* origin/develop:
fix: append field values to bio before parsing
Indicate in changelog that removal of crypt is breaking
Allow custom emoji reactions: Add pleroma_custom_emoji_reactions feature, review changes
docs: Be more explicit about the level of compatibility of OTP releases
Remove crypt(3) support
Allow custom emoji reactions: add test for mixed emoji react, fix credo errors
Allow custom emoji reactions: Fix tests, mixed custom and unicode reactions
Allow reacting with remote emoji when they exist on the post (#200)
feat: build rel me tags with profile fields
* origin/develop: (57 commits)
remove static_fe pipeline for /users/:nickname/feed
oops, remove unused import
use scrub_html_and_truncate instead of scrub_html for feed item title
modify Utils.scrub_html_and_truncate to take omission parameter
format feed_view.ex
feed eex templates: use published field from @data, not @activity.data
fix tag feeds: remote activities might not have a summary field
Make clear the test names
Fix FederatorTest
Stop oban from retrying if validating errors occur when processing incoming data
Add the security fix to the changelog
Sanitize filenames when uploading
Allow with_relationships param for blocks
Bundle frontend
Bump version in mix project to 2.5.1
Compose changelog for 2.5.1
Ignores in exiftool read descriptions
Bump crypt to v1.0.1
Update mix.exs
Bump linkify
...
* origin/develop: (126 commits)
Revert "Merge branch 'copyright-bump' into 'develop'"
Bump copyright year
Extract translatable strings
mix: version 2.5.50
mix: Release 2.5.0
CHANGELOG: Set 2.5.0
Git merge is not my favorite tool
Revert "Delete report notifs when demoting from superuser"
Update PleromaFE bundle to 2.5.0
Make lint happy
Use crazy hack to finally get pleroma:report notifications not visible after revoking privileges
Update AdminFE bundle to version 2.5.0
Extract translatable strings
Fix TwitterCard meta tags
Fix CommonAPI delete function to use User.privileged? instead of User.superuser?
use to_rfc2822 instead of pub_date in tests, too
document rss/atom fix in changelog
modify user feed controller test to expect summary for title
remove pub_date() -- use to_rfc2822 instead
remove ap_id test -- the element makes the feed break
...
* origin/develop: (208 commits)
Document inclusion of wasm-unsafe-eval
Update http_security_plug.ex
Update lib/pleroma/web/plugs/http_security_plug.ex
try to fix ruffle on chrome
Alter priority of Delete activities to be lowest
Deletes do not generate notifications of any kind, so skip trying
Object.Fetcher: Set reachable on successful fetch
Translated using Weblate (Ukrainian)
Added translation using Weblate (Ukrainian)
Added translation using Weblate (Ukrainian)
Lint
Update config cheatsheet
Clarify config description
Document Oban workers getting timeouts defined
Lint
Define sane Oban Worker timeouts
Clean up stale entries in mix.lock
Document removal of Quack
Add migration to remove Quack from ConfigDB
Remove Quack logging backend
...
* origin/develop: (115 commits)
Change test case wording
Use `duration` param for mute expiration duration
Emoji: apply recommended tail call changes
Extract translatable strings
Emoji: split qualification variation into a module
Add authorized_fetch_mode to description.exs
EmojiReactValidator: use new qualification method
Emoji: implement full-qualifier using combinations
EmojiReactValidator: fix emoji qualification
Revert "Merge branch 'fix/emoji-react-qualification' into 'develop'"
Translated using Weblate (French)
Translated using Weblate (Chinese (Simplified))
Translated using Weblate (Chinese (Simplified))
Translated using Weblate (Chinese (Simplified))
Translated using Weblate (Chinese (Simplified))
Translated using Weblate (Chinese (Simplified))
Translated using Weblate (Chinese (Simplified))
Translated using Weblate (Chinese (Simplified))
Translated using Weblate (Chinese (Simplified))
Translated using Weblate (Chinese (Simplified))
...
* origin/develop:
Add tlsv1.3 to suggestions
hackney adapter helper & reverse proxy client: enable TLSv1.3
StealEmojiPolicy: fix String rejected_shortcodes
Instruct users to run 'git pull' as the pleroma user
Also use actor_type to determine if an account is a bot in antiFollowbotPolicy
mix: Bump to 2.4.52 for 2.4.3 mergeback
Skip cache when /objects or /activities is authenticated
Allow to skip cache in Cache plug
update sweet_xml [Security]
* origin/develop: (294 commits)
Fix incorrect fallback when English is set to first language
Fix eratic test for POST /api/pleroma/admin/reports/:id/notes
After code review
Support fallbacking to other languages
Delete report notifs when demoting from superuser
Update Caddyfile to Caddy v2
Lint
Support multiple locales from userLanguage cookie
Support multiple locales formally
Make lint happy
Add test for fallbacking to a general language
Fallback to a variant if the language in general is not supported
Add changelog
Document API addition
Allow user to register with custom language
Allow update_credentials to update User.language
Send emails i18n'd using backend-stored user language
Make all emails translatable
Fix digest test
Make mail and mailer translatable
...
* origin/develop: (33 commits)
maybe_notify_subscribers: Don't create notifications from ingested messages
TwitterAPI: Make change_email require body params instead of query
TwitterAPI: Make change_password require body params instead of query
Make the OPT recomendation clearer
ObjectAgePolicy: Fix pattern matching on published
fix: stream out Create Activity
Improve readability
Quarantine placeholders
improve changelog entry
Make transparency_exclusions use tuples in admin-fe
Add key- and valuePlaceholders for quarantined_instances and mrf_simple
Add transparency_exclusions also to the breaking changes
Change docs
quarantine instances info
Change what nodeinfo returns without breaking backwards compatibility
Return maps in node_info
Add database migrations
Fixed deprecation warning checks
config/description.exs: Update quarantine settings to tuples
make linter happy
...
