Age | Commit message (Collapse) | Author |
|
|
|
|
|
* Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService
ActivityPub::FetchRemoteAccountService is kept as a wrapper for when the actor is
specifically required to be an Account
* Refactor SignatureVerification to allow non-Account actors
* fixup! Move ActivityPub::FetchRemoteAccountService to ActivityPub::FetchRemoteActorService
* Refactor ActivityPub::FetchRemoteKeyService to potentially return non-Account actors
* Refactor inbound ActivityPub payload processing to accept non-Account actors
* Refactor inbound ActivityPub processing to accept activities relayed through non-Account
* Refactor how Account key URIs are built
* Refactor Request and drop unused key_id_format parameter
* Rename ActivityPub::Dereferencer `signature_account` to `signature_actor`
|
|
|
|
* Fix typos
Found via `codespell -q 3 -S ./CHANGELOG.md,./AUTHORS.md,./config/locales,./app/javascript/mastodon/locales -L ba,keypair,medias,pixelx,ro`
* Follow-up typo fix
|
|
* Change how hashtags are normalized
* Fix tests
|
|
* Add tests
* Fix crash when a remote Flag activity mentions a private post
|
|
* Add model for custom filter keywords
* Use CustomFilterKeyword internally
Does not change the API
* Fix /filters/edit and /filters/new
* Add migration tests
* Remove whole_word column from custom_filters (covered by custom_filter_keywords)
* Redesign /filters
Instead of a list, present a card that displays more information and handles
multiple keywords per filter.
* Redesign /filters/new and /filters/edit to add and remove keywords
This adds a new gem dependency: cocoon, as well as a npm dependency:
cocoon-js-vanilla. Those are used to easily populate and remove form fields
from the user interface when manipulating multiple keyword filters at once.
* Add /api/v2/filters to edit filter with multiple keywords
Entities:
- `Filter`: `id`, `title`, `filter_action` (either `hide` or `warn`), `context`
`keywords`
- `FilterKeyword`: `id`, `keyword`, `whole_word`
API endpoits:
- `GET /api/v2/filters` to list filters (including keywords)
- `POST /api/v2/filters` to create a new filter
`keywords_attributes` can also be passed to create keywords in one request
- `GET /api/v2/filters/:id` to read a particular filter
- `PUT /api/v2/filters/:id` to update a new filter
`keywords_attributes` can also be passed to edit, delete or add keywords in
one request
- `DELETE /api/v2/filters/:id` to delete a particular filter
- `GET /api/v2/filters/:id/keywords` to list keywords for a filter
- `POST /api/v2/filters/:filter_id/keywords/:id` to add a new keyword to a
filter
- `GET /api/v2/filter_keywords/:id` to read a particular keyword
- `PUT /api/v2/filter_keywords/:id` to edit a particular keyword
- `DELETE /api/v2/filter_keywords/:id` to delete a particular keyword
* Change from `irreversible` boolean to `action` enum
* Remove irrelevent `irreversible_must_be_within_context` check
* Fix /filters/new and /filters/edit with update for filter_action
* Fix Rubocop/Codeclimate complaining about task names
* Refactor FeedManager#phrase_filtered?
This moves regexp building and filter caching to the `CustomFilter` class.
This does not change the functional behavior yet, but this changes how the
cache is built, doing per-custom_filter regexps so that filters can be matched
independently, while still offering caching.
* Perform server-side filtering and output result in REST API
* Fix numerous filters_changed events being sent when editing multiple keywords at once
* Add some tests
* Use the new API in the WebUI
- use client-side logic for filters we have fetched rules for.
This is so that filter changes can be retroactively applied without
reloading the UI.
