about summary refs log tree commit diff
AgeCommit message (Collapse)Author
2019-07-13Add a spam check (#11217)Eugen Rochko
* Add a spam check * Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance * Add more tests * Add exemption when the message is a reply to something that mentions the sender * Use Nilsimsa Compare Value instead of Levenshtein distance * Use MD5 for messages shorter than 10 characters * Add message to automated report, do not add non-public statuses to automated report, add trust level to accounts and make unsilencing raise the trust level to prevent repeated spam checks on that account * Expire spam check data after 3 months * Add support for local statuses, reduce expiration to 1 week, always create a report * Add content warnings to the spam check and exempt empty statuses * Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check * Add all matched statuses into automatic report
2019-07-12Change the retry limit in error of web push notification (#11292)han@highemelry
- Change the maximum count of retry for web push notification (Default -> 5). - In case of high load of subscribe server, the retries will be repeated many times. - Because the retries occupy the default queue, maximum retry count should be reduced.
2019-07-11Add ActivityPub secure mode (#11269)Eugen Rochko
* Add HTTP signature requirement for served ActivityPub resources * Change `SECURE_MODE` to `AUTHORIZED_FETCH` * Add 'Signature' to 'Vary' header and improve code style * Improve code style by adding `public_fetch_mode?` method
2019-07-11Fix BlockService trying to reject incorrect follow request (#11288)ThibG
Fixes #11148
2019-07-11Add HTTP signatures to all outgoing ActivityPub GET requests (#11284)Eugen Rochko
2019-07-11[Security] Bump lodash from 4.17.11 to 4.17.13 (#11287)dependabot-preview[bot]
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.11 to 4.17.13. **This update includes security fixes.** - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.11...4.17.13) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-10Fix report dialog crashing when a toot gets deletedThibaut Girka
Fixes #1155
2019-07-10Refactor fetching of remote resources (#11251)Eugen Rochko
2019-07-10Drop magic-public-key from webfinger replies as it's only used for OStatus ↵ThibG
(#11280)
2019-07-10Fix handling of webfinger redirects in ResolveAccountService (#11279)ThibG
2019-07-10Fix old migration script depending on the StreamEntry model (#11278)ThibG
2019-07-10Fix activity being rendered within activity due to caching (#11271)Eugen Rochko
Fix #11270
2019-07-09Refactor domain block checks (#11268)Eugen Rochko
2019-07-08Fix Status.remote scope matching *all* statuses (#11265)ThibG
2019-07-08Remove unused remote unfollow controller (#11250)Eugen Rochko
2019-07-08Refactor controllers for statuses, accounts, and more (#11249)Eugen Rochko
2019-07-08Bump faker from 1.9.3 to 1.9.6 (#11259)dependabot-preview[bot]
Bumps [faker](https://github.com/stympy/faker) from 1.9.3 to 1.9.6. - [Release notes](https://github.com/stympy/faker/releases) - [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md) - [Commits](https://github.com/stympy/faker/compare/v1.9.3...1.9.6) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08Bump simplecov from 0.16.1 to 0.17.0 (#11260)dependabot-preview[bot]
Bumps [simplecov](https://github.com/colszowka/simplecov) from 0.16.1 to 0.17.0. - [Release notes](https://github.com/colszowka/simplecov/releases) - [Changelog](https://github.com/colszowka/simplecov/blob/master/CHANGELOG.md) - [Commits](https://github.com/colszowka/simplecov/compare/v0.16.1...v0.17.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08Bump aws-sdk-s3 from 1.43.0 to 1.45.0 (#11262)dependabot-preview[bot]
Bumps [aws-sdk-s3](https://github.com/aws/aws-sdk-ruby) from 1.43.0 to 1.45.0. - [Release notes](https://github.com/aws/aws-sdk-ruby/releases) - [Changelog](https://github.com/aws/aws-sdk-ruby/blob/master/gems/aws-sdk-s3/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-ruby/compare/v1.43.0...v1.45.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08Bump tzinfo-data from 1.2019.1 to 1.2019.2 (#11258)dependabot-preview[bot]
Bumps [tzinfo-data](https://github.com/tzinfo/tzinfo-data) from 1.2019.1 to 1.2019.2. - [Release notes](https://github.com/tzinfo/tzinfo-data/releases) - [Commits](https://github.com/tzinfo/tzinfo-data/compare/v1.2019.1...v1.2019.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08Bump eslint-plugin-react from 7.12.1 to 7.14.2 (#11253)dependabot-preview[bot]
Bumps [eslint-plugin-react](https://github.com/yannickcr/eslint-plugin-react) from 7.12.1 to 7.14.2. - [Release notes](https://github.com/yannickcr/eslint-plugin-react/releases) - [Changelog](https://github.com/yannickcr/eslint-plugin-react/blob/master/CHANGELOG.md) - [Commits](https://github.com/yannickcr/eslint-plugin-react/compare/v7.12.1...v7.14.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08Bump @babel/plugin-proposal-class-properties from 7.4.4 to 7.5.0 (#11254)dependabot-preview[bot]
Bumps [@babel/plugin-proposal-class-properties](https://github.com/babel/babel) from 7.4.4 to 7.5.0. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/master/CHANGELOG.md) - [Commits](https://github.com/babel/babel/compare/v7.4.4...v7.5.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08Bump compression-webpack-plugin from 2.0.0 to 3.0.0 (#11224)dependabot-preview[bot]