* origin/develop: (252 commits)
mix.exs: 2.4.50
Update PleromaFE Bundle (2.4.0)
CHANGELOG.md: Fix instances of 2020 being actually 2021
Release 2.4.0
Update AdminFE bundle
Visibility: check Tombstone objects in visible_for_user?/2
CHANGELOG: fixed JSON error rendering
Add activity+json to Phoenix :format_encoders Fixes ErrorView rendering
CHANGELOG: AdminAPI return date with users
AdminAPI: add date to users
CHANGELOG: AdminAPI users sort
AdminAPI: sort user results by ID descending
Moderators: reorganize :admin_api pipeline in Router
Moderators: add UserIsStaffPlug
AP C2S: Remove restrictions and make it go through pipeline
Update Linkify to fix crash on posts with a URL we failed to parse correctly
fix the fucking list timelines on mastofe/soapbox-fe
Deletions: change User.purge/1 to defp, add CHANGELOG entry
Deletions: don't purge keys so Delete/Undo activities can be signed
Deletions: allow deactivated users to be deleted
...
* origin/develop: (159 commits)
Fix CHANGELOG entry meant for next release
Revert "Merge branch 'patch-fix-open-api-spec' into 'develop'"
object_validator: Refactor most of validate/2 to a generic block
date-times are always strings
Fix function calls due to module name change
Temp file leaked, oops
Add more details to the cheatsheat for FollowBot MRF
Prefer FollowBot naming convention vs Followbot
Document new FollowBot MRF
More tests to validate Followbot is behaving
Remove Task.async as it is broken here and probably a premature optimization anyway
Only need to validate a follow request is generated for now
Revert
Do not try to follow local users. Their posts are already available locally on the instance.
Change module name to FollowbotPolicy
Add follow_requests_outstanding_since?/3 to Pleroma.Activity
Lint
Better checking of previous follow request attempts
Prevent duplicates from being processed
Make the followbot only dispatch follow requests once per 30 day period
...
* origin/develop: (185 commits)
OAuthScopesPlug: remove transform_scopes in favor of explicit admin scope definitions
OpenAPI: Add `admin:` scope prefix to admin operations
Remove `:auth, :enforce_oauth_admin_scope_usage`
Do not want these interfering with develop builds
Make it possible to generate custom docker images by prefixing the branch name with "build-docker"
Chats: Introduce /api/v2/pleroma/chats which implements pagination
ChatMessage schema: Add `unread` property
Relicense documentation under CC-BY-4.0
Add API endpoint to remove a conversation
update changelog to mention change of avatar
replace avi.png
Add myself to .mailmap
[#2053] Changed `Notification/for_user_query/2` to use join to filter out inactive actors instead of subselect of _all_ inactive AP ids from `users`.
[#2510] Improved support for app-bound OAuth tokens. Auth-related refactoring.
not used mock
OpenAPI spec: Do not show build enviroment in the spec version
OpenAPI spec task: Load pleroma application to get version info
Lint
Revert "Add plaintext support for all emails except the digest"
MRF NoEmptyPolicy: Deny posts from local users if there is no content or only mentions.
...
* origin/develop: (145 commits)
CHANGELOG.md: Remove wrong entries from Unreleased(patch)
Only run one attachment cleanup job per node
Just validate command is in PATH; forking a shell is wasteful
Linting.
Pbkdf2: Use it everywhere.
Password -> Password.Pbkdf2
Linting
Password: Replace Pbkdf2 with Password.
Password: Add password module
COPYING: Bump copyright to 2021
Bump Copyright to 2021
Pagination: Don't be dos'd by random parameters.
Simplify. We will always have a result from Upload.base_url/0, so just add it to the list
Fix regression in MediaProxy.local?/0 and appending the Upload.base_url to whitelisted domains
ChatMessages: Fix pagination headers.
Formatting
.formatter.exs: Format optional migrations
Add development section
Apply 4 suggestion(s) to 2 file(s)
Move construction of S3 base URL with optional namespace and bucket to Upload.base_url/0
...
* origin/develop: (330 commits)
Translated using Weblate (Chinese (Simplified))
Minor refactoring of the logic for hiding followers/following counts.
changelog
Fix for dropping posts/notifs in WS when mix task is executed
Fixed Rich Media Previews
Majic: specify commit so source users do not get surprise updates
Switch to a fork of Hackney 1.15.2 for now so we can have our URL normalization bugfix
instance.gen: Warn that stripping exif requires exiftool
instance.gen task: Only show files which will be actually overwritten
Translated using Weblate (Ukrainian)
Added translation using Weblate (Ukrainian)
Tweaks to OAuth entities expiration: changed default to 30 days, removed hardcoded values usage, fixed OAuthView (expires_in).
Changed default OAuth token expiration time to 30 days.
[#3112] .gitattributes fix.
Update CHANGELOG
ApplicationRequirements: Add test, more text for pool size.
Apply 1 suggestion(s) to 1 file(s)
Add a startup error for modified Repo pool_size
instance.reachable?: Limit to binary input
instance: Do not fetch unreachable instances
...
* origin/develop: (162 commits)
Improve Keyword descriptions for AdminFE
Fixed User.is_discoverable attribute rendering in Admin API User view.
@doc fix.
FrontStatic plug: excluded invalid url
phoenix_controller_render_duration is no longer available in telemetry of Phoenix 1.5+
ActivityPub: Add back debug call + explanation.
clients.md: Add AndStatus, note supported protocols
Fix link reference
NoNewPrivileges breaks ability to send email via sendmail because it restricts ability to run setuid/setgid binaries
Changelog: Add info about whitespace name remote users.
User: Correctly handle whitespace names.
