| Age | Commit message (Collapse) | Author |
|---|
|
|
|
* Add a limit to how many posts can get fetched as a result of a single request
* Add tests
* Always pass `request_id` when processing `Announce` activities
---------
Co-authored-by: nametoolong <nametoolong@users.noreply.github.com>
|
|
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService
ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account
* Refactor SignatureVerification to allow non-Account actors
* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService
* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors
* Refactor inbound ActivityPub payload processing to accept non-Account actors
* Refactor inbound ActivityPub processing to accept activities relayed through non-Account
* Refactor how Account key URIs are built
* Refactor Request and drop unused key_id_format parameter
* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
|
|
* Refactor how Redis locks are created
* Fix autorelease duration on account deletion lock
|
|
* Fix single Redis connection being used across all Sidekiq threads
* Fix tests
|
|
|
|
* Add support for editing for published statuses
* Fix references to stripped-out code
* Various fixes and improvements
* Further fixes and improvements
* Fix updates being potentially sent to unauthorized recipients
* Various fixes and improvements
* Fix wrong words in test
* Fix notifying accounts that were tagged but were not in the audience
* Fix mistake
|
|
* Add trending links
* Add overriding specific links trendability
* Add link type to preview cards and only trend articles
Change trends review notifications from being sent every 5 minutes to being sent every 2 hours
Change threshold from 5 unique accounts to 15 unique accounts
* Fix tests
|
|
* Fix Delete and Create-related locks expiring too fast
Fixes #16238
By default, RedisLock expires after 10 seconds, which may not be enough to
process statuses, especially when those have attached media files.
This commit extends those 10 seconds to 15 minutes, which should be plenty
enough to handle any status, while being short enough to not waste many
sidekiq job retries in the exceedingly rare case in which a sidekiq process
would crash when processing a `Create` or `Delete`.
* Fix other RedisLock autorelease durations
Fixes #15645
- things that only perform a few simple database queries (e.g. finding and
saving a record) have been left unchanged, so they'll still use the default
10s duration
- things that perform significantly more complex database queries have been
changed to a 5 minutes timeout
- things that perform multiple HTTP queries have been changed to a 15 minutes
timeout
|
|
* Add tests
* Ensure deleted statuses are marked as such
* Save some redis memory by not storing URIs in delete_upon_arrival values
* Avoid possible race condition when processing incoming Deletes
* Avoid potential duplicate Delete forwards
* Lower lock durations to reduce issues in case of hard crash of the Rails process
* Check for `lock.aquired?` and improve comment
* Refactor RedisLock usage in app/lib/activitypub
* Fix using incorrect or non-existent sender for relaying Deletes
|
|
|
|
* Add bell button
Fix #4890
* Remove duplicate type from post-deployment migration
* Fix legacy class type mappings
* Improve query performance with better index
* Fix validation
* Remove redundant index from notifications
|
|
|
|
Follow-up to #14359
In the case of limited toots, the receiver may not be explicitly part of the
audience. If a specific user's inbox URI was specified, it makes sense to
dereference the toot from the corresponding user, instead of trying to find
someone in the explicit audience.
|
|
* Add support for inlined objects in activity audience
* Add tests
|
|
* Dereference object URIs in Create and Update messages
Fixes #14353
Signed-off-by: Thibaut Girka <thib@sitedethib.com>
* Refactor, and perform origin check *before* attempting to fetch object
Co-authored-by: Fire Demon <firedemon@creature.cafe>
|
|
* Fix the local group's followers collection
* Fix to accept followed relayed_through_account
* Add local delivery to the group's followers
* Fix code style
* Revert "Add local delivery to the group's followers"
This reverts commit 3237effc199772e4c4d30f19082cbc5633f56196.
|
|
|
|
This change is to suppress the warning below on on ruby-2.7.0:
- warning: Using the last argument as keyword parameters is deprecated; maybe ** should be added to the call
https://www.ruby-lang.org/en/news/2019/12/12/separation-of-positional-and-keyword-arguments-in-ruby-3-0/
|
|
This adds support for Event AP type in Mastodon. Events are converted
into toots by taking their title (AS name) and their URL (AP ID). Event
picture is also brought in if available.
Testable by fetching event content from https://test.mobilizon.org
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
|
|
* Show badge on group actor in WebUI
* Do not notify in case of by following group actor
* If you mention group actor, also mention group actor followers
* Relax characters that can be used in username (same as Application)
* Revert "Relax characters that can be used in username (same as Application)"
This reverts commit 7e10a137b878d0db1b5252c52106faef5e09ca4b.
