about summary refs log tree commit diff
path: root/spec
AgeCommit message (Collapse)Author
2019-09-15Fix 2FA challenge and password challenge for non-database users (#11831)Eugen Rochko
* Fix 2FA challenge not appearing for non-database users Fix #11685 * Fix account deletion not working when using external login Fix #11691
2019-09-13Remove deprecated `GET /api/v1/search` API (#11823)Eugen Rochko
Use `GET /api/v2/search` instead
2019-09-13Fix hashtags being split by ZWNJ character (#11821)Eugen Rochko
Fix #11761
2019-09-11Change deletes to preserve soft-deleted statuses in unresolved reports (#11805)Eugen Rochko
Change all account actions except "none" to resolve all unresolved reports Refactor `SuspendAccountService` to be more readable
2019-09-11add admin setting for default search engine indexing (fix #11750) (#11804)Tao Bror Bojlén
2019-09-10Add updated relationship to follow request API responses (#11800)ThibG
Fixes #11747
2019-09-09Add batch actions and categories to admin UI for custom emojis (#11793)Eugen Rochko
2019-09-06Add timeline read markers API (#11762)Eugen Rochko
Fix #4093
2019-09-03Fix ActivityPub context not being dynamically computed (#11746)ThibG
* Fix contexts not being dynamically included Fixes #11649 * Refactor Note context in serializer * Refactor Actor serializer
2019-09-02Change trending hashtags to not disappear instantly after midnight (#11712)Eugen Rochko
2019-08-30Fix uncaught domain normalization error in remote follow (#11703)Eugen Rochko
2019-08-30Fix uncaught parameter missing exceptions and missing error templates (#11702)Eugen Rochko
2019-08-23Add option to include reported statuses in warning e-mail (#11639)Eugen Rochko
2019-08-22Fix remote and staff-removed statuses leaving media behind for a day (#11638)Eugen Rochko
The reason for unattaching media instead of removing it is to support delete & redraft functionality, but remote or staff-removed statuses will never be redrafted, so the media should be deleted immediately
2019-08-18Add more accurate hashtag search (#11579)Eugen Rochko
* Add more accurate hashtag search Using ElasticSearch to index hashtags with edge n-grams and score them by usage within the last 7 days since last activity. Only hashtags that have been reviewed and are listable can appear in searches, unless they match the query exactly * Fix search analyzer dropping non-ascii characters
2019-08-16Fix blurhash and autoplay not working on public pages (#11585)Eugen Rochko
2019-08-16Add more accurate account search (#11537)Eugen Rochko
* Add more accurate account search When ElasticSearch is available, a more accurate search is implemented: - Using edge n-gram index for acct and display name - Using asciifolding and cjk width normalization on display names - Using Gaussian decay on account activity for additional scoring (recency) - Using followers/friends ratio for additional scoring (spamminess) - Using followers number for additional scoring (size) The exact match precedence only takes effect when the input conforms to the username format and the username part of it is complete, i.e. when the user started typing the domain part. * Support single-letter usernames * Fix tests * Fix not picking up account updates * Add weights and normalization for scores, skip zero terms queries * Use local counts for accounts index, adjust search parameters * Fix mistakes * Using updated_at of accounts is inadequate for remote accounts
2019-08-07Add domain block notes (#11515)ThibG
* Add database columns for adding notes to domain blocks/restrctions * Add admin UI to set private and public comments when blocking a domain * Add text for private and public comments on domain blocks * Show domain block comments in admin UI * Add comments to the domain block undo page * Make UnblockDomainService more robust regarding upgraded domain blocks * Allow editing domain blocks * Rename button from “undo domain block” to “view domain block” in account admin UI * Change test to unsilence silenced users from upgraded blocks
2019-08-06Bump faker from 1.9.6 to 2.1.0 and update faker api (#11489)Yusuke Nakamura