Translated using Weblate (Chinese (Simplified))
[#3059] Used forked prometheus-phx to remove log spam.
[#3059] Formatting fix.
[#3059] Fixed Phoenix 1.5 telemetry processing.
Changelog: Add information about self-chats
SideEffects: Correctly handle chat messages sent to yourself
fix module name
update changelog
update docs
...
* origin/develop: (180 commits)
Deep link to the user account in AdminFE in account confirmation emails
Spelling
Ask user to use matching values for database setup
Syntax error
Don't always need to drop
Improve backup/restore documentation
Lint
Apply 1 suggestion(s) to 1 file(s)
Apply 1 suggestion(s) to 1 file(s)
Apply 2 suggestion(s) to 2 file(s)
Improve description yet again
Don't leak internal variables in the docs. They're useless to users.
Credo
Improve descriptions for reserved and proxies
Add test for an entry without CIDR format
Move hardcoded default configuration into config.exs
Fix docs for default headers used by RemoteIp. We only use X-Forwarded-For by default.
Document the NSFW link preview change
Add helper function to convert single IPs into CIDR format if they were not provided that way
Docs: Modify docs so the postgres config is harder to get wrong.
...
* origin/develop: (566 commits)
Fix MRF reject for ChatMessage
Create MRF.filter_pipeline to inject :object_data when present
KeywordPolicy: Still match when fields are absent
pleroma-fe bundle: bump to b225c3578f3c89af5ed3a0be3f8f3a6bbcedcc7d
CHANGELOG.md: Add 2.1.2 entry
mix.exs: bump version to 2.1.2
Merge branch '2130-mfa-users-oauth-login-fix' into 'develop'
Merge branch 'fix/streaming-termination-errors' into 'develop'
Merge branch 'fix/mrf-simple-welcome-chats' into 'develop'
Merge branch 'reply-visibility-user-guard' into 'develop'
Merge branch 'bugfix/mrf-ingestion' into 'develop'
adapt to new user factory behavior
add test and changelog entry
User search respect discoverable flag
Merge branch 'hotfix/rich-media-compile-error' into 'develop'
Merge branch 'feat/rich-media-head' into 'develop'
Deny ConfigDB migration when deprecated settings found
RichMedia: Fix log spam on failures and resetting TTL on cached errors
Return the file content for `GET /api/pleroma/admin/instance_document/:document_name`
add description to changelog
...
* origin/develop: (67 commits)
Fix example json response
ChatMessage schema: Add preview cards.
ChatMessageReferenceView: Display preview cards.
OTP users need Pleroma running to execute pleroma_ctl, so reorganize instructions.
Attempt to fix markdown formatting
Apply 1 suggestion(s) to 1 file(s)
set versions
updated `cors_plug`
set `postgrex` version
set `web_push_encryption` version
updated `calendar` package
Expose seconds_valid in Pleroma Captcha API endpoint
:show_reactions, refactor the other test
:show_reactions, add CHANGELOG.md, refactor test
feed/user_controller: Return 404 when the user is remote
AccountController: Don't explicitly ask to keep users unconfirmed.
EnsureRePrepended: Don't break on chat messages.
update mogrify package
set http_signatures version
set `jason` version
...
* origin/develop: (213 commits)
Apply 1 suggestion(s) to 1 file(s)
ReverseProxy tesla client: remove handling of old_conn
ReverseProxy: Fix a gun connection leak when there is an error with no body
OpenAPI: remove accidentally pasted buffer data
OpenAPI: Replace actor_id by account_id to follow ChatMessage schema
Update types in Pleroma.Formatter group
added migrate old settings to new
Ensure Oban is available during mix tasks. Fixes: mix pleroma.user rm username
Fix mix tasks that make HTTP calls by starting the Gun connection pool
remove duplicate module
Support blocking via query parameters as well and document the change.
[#2791] AccountView: renamed `:force` option to `:skip_visibility_check`.
added warning to use old keys
Update linkify migration tests to use config from ConfigDB
Migration to fix malformed Pleroma.Formatter config
Refactor require_migration/1 into a test helper function
Add AutolinkerToLinkify migration test
Fix linkify ConfigDB migration
[#1973] Fixed accounts rendering in GET /api/v1/pleroma/chats with truish :restrict_unauthenticated. Made `Pleroma.Web.MastodonAPI.AccountView.render("show.json", _)` demand :for or :force option in order to prevent incorrect rendering of empty map instead of expected user representation with truish :restrict_unauthenticated setting.
Add related_policy field
...
* origin/develop: (53 commits)
Add warning against parsing/reusing MastoFE settings blob
Update NotificationOperation spec
Add `is_muted` to notifications
Translated using Weblate (Italian)
Added translation using Weblate (Italian)
Add include for the "Further reading" section
HellthreadPolicy: Restrict to Notes and Articles.
Apply suggestion to lib/pleroma/web/api_spec/operations/pleroma_emoji_pack_operation.ex
proper error codes for error in adminFE
Apply suggestion to lib/pleroma/web/api_spec/operations/pleroma_emoji_pack_operation.ex
cheatsheet.md: no_attachment_links → attachment_links
fix for packs pagination
Stop filling conversation field on incoming objects (legacy, unused)
Only accounts with Service actor_type are considered as bots
Add support for bot field in update_credentials
README: Add some troubleshooting info for compilation issues.
[#1873] Fixes missing :offset pagination param support. Added pagination support for hashtags search.
default page size for files
changelog entry
adding overall count for packs and files
...
* origin/develop: (276 commits)
Remove `poll` from `notification_type` OpenAPI spec
credo fix
CHANGELOG.md: mention minimal elixir version update
Update OTP releases to official images of 1.10.3
Chunk the notification type backfill migration
moving custom ecto types in context folders
Upgrade to Elixir 1.9
naming
fix attemps to merge map
fix for updated hackney
Mogrify args as custom tuples
Fix tests
Changelog: Add info about conversation view changes.
