Commit graph

16754 commits

Author SHA1 Message Date
feld
360dd34f19 Merge branch 'ldap-tls' into 'develop'
LDAP Auth: fix TLS certificate verification

See merge request pleroma/pleroma!4259
2024-09-11 18:00:22 +00:00
Mark Felder
7def11d7c3 LDAP Auth: fix TLS certificate verification
Currently we only support STARTTLS and it was not verifying certificate and hostname correctly. We must pass a custom fqdn_fun/1 function so it knows what value to compare against.
2024-09-11 12:47:46 -04:00
Haelwenn
20e82c7456 Merge branch 'argon2' into 'develop'
Support and convert argon2 passwords

See merge request pleroma/pleroma!4257
2024-09-08 20:48:21 +00:00
Mint
7e91c3a306 Changelog 2024-09-08 05:41:48 +03:00
Mint
9de522ce50 Authentication: convert argon2 passwords, add tests 2024-09-08 05:32:40 +03:00
marcin mikołajczak
c9b28eaf9a Argon2 password support 2024-09-08 05:23:46 +03:00
feld
bb0cb06d8a Merge branch 'well-known' into 'develop'
NodeInfo: Accept application/activity+json requests

See merge request pleroma/pleroma!4242
2024-09-06 16:30:07 +00:00
feld
80f3e507d4 Merge branch 'dialyzer' into 'develop'
Dialyzer fixes

See merge request pleroma/pleroma!4254
2024-09-06 16:12:28 +00:00
feld
b871551d97 Merge branch 'oban-uniques' into 'develop'
Oban: more unique job constraints

See merge request pleroma/pleroma!4253
2024-09-06 16:02:06 +00:00
feld
7f3600fddd Merge branch 'scrubber-mention-hashtag' into 'develop'
Add tests for Mastodon mention hashtag class

See merge request pleroma/pleroma!4255
2024-09-06 15:52:06 +00:00
Mark Felder
1afcfd4845 Add tests for Mastodon mention hashtag class 2024-09-06 11:51:16 -04:00
Mark Felder
5b26c56624 Changelog 2024-09-06 11:34:06 -04:00
Mark Felder
06ce5e3b43 Dialyzer: pattern_match The pattern can never match the type {:diff, false}. 2024-09-06 11:27:07 -04:00
Mark Felder
1d0e3b1355 Dialyzer: The pattern variable _ can never match the type, because it is covered by previous clauses. 2024-09-06 11:24:37 -04:00
Mark Felder
06d6febff9 Dialyzer: The pattern variable _e@1 can never match the type, because it is covered by previous clauses. 2024-09-06 11:19:24 -04:00
Mark Felder
7eb579c191 Dialyzer: invalid contract 2024-09-06 11:18:12 -04:00
Mark Felder
bc16f09d7b Dialyzer: the pattern can never match the type
The original error was for the chat controller:

lib/pleroma/web/pleroma_api/controllers/chat_controller.ex:104:pattern_match The pattern can never match the type {:error, :content_too_long | :forbidden | :no_content | :not_found} | {:user, nil}.

Improve typespecs for the Pipeline and apply them where it could be encountered
2024-09-06 11:12:15 -04:00
Mark Felder
fc3ea94a1c Dialyzer: the pattern can never match the type 2024-09-06 09:58:03 -04:00
Mark Felder
a887188890 Oban: more unique job constraints 2024-09-06 09:42:53 -04:00
feld
2c916ccd89 Merge branch 'following-state-bug' into 'develop'
Fix Following status bug

See merge request pleroma/pleroma!4251
2024-09-06 13:27:06 +00:00
feld
25db1a5d67 Merge branch 'oauth-app-spam2' into 'develop'
OAuth App Spam, revisited