* Delete display_name method
|
|
For some reason, I have seen this only triggered here:
https://circleci.com/gh/tootsuite/mastodon/98324?utm_campaign=vcs-integration-link&utm_medium=referral&utm_source=github-checks-link
But Follow.find_by referenced the ActivityPub::Activity::Follow class
instead of the model class.
|
|
Some ActivityPub servers refuse to embed remote objects into their own
output. This is because they are not the authoritative source for these
objects, and as such embedding them is always a waste of space. The
follow request and follow models contain a URI, so this can be used to
match them.
|
|
Fixes #11127
|
|
* Do not misattribute inlined boosts if `attributedTo` isn't present
Fixes #10950
* Fix tests
|
|
* Add polls
Fix #1629
* Add tests
* Fixes
* Change API for creating polls
* Use name instead of content for votes
* Remove poll validation for remote polls
* Add polls to public pages
* When updating the poll, update options just in case they were changed
* Fix public pages showing both poll and other media
|
|
Regression from #9998
|
|
|
|
* Filter incoming Announce activities by relation to local activity
Reject if announcer is not followed by local accounts, and is not
from an enabled relay, and the object is not a local status
Follow-up to #10005
* Fix tests
|
|
* When self-boosting, embed original toot into Announce serialization
* Process unknown self-boosts from Announce object if it is more than an URI
* Add some self-boost specs
* Only serialize private toots in self-Announces
|
|
* Create Redisable
* Use #redis instead of Redis.current
|
|
|
|
|
|
* Add silent column to mentions
* Save silent mentions in ActivityPub Create handler and optimize it
Move networking calls out of the database transaction
* Add "limited" visibility level masked as "private" in the API
Unlike DMs, limited statuses are pushed into home feeds. The access
control rules between direct and limited statuses is almost the same,
except for counter and conversation logic
* Ensure silent column is non-null, add spec
* Ensure filters don't check silent mentions for blocks/mutes
As those are "this person is also allowed to see" rather than "this
person is involved", therefore does not warrant filtering
* Clean up code
* Use Status#active_mentions to limit returned mentions
* Fix code style issues
* Use Status#active_mentions in Notification
And remove stream_entry eager-loading from Notification
|
|
* Spread out crawling randomly to avoid DDoSing the link
Fix #4486
* Remove trailing whitespace
|
|
Fix #7518
|
|
* Revert "Fixes/do not override timestamps (#7331)"
This reverts commit 581a5c9d29ef2a12f46b67a1097a9ad6df1c6953.
* Document Snowflake ID corner-case a bit more
Snowflake IDs are used for two purposes: making object identifiers harder to
guess and ensuring they are in chronological order. For this reason, they
are based on the `created_at` attribute of the object.
Unfortunately, inserting items with older snowflakes IDs will break the
assumption of consumers of the paging APIs that new items will always have
a greater identifier than the last seen one.
* Add `override_timestamps` virtual attribute to not correlate snowflake ID with created_at
|
|
* Do not override timestamps for incoming toots
* Remove every reference to override_timestamps
Statuses are now created with the announced publishing date
and are only pushed to timelines if that date is at most
6 hours earlier than the time at which it is processed.
|
|
* Federate pinned statuses over ActivityPub
* Display pinned toots in web UI
Fix #6117
* Fix migration
* Fix tests
* Update outbox_serializer.rb
* Update remove_serializer.rb
* Update add_serializer.rb
* Update fetch_featured_collection_service.rb
|
|
* Fix #2176: Federated reports
* UI for federated reports
* Add spec for ActivityPub Flag handler
* Add spec for ReportService
|
|
Time window of 6 hours
|
|
This may lead to out-of-order notifications, but this is better than not having
notifications at all.
|
|
|
|
|
|
- Rename Mastodon::TimestampIds into Mastodon::Snowflake for clarity
- Skip for statuses coming from inbox, aka delivered in real-time
- Skip for statuses that claim to be from the future
|
|
|
|
- Tries to avoid performing HTTP request if the keyId is an actor URI
- Likewise if the URI is a fragment URI on top of actor URI
- Resolves public key, returns owner if the owner links back to the key
|
|
* Deliver ActivityPub Like
* Deliver ActivityPub Undo-Like
* Deliver ActivityPub Create/Announce activities
* Deliver ActivityPub creates from mentions
* Deliver ActivityPub Block/Undo-Block
* Deliver ActivityPub Accept/Reject-Follow
* Deliver ActivityPub Undo-Follow
* Deliver ActivityPub Follow
* Deliver ActivityPub Delete activities
Incidentally fix #889
* Adjust BatchedRemoveStatusService for ActivityPub
* Add tests for ActivityPub workers
* Add tests for FollowService
* Add tests for FavouriteService, UnfollowService and PostStatusService
* Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService
* Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService
* Add tests for BatchedRemoveStatusService
* Deliver updates to a local account to ActivityPub followers
* Minor adjustments
|
|
* Handle ActivityPub follows correctly
ActivityPub follows are follow-requests. Always require an Accept.
If account is not locked, auto-accept.
* Handle ActivityPub Accept/Reject-Follow
* Fix wrong method
* Fix wrong class
|
|
* Add ActivityPub inbox
* Handle ActivityPub deletes
* Handle ActivityPub creates
* Handle ActivityPub announces
* Stubs for handling all activities that need to be handled
* Add ActivityPub actor resolving
* Handle conversation URI passing in ActivityPub
* Handle content language in ActivityPub
* Send accept header when fetching actor, handle JSON parse errors
* Test for ActivityPub::FetchRemoteAccountService
* Handle public key and icon/image when embedded/as array/as resolvable URI
* Implement ActivityPub::FetchRemoteStatusService
* Add stubs for more interactions
* Undo activities implemented
* Handle out of order activities
* Hook up ActivityPub to ResolveRemoteAccountService, handle
Update Account activities
* Add fragment IDs to all transient activity serializers
* Add tests and fixes
* Add stubs for missing tests
* Add more tests
* Add more tests
|
