| Age | Commit message (Collapse) | Author |
|---|
|
SerializarbleResource#as_json serializes to Symbol keyed Hash, but current
implementation of LinkedDataSignature expects String keyed Hash.
So it generates broken payload.
|
|
|
|
|
|
|
|
* Add handling of Linked Data Signatures in payloads
* Add a way to sign JSON, fix canonicalization of signature options
* Fix signatureValue encoding, send out signed JSON when distributing
* Add missing security context
|
|
* Process Create / Announce activity in FetchRemoteStatusService
* Use activity URL in ActivityPub for reblogs
* Redirect to the original status on StatusesController#show
|
|
* Fallback to OStatus in FetchAtomService
* Skip activity+json link if that activity is Person without inbox
* If unsupported activity was detected and all other URLs failed, retry with ActivityPub-less Accept header
* Allow mention to OStatus account in ActivityPub
* Don't update profile with inbox-less Person object
|
|
- Tries to avoid performing HTTP request if the keyId is an actor URI
- Likewise if the URI is a fragment URI on top of actor URI
- Resolves public key, returns owner if the owner links back to the key
|
|
* Handle duplicate ActivityPub activities
Only perform side-effects when record processed for the first time
* Fast-forward repeat follow requests
|
|
*Note: OStatus URIs are invalid for ActivityPub. But we have them for
as long as we want to keep old OStatus-sourced content and as long as
we remain OStatus-compatible.*
- In Announce handling, if object URI is not a URL, fallback to object URL
- Do not use specialized ThreadResolveWorker, rely on generalized handling
- When serializing notes, if parent's URI is not a URL, use parent's URL
|
|
|
|
|
|
|
|
|
|
(#4593)
|
|
|
|
|
|
* Deliver ActivityPub Like
* Deliver ActivityPub Undo-Like
* Deliver ActivityPub Create/Announce activities
* Deliver ActivityPub creates from mentions
* Deliver ActivityPub Block/Undo-Block
* Deliver ActivityPub Accept/Reject-Follow
* Deliver ActivityPub Undo-Follow
* Deliver ActivityPub Follow
* Deliver ActivityPub Delete activities
Incidentally fix #889
* Adjust BatchedRemoveStatusService for ActivityPub
* Add tests for ActivityPub workers
* Add tests for FollowService
* Add tests for FavouriteService, UnfollowService and PostStatusService
* Add tests for ReblogService, BlockService, UnblockService, ProcessMentionsService
* Add tests for AuthorizeFollowService, RejectFollowService, RemoveStatusService
* Add tests for BatchedRemoveStatusService
* Deliver updates to a local account to ActivityPub followers
* Minor adjustments
|
|
|
|
* Handle ActivityPub follows correctly
ActivityPub follows are follow-requests. Always require an Accept.
If account is not locked, auto-accept.
* Handle ActivityPub Accept/Reject-Follow
* Fix wrong method
* Fix wrong class
|
|
|
|
* Add ActivityPub inbox
* Handle ActivityPub deletes
* Handle ActivityPub creates
* Handle ActivityPub announces
* Stubs for handling all activities that need to be handled
* Add ActivityPub actor resolving
* Handle conversation URI passing in ActivityPub
* Handle content language in ActivityPub
* Send accept header when fetching actor, handle JSON parse errors
* Test for ActivityPub::FetchRemoteAccountService
* Handle public key and icon/image when embedded/as array/as resolvable URI
* Implement ActivityPub::FetchRemoteStatusService
* Add stubs for more interactions
* Undo activities implemented
* Handle out of order activities
* Hook up ActivityPub to ResolveRemoteAccountService, handle
Update Account activities
* Add fragment IDs to all transient activity serializers
* Add tests and fixes
* Add stubs for missing tests
* Add more tests
* Add more tests
|
|
Fixes #4496
|
|
|
|
URI.extract is too strong, not limited to URLs, matched real text.
Same issue was present in language detector.
|
|
* Fix multipoint shortcode bug
* Added testcase for composite emoji shortcode
|
|
* Add destination informations to exception on SubscribeWorker and DeliveryWorker.
* Simplify delivery error message.
* Prevent changing Exception type...
