about summary refs log tree commit diff
path: root/app/lib
AgeCommit message (Collapse)Author
2018-09-18Redesign forms, verify link ownership with rel="me" (#8703)Eugen Rochko
* Verify link ownership with rel="me" * Add explanation about verification to UI * Perform link verifications * Add click-to-copy widget for verification HTML * Redesign edit profile page * Redesign forms * Improve responsive design of settings pages * Restore landing page sign-up form * Fix typo * Support <link> tags, add spec * Fix links not being verified on first discovery and passive updates
2018-08-31Fix autoplay issue with spoiler tag (#8540)Renato "Lond" Cerqueira
Add tests to avoid similar issues in the future
2018-08-31Do not sign useless User-Agent or Accept-Encoding headers (#8533)Eugen Rochko
Fix #8080
2018-08-30Add animate custom emoji param to embed pages (#8507)Renato "Lond" Cerqueira
* Add animate custom emoji param to embed pages * Rename param, use it for avatars and gifs * Fix issues pointed by codeclimate and breaking test * Ignore brakeman warning
2018-08-26Add CLI task for rotating keys (#8466)Eugen Rochko
* If an Update is signed with known key, skip re-following procedure Because it means the remote actor did *not* lose their database * Add CLI method for rotating keys bin/tootctl accounts rotate [USERNAME] Generates a new RSA key per account and sends out an Update activity signed with the old key. * Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts * Skip suspended accounts in key rotation
2018-08-26Fix low-hanging rubocop gripes (#8458)Quint Guvernator
* rubocop: quit being so picky * rubocop: miscellany * rubocop: prefer present to blank
2018-08-26Spread out crawling randomly to avoid DDoSing the link (#8445)Eugen Rochko
* Spread out crawling randomly to avoid DDoSing the link Fix #4486 * Remove trailing whitespace
2018-08-25Support ActivityStreams’ summaryMap. (#8422)M Somerville
In the same way as contentMap and nameMap.
2018-08-23Add ability to change an instance default theme from the administration ↵Jakub Mendyk
panel (#7092) (#8381) * Add default_settings class method to ScopedSettings ScopedSettings was extended to use value of unscoped setting instead of only using defaults set in config/settings.yml for selected settings. This adds possibility for admins to set default values of users' settings, for example default theme (as requested in #7092). * Add ability to change an instance default theme Closes #7092
2018-08-23Do not crash if remote custom emoji does not define updated date (fixes ↵ThibG
#8376) (#8377)
2018-08-22Improve federated ID validation (#8372)Eugen Rochko
* Fix URI not being sufficiently validated with prefetched JSON * Add additional id validation to OStatus documents, when possible
2018-08-17Implement Undo { Accept { Follow } } (fixes #8234) (#8245)ThibG
* Add Follow#revoke_request! * Implement Undo { Accept { Follow } } (fixes #8234)
2018-08-17Use correct activity id in Accept when receiving duplicate Follow (fixes ↵ThibG
#8218) (#8244)
2018-08-12Expect relays to answer with accept/reject (#8179)Eugen Rochko
2018-08-05Serialize text-less statuses as '.' over OStatus (fixes #7856) (#8126)ThibG
2018-07-30Fix incorrect context definition for the "featured" keyword (#8090)Eugen Rochko
* Fix incorrect context definition for the "featured" keyword Fix #8077 * Adjust context definition for movedTo
2018-07-16Fix activity:interactions counter to count all interactions (#8037)Eugen Rochko
2018-07-16Whitelist dat/ipfs/gopher links in sanitizer (#8034)Eugen Rochko
Fix #7994
2018-07-16Add admin dashboard (#8029)Eugen Rochko
2018-07-14Disable language detection for texts shorter than 140 characters (#8010)Eugen Rochko
If the input text is blank after preparation (only mention, or only URL, or empty as in a media post), then use nil as language, since it's OK to show to everyone. Otherwise, always fall back to the server's default locale
2018-07-14Do not count self in potential friendships (#8014)Eugen Rochko
2018-07-10Make whole-word filter regex consistent between Ruby and JS (#7987)Eugen Rochko
2018-07-09Add option to not consider word boundaries when processing keyword filtering ↵ThibG
(#7975) * Add option to not consider word boundaries when filtering phrases * Add a few tests for keyword/phrase filtering
2018-07-06In keyword filter, account for reblogs, HTML and whole-words (#7960)Eugen Rochko
* In keyword filter, account for reblogs, HTML and whole-words * Match whole words in JS filter, too * Fix typo
2018-07-05Check reblogged status for blocked/muted mentions (#7957)Eugen Rochko
2018-07-03Re-add follow recommendations API (#7918)Eugen Rochko
* Re-add follow recommendations API GET /api/v1/suggestions Removed in 8efa081f210d72ed450c39ac4cde0fd84fb3d3fb due to Neo4J dependency. The algorithm uses triadic closures, takes into account suspensions, blocks, mutes, domain blocks, excludes locked and moved accounts, and prefers more recently updated accounts. * Track interactions with people you don't follow Replying to, favouriting and reblogging someone you're not following will make them show up in follow recommendations. The interactions have different weights: - Replying is 1 - Favouriting is 10 (decidedly positive interaction, but private) - Reblogging is 20 Following them, muting or blocking will remove them from the list, obviously. * Remove triadic closures, ensure potential friendships are trimmed
2018-06-29Merge `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into ↵MIYAGI Hikaru
`ALLOW_ACCESS_TO_HIDDEN_SERVICE` (#7901) If Mastodon accesses to the hidden service via transparent proxy, it's needed to avoid checking whether it's a private address, since `.onion` is resolved to a private address. I was previously using the `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` to provide that function. However, I realized that using `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` is redundant, since this specification is always used with `ALLOW_ACCESS_TO_HIDDEN_SERVICE`. Therefore, I decided to integrate the setting of `HIDDEN_SERVICE_VIA_TRANSPARENT_PROXY` into` ALLOW_ACCESS_TO_HIDDEN_SERVICE`.
