Age | Commit message (Collapse) | Author |
|
* Verify link ownership with rel="me"
* Add explanation about verification to UI
* Perform link verifications
* Add click-to-copy widget for verification HTML
* Redesign edit profile page
* Redesign forms
* Improve responsive design of settings pages
* Restore landing page sign-up form
* Fix typo
* Support <link> tags, add spec
* Fix links not being verified on first discovery and passive updates
|
|
|
|
If an unresolved report for the same target account already exists,
no new notification is generated
|
|
* If an Update is signed with known key, skip re-following procedure
Because it means the remote actor did *not* lose their database
* Add CLI method for rotating keys
bin/tootctl accounts rotate [USERNAME]
Generates a new RSA key per account and sends out an Update activity
signed with the old key.
* Key rotation: Space out Update fan-outs every 5 minutes per 1000 accounts
* Skip suspended accounts in key rotation
|
|
|
|
Fix #8430
|
|
#8376) (#8377)
|
|
* Fix URI not being sufficiently validated with prefetched JSON
* Add additional id validation to OStatus documents, when possible
|
|
Remove experimental key export
|
|
|
|
Fix #7316
|
|
|
|
#8218) (#8244)
|
|
* Allow accessing local private/DM messages by URL
(Provided the user pasting the URL is authorized to see the toot, obviously)
* Fix SearchServiceSpec tests
|
|
Fix #8051
|
|
|
|
* Add federation relay support
* Add admin UI for managing relays
* Include actor on relay-related activities
* Fix i18n
|
|
Fix #7874
|
|
|
|
* Re-add follow recommendations API
GET /api/v1/suggestions
Removed in 8efa081f210d72ed450c39ac4cde0fd84fb3d3fb due to Neo4J
dependency. The algorithm uses triadic closures, takes into account
suspensions, blocks, mutes, domain blocks, excludes locked and moved
accounts, and prefers more recently updated accounts.
* Track interactions with people you don't follow
Replying to, favouriting and reblogging someone you're not following
will make them show up in follow recommendations. The interactions
have different weights:
- Replying is 1
- Favouriting is 10 (decidedly positive interaction, but private)
- Reblogging is 20
Following them, muting or blocking will remove them from the list,
obviously.
* Remove triadic closures, ensure potential friendships are trimmed
|
|
* Allow selecting default posting language instead of auto-detect
* Enable default language setting in credentials API
* Fix form saving
|
|
* Add autofollow option to invites
* Trigger CodeClimate rebuild
|
|
Ref: cfa9b6e13ab3c434f3901df6f614d0aa94a3d1ed
This breaks compatibility with pre-2.3.0 Mastodon and older
software, but at the time of writing the network is >80% above
that version.
Compatibility broken only for toots with no text.
|
|
* Send rejections to followers when user hides domain they're on
* Use account domain blocks for "authorized followers" action
Replace soft-blocking (block & unblock) behaviour with follow rejection
* Split sync and async work of account domain blocking
Do not create domain block when removing followers by domain, that
is probably unexpected from the user's perspective.
* Adjust confirmation message for domain block
* yarn manage:translations
|
|
|
|
Old statuses and statuses from Pawoo, which runs a modified version of
Mastodon, may not have been marked sensitive even if spoiler text is
present.
Such statuses are still not marked sensitve if they are local or
arrived before version upgrade. Marking recently fetched remote status
sensitive contradicts the behavior.
Considering what people expected when they authored such statuses, this
change removes the sensitivity enforcement.
|
|
|
|
Do not touch statuses_count on accounts table when mass-destroying
statuses to reduce load when removing accounts, same for
reblogs_count and favourites_count
Do not count statuses with direct visibility in statuses_count
Fix #828
|
|
|
|
* Track trending tags
- Half-life of 1 day
- Historical usage in daily buckets (last 7 days stored)
- GET /api/v1/trends
Fix #271
* Add trends to web UI
* Don't render compose form on search route, adjust search results header
* Disqualify tag from trends if it's in disallowed hashtags setting
* Count distinct accounts using tag, ignore silenced accounts
|
|
If media_attachments are not loaded, SQL query is the same, but
the #exists? method performs SQL query even if preloaded
|
|
|
|
An explicit error allows user agents to know the error and Sidekiq to
retry.
|
|
This patch fixes NoMethodError and others in RemoteProfileUpdateWorker.
|
|
Updates account `uri` field on each call to `update_account` instead of
only once during `create_account` to mirror the same behavior in OStatus
`ResolveAccountService` class [0].
ActivityPub accounts are identified using `@username` and `@domain` pair
instead of URI since #6842.
This fixes #7479: a bug when the account identified by `@username` and
`@domain` changes its URI.
[0]:
https://github.com/tootsuite/mastodon/blob/03b69ebc450efc07246bd64204276941b7ede3fc/app/services/resolve_account_service.rb#L121
|
|
|
|
When an ActivityPub Announce is processed and the boosted toot is not known,
fetch it on behalf of one of the booster's followers. This is to allow
fetching self-boosts of previously-unknown private toots.
If fetching on behalf of a user fails, try fetching it anonymously: the
selected follower of a boosting user may be banned by the boosted toot's
author.
|
|
- POST /api/v1/push/subscription
- PUT /api/v1/push/subscription
- DELETE /api/v1/push/subscription
- New OAuth scope: "push" (required for the above methods)
|
|
|
|
|
|
|
|
* Store actor type in database
* Add bot nameplate to web UI, add setting to preferences, API, AP
Fix #7365
* Fix code style issues
|
|
|
|
* Fix handling of malformed ActivityPub payloads when URIs are nil
* Gracefully handle JSON-LD canonicalization failures
|
|
* Store home feeds for 7 days instead of 14
Reduces workload for status fan-out to active followers
* Fix test for user model
|
|
Offload creation of local notifications to a worker. Remove two
redundant SQL queries from ProcessMentionsService, remove n+1
XML/JSON serialization via memoization
|
|
* No need to re-require sidekiq plugins, they are required via Gemfile
* Add derailed_benchmarks tool, no need to require TTY gems in Gemfile
* Replace ruby-oembed with FetchOEmbedService
Reduce startup by 45382 allocated objects
* Remove preloaded JSON-LD in favour of caching HTTP responses
Reduce boot RAM by about 6 MiB
* Fix tests
* Fix test suite by stubbing out JSON-LD contexts
|
|
* Keep notification when muting_notifications is true
* Retrun mute object
* Fix test
|
|
* Remove most behaviour disparities between blocks and mutes
The only differences between block and mute should be:
- Mutes can optionally NOT affect notifications
- Mutes should not be visible to the muted
Fix #7230
Fix #5713
* Do not allow boosting someone you blocked
Fix #7248
* Do not allow favouriting someone you blocked
* Fix nil error in StatusPolicy
|
|
Fix #7265
|