- use server-side logic for filters we haven't fetched rules for yet
(e.g. network error, or initial timeline loading)
* Minor optimizations and refactoring
* Perform server-side filtering on the streaming server
* Change the wording of filter action labels
* Fix issues pointed out by linter
* Change design of “Show anyway” link in accordence to review comments
* Drop “irreversible” filtering behavior
* Move /api/v2/filter_keywords to /api/v1/filters/keywords
* Rename `filter_results` attribute to `filtered`
* Rename REST::LegacyFilterSerializer to REST::V1::FilterSerializer
* Fix systemChannelId value in streaming server
* Simplify code by removing client-side filtering code
The simplifcation comes at a cost though: filters aren't retroactively
applied anymore.
|
|
* Change RSS feeds
- Use date and time for titles instead of ellipsized text
- Use full content in body, even when there is a content warning
- Use media extensions
* Change feed icons and add width and height attributes to custom emojis
* Fix custom emoji animate on hover breaking
* Fix tests
|
|
* Fix single Redis connection being used across all Sidekiq threads
* Fix tests
|
|
* Fix PeerTube videos appearing with an erroneous “Edited at” marker
PeerTube videos have an `updated` field equal to `published`.
When processing an incoming activity that has the same value for `updated` and
`published`, assume this doesn't represent an actual edit.
* Please CodeClimate
|
|
(#17970)
|
|
* Remove obsolete RSS::Serializer test
Since #17828, RSS::Serializer no longer has specific code for deleted statuses,
but it is never called on deleted statuses anyway.
* Rename erroneously-named test files
* Fix failing test
* Fix test deprecation warnings
* Update CircleCI Ruby orb
1.4.0 has a bug that does not match all the test files due to incorrect
globbing
|
|
* Refactor formatter
* Move custom emoji pre-rendering logic to view helpers
* Move more methods out of Formatter
* Fix code style issues
* Remove Formatter
* Add inline poll options to RSS feeds
* Remove unused helper method
* Fix code style issues
* Various fixes and improvements
* Fix test
|
|
* Add workaround for YouTube Shorts links
* Update link_details_extractor_spec.rb
|
|
* spelling: account
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: affiliated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: appearance
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: autosuggest
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: cacheable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: component
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: conversations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: domain.example
Clarify what's distinct and use RFC friendly domain space.
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: environment
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: exceeds
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: functional
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: inefficiency
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: not
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: notifications
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: occurring
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: position
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: progress
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: promotable
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: reblogging
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: repetitive
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: resolve
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: saturated
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: similar
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: strategies
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: success
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: targeting
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: thumbnails
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unauthorized
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: unsensitizes
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: validations
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
* spelling: various
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
Co-authored-by: Josh Soref <jsoref@users.noreply.github.com>
|
|
* Change authorized applications page
* Hide revoke button for superapps and suspended accounts
* Clean up db/schema.rb
|
|
* Change relays handling to not record boosts
* Update tests
|
|
* Remove language detection through cld3
* Update app/helpers/languages_helper.rb
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
Co-authored-by: Yamagishi Kazutoshi <ykzts@desire.sh>
|
|
* Fix structured data parsing from links choking on bad data
- Fix og:url meta tag being prioritized over canonical link tag
- Fix structured data parsing choking on commented-out CDATA declarations
- Fix HTML entities in title, description, provider_name, author_name
- Change structured data parsing to attempt every JSON-LD script tag
* Remove unnecessary slash escapes from CDATA regex pattern
|
|
Fix #17344
|
|
* Add support for editing for published statuses
* Fix references to stripped-out code
* Various fixes and improvements
* Further fixes and improvements
* Fix updates being potentially sent to unauthorized recipients
* Various fixes and improvements
* Fix wrong words in test
* Fix notifying accounts that were tagged but were not in the audience
* Fix mistake
|
|
* Add support for private pinned toots
* Allow local user to pin private toots
* Change wording to avoid "direct message"
|
|
|
|
Save preview cards under their canonical URL
Increase max redirects to follow from 2 to 3
|
|
|
|
Fixes #16699
|
|
|
|
* Add tests
* Ensure deleted statuses are marked as such
* Save some redis memory by not storing URIs in delete_upon_arrival values
* Avoid possible race condition when processing incoming Deletes
* Avoid potential duplicate Delete forwards
* Lower lock durations to reduce issues in case of hard crash of the Rails process
* Check for `lock.aquired?` and improve comment
* Refactor RedisLock usage in app/lib/activitypub
* Fix using incorrect or non-existent sender for relaying Deletes
|
|
|
|
Fix #15506
|
|
Fixes #5551
|
|
* Prepare Mastodon for zeitwerk autoloader (Rails 6)
Add inflections and rename/move a few classes.