Conversations: Return last dm for conversation, not last message.
Mastodon API: ensure the notification endpoint doesn't return less than the requested amount of records unless it's the last page
ControllerHelper: Always return id field.
Apply suggestion to lib/pleroma/web/controller_helper.ex
Remove use of atoms in MRF.UserAllowListPolicy
Fix atom leak in Rich Media Parser
Return an empty map from Pleroma.Web.RichMedia.Parsers.OGP.parse/2
...
* origin/develop:
Update AdminFE build, re-enables emoji packs
Migrations: Make user_id index on notifications better for query.
Notification: Actually preload objects.
ActivityPub: Change ordering to `nulls last` in favorites query
Activity.Queries: Use correct actor restriction.
Migrations: Add index on client_id and client_secret for apps.
Config: Restore old new background image
Fix Oban warnings
Mastodon API Controllers: Use the correct params for rate limiting.
[#1501] Made user feed contain public and unlisted activities.
Skip failing `:crypt` test on mac
Docs: sql -> SQL
Apply suggestion to docs/installation/otp_en.md
Docs: Document reasonable Postgres settings.
Transmogrifier: Use a simpler way to get mentions.
User: Change signature of get_users_from_set
StealEmojiPolicyTest: Fix flaky test.
Factory: Set users to be ap_enabled by default.
UserTest: Add test for user refreshing.
User: Don't error out if we want to refresh a user but can't
* origin/develop:
Apply suggestion to lib/pleroma/web/common_api/utils.ex
Update CHANGELOG and docs
Add filename_display_max_length config
priv/static: Add a warning discouraging admins from modifying the static files directly
Fix notifications mark as read API
EmojiReactionController: Return more appropriate error.
Credo fixes for the credo god.
AnnounceValidator: Check for announcability
Credo fixes.
Announcements: Fix all tests.
SideEffects: Builed out Announce effects.
Pipeline: Don't federate if federation is disabled.
Announcements: Handle through common pipeline.
CommonAPI: Change public->private implicit addressing.
AnnounceValidator: Validate for existing announce
ObjectValidators: Add basic Announce validator.
TransmogrifierTest: Fix tests.
Transmogrifier Test: Extract Announce handling.
* origin/develop: (381 commits)
CHANGELOG.md: Add entry for re-registration ban
Reword changelog entry for follow relationship bug
Mastodon API: do not create a following relationship if the corresponding follow request doesn't exist when calling `POST /api/v1/follow_requests/:id/authorize`
Deactivate local users on deletion instead of deleting the record
[#1732] Made AP C2S :followers and :following endpoints serve on no auth (as for related :api pipeline endpoints).
PleromaFE bundle supporting follow request notifications. 5f90b6a384
static-fe.css: Restore and move to /priv/static/static-fe
OpenAPI: Add `follow_request` to notification types
Fix sporadic test compilation failure caused by unused alias
OpenAPI: Remove max pagination limit from the spec
Updated PleromaFE bundle to prevent notifications loading issue due to unsupported parameter (`with_move`).
MappedSignatureToIdentityPlug: Fix.
Signature: Handle non-ap ids in key ids.
Made follow request notifications non-optional (removed config switch).
Increase tests on AP C2S
Dismiss the follow request notification on rejection
fix for auth check
docs update
docs fix
list of options for pack metadata
...
* origin/develop: (249 commits)
Add a test for accounts/update_credentials
Fix activity deletion
Add emoji support in statuses in staticfe
AccountView: fix for other forms of <br> in bio
Mastodon API Account view: Remove an outdated hack
Improved in-test `clear_config/n` applicability (setup / setup_all / in-test usage).
restrict_unauthenticated setting
include_types parameter in /api/v1/notifications
remove federated testing
Improved in-test config management functions.
Fix ssl option on Ecto config breaking release
Admin API: `PATCH /api/pleroma/admin/users/:nickname/credentials`, `GET /api/pleroma/admin/users/:nickname/credentials`.
Admin API: `PATCH /api/pleroma/admin/users/:nickname/change_password`
removing with_move parameter
Improve documentation of mrf_object_age
gitlab: create templates for bug reports and release MRs
warnings fix
removing from descriptions.exs deprecated settings
fix for content-type header for tag feed
adding rss for user feed
...
* origin/develop: (116 commits)
streamer group & Oban crontab child
Update PleromaFE bundle for the 2.0 release
Update AdminFE build
add confirm field to filtered params
Admin API: Exclude boosts from `GET /api/pleroma/admin/users/:nickname/statuses` and `GET /api/pleroma/admin/instance/:instance/statuses`
Admin API: `GET /api/pleroma/admin/statuses` - list all statuses (accepts `godmode` and `local_only`)
unnecessary groups
instance.gen task: make example instance name less confusing
instance.gen task: remind to transfer the config to the database after migrations
instance.gen task: make instance name default to the domain
Update AdminFE build
Fix Dialyzer warnings
Add a test to ensure OAuth tokens are tied to Push subscriptions
compile fix
instance.gen task: fix crash when using custom static directory
Admin API: `GET /api/pleroma/admin/stats` to get status count by visibility scope
DOCS Theming your instance
Captcha: return invalid when answer_data is nil
captcha_test.exs: Use the same testing logic in Kocaptcha and native
Add missing invites_enabled and account_activation_required settings
...
* origin/develop: (63 commits)
Fix email mix task on OTP releases
Actually fix upload limit on OTP releases
Questions: Add timezone to `closed` property
deps: update plug to 1.9
Add User.get_follow_state/2
fix
EmojiReactions: Rename to EmojiReacts
Update FE bundle
Update CHANGELOG
Cancellation of a follow request for a remote user
Simplify in-database config docs
description change
dropdown type
removing confusing error
Apply suggestion to CHANGELOG.md
removing migrate_from_db endpoint from admin api
Remove AutoLinker `scheme` option from the config
Add support for cancellation of a follow request
Add cheatsheet entry
fix not being able to pin polls
...
