Age | Commit message (Collapse) | Author |
|
Conflicts:
- `app/javascript/styles/mastodon/modal.scss`:
For some reason we changed the file loading path in glitch-soc,
but now upstream has completely changed how the logo is loaded.
Applied upstream changes.
|
|
* Fix URI of repeat follow requests not being recorded
In case we receive a “repeat” or “duplicate” follow request, we automatically
fast-forward the accept with the latest received Activity `id`, but we don't
record it.
In general, a “repeat” or “duplicate” follow request may happen if for some
reason (e.g. inconsistent handling of Block or Undo Accept activities, an
instance being brought back up from the dead, etc.) the local instance thought
the remote actor were following them while the remote actor thought otherwise.
In those cases, the remote instance does not know about the older Follow
activity `id`, so keeping that record serves no purpose, but knowing the most
recent one is useful if the remote implementation at some point refers to it
by `id` without inlining it.
* Add tests
|
|
|
|
* Atomically check for processing lock in Move handler
* Prevent race condition when creating account migrations
Fixes #15595
* Add tests
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
* Added .deepsource.toml
* Removed bad use of `alias`
* Fixed operand order in the binary expression
* Prefixed unused method arguments with an underscore
* Replaced the old OpenSSL algorithmic constants with the newer strings initializers.
* Removed unnecessary UTF-8 encoding comment
|
|
Conflicts:
- `app/controllers/accounts_controller.rb`:
Upstream change too close to a glitch-soc change related to
instance-local toots. Merged upstream changes.
- `app/services/fan_out_on_write_service.rb`:
Minor conflict due to glitch-soc's handling of Direct Messages,
merged upstream changes.
- `yarn.lock`:
Not really a conflict, caused by glitch-soc-only dependencies
being textually too close to updated upstream dependencies.
Merged upstream changes.
|
|
|
|
* Add support for inlined objects in activity audience
* Add tests
|
|
|
|
* Change content-type to be always computed from file data
Restore previous behavior, detecting the content-type isn't very
expensive, and some instances may serve files as application/octet-stream
regardless of their true type, making fetching media from them fail, while
it used to work pre-3.2.0.
* Add test
|
|
(#14479)
* Add tests
* Fix handling of Reject Follow when a matching follow relationship exists
Regression from #12199
|
|
* Fix not handling Undo on some activity types when they aren't inlined
When receiving an Undo for a non-inlined activity, try looking it up in
database using the URI. The queries are ad-hoc because we don't have a global
index of object URIs, and not all activity types are stored in database with
an index on their URI.
Announces are just statuses, and have an index on URIs, so this check can
be done efficiently.
Accepts cannot be handled at all because we don't record their URI at any
point.
Follows don't have an index on URI, but they have an index on the issuing
account, which should make such queries largely manageable.
Likes don't have an index on URI, they have an index on the issuing account,
but the number of favs per account may be very high, so I decided not to
handle that.
Blocks don't have an index on URI, but they have an index on the issuing
account, which should make such queries largely manageable.
In all cases, if an Undo could not be handled properly, we call `delete_later!`
because that does not require us to know more than the URI of the undone
property.
* Add tests
* Make newer blocks overwrite older ones
Allows re-synchronizing block info by re-blocking and un-blocking again
when the original Undo Block has been lost.
|
|
|
|
|
|
invalid tags (#12436)
* Revert "Fix ignoring whole status because of one invalid hashtag (#11621)"
This reverts commit dff46b260b2f7d765d254c84a4b89105c7de5e97.
* Fix statuses being rejected because of invalid hashtag names
* Add spec for invalid hashtag names in statuses
* Add test for featured tags controller
|
|
* Fix remote media descriptions being cut off at 420 chars
Fixes #12258
* Fix tests
|
|
* Change silenced accounts to require approval on follow
* Also require approval for follows by people explicitly muted by target accounts
* Do not auto-accept silenced or muted accounts when switching from locked to unlocked
* Add `follow_requests_count` to verify_credentials
* Show “Follow requests” menu item if needed even if account is locked
* Add tests
* Correctly reflect that follow requests weren't auto-accepted when local account is silenced
* Accept follow requests from user-muted accounts to avoid leaking mutes
|
|
* Fix contexts not being dynamically included
Fixes #11649
* Refactor Note context in serializer
* Refactor Actor serializer
|
|
(#11247)
|
|
* Do not misattribute inlined boosts if `attributedTo` isn't present
Fixes #10950
* Fix tests
|
|
(#10575)
* Prevent silenced local users from notifying remote users not following them
This is an attempt to extend the local restrictions of silenced users to the
federation.
