mirrors/pleroma
1
0
Fork 0
mirror of https://git.pleroma.social/pleroma/pleroma.git synced 2025-03-13 07:02:41 +00:00
Code Issues Projects Releases Wiki Activity
16973 commits 272 branches 120 tags 397 MiB
Commit graph

6441 commits

Author SHA1 Message Date
Lain Soykaf
29b048d351 B TwitterAPI/ControllerTest: Actually test the keys 2024-11-12 14:35:02 +04:00
Lain Soykaf
2baa9b0072 Merge branch 'develop' into pleroma-token-view-scopes 2024-11-12 14:33:30 +04:00
Lain Soykaf
5b3e4cf49b B Providers/ActivityPub: Ensure that nothing explodes on unexpected input. 2024-11-12 14:22:02 +04:00
lain
6941c47ac8 Merge branch 'develop' into 'tusooa/se-opt-out' 
# Conflicts:
#   lib/pleroma/web/metadata/providers/feed.ex
 2024-11-12 09:58:28 +00:00
lain
ee3ab8b625 Merge branch 'atom-tag' into 'develop' 
Metadata: Do not include .atom feed links for remote accounts

See merge request pleroma/pleroma!4281
 2024-11-12 09:44:29 +00:00
Lain Soykaf
ebea518c8c B DedupeTest: Add explicit test for the sharding structure 2024-11-12 12:43:16 +04:00
Mark Felder
d2de251c4d Pleroma.Upload.Filter.Dedupe: sharding directory structure 
Dedupe now uses a three-level sharding directory structure to improve performance when many files are uploaded and stored on a filesystem instead of an object store. (note: Minio still affected as it still uses a traditional filesystem)

This does not help if you already have hundreds of thousands of files uploaded. The media URLs are permanently part of the activity so the files cannot be relocated. A motivated user could write a tool to move the files and perhaps write an Nginx or equivalent redirect to make the files still accessible, but that is beyond the scope of this change.
 2024-10-29 16:00:18 -04:00
Mark Felder
7d5ef81737 Fix /api/v2/media returning the wrong status code for media processed synchronously 
The API should return a 202 only if data cannot be returned yet and a followup GET /api/v1/media/:id should be called to retrieve it. This is something Mastodon does when it needs to transcode large media files. It does not apply to Pleroma and causes apps to waste an API call when posting a status which causes apps to appear to hang on higher latency environments, such as on mobile networks.

https://docs.joinmastodon.org/methods/media/#v2
 2024-10-27 21:52:42 -04:00
marcin mikołajczak
60ec42cb9c Add metadata provider for ActivityPub alternate links 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-10-12 23:45:18 +02:00
feld
4557cd960e Merge branch 'remote-report-policy' into 'develop' 
Remote report policy

See merge request pleroma/pleroma!4280
 2024-10-11 20:23:46 +00:00
feld
dd7f699d4a Merge branch 'tusooa/3331-fix-incoming-block' into 'develop' 
Fix incoming Blocks being rejected

Closes #3331

See merge request pleroma/pleroma!4282
 2024-10-11 20:22:21 +00:00
feld
3f3f8bc57a Merge branch 'poll-refresh' into 'develop' 
Refactor Poll Refreshing

See merge request pleroma/pleroma!4278
 2024-10-10 00:46:28 +00:00
Mark Felder
5b04c2bf13 Test the final refresh behavior of a PollWorker poll_end job 2024-10-09 20:15:00 -04:00
marcin mikołajczak
ddedc575e7 Merge branch 'hashtag-feeds-restricted' into 'develop' 
Repesct :restrict_unauthenticated for hashtag rss/atom feeds

See merge request pleroma/pleroma!4266
 2024-10-09 09:42:53 +00:00
tusooa
f758b6e37c
Fix incoming Blocks being rejected 2024-10-08 23:09:59 -04:00
marcin mikołajczak
07cfbe4ae8 Merge branch 'profile-image-descriptions' into 'develop' 
Federate avatar/header descriptions