* origin/develop: (466 commits)
Fix compatibility with Elixir v1.10
Add test for custom base_url when deleting an attachment
Fix base_url string trimming
Add logging
Remove `whole_db` parameter everywhere, it's not used anymore
Fix __MODULE__ usage
DOCS General update for the "Introduction to Pleroma" section
update ecto
Remove unused var
explicitly describe perform op in AttachmentsClenupWorker
Remove user recommendation by third party engine
little fixes
Fix typo
description typos, Oban verbose type fix, new keys
can be changed in runtime
respect settings from database in mix tasks
Document dynamic_configuration breaking change
Emoji reactions: Update docs and changelog
Emoji reactions: Change api format once more
fix for non existing atom
...
* origin/develop: (734 commits)
update fast sanitize dependency
streamer: use direct object for filter checks when there is no valid child object in an activity
Bump fast_sanitize version
Fix moderation log crash
Undo dialyzer fix
Fix count
AdminAPI: Omit relay user from users list
Fix "the call ... will never return" warning
Bump fast_sanitize dependency so this builds on more than just Linux
Remove following column from the migrations
Update test for get_recipients_from_activity
Fix bookmark migration using a query with a schema
Add a migration to fix blocked follows
Fix duplicate recipients
Rip out the rest of htmlsanitizeex
Remove commented-out code
Fix XSS emoji test
Bump fast_sanitize dependency
Fix two migrations sharing the same module name
Migrate missing follow requests
...
* origin/develop: (59 commits)
Fix OAuth cleanup worker unconditionally starting
Parallelize template rendering
Collect stats immediately after init
Cache follow state
Add a task to benchmark timeline rendering
html.ex: Allow sub and sup elements by default
Apply suggestion to lib/pleroma/web/activity_pub/publisher.ex
activitypub: publisher: add (request-target) to http signature when POSTing
MRF: fix up unserializable option lists in describe implementations
fix formatting
Implement Pleroma.Stats as GenServer
streamline Streamer pings
Isolate OAuth.Token.CleanWorker
use default child_specs
Conversations: Load relations in one query.
Switch to pre-1.8 version of tzdata.
Conversation: Render new participation on update.
Conversations: Use correct oauth paths for extended api.
update changelog to cover MRF describe API.
Preload thread mutes/bookmarks in user_statuses
...
* origin/develop: (302 commits)
MRF: ensure that subdomain_match calls are case-insensitive
Strip internal fields including likes from incoming and outgoing activities
tests for Pleroma.Uploaders
Mastodon API: Fix thread mute detection
Uploader.S3 added support stream uploads
Mastodon API: Set follower/following counters to 0 when hiding followers/following is enabled
Return profile URL in MastodonAPI's `url` field
Simplify logic to mention.js `url` field
Return profile URL when available instead of actor URI for MastodonAPI mention URL
Do not rembed the object after updating it
OStatus tests: stop relying on embedded objects
ActivityPub tests: remove assertions of embedded object being updated, because the objects are no longer supposed to be embedded
OStatus Announce Representer: Do not depend on the object being embedded in the Create activity
Stop depending on the embedded object in restrict_favorited_by
[#1150] fixed parser TwitterCard
tests for CommonApi/Utils
Remove Reply-To from report emails
Do not add the "next" key to likes.json if there is no more items
Replace "impode" with "implode" for
Remove longfox emoji set
...
* origin/develop: (159 commits)
[#1043] fix search accounts.
tasks/pleroma/instance.ex: Change :upload_dir to :uploads_dir
Expose `skip_thread_containment` in nodeinfo
Split alters rather than work with indexes
Use fallback values for search queries
Fix migration
[#1048] Fixed version parsing in pleroma_ctl. Closes#1036.
[#1048] Resolved violations of SemVer version format. Refactoring.
Add fallback value to the admin report view.
Move changelog entries
[#1033] Fix database migrations
Update changelog and admin API docs with tags, display_name, avatar additions
OTP Release install docs: Remove --dry-run in cron certbot command
Add hashtag filter to user statuses (GET /api/v1/accounts/:id/statuses)
[#1026] Filter.AnonymizeFilename added ability to retain file extension with custom text
Fix not being able to pin unlisted posts
Add PLEROMA_BUILD_ENV to override env for the version generator and use it in the CI for building docs
Add a caveat for docker deployment in the config docs
Revert "Build releases only on tags or develop"
Build releases only on tags or develop
...
* origin/develop: (36 commits)
[#570] add user:notification stream
fix for new instances
no print version to the shell
OEmbed.OEmbedController does not exist in the Pleroma codebase. It was removed in commit 92c5640f and this leftover artifact breaks compiling now.
Update Phoenix to 1.4.8
Apply suggestion to CHANGELOG.md
Documentation: Document chat token response.
Changelog: Document chat token.
Mastodon API: Return the token needed for the chat.
bugfix
little fix
version generation
it is changed in compile time
Fix rate limit test
[#948] /api/v1/account_search added optional parameters (limit, offset, following)
Fix hashtags being picked up by rich media parser
Add copyright info to containment.ex
Mastodon API: Document changes.
MastodonAPI: Add a way to update the background image.
Improve rate limiter documentation
...
