Commit graph

9175 commits

Author SHA1 Message Date
Oneric
7622aa27ca Federate user profile background
Currently our own frontend doesn’t show backgrounds of other users, this
property is already publicly readable via REST API and likely was always
intended to be shown and federated.

Recently Sharkey added support for profile backgrounds and
immediately made them federate and be displayed to others.
We use the same AP field as Sharkey here which should make
it interoperable both ways out-of-the-box.

Ref.: 4e64397635
2024-02-16 16:35:51 +01:00
FloatingGhost
0ed815b8a1 Merge branch 'followback' into develop 2024-02-16 13:27:40 +00:00
floatingghost
c5dcd07e08 Merge pull request 'Fix OpenAPI spec for preferred_frontend endpoint' (#680) from katafrakt/akkoma:fix-openapi-spec-for-preferred-frontend into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/680
2024-02-16 12:21:00 +00:00
floatingghost
874ee73a87 Merge pull request 'Document Akkoma API' (#678) from Oneric/akkoma:doc-akkomapi into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/678
2024-02-16 12:20:11 +00:00
Oneric
cda597a05c doc: fix Akkoma identification name
Akkoma stopped pretending to be Pleroma here when the mix project name
was changed in c07fcdbf2b.
2024-02-15 16:25:59 +01:00
Haelwenn (lanodan) Monnier
cb7eaccecb Config: Check the permissions of the linked file instead of the symlink↵ 2024-02-14 18:30:27 +01:00
Oneric
376f6b15ca Add ability to auto-approve followbacks
Resolves: https://akkoma.dev/AkkomaGang/akkoma/issues/148
2024-02-13 15:42:37 +01:00
Oneric
13e62b4e51 Fix schema and docs for status_ttl_days and instance
Fixes misspelling and omission of and example in commit
0cfd5b4e89 which added the
status_ttl_property. This was the only place this commit
referred to the property as note_ttl_days.

Partially fixes the omitted schema update of the instance metadata addition
from commit b7e8ce2350. A proper full schema
for nodeinfo is still missing.
2024-02-13 15:39:52 +01:00
floatingghost
e97d08ee98 Merge pull request 'MRF transparency: don’t forget to obfuscate short domains' (#676) from Oneric/akkoma:mrf-obfuscation into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/676
2024-02-05 08:43:43 +00:00
Paweł Świątkowski
d7d159c49f
Fix OpenAPI spec for preferred_frontend endpoint
The spec was copied from another endpoint, including the operation id,
leading to scrubbing the valid parameters from the request and simply
not working.
2024-02-03 14:27:45 +01:00
Oneric
e47c50666d Fix obfuscation of short domains
Fixes https://akkoma.dev/AkkomaGang/akkoma/issues/645
2024-02-02 14:50:13 +00:00
Aria
77000b8ffd update tests for oauth consumer 2023-12-17 21:48:19 +00:00
Aria
eb0dbf6b79 fix oauth consumer mode
the previous code passed a state parameter to ueberauth with info
about where to go after the user logged in, etc.
since ueberauth 0.7, this parameter is ignored and oauth state is used
for actual CSRF reasons.

we now set a cookie with the state we need to keep track of, and read
it once the callback happens.
2023-12-17 19:27:36 +00:00
Yonle
8a0e797cff ap userview: add outbox field.
Signed-off-by: Yonle <yonle@lecturify.net>
2023-12-15 16:31:51 +00:00
FloatingGhost
6cc523bd23 Correct email links to be absolute URLs 2023-11-02 11:49:03 +00:00
Rohan Kumar
36f4f18aa5
Add more image mimetypes to reverse proxy
Add JPEG-XL, AVIF, and WebP support to the reverse proxy. All three are
supported in WebKit browsers; the latter two are supported in Gecko and
Blink.
2023-11-01 17:47:52 -07:00
FloatingGhost
c8e08e9cc3 fix issue with API cascading domain blocks but not honouring them 2023-08-25 11:00:49 +01:00
FloatingGhost
98f0820ca4 MIX FORMAT 2023-08-15 23:26:22 +01:00
FloatingGhost
9bc0345e57 AND THAT ONE TOO AND ALL 2023-08-15 23:26:08 +01:00
FloatingGhost
f3cc60b202 INBOX NEEDS TO BE A FULL URL YOU IDIOT AM BAKA I SHOULD JUST COMMIT SUDOKU RIGHT NOW 2023-08-15 23:23:59 +01:00
FloatingGhost
063e3c0d34 Disallow nil hosts in should_federate 2023-08-15 23:12:04 +01:00
FloatingGhost
6cb40bee26 Migrate to phoenix 1.7 (#626)
Closes #612

