Age | Commit message (Collapse) | Author |
|
This reverts commit bb96a7463758687f8187ae4483becd346c2482b3.
|
|
This reverts commit 0f938ff29c2e9bf92e3eb9c23be8d4ba3a1b97f7.
|
|
of order (#9687)
* Ensure blocked user unfollows blocker if Block/Undo Block are processed out of order
* Add specs for Block causing unfollow and for out-of-order Block + Undo
|
|
|
|
* Do not LDS-sign Follow, Accept, Reject, Undo, Block
* Do not use LDS for Create activities of private toots
* Minor cleanup
* Ignore unsigned activities instead of misattributing them
* Use status.distributable? instead of querying visibility directly
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Fixes #9115
|
|
(#9114)
* Fix missing `mention` argument when processing incoming Create activities
* Fix typo (param → params)
|
|
Fix #9091
|
|
|
|
* Add silent column to mentions
* Save silent mentions in ActivityPub Create handler and optimize it
Move networking calls out of the database transaction
* Add "limited" visibility level masked as "private" in the API
Unlike DMs, limited statuses are pushed into home feeds. The access
control rules between direct and limited statuses is almost the same,
except for counter and conversation logic
* Ensure silent column is non-null, add spec
* Ensure filters don't check silent mentions for blocks/mutes
As those are "this person is also allowed to see" rather than "this
person is involved", therefore does not warrant filtering
* Clean up code
* Use Status#active_mentions to limit returned mentions
* Fix code style issues
* Use Status#active_mentions in Notification
And remove stream_entry eager-loading from Notification
|
|
Regression from #8951
|
|
Mention and emoji code may perform network calls, but does not need
to do that inside the database transaction. This may improve availability
of database connections when using pgBouncer in transaction mode.
|
|
|
|
|
|
* Verify link ownership with rel="me"
* Add explanation about verification to UI
* Perform link verifications
* Add click-to-copy widget for verification HTML
* Redesign edit profile page
* Redesign forms
* Improve responsive design of settings pages
* Restore landing page sign-up form
* Fix typo
* Support <link> tags, add spec
* Fix links not being verified on first discovery and passive updates
|
|
* If an Update is signed with known key, skip re-following procedure
Because it means the remote actor did *not* lose their database
* Add CLI method for rotating keys
bin/tootctl accounts rotate [USERNAME]
Generates a new RSA key per account and sends out an Update activity
signed with the old key.
* Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts
* Skip suspended accounts in key rotation
|
|
In the same way as contentMap and nameMap.
|
|
#8376) (#8377)
|
|
* Add Follow#revoke_request!
* Implement Undo { Accept { Follow } } (fixes #8234)
|
|
#8218) (#8244)
|
|
|
|
* Do not accept ActivityPub follow requests from blocked user
Fix #7745
* Deliver auto-rejection immediately when follow-requested by blocked account
* Fix trailing whitespace
|
|
|
|
|
|
|
|
Fix #7518
|
|
An explicit error allows user agents to know the error and Sidekiq to
retry.
|
|
When an ActivityPub Announce is processed and the boosted toot is not known,
fetch it on behalf of one of the booster's followers. This is to allow
fetching self-boosts of previously-unknown private toots.
If fetching on behalf of a user fails, try fetching it anonymously: the
selected follower of a boosting user may be banned by the boosted toot's
author.
|
|
Same URI passed between follow request and follow, since they are
the same thing in ActivityPub. Local URIs are generated during
creation using UUIDs and are passed to serializers.
|
|
* Revert "Fixes/do not override timestamps (#7331)"
This reverts commit 581a5c9d29ef2a12f46b67a1097a9ad6df1c6953.
* Document Snowflake ID corner-case a bit more
Snowflake IDs are used for two purposes: making object identifiers harder to
guess and ensuring they are in chronological order. For this reason, they
are based on the `created_at` attribute of the object.
Unfortunately, inserting items with older snowflakes IDs will break the
assumption of consumers of the paging APIs that new items will always have
a greater identifier than the last seen one.
* Add `override_timestamps` virtual attribute to not correlate snowflake ID with created_at
|
|
* Do not override timestamps for incoming toots
* Remove every reference to override_timestamps
Statuses are now created with the announced publishing date
and are only pushed to timelines if that date is at most
6 hours earlier than the time at which it is processed.
|
|
|
|
* Add equals_or_includes_any? helper in JsonLdHelper
* Support arrays in JSON-LD type fields for actors/tags/objects.
* Spec for resolving accounts with extension types
* Style tweaks for codeclimate
|
|
* Forward deletes on the same path as reply forwarding
* Remove trailing whitespace
|
|
* Support fetching objects of convertible types by URL (fixes #6924)
* Ignore invalid hashtags
|
|
That way, they are displayed in a list below the corresponding toot.
|
|
Fix #6821
|
|
* fix validation error (media only status)
* Incorporating review suggestions
* Reflect similar fix to OStatus side
* Fix not to include media in transaction
* Restore the limit of the number of media
* Fix not to return nil
|
|
|
|
* Federate pinned statuses over ActivityPub
* Display pinned toots in web UI
Fix #6117
* Fix migration
* Fix tests
* Update outbox_serializer.rb
* Update remove_serializer.rb
* Update add_serializer.rb
* Update fetch_featured_collection_service.rb
|
|
|
|
* Fix #2176: Federated reports
* UI for federated reports
* Add spec for ActivityPub Flag handler
* Add spec for ReportService
|
|
* Add focus param to media API, center thumbnails on focus point
* Add UI for setting a focal point
* Improve focal point icon on upload item
* Use focal point in upload preview
* Add focalPoint property to ActivityPub
* Don't show focal point button for non-image attachments
|
|
|