* fix typo.
|
|
* Use the same emoji data on the frontend and backend
* Move emoji.json to repository, add tests
This way you don't need to install node dependencies if you only
want to run Ruby code
|
|
* Do not raise unretryable exceptions in ResolveRemoteAccountService
* Removed fatal exceptions from ResolveRemoteAccountService
Exceptions that cannot be retried should not be raised. New exception
class for those that can be retried (Mastodon::UnexpectedResponseError)
|
|
|
|
* Add unfollow modal
* unfollowing someone
* remove unnecessary prop
|
|
* Wrap methods of ProcessFeedService::ProcessEntry in classes
This is a change same with 425acecfdb15093a265b191120fb2d4e4c4135c4, except
that it has the following changes:
* Revert irrelevant change in find_or_create_conversation
* Fix error handling for RemoteActivity
* Introduce Ostatus name space
|
|
* Add dependency on idn-ruby to speed up URI normalization
* Use normalized_host instead of normalize.host when applicable
When we are only interested in the normalized host, calling normalized_host
avoids normalizing the other components of the URI as well as creating a
new object
|
|
* Improve webfinger templates and make tests more flexible
* Clean up AS2 representation of actor
* Refactor outbox
* Create activities representation
* Add representations of followers/following collections, do not redirect /users/:username route if format is empty
* Remove unused translations
* ActivityPub endpoint for single statuses, add ActivityPub::TagManager for better
URL/URI generation
* Add ActivityPub::TagManager#to
* Represent all attachments as Document instead of Image/Video specifically
(Because for remote ones we may not know for sure)
Add mentions and hashtags representation to AP notes
* Add AP-resolvable hashtag URIs
* Use ActiveModelSerializers for ActivityPub
* Clean up unused translations
* Separate route for object and activity
* Adjust cc/to matrices
* Add to/cc to activities, ensure announce activity embeds target status and
not the wrapper status, add "id" to all collections
|
|
Resolves #4177 - smaller changeset
|
|
* Add Request class with HTTP signature generator
Spec: https://tools.ietf.org/html/draft-cavage-http-signatures-06
* Add HTTP signature verification concern
* Add test for SignatureVerification concern
* Add basic test for Request class
* Make PuSH subscribe/unsubscribe requests use new Request class
Accidentally fix lease_seconds not being set and sent properly, and
change the new minimum subscription duration to 1 day
* Make all PuSH workers use new Request class
* Make Salmon sender use new Request class
* Make FetchLinkService use new Request class
* Make FetchAtomService use the new Request class
* Make Remotable use the new Request class
* Make ResolveRemoteAccountService use the new Request class
* Add more tests
* Allow +-30 seconds window for signed request to remain valid
* Disable time window validation for signed requests, restore 7 days
as PuSH subscription duration (which was previous default due to a bug)
|
|
|
|
|
|
of Rabl (#4090)
|
|
* add a system_font_ui setting on the server
* Plug the system_font_ui on the front-end
* add EN/FR locales for the new setting
* put Roboto after all other fonts
* remove trailing whitespace so CodeClimate is happy
* fix user_spec.rb
* correctly write user_spect this time
* slightly better way of adding the classes
* add comments to the system-font stack for clarification
* use .system-font for the class instead
* don't use multiple lines for comments
* remove trailing whitespace
* use the classnames module for consistency
* use `mastodon-font-sans-serif` instead of Roboto directly
|
|
|
|
* Whitelist allowed classes for federated statuses
Allowed classes are currently:
- Any microformats class (h/p/u/dt/e-*)
- the classes mention, hashtag, ellipses and invisible.
this last one is somewhat suspect, but Mastodon currently uses it to render hidden link text.
resolved #3790
* Fix code style
|
|
ancestors/descendants even if the viewer is anonymous (#3752)
|
|
* Default to nil for statuses.language
* Language detection defaults to nil instead of instance UI default
|
|
https://github.com/codeclimate/codeclimate-rubocop/blob/08f8de84ebfb39caa96391e23816877278f6441c/Gemfile.lock#L38
Code Climate is using RuboCop v0.46.0.
Change several rules to maintain compatibility.
|
|
This preserves `<a ... class="u-url mention">` from other Mastodon instances.
|
|
* Add a StatusFilter class to identify visibility of statuses by accounts
* Extract StatusThreadingConcern from Status
* Clarify purpose of checking for nil account
|
|
* Do not fall back to StreamEntry if object_type is unavailable in TagManager
Since 6d6a429af8fe4bd92ed497f401676353fdc603e0, when Status, the only model
with stream_entry, and StreamEntry got its own logic in uri_for and
url_for, the purpose of the fallbacks to activity_type of StreamEntry
became unclear.
This commit removes the fallbacks. When adding another model with
stream_entry in future, consider to update uri_for and url_for.
* Cover TagManager more
|
|
* Do not default the format in ProviderDiscovery
The format should be determined when discovering, as it is in the current
implementation, and it is a flaw if it is not determined.
* Spec ProviderDiscovery
|
|
* Remove some arguments of Formatter.instance.format
* Improve spec for Formatter
|