* Bump faker from 1.9.6 to 2.1.0 Bumps [faker](https://github.com/stympy/faker) from 1.9.6 to 2.1.0. - [Release notes](https://github.com/stympy/faker/releases) - [Changelog](https://github.com/stympy/faker/blob/master/CHANGELOG.md) - [Commits](https://github.com/stympy/faker/compare/1.9.6...v2.1.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> * Use faker api v2 https://github.com/stympy/faker/releases/tag/2.0
2019-08-05Change admin UI for hashtags and add back whitelisted trends (#11490)Eugen Rochko
Fix #271 Add back the `GET /api/v1/trends` API with the caveat that it does not return tags that have not been allowed to trend by the staff. When a hashtag begins to trend (internally) and that hashtag has not been previously reviewed by the staff, the staff is notified. The new admin UI for hashtags allows filtering hashtags by where they are used (e.g. in the profile directory), whether they have been reviewed or are pending reviewal, they show by how many people the hashtag is used in the directory, how many people used it today, how many statuses with it have been created today, and it allows fixing the name of the hashtag to make it more readable. The disallowed hashtags feature has been reworked. It is now controlled from the admin UI for hashtags instead of from the file `config/settings.yml`
2019-08-01Remove XML version of Webfinger and remove links to Atom feeds (#11460)Eugen Rochko
Fix #11453
2019-07-30Change hashtag search to only return results that have trended in the past ↵Eugen Rochko
(#11448) * Change hashtag search to only return results that have trended in the past A way to eliminate typos and other one-off "junk" results * Fix excluding exact matches that don't have a score * Fix tests
2019-07-30Fix boosting & unboosting preventing a boost from appearing in the TL (#11405)ThibG
* Fix boosting & unboosting preventing a boost from appearing in the TL * Add tests * Avoids side effects when aggregate_reblogs isn't true
2019-07-30Add whitelist mode (#11291)Eugen Rochko
2019-07-29Fix tag normalization and migration not removing duplicate tags (#11441)Eugen Rochko
Fix #11428
2019-07-28Revert "Remove conversation URI (#11423)" (#11424)Eugen Rochko
This reverts commit 75f7f9930eb2a6f5c4041ec44fe0aa795c9ec449.
2019-07-28Remove conversation URI (#11423)Eugen Rochko
It is not part of ActivityPub and will free up a lot of space
2019-07-27Implement pending tests (#11415)ysksn
2019-07-27Add search syntax for operators and phrases (#11411)Eugen Rochko
2019-07-26Fix invites not being disabled upon account suspension (#11412)ThibG
* Disable invite links from disabled/suspended users * Add has_many invites relationship to users * Destroy unused invites when suspending an account
2019-07-24 Don't delete periods when validating username uniqueness (#11392) (#11400)Rey Tucker
* Check to make sure usernames with '.' cannot be created * Add test for instance actor account name conflicts This makes sure that migration 20190715164535_add_instance_actor won't fail if there's already an account that is named the same as the domain (minus the .) * Put the test into the correct context... * Add another test to split this into two validations * Don't delete periods when validating username uniqueness (#11392) The 20190715164535_add_instance_actor migration fails if there's already a username similar to the domain name, e.g. if you are 'vulpine.club' and have a user named 'vulpineclub', validation fails. Upon further review, usernames with periods are dropped by the regular expression in the Account class, so we don't need to worry about it here. Fixes #11392
2019-07-22Change unconfirmed user login behaviour (#11375)Eugen Rochko
Allow access to account settings, 2FA, authorized applications, and account deletions to unconfirmed and pending users, as well as users who had their accounts disabled. Suspended users cannot update their e-mail or password or delete their account. Display account status on account settings page, for example, when an account is frozen, limited, unconfirmed or pending review. After sign up, login users straight away and show a simple page that tells them the status of their account with links to account settings and logout, to reduce onboarding friction and allow users to correct wrongly typed e-mail addresses. Move the final sign-up step of SSO integrations to be the same as above to reduce code duplication.