* Add tests
* Add tests for making sure private status don't get sent over OStatus
|
|
Also, fix some n+1 queries
Resolve #10365
|
|
Fix #8078
|
|
Fixes #10271
|
|
* Fix reblogs privacy
* Fix Announce processing specs
|
|
* Do not allow adding votes to expired polls
* Only validate expires_at on create
|
|
|
|
* Store remote votes URI
* Add spec for accepting remote votes
* Make poll vote id generation work the same way as follows
|
|
|
|
Regression from #9998
|
|
|
|
* Filter incoming Announce activities by relation to local activity
Reject if announcer is not followed by local accounts, and is not
from an enabled relay, and the object is not a local status
Follow-up to #10005
* Fix tests
|
|
* When self-boosting, embed original toot into Announce serialization
* Process unknown self-boosts from Announce object if it is more than an URI
* Add some self-boost specs
* Only serialize private toots in self-Announces
|
|
of order (#9687)
* Ensure blocked user unfollows blocker if Block/Undo Block are processed out of order
* Add specs for Block causing unfollow and for out-of-order Block + Undo
|
|
|
|
* Add silent column to mentions
* Save silent mentions in ActivityPub Create handler and optimize it
Move networking calls out of the database transaction
* Add "limited" visibility level masked as "private" in the API
Unlike DMs, limited statuses are pushed into home feeds. The access
control rules between direct and limited statuses is almost the same,
except for counter and conversation logic
* Ensure silent column is non-null, add spec
* Ensure filters don't check silent mentions for blocks/mutes
As those are "this person is also allowed to see" rather than "this
person is involved", therefore does not warrant filtering
* Clean up code
* Use Status#active_mentions to limit returned mentions
* Fix code style issues
* Use Status#active_mentions in Notification
And remove stream_entry eager-loading from Notification
|
|
* Add missing specs for relay accept/reject
* Display pending message on admin relays UI
|
|
* Add Follow#revoke_request!
* Implement Undo { Accept { Follow } } (fixes #8234)
|
|
Fix #7518
|
|
* No need to re-require sidekiq plugins, they are required via Gemfile
* Add derailed_benchmarks tool, no need to require TTY gems in Gemfile
* Replace ruby-oembed with FetchOEmbedService
Reduce startup by 45382 allocated objects
* Remove preloaded JSON-LD in favour of caching HTTP responses
Reduce boot RAM by about 6 MiB
* Fix tests
* Fix test suite by stubbing out JSON-LD contexts
|
|
|
|
* Federate pinned statuses over ActivityPub
* Display pinned toots in web UI
Fix #6117
* Fix migration
* Fix tests
* Update outbox_serializer.rb
* Update remove_serializer.rb
* Update add_serializer.rb
* Update fetch_featured_collection_service.rb
|
|
|
|
* Fix #2176: Federated reports
* UI for federated reports
* Add spec for ActivityPub Flag handler
* Add spec for ReportService
|
|
|
|
* Fix actors accepting invalid URI schemes or different host between URI and URL
* Fix statuses accepting invalid URI scheme or different host to actor
* Adjust tests to new requirements
* Improve readability of mismatching_origin?/invalid_origin? methods
|
|
* Allow to dereference Follow object for ActivityPub
* Accept IRI as object representation for Accept activity
|
|
* Avoid sending explicit Undo->Announce when original deleted
* Do not forward a reply back to the server that sent it
* Deduplicate inboxes of rebloggers' followers for delete forwarding
* Adjust test
* Fix wrong class, bad SQL, wrong variable, outdated comment
|
|
This allows deletion of reblogs which delivered before with OStatus URI.
|
|
* Encode custom emojis as resolveable objects in ActivityPub
* Improve code style
|