* origin/develop: (193 commits)
Remove search result order for non-RUM indexes
Update `auto_linker` dependency
Document TagPolicy in `rewrite_policy` section
Import release config from env variable or /etc/pleroma/config.exs and warn if the file is missing
Add option to restrict all users to local content
Better default parameters for suggestion
Update `plug` dependency
Update `ex_rated` dependency
Replace `MastodonAPIController.account_register/2` rate limiter
Update CHANGELOG
Add rate limiting for search endpoints
Add RateLimiter
Remove unused imports and aliases from migration
Update pleroma_ctl
Add more tests for using media_proxy and whitelists
Add a changelog entry for releases
specify that a version is needed for rollback
Add migrate/rollback to release tasks
Fix wrong placement of serve_endpoints
Use Mix.shell().yes? if available
...
* origin/develop: (218 commits)
http: bump connection timeout to 10 seconds
Fix prometheus-ecto error when not configured
Document MRF.Simple :report_removal
Add virtual :thread_muted? field
Move default mascot configuration to `config/`
Add changelog entry for mascot config
Use string map for default mascot
Format mascot tests
Add mascot get/set tests
Add API endpoints for a custom user mascot
Add report filtering to MRF.SimplePolicy
add Changelog entry
also suppress link previews from posts marked #nsfw
add CHANGELOG entry
config: make sending the user agent configurable, disable sending the user agent in tests
http: request builder: send user-agent when making requests
rich media: suppress link previews if post is marked as sensitive
mrf: simple policy: mark all posts instead of posts with media as sensitive if they match media_nsfw
CI: Use the correct image with the correct hostname.
RUM: Set rum status by the environment.
...
* origin/develop:
Fix bookmarks depending on embeded object and move checking if the status is bookmarked to SQL
update pleroma frontend
tests: fix up for changed bbcode library output and verify html is properly escaped
add support for bbcode
mix: add bbcode dependency
update Changelog
Add mediaproxy whitelist capability
Move settings to Source subentity
test fixes
fixes for tests
migration without using old field name
unused
removing useless transaction
migration optimization
changelog file update
favourites add bookmark display
migrate user.bookmarks to separate table
bookmarks in separate table
activitypub: transmogrifier: send reject follow if following does not succeed
Fix leaking private configuration parameters in Mastodon and Twitter APIs, and add new configuration parameters to Mastodon API
* origin/develop: (184 commits)
html: lock down allowed class attributes to only those related to microformats
Extend Mastodon API with public endpoint for getting Favorites timeline of any user (#789)
Add :emoji settings to config.md
added healthcheck setting to instance config
Add shortcode_globs setting to documentation
Add a changelog entry for `pleroma.in_reply_to_account_acct`
Add `pleroma.in_reply_to_account_acct` to MastoAPI status entity
Replace Object.normalize(activity.data[object] with Object.normalize(acitivty) to benefit from preloading
Fix unclosed ` and put synopsis into a code block in pleroma.emoji mix task docs
Use `User.get_cached*` everywhere
Feature/826 healthcheck endpoint
Fix emoji.txt / custom_emoji.txt / shortcode_globs handling
Formatting
Change the default manifest to pleroma's namespace
Replace MD5 with SHA256 for emoji pack verification
Wrap the docstrings to 70 characters
differences_in_mastoapi_responses.md: `content_type` parameter of post submission
[#923] Refactored OAuthController#authorize definitions, added test.
Set correct values in the MastoAPI reblog status view
Mention Mastodon 2.8+ follow import fix in changelog
...
* origin/develop: (36 commits)
update the follower count when a follower is blocked
adding language tag
AdminApiControllerTest unused variables fix.
[#923] Removed <br> elements from auth forms, adjusted docs, minor auth settings refactoring.
Add scheduler for sending scheduled activities to the queue
Added limits and media attachments for scheduled activities.
Handle `scheduled_at` on status creation.
Add scheduled activities
fix credo
Use PleromaJobQueue in Pleroma.Web.Push
[#923] OAuth consumer mode refactoring, new tests, tests adjustments, readme.
[#923] OAuthController#callback adjustments (with tests).
[#923] OAuth consumer controller tests. Misc. improvements.
Improve Transmogrifier.upgrade_user_from_ap_id/2
second level of headertext change in doc
syntax highlighting
test fix
little changes and typos
updating custom_emoji docs
refactoring of emoji tags config to use groups
...
* origin/develop: (87 commits)
Pin recon dependency to 2.4.0
Redirect to the referer url after mastofe authorization
Mock :crypt.crypt/2 because otherwise the test fails on Mac OS
Revert "Merge branch 'test-coverage' into 'develop'"
Use --cover option when running CI tests
We actually want the user id not nickname in the test...
Also remove Repo functions in the tests
Redundant Repo.get_by usage was recently removed from the codebase
Document the admin API endpoints for controlling follow/unfollow
Add user following / unfollowing to the admin api.
Refactor html caching functions to have a key instead of a module, use more correct terminology and fix summaries in mastoapi
Add ability to ship logs to a Slack channel
Code readability tweak
Clean merge crumbs
Serve metrics at `/api/pleroma/app_metrics`
Document Prometheus
[#1] fix telemetry
Set up telemetry and prometheus
Add recon
mastodon_api_controller.ex: Add pleroma-tan to initial_state
...
* origin/develop:
Fix muting reblogs tests
Fix missing announces in MastoAPI home timeline
Add more user filters + move search to its own module
Add vapid_key to the `POST /api/v1/apps` response
Add GET /api/v1/apps/verify_credentials
* origin/develop: (55 commits)
AP UserView: Refactor banner / avatar display code, add test.
Test for MastoAPI /api/v1/instance response structure (formatting fix).
Test for MastoAPI /api/v1/instance response structure.
Credo is upset about me not remembering the alphabet
Fix formatting
Remove ActivityRepresenter
Mastodon 2.7.2 instance attributes (registrations, languages).
Increment replies_count on replies (MastoAPI)
Comments split.
Mastodon-based auth error messages. Defaulted User#auth_active?/1 to `true`.