In particular, app/lib/exceptions.rb and app/lib/sanitize_config.rb
were manually loaded while still in autoload paths.
* Add inflection for Url → URL
|
|
* Fix cache_collection crashing when given an empty collection
* Add tests
|
|
* Update twitter-text from 1.14 to 3.1.0
* Disable emoji parsing
* Properly depend on twitter-text for url detection
* Fix some URLs being wrongly detected client-side
* Add test for server-side validation of non-autolinkable URLs
* Fix server-side status length counting
|
|
* Fix URI of repeat follow requests not being recorded
In case we receive a “repeat” or “duplicate” follow request, we automatically
fast-forward the accept with the latest received Activity `id`, but we don't
record it.
In general, a “repeat” or “duplicate” follow request may happen if for some
reason (e.g. inconsistent handling of Block or Undo Accept activities, an
instance being brought back up from the dead, etc.) the local instance thought
the remote actor were following them while the remote actor thought otherwise.
In those cases, the remote instance does not know about the older Follow
activity `id`, so keeping that record serves no purpose, but knowing the most
recent one is useful if the remote implementation at some point refers to it
by `id` without inlining it.
* Add tests
|
|
* Atomically check for processing lock in Move handler
* Prevent race condition when creating account migrations
Fixes #15595
* Add tests
Co-authored-by: Claire <claire.github-309c@sitedethib.com>
|
|
* Added .deepsource.toml
* Removed bad use of `alias`
* Fixed operand order in the binary expression
* Prefixed unused method arguments with an underscore
* Replaced the old OpenSSL algorithmic constants with the newer strings initializers.
* Removed unnecessary UTF-8 encoding comment
|
|
|
|
|
|
There are edge cases where requests to certain hosts timeout when
using the vanilla HTTP.rb gem, which the goldfinger gem uses. Now
that we no longer need to support OStatus servers, webfinger logic
is so simple that there is no point encapsulating it in a gem, so
we can just use our own Request class. With that, we benefit from
more robust timeout code and IPv4/IPv6 resolution.
Fix #14091
|
|
|
|
* Check for and record reblog info atomically
Instead of using ZREVRANK to determine whether a reblog is a new reblog or not,
use ZADD's NX option to perform the check/addition option atomically.
* Replace ZREVRANK call with ZSCORE key which is more efficient
* Make tests a bit stricter
* Fix off-by-one
|
|
|
|
* Add database support for list show-reply preferences
* Add backend support to read and update list-specific show_replies settings
* Add basic UI to set list replies setting
* Add specs for list replies policy
* Switch "cycling" reply policy link to a set of radio inputs
* Capitalize replies_policy strings
* Change radio button design to be consistent with that of the directory explorer
|
|
|
|
* Add support for inlined objects in activity audience
* Add tests
|
|
* Change content-type to be always computed from file data
Restore previous behavior, detecting the content-type isn't very
expensive, and some instances may serve files as application/octet-stream
regardless of their true type, making fetching media from them fail, while
it used to work pre-3.2.0.
* Add test
|
|
(#14479)
* Add tests
* Fix handling of Reject Follow when a matching follow relationship exists
Regression from #12199
|
|
* Fix not handling Undo on some activity types when they aren't inlined
When receiving an Undo for a non-inlined activity, try looking it up in
database using the URI. The queries are ad-hoc because we don't have a global
index of object URIs, and not all activity types are stored in database with
an index on their URI.
Announces are just statuses, and have an index on URIs, so this check can
be done efficiently.
Accepts cannot be handled at all because we don't record their URI at any
point.
Follows don't have an index on URI, but they have an index on the issuing
account, which should make such queries largely manageable.
Likes don't have an index on URI, they have an index on the issuing account,
but the number of favs per account may be very high, so I decided not to
handle that.
Blocks don't have an index on URI, but they have an index on the issuing
account, which should make such queries largely manageable.
In all cases, if an Undo could not be handled properly, we call `delete_later!`
because that does not require us to know more than the URI of the undone
property.
* Add tests
* Make newer blocks overwrite older ones
Allows re-synchronizing block info by re-blocking and un-blocking again
when the original Undo Block has been lost.
|