See merge request pleroma/pleroma!4264
 2024-10-06 20:05:36 +00:00
marcin mikołajczak
0c41d986de Metadata: Do not include .atom feed links for remote accounts 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-10-06 17:02:31 +02:00
Mint
48af6850fc RemoteReportPolicy: Fix third-party report detection 2024-10-03 20:00:36 +03:00
Mint
fd83b86b99 RemoteReportPolicy: add reject_third_party option 2024-10-03 20:00:15 +03:00
Alex Gleason
b7c91876d2 RemoteReportPolicy: add :reject_all option, fix tests 2024-10-03 19:59:39 +03:00
Alex Gleason
4533f171ab Add RemoteReportPolicy to reject reports without enough information 2024-10-03 19:59:39 +03:00
Mark Felder
fa8de790df Remove test superceded by logic change 
We will not be inserting jobs that should be skipped due to updated_at
 2024-10-03 10:19:11 -04:00
Mark Felder
ba2ae5e40b Check if a refresh is permitted by comparing timestamps before attempting to insert an Oban job 
It's better to avoid inserting an Oban job that will just be rejected if it's not expensive to check.
 2024-10-03 10:14:02 -04:00
tusooa
35bd197733
Fix nonexisting user will not generate metadata for search engine opt-out 2024-10-02 18:41:35 -04:00
Mark Felder
0a42a3f2ea Do not attempt to schedule poll refresh jobs for local activities 2024-10-02 11:05:17 -04:00
Mark Felder
b735d9e6e1 Improve assertion 2024-09-30 14:55:38 -04:00
Mark Felder
a1b384f63c Test that a poll refresh is cancelled if updated_at on the object is newer than the poll closing time 2024-09-30 14:45:41 -04:00
Mark Felder
b2340b5b77 Permit backdating the poll closed timestamp 2024-09-30 14:45:13 -04:00
Mark Felder
766edfe5b2 Test Poll refresh jobs stream out updates after refetching the object 2024-09-30 14:32:28 -04:00
Mark Felder
47ce3a4a96 Schedule a final poll refresh before streaming out the notifications 2024-09-30 14:17:35 -04:00
Mark Felder
2380ae6dcc Validate an Oban job is inserted for poll refreshes 2024-09-30 13:38:13 -04:00
Mark Felder
382426e033 Remove Object.get_by_id_and_maybe_refetch/2 
This was only used for poll refreshing and is not a good approach to the problem.
 2024-09-30 12:41:09 -04:00
Haelwenn (lanodan) Monnier
0fa13c5535
MRF.SimplePolicy: Add id_filter/1 2024-09-21 14:07:26 +02:00
marcin mikołajczak
23e5eed4e0 Include session scopes in TokenView 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-19 10:57:50 +02:00
Mark Felder
44b836c94c Fix tests 
We do not need to mock and verify connections are closed as the new Pleroma.LDAP GenServer will handle managing the connection lifetime
 2024-09-17 13:40:15 -04:00
marcin mikołajczak
e74e0089bf Repesct :restrict_unauthenticated for hashtag rss/atom feeds 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-16 17:19:21 +02:00
marcin mikołajczak
309d22aca2 Allow disabling C2S ActivityPub API 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-16 13:44:36 +02:00
marcin mikołajczak
ad953143bb Require HTTP signatures (if enabled) for routes used by both C2S and S2S AP API 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-15 15:20:28 +02:00
marcin mikołajczak
8250a9764e Merge branch 'notifications-group-key' into 'develop' 
Add `group_key` to notifications

See merge request pleroma/pleroma!4262
 2024-09-15 10:07:52 +00:00
marcin mikołajczak
1a120d0130 Federate avatar/header descriptions 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-14 21:32:32 +02:00
marcin mikołajczak
c1a1150888 Merge branch 'profile-image-descriptions' into 'develop' 
Allow providing avatar/header descriptions

See merge request pleroma/pleroma!4227
 2024-09-14 17:46:33 +00:00
marcin mikołajczak
0111659a1f Merge branch 'list-id-visibility' into 'develop' 
Include list id in StatusView

See merge request pleroma/pleroma!4246
 2024-09-14 17:46:09 +00:00
marcin mikołajczak
17b69c43d5 Add group_key to notifications 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-12 14:37:37 +02:00
Mint
9de522ce50 Authentication: convert argon2 passwords, add tests 2024-09-08 05:32:40 +03:00
feld
bb0cb06d8a Merge branch 'well-known' into 'develop' 
NodeInfo: Accept application/activity+json requests