Try sending an empty map
Attempt to fix incorrect federation of default instance avatars
Add an id index to notifications
fix up missing announcements with preloads
Serve non-public activities in /api/v1/favourites
add overriding truncated_namespace condition for truncating paths for digital ocean
mrf/keyword_policy.ex: Fix when summary == nil, do not whitelist content == nil
tests: fix up activity collision test
activity: use left join instead of inner join when fetching activities that may or may not have a child object
user: use preloads when deleting accounts
...
* origin/develop: (87 commits)
Add a gopher url port config option
modify the migrations to use naive_datetime_usec
Fix filter migration
Fix migration timestamp type
Ecto 3.0.5 migration
Update frontend
Format
Use ILIKE to search users
transmogrifier: upgrade: when upgrading OStatus users to AP, ensure we always use the fake collection
user: properly cope with actors which do not declare a followers collection
transmogrifier: when determining followers collection URI, we may need to fetch the actor
test: add test for list sanitization
tests: add test for as:Public issues
activitypub: transmogrifier: do not allow missing lists to be interpreted as nil
activitypub: transmogrifier: ensure as:Public activities are delivered to followers
fix UploadTest to use new image_tmp.jpg
used imageOptim to reduce size of image files
Document additional pleroma changes to /api/v1/accounts/:id
Check if the user has indeed not been federated with
Added support for exclude_types, limit, and min_id in Mastodon notifications.
...
* origin/develop: (24 commits)
MastoAPI followers/following endpoints
Switch the CI to Elixir 1.8.1
Linting.
WebPush: Add activity id to the push messages.
MastoAPI Accounts: Add fetching by nickname.
Update Differences-in-MastodonAPI-Responses.md
Remove chromium input hilight that clashes with our own
Style again the login page to fit pleroma more
MastoAPI StatusView: Add locality indicator.
Broadcast deleted activity id on deletion to conform to MastoAPI streamig spec
Change order of source code to align with platforms
Update homepages and provide source code links for Roma apps in Clients.md
Rename Mastalab -> Fedilab in Clients.md
http: connection: unify adapter configuration and defaults
http: connection: relax the timeouts a little
http: rework connection timeouts to match hackney docs, enforce 1 second max TCP connection timeout
http: actually pass the options list to the Connection factory
http: connection: merge hackney option lists instead of concatenating them
http: safely catch erlang exits and elixir errors from hackney (ref #672)
Allow an admin to delete a user status
...
* origin/develop: (62 commits)
update pleroma frontend
tests: add regression test
MRF: anti followbot: gracefully handle accounts without a display name
Adjust delete activity audience to match the deleted object
Revert existing object check
Preserve parameters in link headers (Mastodon API)
[#647] tests for web push
Keep heading short
Add default config for masto_fe
Add handling of objects not in database
Add tests for reserved char escaping in upload
Properly escape reserved URI charachters in upload urls
Web.RelMe: Fix having other values in rel attr
Plugs.HTTPSecurityPlug: Add static_url to CSP's connect-src
Include admins in nodeinfo
Typo
rich media: helpers: rework validate_page_url()
local -> only_local
Format & update docs
helpers: use AutoLinker to validate URIs as well as the other tests
...
* origin/develop: (208 commits)
Web.OAuth.OAuthControllerTest: Add test against token formatting
Web.OAuth.OAuthController: Fix scopes Enum.join for OAuth response
activitypub: fix date header format
Added migration for setting default tags in existing users records
config: fix chat endpoint path
mastodon websocket: return errors using ok, not stop
mastodon websocket: bring back infinity timeout
mastodon websocket: use pattern match to get query data, robustly handle errors
config: update config for cowboy 2 endpoints
mastodon api: websocket: update code for cowboy 2.x
mix: update dependencies for cowboy 2.0
Renamed *DatabaseAuthenticator to *Authenticator.
Added `auth_template/0` to DatabaseAuthenticator.
Made auth customization be runtime-configurable.
Added deactivated to the user view
Remove parts of the old activity view.
Add user muted status info to twitterapi.
Add user muted status info to MastodonAPI.
Add `with_muted` param.
Follower requests: Utilize object index.
...
* origin/develop: (280 commits)
Mark streaming feature for Apps in README.md
Update README.md
hide_followings was renamed to hide_followers in the FE, but never synced up in the BE
tests: add a rich media card that contains all relevant fields
test: add some regression tests for the rich media card rendering
mastodon api: rich media: don't clobber %URI struct with a string
adds a couple of explicit examples for ExSyslogger
Fix if clause in activity_pub user_view
rids the duplicate timestamp from default ExSyslogger config
update frontend
Allow to configure visibility for admin and moderator badges
Add is_admin and is_moderator boolean fields to the user view
rich media: parser: reject any data which cannot be explicitly encoded into JSON
test: twitterapi: fix another possible test failure case
test: twitterapi: fix the test breakage for real
mastodon api: fix rendering of cards without image URLs (closes#597)
Fix SQL
ARGLE GARBLE
html: don't attempt to parse nil content
activitypub: transmogrifier: fix bare tags
...
* origin/develop: (194 commits)
Mix.Tasks.Pleroma.Instance: Generate signing_salt
Send delete event over Mastodon streaming api
Add a test to ensure #39 is fixed.
update frontend
Set custom similarity limit.
Make use of the indices.
test: add regression test for to/cc clobbering
[#477] User trigram index adjustment.
[#477] User: FTS and trigram search results mixing (to handle misspelled requests).
[#491] Made full nicknames be preserved in user links text only in Bio.
activitypub: add a match clause for objects, not just activities
activitypub: transmogrifier: do not clobber the addressing on relayed announcements
activitypub: allow is_public?() to work on any type of map representing an AS2 object
activitypub: relay: chase selective public announce changes
activitypub: announce: add new public parameter
Add comments and change default path of the Mix binary.
