mirrors/pleroma
1
0
Fork 0
mirror of https://git.pleroma.social/pleroma/pleroma.git synced 2025-03-12 22:52:41 +00:00
Code Issues Projects Releases Wiki Activity
16977 commits 272 branches 120 tags 397 MiB
Commit graph

16977 commits

This branch
This branch
All branches
Author SHA1 Message Date
Lain Soykaf
adb5cb96d3 Object.Fetcher: Don't do cross-site redirects. 2025-03-11 15:50:17 +04:00
Lain Soykaf
577b7cb061 StealEmojiPolicy: Sanitise emoji names. 2025-03-11 14:59:06 +04:00
Lain Soykaf
c143653364 ReverseProxy: Sanitize content. 2025-03-11 14:18:36 +04:00
Lain Soykaf
d9ae9b676c InstanceStatic: Extra-sanitize emoji 2025-03-11 14:09:31 +04:00
Lain Soykaf
b1309bdb40 More fixes for InstanceStatic 2025-03-10 18:44:17 +04:00
Lain Soykaf
1dd9ba5d6f Sanitize media uploads. 2025-03-10 17:23:21 +04:00
Lain Soykaf
b469b9d9d3 . 2025-03-10 16:48:54 +04:00
Lain Soykaf
edcd816730 Merge branch 'assorted-test-fixes' into secfix 2025-03-10 16:04:46 +04:00
lain
5ffc7d8c9d Merge branch 'develop' into 'develop' 
docs: debian_based_en has a trailing "`"

See merge request pleroma/pleroma!4337
 2025-03-08 15:47:53 +00:00
Mikka van der Velde
35033b6f3e Edit debian-distro-docs-pleromaBE.fix 2025-03-08 15:34:32 +00:00
Mikka van der Velde
5cf0321bc7 Add new file 2025-03-08 15:33:36 +00:00
Mikka van der Velde
be3bbe5863 Edit debian_based_en.md 2025-03-08 15:29:01 +00:00
lain
906c3ab308 Merge branch 'fix-safezip' into 'develop' 
Safezip: Fix test (issue was a difference in file ordering between otp26 and otp27)

See merge request pleroma/pleroma!4336
 2025-03-02 21:11:49 +00:00
Lain Soykaf
a184eccde7 Safezip: Fix test (issue was a difference in file ordering between otp26 and otp27) 2025-03-02 23:18:51 +04:00
lain
b2640f0dc4 Merge branch 'pl-fe' into 'develop' 
Include my frontend in available frontends

See merge request pleroma/pleroma!4334
 2025-03-02 19:11:27 +00:00
mkljczk
7bfa3bf282 Include my frontend in available frontends 
Signed-off-by: mkljczk <git@mkljczk.pl>
 2025-03-02 17:38:22 +01:00
lain
a7b6d3c1d1 Merge branch 'changelog' into 'develop' 
remove changelog entries from changelog.d

See merge request pleroma/pleroma!4335
 2025-03-02 15:59:50 +00:00
mkljczk
bc722623b3 remove changelog entries from changelog.d 
Signed-off-by: mkljczk <git@mkljczk.pl>
 2025-03-02 16:43:34 +01:00
lain
16944eb9da Merge branch 'stable' into 'develop' 
2.9.0 mergeback

See merge request pleroma/pleroma!4332
 2025-03-01 17:47:12 +00:00
lain
af6d5470d2 Merge branch 'release/2.9.0' into 'stable' 
Release/2.9.0

See merge request pleroma/pleroma!4331
 2025-03-01 16:41:38 +00:00
Lain Soykaf
cd5f018206 SafeZip Test: Skip failing CI tests for the release (tests work fine locally) 2025-03-01 20:08:19 +04:00
Lain Soykaf
79cbc74aa9 Linting 2025-03-01 19:05:20 +04:00
Lain Soykaf
a24e894b2b Update changelog 2025-03-01 18:14:36 +04:00
Lain Soykaf
e88eb24443 Mix: Bump version to 2.9.0 2025-03-01 17:49:52 +04:00
Lain Soykaf
32acdf0936 Merge branch 'security-2.9' into release/2.9.0 2025-03-01 17:45:28 +04:00
Oneric
13a88bd1a5 Register APNG MIME type 
The newest git HEAD of MIME already knows about APNG, but this
hasn’t been released yet. Without this, APNG attachments from
remote posts won’t display as images in frontends.