2019-07-21Play animated custom emoji on hover (#11348)ThibG
* Play animated custom emoji on hover in status * Play animated custom emoji on hover in display names * Play animated custom emoji on hover in bios/bio fields * Add support for animation on hover on public pages emojis too * Fix tests * Code style cleanup
2019-07-21Change locale detection to run once per session (#8657)Eugen Rochko
Fix #6462
2019-07-21Remove WebSub subscriptions (#11303)Eugen Rochko
2019-07-19Disallow numeric-only hashtags (#11363)ThibG
* Add spec covering numeric-only hashtags * Fix hashtag regex
2019-07-19Fix sanitizing lists contents (#11354)ThibG
* Add test * Fix code for sanitizing nested lists stripping all tags
2019-07-19Add ActivityPub actor representing the entire server (#11321)ThibG
* Add support for an instance actor * Skip username validation for local Application accounts * Add migration script to create instance actor * Make Codeclimate happy * Switch to id -99 for instance actor * Remove unused `icon` and `image` attributes from instance actor * Use if/elsif/else instead of return + ternary operator * Add instance actor to fresh installs * Use instance actor as instance representative Use instance actor for forwarding reports, relay operations, and spam auto-reporting. * Seed database in test environment * Fix single-user mode * Fix tests * Fix specs to accomodate for an extra `Account` * Auto-reject follows on instance actor Following an instance actor might make sense, but we are not handling that right now, so auto-reject. * Fix webfinger lookup and serialization for instance actor * Rename instance actor * Make it clear in the HTML view that the instance actor should not be blocked * Raise cache time for instance actor as there's no dynamic content * Re-use /about/more with a flash message for instance actor profile
2019-07-18Fix only one middle dot being recognized in hashtags (#11345)Eugen Rochko
Fix #10934
2019-07-18Change language detection to include hashtags as words (#11341)Eugen Rochko
2019-07-13Add a spam check (#11217)Eugen Rochko
* Add a spam check * Use Nilsimsa to generate locality-sensitive hashes and compare using Levenshtein distance * Add more tests * Add exemption when the message is a reply to something that mentions the sender * Use Nilsimsa Compare Value instead of Levenshtein distance * Use MD5 for messages shorter than 10 characters * Add message to automated report, do not add non-public statuses to automated report, add trust level to accounts and make unsilencing raise the trust level to prevent repeated spam checks on that account * Expire spam check data after 3 months * Add support for local statuses, reduce expiration to 1 week, always create a report * Add content warnings to the spam check and exempt empty statuses * Change Nilsimsa threshold to 95 and make sure removed statuses are removed from the spam check * Add all matched statuses into automatic report
2019-07-11Add ActivityPub secure mode (#11269)Eugen Rochko
* Add HTTP signature requirement for served ActivityPub resources * Change `SECURE_MODE` to `AUTHORIZED_FETCH` * Add 'Signature' to 'Vary' header and improve code style * Improve code style by adding `public_fetch_mode?` method
2019-07-11Add HTTP signatures to all outgoing ActivityPub GET requests (#11284)Eugen Rochko
2019-07-10Refactor fetching of remote resources (#11251)Eugen Rochko
2019-07-09Refactor domain block checks (#11268)Eugen Rochko
2019-07-08Remove unused remote unfollow controller (#11250)Eugen Rochko
2019-07-08Refactor controllers for statuses, accounts, and more (#11249)Eugen Rochko
2019-07-07Remove Atom feeds and old URLs in the form of `GET /:username/updates/:id` ↵Eugen Rochko
(#11247)
2019-07-06Remove Salmon and PubSubHubbub (#11205)Eugen Rochko
* Remove Salmon and PubSubHubbub endpoints * Add error when trying to follow OStatus accounts * Fix new accounts not being created in ResolveAccountService
2019-07-05Remove deprecated REST API `GET /api/v1/statuses/:id/card` (#11213)Eugen Rochko