See merge request pleroma/pleroma!4250
2024-09-05 21:19:09 +00:00
Mark Felder
5f573b4095 Credo: comment line length 2024-09-05 17:11:02 -04:00
Mark Felder
e51cd31a57 Bump credo to prevent it from crashing 2024-09-05 17:06:53 -04:00
Mark Felder
1797f5958a App orphans should only be removed if they are older than 15 mins 2024-09-05 20:55:28 +00:00
Mark Felder
4d76692db3 Fix Following status bug 2024-09-05 16:14:13 -04:00
Mark Felder
fb376ce005 Test Account View does not indicate following if a FollowingRelationship is missing 2024-09-05 16:14:06 -04:00
Mark Felder
53744bf146 Limit the number of orphaned to delete at 100 every 10 mins due to the cascading queries that have to check oauth_authorizations and oauth_tokens tables.
This should keep ahead of most app registration spam and not overwhelm lower powered servers.
2024-09-04 11:45:05 -04:00
Mark Felder
a1951f3af7 Add Cron worker to clean up orphaned apps hourly 2024-09-04 10:59:58 -04:00
Mark Felder
7bd0750787 Ensure apps are assigned to users 2024-09-04 10:40:37 -04:00
Mark Felder
427da7a99a Rate Limit the OAuth App spam 2024-09-04 09:22:58 -04:00
feld
fbcfbde833 Merge branch 'revert-9077d092' into 'develop'
Revert "Merge branch 'oauth-app-spam' into 'develop'"

See merge request pleroma/pleroma!4249
2024-09-04 02:41:31 +00:00
feld
92d5f0ac14 Revert "Merge branch 'oauth-app-spam' into 'develop'"
This reverts merge request !4244
2024-09-04 02:22:25 +00:00
marcin mikołajczak
6d5ae4d2e9 Include list id in StatusView
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-03 15:17:45 +02:00
marcin mikołajczak
fecfe8bf89 Merge branch 'scrubbers-allow-mention-hashtag' into 'develop'
scrubbers/default: Allow "mention hashtag" classes used by Mastodon

See merge request pleroma/pleroma!4245
2024-09-02 11:08:33 +00:00
marcin mikołajczak
37397a43be scrubbers/default: Allow "mention hashtag" classes used by Mastodon
Signed-off-by: marcin mikołajczak <git@mkljczk.pl>
2024-09-02 12:39:29 +02:00
feld
9077d0925b Merge branch 'oauth-app-spam' into 'develop'
Fix OAuth app spam

See merge request pleroma/pleroma!4244
2024-09-01 18:24:06 +00:00
feld
61e4be396f Merge branch 'drop-unknown-deletes' into 'develop'
Drop unwanted activities from unknown actors

See merge request pleroma/pleroma!4236
2024-09-01 18:08:07 +00:00
Mark Felder
751d63d4bb Support OAuth App updating the website URL 2024-09-01 13:55:45 -04:00
Mark Felder
e3a7c1d906 Test that app scopes can be updated 2024-09-01 12:37:59 -04:00
Mark Felder
5a1144208d Prevent OAuth App flow from creating duplicate entries 2024-09-01 12:27:16 -04:00
Mark Felder
4ae17c6294 NodeInfo: Accept application/activity+json requests 2024-08-30 15:25:21 -04:00
Mark Felder
bb235f913f Update changelog 2024-08-30 10:05:12 -04:00
Mark Felder
11ee94ae17 InboxGuardPlug: Add early rejection of unknown activity types 2024-08-30 10:05:09 -04:00
Mark Felder
e38f5f1a81 Add recognized activity types to a constant and use it in the test 2024-08-30 09:47:45 -04:00
feld
5205e846eb Update allowed activity types from strangers
Move is emitted from the old account
EmojiReact is ~ Like
Announced TBD
2024-08-30 09:30:33 -04:00
Mark Felder
094da5d634 Update changelog 2024-08-29 16:05:40 -04:00
Mark Felder
012132303f Test more types we do not want to receive from strangers 2024-08-29 16:05:40 -04:00
Mark Felder
2b39956acb Fix test title to be more specific as it has a broader but incorrect meaning 2024-08-29 16:05:40 -04:00
Mark Felder
990b2058df Remove unnecessary error match in ReceiverWorker 2024-08-29 16:05:40 -04:00
Mark Felder
e2cdae2c88 Change relay inbox response when not federating to a 403 for consistency 2024-08-29 16:05:40 -04:00