See merge request pleroma/pleroma!4242
 2024-09-06 16:30:07 +00:00
Mark Felder
1afcfd4845 Add tests for Mastodon mention hashtag class 2024-09-06 11:51:16 -04:00
feld
2c916ccd89 Merge branch 'following-state-bug' into 'develop' 
Fix Following status bug

See merge request pleroma/pleroma!4251
 2024-09-06 13:27:06 +00:00
Mark Felder
5f573b4095 Credo: comment line length 2024-09-05 17:11:02 -04:00
Mark Felder
1797f5958a App orphans should only be removed if they are older than 15 mins 2024-09-05 20:55:28 +00:00
Mark Felder
fb376ce005 Test Account View does not indicate following if a FollowingRelationship is missing 2024-09-05 16:14:06 -04:00
Mark Felder
a1951f3af7 Add Cron worker to clean up orphaned apps hourly 2024-09-04 10:59:58 -04:00
Mark Felder
7bd0750787 Ensure apps are assigned to users 2024-09-04 10:40:37 -04:00
feld
92d5f0ac14 Revert "Merge branch 'oauth-app-spam' into 'develop'" 
This reverts merge request !4244
 2024-09-04 02:22:25 +00:00
marcin mikołajczak
6d5ae4d2e9 Include list id in StatusView 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-09-03 15:17:45 +02:00
feld
9077d0925b Merge branch 'oauth-app-spam' into 'develop' 
Fix OAuth app spam

See merge request pleroma/pleroma!4244
 2024-09-01 18:24:06 +00:00
feld
61e4be396f Merge branch 'drop-unknown-deletes' into 'develop' 
Drop unwanted activities from unknown actors

See merge request pleroma/pleroma!4236
 2024-09-01 18:08:07 +00:00
Mark Felder
751d63d4bb Support OAuth App updating the website URL 2024-09-01 13:55:45 -04:00
Mark Felder
e3a7c1d906 Test that app scopes can be updated 2024-09-01 12:37:59 -04:00
Mark Felder
5a1144208d Prevent OAuth App flow from creating duplicate entries 2024-09-01 12:27:16 -04:00
Mark Felder
4ae17c6294 NodeInfo: Accept application/activity+json requests 2024-08-30 15:25:21 -04:00
Mark Felder
11ee94ae17 InboxGuardPlug: Add early rejection of unknown activity types 2024-08-30 10:05:09 -04:00
Mark Felder
e38f5f1a81 Add recognized activity types to a constant and use it in the test 2024-08-30 09:47:45 -04:00
Mark Felder
012132303f Test more types we do not want to receive from strangers 2024-08-29 16:05:40 -04:00
Mark Felder
2b39956acb Fix test title to be more specific as it has a broader but incorrect meaning 2024-08-29 16:05:40 -04:00
Mark Felder
16a9b34876 Convert to an Plug called InboxGuard 2024-08-29 16:05:36 -04:00
Mark Felder
7bcc21ad6f Switch test to the inbox 2024-08-29 11:59:42 -04:00
Mark Felder
ceffb8a891 Drop incoming Delete activities from unknown actors 2024-08-29 11:59:42 -04:00
Mark Felder
1821ef4f15 Move user active check into Federator.perform/1 2024-08-28 18:35:09 -04:00
Mark Felder
2e9515578a ReceiverWorker job canceled due to deleted object 2024-08-28 17:38:13 -04:00
Mark Felder
6ae629cfe0 Cancel ReceiverWorker jobs if the user account has been disabled / deactivated 2024-08-28 17:24:59 -04:00
Mark Felder
bb2f4a76b3 Add test for origin containment failures 2024-08-28 17:01:30 -04:00
Mark Felder
48a4661885 Simplify test, move data into a json fixture 
By removing the inReplyTo, tags, and cc we can simplify the test and it still passes signature validation
 2024-08-28 16:31:59 -04:00
Mark Felder
66e1b40895 Cancel if the User fetch resulted in a 410 2024-08-28 16:04:12 -04:00
Mark Felder
60101e240d Add test confirming cancellation for activity by a deleted user 2024-08-28 15:54:49 -04:00
Mark Felder
fc450fdefc ReceiverWorker: cancel job if user fetch is forbidden 
An instance block with authenticated fetch being required can cause this as we couldn't get the user to find their public key to verify the signature. Commonly observed if someone boosts/Announces a post from an instance that blocked you.
 2024-08-28 15:45:16 -04:00
Mark Felder
a9aa810d3d Change imports to generate an Oban job per each task 2024-08-22 13:24:07 -04:00
Mark Felder
649e51b581 Fix Oban jobs for imports 2024-08-22 11:35:55 -04:00
marcin mikołajczak
3e5517e7bb Merge remote-tracking branch 'origin/develop' into post-languages 2024-08-22 13:06:57 +02:00
feld
08a444f6c3 Merge branch 'reachability' into 'develop' 
Fix reachability based on results of publishing attempts