Fixes: akkoma#657
 2025-03-01 17:26:46 +04:00
Lain Soykaf
706bfffcda Linting 2025-03-01 17:16:48 +04:00
Lain Soykaf
88ee385302 Transmogrifier: Strip internal fields 2025-03-01 17:13:47 +04:00
Lain Soykaf
d6a136f823 Config: Deactivate client api by default 2025-03-01 15:49:01 +04:00
Lain Soykaf
4604f2944e Merge branch 'pleroma-ensure-authorized-fetch' into security-2.9 2025-03-01 14:07:02 +04:00
feld
a8e863e0d6 Merge branch 'rich-media-ordering' into 'develop' 
Rich Media Parser should use first image found

Closes #3356

See merge request pleroma/pleroma!4329
 2025-03-01 02:01:22 +00:00
Mark Felder
ac0882e348 Filter the parsed OpenGraph/Twittercard tags and only retain the ones we intend to use. 2025-02-28 17:24:23 -08:00
feld
b770850903 Merge branch 'retire-mrfs' into 'develop' 
Retire MRFs DNSRBL, FODirectReply, and QuietReply

See merge request pleroma/pleroma!4330
 2025-03-01 01:12:31 +00:00
Mark Felder
2c9d071aad Retire MRFs DNSRBL, FODirectReply, and QuietReply 
DNSRBL was a neat experiment which should live out of tree. It works and could be used to coordinate rules across different servers, but Simple Policy will always be better

FODirectReply and QuietReply have reliability issues as implemented in an MRF. If we want to expose this functionality to admins it should be a setting that overrides the chosen scope during CommonAPI.post instead of trying to rewrite the recipients with an MRF.
 2025-02-28 16:43:28 -08:00
Mark Felder
2137b681dc Fix image URLs in TwitterCard parser test 
The logic has been changed to ensure we always choose the first image if multiple are specified. This also applies when both OpenGraph and TwitterCard tags are published on a page. We parse for OpenGraph tags first and in this case the website was intentionally serving different images for TwitterCards and OpenGraph.
 2025-02-28 15:26:13 -08:00
Mark Felder
cb073a9cd0 Rich Media Parser should use first og:image 2025-02-28 15:12:49 -08:00
feld
63663ac88b Merge branch 'twittercard-image-order' into 'develop' 
Fix OpenGraph/TwitterCard meta tag ordering for posts with multiple attachments

See merge request pleroma/pleroma!4328
 2025-02-28 22:11:06 +00:00
Mark Felder
7bdeb9a1e5 Fix OpenGraph/TwitterCard meta tag ordering for posts with multiple attachments 2025-02-28 13:36:00 -08:00
tusooa
ca3c2a4ffa Verify a local Update sent through AP C2S so users can only update their own objects 2025-02-28 13:01:06 +04:00
Lain Soykaf
bf134664b4 PackTest: Add test for skipping emoji 2025-02-28 12:53:15 +04:00
Lain Soykaf
2fcb90f369 Emoji, Pack, Backup, Frontend: Use SafeZip 2025-02-27 17:06:15 +04:00
Lain Soykaf
b89070a6ad SafeZip: Add tests. 2025-02-27 15:30:20 +04:00
Oneric
0f5ac7e86d Add SafeZip module 
This will replace all the slightly different safety workarounds at
different ZIP handling sites and ensure safety is actually consistently
enforced everywhere while also making code cleaner and easiert to
follow.
 2025-02-27 14:19:50 +04:00
Lain Soykaf
70a784e16a AutolinkerToLinkifyTest: Asyncify 2025-02-25 17:36:05 +04:00
Lain Soykaf
fd128ec7c2 ConfigControllerTest: Fix it! 2025-02-25 17:18:49 +04:00
Lain Soykaf
c31fabdebd Mogrify/Mogrifun: Asyncify 2025-02-25 17:08:21 +04:00
Lain Soykaf
ee291f08e8 AnonymizeFilename: Asyncify 2025-02-25 16:40:45 +04:00
Lain Soykaf
5851d787b6 Merge branch and resolve conflict in database_test.exs 2025-02-25 16:23:46 +04:00
Lain Soykaf
bee027e511 DatabaseTest: Include user_follows_hashtag in expected tables 2025-02-25 16:16:15 +04:00
Lain Soykaf
1ebbab1618 AppTest: Make test more resilient. 2025-02-24 17:15:59 +04:00