Co-authored-by: tusooa <tusooa@kazv.moe>
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/626
Co-authored-by: FloatingGhost <hannah@coffee-and-dreams.uk>
Co-committed-by: FloatingGhost <hannah@coffee-and-dreams.uk>
2023-08-15 10:22:18 +00:00
floatingghost
0b32beb051 Merge pull request 'meilisearch: Move published date to lower priority' (#623) from norm/akkoma:meilisearch-order into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/623
2023-08-12 14:36:53 +00:00
floatingghost
7bb41bffb3 Merge pull request 'Reload emoji when using mix pleroma.emoji gen-pack and get-packs' (#563) from norm/akkoma:emoji-reload into develop
Reviewed-on: https://akkoma.dev/AkkomaGang/akkoma/pulls/563
2023-08-12 14:07:23 +00:00
FloatingGhost
1bd3012c2d Fix compiler warnings 2023-08-12 15:03:43 +01:00
Joshua Goins
c22ecac567 mastodon_api: Add /api/v1/preferences endpoint
Implements the preferences endpoint in the Mastodon API, but returns
default values for most of the preferences right now. The only supported
preference we can access is default post visibility, and a relevant test
is added as well.
2023-08-12 09:28:24 -04:00
Norm
d79c92f9c6
meilisearch: Move published date to lower priority
Currently, Akkoma sorts by published date first before everything else.
This however makes search results pretty bad since Meilisearch uses a
bucket sort algorithm in order of the ranking rules specified:
https://www.meilisearch.com/docs/learn/core_concepts/relevancy#behavior

Since the `published` attribute is a unix timestamp, the resulting
buckets are pretty small so the other rules essentially have little to
no effect on the rankings of search results.

This fixes that issue by moving the `published:desc` rule further down
so it still sorts by date, but only after considering everything else.

AFAIK attribute and sort doesn't really affect results for Akkoma since
the only attribute considered is the `content` attribute and the `sort`
parameter isn't used in Akkoma searches. Everything else is made to
match more closely to Meilisearch's defaults.
2023-08-11 11:07:14 -04:00
FloatingGhost
165c2485ff Merge branch 'otp26' into develop 2023-08-09 14:35:06 +01:00
Clovis
fc3cc61768 Fix invalid Date HTTP header when signing fetch requests
https://akkoma.dev/AkkomaGang/akkoma/issues/503
2023-08-07 12:43:42 +00:00
FloatingGhost
7825798e32 Add XML matcher 2023-08-07 11:12:14 +01:00
FloatingGhost
9723264fe5 Add URI matchers 2023-08-06 15:51:21 +01:00
FloatingGhost
368b22fd2f Ensure we can't crash out on unusual logger backend settings 2023-08-06 15:12:57 +01:00
FloatingGhost
59af68c600 Ensure it doesn't break on elixir1.14 2023-08-05 14:11:27 +01:00
FloatingGhost
ec5db753b9 Prevent elixir compiler from yeeting our modules 2023-08-05 14:03:21 +01:00
mae
d868348fac Completely disable xml entity resolution 2023-08-05 12:32:05 +00:00
FloatingGhost
31d7cc9a9c Allow Pleroma.HTTP to connect to raw-HTTP without freaking mint out 2023-08-04 23:51:15 +01:00
FloatingGhost
8670d89316 Remove duplicated path
Fixes #604
2023-08-04 22:39:11 +01:00
FloatingGhost
b4399574ca Merge remote-tracking branch 'norm/config-permissions' into develop 2023-08-04 22:31:11 +01:00
Mae
1f54bea564 Prevent XML parser from loading external entities 2023-08-04 22:24:17 +01:00
Haelwenn (lanodan) Monnier
4f57c87be4
instance gen: Reduce permissions of pleroma directories and config files
Original: 69caedc591
2023-08-04 14:13:50 -04:00
Haelwenn (lanodan) Monnier
ae03513934
Config: Restrict permissions of OTP config file
Original: 8cc8100120
2023-08-04 14:13:36 -04:00
FloatingGhost
0b2ec0ccee Enable AnonymizeFilenames on all uploads 2023-08-04 15:37:15 +01:00
FloatingGhost
723bd123a0 Correct ordering for block/mutes 2023-08-04 15:18:07 +01:00
FloatingGhost
1dc8cc731c Merge branch 'elixir1.15' into develop 2023-08-04 15:16:14 +01:00
FloatingGhost
64e233ca20 Tag Mock-tests as "mocked" and run them seperately 2023-08-04 12:50:50 +01:00
FloatingGhost
2946bf4011 mix format 2023-08-04 12:04:24 +01:00
FloatingGhost
fe8c166b8f Remove IO.inspects 2023-08-04 12:01:52 +01:00
Mark Felder
7e45343f81 Resolve information disclosure vulnerability through emoji pack archive download endpoint 2023-08-04 11:34:19 +01:00
FloatingGhost
98cb255d12 Support elixir1.15
OTP builds to 1.15

Changelog entry

Ensure policies are fully loaded

Fix :warn

use main branch for linkify

Fix warn in tests

Migrations for phoenix 1.17

Revert "Migrations for phoenix 1.17"

This reverts commit 6a3b2f15b7.

Oban upgrade

Add default empty whitelist

mix format

limit test to amd64

OTP 26 tests for 1.15

use OTP_VERSION tag

baka

just 1.15

Massive deps update

Update locale, deps

Mix format

shell????

multiline???

?

max cases 1

use assert_recieve

don't put_env in async tests

don't async conn/fs tests

mix format

FIx some uploader issues

Fix tests
2023-08-03 17:44:09 +01:00
FloatingGhost
babb4b9a8f Merge branch 'metadata_webfinger' into develop 2023-08-02 12:05:43 +01:00