	4bc6f334f4	Revert unintentional change	2024-08-29 11:59:42 -04:00
Mark Felder	ceffb8a891	Drop incoming Delete activities from unknown actors	2024-08-29 11:59:42 -04:00
feld	62856ab18f	Merge branch 'todo-fixes' into 'develop' Clean up Elixir 1.13 TODOs See merge request pleroma/pleroma!4233	2024-08-29 15:27:53 +00:00
Mark Felder	b5814dc9b3	Merge remote-tracking branch 'origin/develop' into todo-fixes	2024-08-29 11:01:02 -04:00
feld	8d07034608	Merge branch 'pleroma-http-stream' into 'develop' Pleroma.HTTP: support streaming response bodies See merge request pleroma/pleroma!4239	2024-08-29 14:54:01 +00:00
Mark Felder	c17a78c55a	Rich Media: add stream byte counting as an extra protection against malicious URLs	2024-08-29 09:37:11 -04:00
Mark Felder	d01569822e	Changelog	2024-08-28 19:57:18 -04:00
Mark Felder	8ab4dd20df	Update comments, remove solved TODO	2024-08-28 19:52:29 -04:00
Mark Felder	0bf82a1745	Add an AdapterHelper for Finch so we can support streaming request bodies	2024-08-28 19:50:51 -04:00
feld	7910b235c7	Merge branch 'user-refresh-oban-tests' into 'develop' ReceiverWorker: tests, improvements See merge request pleroma/pleroma!4241	2024-08-28 23:24:33 +00:00
Mark Felder	1821ef4f15	Move user active check into Federator.perform/1	2024-08-28 18:35:09 -04:00
marcin mikołajczak	1e8b79956e	Merge branch 'docs-fix' into 'develop' Correct response in AdminAPI docs See merge request pleroma/pleroma!4240	2024-08-28 22:04:18 +00:00
Mark Felder	e498d252e4	Changelog update	2024-08-28 18:03:33 -04:00
Mark Felder	8a3efa7152	More error annotations	2024-08-28 18:02:35 -04:00
Mark Felder	c5ca806aa0	Add back one of the duplicate checks to fix a test, document where it comes from	2024-08-28 17:57:34 -04:00
Mark Felder	380a6a6df3	:validate_object is not a real error returned from anywhere	2024-08-28 17:45:31 -04:00
Mark Felder	2346807ac9	Annotate error cases	2024-08-28 17:44:33 -04:00
Mark Felder	2e9515578a	ReceiverWorker job canceled due to deleted object	2024-08-28 17:38:13 -04:00
Mark Felder	6ae629cfe0	Cancel ReceiverWorker jobs if the user account has been disabled / deactivated	2024-08-28 17:24:59 -04:00
Mark Felder	bb2f4a76b3	Add test for origin containment failures	2024-08-28 17:01:30 -04:00
Mark Felder	3dadb9ed08	Changelog	2024-08-28 16:37:46 -04:00
Mark Felder	48a4661885	Simplify test, move data into a json fixture By removing the inReplyTo, tags, and cc we can simplify the test and it still passes signature validation	2024-08-28 16:31:59 -04:00
Mark Felder	66e1b40895	Cancel if the User fetch resulted in a 410	2024-08-28 16:04:12 -04:00
Mark Felder	60101e240d	Add test confirming cancellation for activity by a deleted user	2024-08-28 15:54:49 -04:00
Mark Felder	fc450fdefc	ReceiverWorker: cancel job if user fetch is forbidden An instance block with authenticated fetch being required can cause this as we couldn't get the user to find their public key to verify the signature. Commonly observed if someone boosts/Announces a post from an instance that blocked you.	2024-08-28 15:45:16 -04:00
marcin mikołajczak	3419e2cbdd	Correct response in AdminAPI docs Signed-off-by: marcin mikołajczak <git@mkljczk.pl>	2024-08-28 18:28:22 +02:00
Mark Felder	0804b73c0a	This error is not returned by Tesla Upstream has a bug filed for this as they aren't handling this error internally, so it was raising	2024-08-27 22:08:31 -04:00
Mark Felder	44901502ff	Fix incorrect identifier for the with statement	2024-08-27 21:56:02 -04:00
Mark Felder	116fe77b77	Tesla.Middleware.Timeout breaks streaming bodies These are executed by Oban now and Oban can enforce the timeout if the regular HTTP timeout is not sufficient.	2024-08-27 21:55:07 -04:00
Mark Felder	0a86d2b3ac	Handle streaming response errors	2024-08-27 21:22:59 -04:00

1 2 3 4 5 ...

16662 commits