2018-06-29Keyword/phrase filtering (#7905)Eugen Rochko
* Add keyword filtering GET|POST /api/v1/filters GET|PUT|DELETE /api/v1/filters/:id - Irreversible filters can drop toots from home or notifications - Other filters can hide toots through the client app - Filters use a phrase valid in particular contexts, expiration * Make sure expired filters don't get applied client-side * Add missing API methods * Remove "regex filter" from column settings * Add tests * Add test for FeedManager * Add CustomFilter test * Add UI for managing filters * Add streaming API event to allow syncing filters * Fix tests
2018-06-17Allow selecting default posting language instead of auto-detect (#7828)Eugen Rochko
* Allow selecting default posting language instead of auto-detect * Enable default language setting in credentials API * Fix form saving
2018-06-08Do not accept ActivityPub follow requests from blocked user (#7756)Eugen Rochko
* Do not accept ActivityPub follow requests from blocked user Fix #7745 * Deliver auto-rejection immediately when follow-requested by blocked account * Fix trailing whitespace
2018-05-31Exclude unlisted, private and direct toots from affecting trends (#7686)Eugen Rochko
2018-05-29Fix N+1 on AtomSerializer (#7669)abcang
2018-05-28Record trending tags from ActivityPub, too (#7647)Eugen Rochko
2018-05-25Ignore multiple occurrences of a hashtag within a status (fixes #7585) (#7606)ThibG
2018-05-18Resolve unknown status from Add activity, skip Remove if unknown (#7526)Eugen Rochko
Fix #7518
2018-05-18Add preference to hide following/followers lists (#7532)Eugen Rochko
* Add preference to hide following/followers lists - Public pages - ActivityPub collections (does not return pages but does give total) - REST API (unless it's your own) (does not federate) Fix #6901 * Add preference * Add delegation * Fix issue * Fix issue
2018-05-18User agent for WebFinger (#7531)MIYAGI Hikaru
* User agent for WebFinger * local_domain → web_domain * 'http' is away accidentally...
2018-05-16Raise Mastodon::RaceConditionError if Redis lock failed (#7511)Akihiko Odaki
An explicit error allows user agents to know the error and Sidekiq to retry.
2018-05-12Fetch boosted statuses on behalf of a follower (fixes #7426) (#7459)ThibG
When an ActivityPub Announce is processed and the boosted toot is not known, fetch it on behalf of one of the booster's followers. This is to allow fetching self-boosts of previously-unknown private toots. If fetching on behalf of a user fails, try fetching it anonymously: the selected follower of a boosting user may be banned by the boosted toot's author.
2018-05-10Disable inflate gzip on head method (#7432)Yamagishi Kazutoshi
2018-05-09Support gzip encoding on Request (#7425)Yamagishi Kazutoshi
2018-05-07If an OStatus message contains nsfw hashtag, mark it as sensitive (#7398)Eugen Rochko
* If an OStatus message contains nsfw hashtag, mark it as sensitive Undo parts of #7048 * Put nsfw hashtag on OStatus messages if they have any media * Fix code style issues
2018-05-06Enable custom emojis in profiles (notes, field values, display names) (#7374)Eugen Rochko
Follow-up to #6124
2018-05-05Fix handling of malformed ActivityPub payloads when URIs are nil (#7370)Eugen Rochko
* Fix handling of malformed ActivityPub payloads when URIs are nil * Gracefully handle JSON-LD canonicalization failures
2018-05-04Store URIs of follows, follow requests and blocks for ActivityPub (#7160)Eugen Rochko
Same URI passed between follow request and follow, since they are the same thing in ActivityPub. Local URIs are generated during creation using UUIDs and are passed to serializers.
2018-05-03Fixes/do not override timestamps (#7336)ThibG
* Revert "Fixes/do not override timestamps (#7331)" This reverts commit 581a5c9d29ef2a12f46b67a1097a9ad6df1c6953. * Document Snowflake ID corner-case a bit more Snowflake IDs are used for two purposes: making object identifiers harder to guess and ensuring they are in chronological order. For this reason, they are based on the `created_at` attribute of the object. Unfortunately, inserting items with older snowflakes IDs will break the assumption of consumers of the paging APIs that new items will always have a greater identifier than the last seen one. * Add `override_timestamps` virtual attribute to not correlate snowflake ID with created_at
2018-05-03Fixes/do not override timestamps (#7331)ThibG
* Do not override timestamps for incoming toots * Remove every reference to override_timestamps Statuses are now created with the announced publishing date and are only pushed to timelines if that date is at most 6 hours earlier than the time at which it is processed.
2018-05-03Fix n+1 queries in StatusThreadingConcern (#7321)Eugen Rochko
2018-05-02Slightly reduce RAM usage (#7301)Eugen Rochko
* No need to re-require sidekiq plugins, they are required via Gemfile * Add derailed_benchmarks tool, no need to require TTY gems in Gemfile * Replace ruby-oembed with FetchOEmbedService Reduce startup by 45382 allocated objects * Remove preloaded JSON-LD in favour of caching HTTP responses Reduce boot RAM by about 6 MiB * Fix tests * Fix test suite by stubbing out JSON-LD contexts
2018-05-02Accept actor object updates from all supported actor types (#7312)ThibG