See merge request pleroma/pleroma!4231
 2024-08-19 16:49:08 +00:00
Mark Felder
55cc1ba50e Fix test cases for validating instance reachability based on results of publishing attempts 
Now that we store the unreachable_since in the Oban job the value is no longer a %NaiveDateTime{} so the code was wrong
 2024-08-19 11:12:25 -04:00
Mark Felder
089fa4d146 Improve Remote Object Fetcher error handling, Oban 2024-08-17 20:42:33 -04:00
marcin mikołajczak
917ac89b4f Update tests 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-17 20:01:25 +02:00
marcin mikołajczak
c802f3b7f6 Validate media description length 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-17 19:58:32 +02:00
marcin mikołajczak
681765669c Add test for avatar description 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-17 17:02:44 +02:00
feld
fcf9ad5573 Merge branch 'bugfix-truncate-remote-user-fields' into 'develop' 
User: truncate remote user fields instead of rejecting

See merge request pleroma/pleroma!4220
 2024-08-16 00:37:10 +00:00
marcin mikołajczak
8cd8cea3fb Fix 'Setting a marker should mark notifications as read' 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-14 19:28:11 +02:00
Haelwenn (lanodan) Monnier
3b1e6ac8f0
User: truncate remote user fields instead of rejecting 2024-08-14 18:09:13 +02:00
Mark Felder
b281ad06de Revert "Custom mix task to retry failed tests once in CI pipeline" 
This reverts commit ed2976b237.
 2024-08-13 15:49:04 -04:00
Mark Felder
648e94b369 Fix the uploads migration mix task test which leaked a change to the configured Uploader 2024-08-13 15:28:31 -04:00
Mark Felder
b0c64945c2 MRF.FODirectReply: use Visibility module to verify the scope 2024-08-12 20:18:02 -04:00
Mark Felder
8c978727c2 MRF.QuietReply: add test for replies to unlisted posts 2024-08-12 20:10:09 -04:00
feld
4e7928c985 Merge branch 'followers-only-reply-direct-mrf' into 'develop' 
MRF.FODirectReply

See merge request pleroma/pleroma!4091
 2024-08-12 21:46:45 +00:00
Mark Felder
c0ca7a4eca User Factory: include the nickname in the generated URLs 2024-08-12 17:12:39 -04:00
Mark Felder
488c4b8b98 MRF.FODirectReply 
Force replies to followers-only posts to always be direct
 2024-08-12 17:06:29 -04:00
feld
c29441f30d Merge branch 'mrf-quietreply' into 'develop' 
MRF.QuietReply

See merge request pleroma/pleroma!4213
 2024-08-12 20:25:19 +00:00
Mark Felder
b76dfd8146 Revert accidental removal of test unrelated to identity proofs 2024-08-12 15:36:01 -04:00
marcin mikołajczak
29f7ab7116 Update test as /api/v1/endorsements is not a stub 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-12 12:25:12 +02:00
marcin mikołajczak
6e53e94bda Remove stub for /api/v1/accounts/:id/identity_proofs (deprecated by Mastodon 3.5.0) 
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
 2024-08-12 12:23:38 +02:00
Mark Felder
5a134a46f7 We must change to/cc in the activity and inner object 2024-08-08 15:23:59 -04:00
Mark Felder
d6cc6aff9b Unintended commit 2024-08-08 14:22:25 -04:00