Fix bad link in likes collection
[#502] Fixed `user_count` in `/api/v1/instance` to include only active local users.
formatting
Default to disabled in the code in case the setting is absent from config.exs
...
* origin/develop: (53 commits)
tests: add legal boilerplate
mix tasks: add legal boilerplate
add license boilerplate to pleroma core
tests: twitter api: add test proving that peertube videos are correctly handled
twitter api: add "Video" to supported activity types list
tests: twitter api: activity view test: enable tesla mock
twitter api: activity representer: remove peertube hack
tests: mastodon api: add test verifying that peertube videos are correctly rendered
mastodon api: status view: remove obsolete peertube hack
transmogrifier: significantly rework handling of peertube videos, add test
transmogrifier: When it’s a Video move "url" to "attachment"
Implement kaniini's tweaks
Renamed the things
Add documentation
Fix formatting
Implement large thread filter
[#114] Fixed test.
[#114] Allowed unconfirmed users to authenticate if :account_activation_required is disabled prior to confirmation. Ensured that no confirmation emails are sent if :account_activation_required is not true. Adjusted tests.
[#114] Added :user_id component to email confirmation path to improve the security. Added tests for `confirm_email` action.
[#114] Removed flash messages rendering on redirects.
...
* origin/develop: (295 commits)
update frontend
Fix uploads test.
fix text field
don't re-use build
Fix tagging problems for existing instances.
Alias Kocaptcha in the test
Use :ets.match_delete to delete old captchas
Switch to phoenixframework/phoenix as the needed change is merged.
Integration tests for mastodon websocket
Cowboy handler for Mastodon WebSocket
Support both OAuth token record and token string in UserView
minutes->seconds_retained in config.md
Clean captchas up periodically, not schedule it after theyre created
Fix captcha tests
Change minutes_retained config to seconds_retained
Make the hosted kocaptcha the default value
Add a configurable auto-cleanup for captchas
More put_view.
Use bindings dbuser and dbname in sample_psql.eex
Upgrade to Phoenix 1.4
...
* origin/develop: (92 commits)
Web.MastodonApi.MastodonSocketTest: Add test for unauthenticated websocket
Web.Streamer: Get unauthenticated statuses representation
Web.MastodonAPI.MastodonSocket: Put access_token at function-level
Web.MastodonAPI.MastodonSocket: Add unauthentified websocket endpoints
Improved version string
mediaproxy: fix empty url & add some tests
RetryQueue: tiny refractor, add tests
Various runtime configuration fixes
update pleroma frontend
Federator: add retry queue.
activitypub: object view: avoid leaking private details
ostatus controller: respond with AS2 objects instead of activities to notice URIs
tests: federator: fix formatting
activitypub: transmogrifier: make deletes secure
Web.AdminAPI.AdminAPIControllerTest: New Test
Web.AdminAPI.AdminAPIController: Fixes bugs found with ExUnit
test/plugs/user_is_admin_plug_test: New test
lib/mix/tasks/relay*: Use a with block
Change Relay from `status` to `{status, message}`
Web.Router: Change right to permission group (except for function names)
...
* origin/develop: (207 commits)
Update README.md
Mastodon API: Fix list streaming
nginx example config: remove CORS headers, now managed by CORSPlug.
config: properly configure CORSPlug.
oauth: fix token decode regression
tests: add test for internal data stripping
activitypub: transmogrifier: sanitize internal representation details from outgoing objects
lib/mix/tasks: s/@doc/@moduledoc/
lib/mix/tasks/unsubscribe_user.ex: Fix syntax from bad line copy
lib/mix/tasks: Add remaining documentation for mix tasks
config/config.md: Add lines inspired/copied from CONFIGURATION.md
README.md: Add note about config/config.md
README.md: Put the systemd’s .service note to the relevant section
README.md: Add note for OpenRC
config/config.md: scope_options_enabled also addresses subject
config/config.md: Fill all the blanks
config/config.md: Complete it [WIP]
config/config.md: Create
Document the mix tasks in ex_doc instead
Document mix tasks
...
* origin/develop: (129 commits)
Uploaders.S3: Replace unsafe characters in object key
update pleroma frontend
test: add smoketests for the scrubbing policies
html: twittertext: add missing catchall scrub function
twitter api: add no_rich_text option to userview for account prefs
test: add tests for new User.html_filter_policy()
mastodon api: formatting
twitter api: add support for disabling rich text
mastodon api: add support for user-supplied html policy
twitter api: add support for user-specified html policy
user: add User.html_filter_policy()
html: default to using normal scrub policy if provided scrub policy is nil
mix: remove fix_ap_users task, now obsolete
test: add test proving that users are refreshed when stale
user: implement dynamic refresh of profiles (gets rid of need for fix_ap_users task)
Update mastodon frontend
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Bump mastodon_api_level to 2.5.0
[Pleroma.Web.MastodonAPI.MastodonAPIController]: Remove unused variables
[Pleroma.Web.Router]: Fake /api/v1/endorsements
[Pleroma.Web.MastodonAPI.AccountView]: relationship.json: fake endorsed value (false)
...
; Use private /tmp and /var/tmp folders inside a new file system namespace, which are discarded after the process stops.
PrivateTmp=true
; The /home, /root, and /run/user folders can not be accessed by this service anymore. If your Pleroma user has its home folder in one of the restricted places, or use one of these folders as its working directory, you have to set this to false.
ProtectHome=true
ProtectHome=false
; Mount /usr, /boot, and /etc as read-only for processes invoked by this service.
ProtectSystem=full
; Sets up a new /dev mount for the process and only adds API pseudo devices like /dev/null, /dev/zero or /dev/random but not physical devices. Disabled by default because it may not work on devices like the Raspberry Pi.