Bumps [compression-webpack-plugin](https://github.com/webpack-contrib/compression-webpack-plugin) from 2.0.0 to 3.0.0. - [Release notes](https://github.com/webpack-contrib/compression-webpack-plugin/releases) - [Changelog](https://github.com/webpack-contrib/compression-webpack-plugin/blob/master/CHANGELOG.md) - [Commits](https://github.com/webpack-contrib/compression-webpack-plugin/compare/v2.0.0...v3.0.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08Bump intl-relativeformat from 2.2.0 to 6.4.2 (#11255)dependabot-preview[bot]
Bumps [intl-relativeformat](https://github.com/formatjs/formatjs) from 2.2.0 to 6.4.2. - [Release notes](https://github.com/formatjs/formatjs/releases) - [Commits](https://github.com/formatjs/formatjs/compare/intl-relativeformat@2.2.0...intl-relativeformat@6.4.2) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08Bump react-redux from 6.0.1 to 7.1.0 (#11256)dependabot-preview[bot]
Bumps [react-redux](https://github.com/reduxjs/react-redux) from 6.0.1 to 7.1.0. - [Release notes](https://github.com/reduxjs/react-redux/releases) - [Changelog](https://github.com/reduxjs/react-redux/blob/master/CHANGELOG.md) - [Commits](https://github.com/reduxjs/react-redux/compare/v6.0.1...v7.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2019-07-08Fix BackupService crashing when an attachment is missing (#11241)ThibG
* Fix BackupService crashing when an attachment is missing For various reasons such as admin error or out-of-sync media and database backups, it might be possible for local attachments to be lost. This commit allows the BackupService to continue its work even if some media file is missing. * Change error message
2019-07-07Merge branch 'glitch' into productionReverite
2019-07-07Merge pull request #1152 from ThibG/glitch-soc/merge-upstreamThibG
Merge upstream changes
2019-07-07Update fuubar dependency to 2.4.1 (#11248)Georg Gadinger
See also: thekompanee/fuubar#111
2019-07-07Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ↵Eugen Rochko
(#11247)
2019-07-07Re-add route for direct timelineThibaut Girka
2019-07-07[Glitch] Only scroll to the compose form if it's not horizontally in the ↵ThibG
viewport Port c07cca4727041ea5a5721acbc603d4bfb45a15a6 to glitch-soc
2019-07-07Fix support for HTTP proxies (#11245)ThibG
* Disable incorrect check for hidden services in Socket Hidden services can only be accessed with an HTTP proxy, in which case the host seen by the Socket class will be the proxy, not the target host. Hidden services are already filtered in `Request#initialize`. * Use our Socket class to connect to HTTP proxies Avoid the timeout logic being bypassed * Add support for IP addresses in Request::Socket * Refactor a bit, no need to keep the DNS resolver around
2019-07-07Merge commit 'c07cca4727041ea5a5721acbc603d4bfb45a15a6' into ↵Thibaut Girka
glitch-soc/merge-upstream Unlike upstream, kept the direct timeline endpoint, as it is still of use in glitch-soc.
2019-07-07Fix URLs appearing twice in errors of ActivityPub::DeliveryWorker (#11231)Eugen Rochko
2019-07-07Fix support for HTTP proxies (#11245)ThibG
* Disable incorrect check for hidden services in Socket Hidden services can only be accessed with an HTTP proxy, in which case the host seen by the Socket class will be the proxy, not the target host. Hidden services are already filtered in `Request#initialize`. * Use our Socket class to connect to HTTP proxies Avoid the timeout logic being bypassed * Add support for IP addresses in Request::Socket * Refactor a bit, no need to keep the DNS resolver around
2019-07-06Remove Salmon and PubSubHubbub (#11205)Eugen Rochko
* Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
2019-07-06Only scroll to the compose form if it's not horizontally in the viewport ↵ThibG
(#11246) Avoids jumping the scroll around vertically when giving it focus and editing long toots.
2019-07-06Fix option to send e-mail notification about account action always being ↵Eugen Rochko
true (#11242)
2019-07-05Fix HTTP requests to IPv6 hosts (#11240)ThibG
2019-07-05Allow serializing local-only toots in backup serviceThibaut Girka
Fixes #1153
2019-07-05Remove deprecated REST API `GET /api/v1/statuses/:id/card` (#11213)Eugen Rochko
2019-07-05Remove deprecated REST API `POST /api/v1/notifications/dismiss?id=:id` (#11214)Eugen Rochko
2019-07-05Remove deprecated REST API `GET /api/v1/timelines/direct` (#11212)Eugen Rochko
2019-07-04[Glitch] Memoize ancestorIds and descendantIds in detailed status viewThibG
Port 99924f282f53593e670c70a38450a1c0e2d24c20 to glitch-soc
2019-07-04[Glitch] When deleting & redrafting a poll, fill in closest expires_inThibG
Port dc88d226e1fdb20499d6e81838b81894b2d0be2d to glitch-soc
2019-07-04Merge branch 'master' into glitch-soc/merge-upstreamThibaut Girka
2019-07-02Merge branch 'glitch' into productionReverite
2019-07-02Memoize ancestorIds and descendantIds in detailed status view (#11234)ThibG
2019-07-02Remove unused StatsD code and expose StatsD as a global variable (#11232)Eugen Rochko
The instrumentation code was used for StatsD metrics collection prior to the switch to the nsa gem and should have been removed at that point as it no longer does anything at all