dakkar
c05cc63e24
look inside url
when checking activity origin - #512
...
The previous assertion that:
> if it's a complicated thing and the `activity.id` doesn't match, I
> think we're fine rejecting the activity
was wrong: at least peertube sends activities that have `url` as an
array of objects.
Notice that this does *not*, in fact, fix #512 : the peertube activity
does not contain its short URL (`https://example.com/w/someid `), so
there's no way to confirm that it is the activity we requested.
2024-05-18 16:48:10 +01:00
dakkar
95ec40d3c8
merge: allow overriding all string config values via env - fixes #465 ( !476 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/476
Closes #465
Approved-by: Marie <marie@kaifa.ch>
Approved-by: Luna <her@mint.lgbt>
2024-05-17 16:46:02 +00:00
dakkar
f1d96b8ae8
merge: fix: incorrect type for quote property ( !480 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/480
Closes #401
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Tess K <me@thvxl.se>
2024-05-09 09:05:16 +00:00
dakkar
01256af028
merge: Rework cache clearing to be fault tolerant ( !497 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/497
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-05-09 08:01:18 +00:00
dakkar
89f412c696
merge: Send default reactions as Like activities to Iceshrimp.NET instances ( !505 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/505
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-05-09 07:59:46 +00:00
Ember
ed91663672
merge: don't count "system" local accounts in user chart - fixes #451 ( !500 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/500
Closes #451
Approved-by: Ember <acomputerdog@gmail.com>
Approved-by: Marie <marie@kaifa.ch>
2024-05-07 20:17:54 +00:00
dakkar
89f4f0e5f4
don't count "system" local accounts in user chart - fixes #451
2024-05-07 20:17:53 +00:00
Ember
58ff225c4e
merge: really edit notes in more cases - fixes #424 ( !504 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/504
Closes #424
Approved-by: Leah <kevinlukej@gmail.com>
Approved-by: Ember <acomputerdog@gmail.com>
2024-05-07 20:16:39 +00:00
dakkar
eab690a5e3
really edit notes in more cases - fixes #424
2024-05-07 20:16:38 +00:00
Tess K
5e20de45d7
merge: Compact LD-signed activities against well-known context ( !503 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/503
Approved-by: Marie <marie@kaifa.ch>
Approved-by: Tess K <me@thvxl.se>
2024-05-04 17:19:42 +00:00
Essem
f843bf6c17
fix: Add unicode flag to custom emoji regexes
2024-05-03 11:48:00 -05:00
dakkar
d0a2708f91
merge: handle non-ASCII emoji names ( !464 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/464
Approved-by: Leah <kevinlukej@gmail.com>
Approved-by: Ember <acomputerdog@gmail.com>
Approved-by: Marie <marie@kaifa.ch>
2024-05-02 21:06:10 +00:00
ShittyKopper
e333283905
Send default reactions as Like activities to Iceshrimp.NET instances
2024-05-02 02:37:59 +03:00
dakkar
45182c17e2
fix imports
2024-05-01 17:41:33 +01:00
dakkar
6ae01e28aa
Compact LD-signed activities against well-known context
...
This should defend against some spoofing attacks, see also
https://nvd.nist.gov/vuln/detail/CVE-2022-24307 for Mastodon,
febb499fcb
from Iceshrimp and
e790d6be90
for Firefish
Thanks to @tesaguri@fedibird.com for reporting and providing the patch.
2024-04-30 10:16:57 +01:00
PrivateGER
493775ad7b
reformat expression
2024-04-24 16:05:30 +02:00
dakkar
0f3764ff71
teach ReactionService about non-ASCII emoji names
2024-04-23 14:42:02 +01:00
Latte macchiato
dd3d562a1e
Rework cache clearing to be fault tolerant
2024-04-19 21:58:37 +00:00
dakkar
e0afeff248
merge: hide images/videos in og cards, when under a CW - fixes #487 ( !488 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/488
Closes #487
Approved-by: Marie <marie@kaifa.ch>
Approved-by: Amelia Yukii <amelia.yukii@shourai.de>
2024-04-11 20:40:38 +00:00
Marie
cfc8081cec
merge: bump tmp@0.2.3 - fixes #464 ( !475 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/475
Closes #464
Approved-by: Marie <marie@kaifa.ch>
Approved-by: Luna <her@mint.lgbt>
Approved-by: Amelia Yukii <amelia.yukii@shourai.de>
2024-04-11 18:00:40 +00:00
Marie
011ccd3a9a
merge: bump devel
version ( !486 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/486
Approved-by: Marie <marie@kaifa.ch>
Approved-by: Amelia Yukii <amelia.yukii@shourai.de>
2024-04-11 17:21:32 +00:00
dakkar
960f4fcff7
detect size of remote files - fixes #494
...
without this, remote files are assumed to have size 0 (even if we just
downloaded them!) and the range-related code won't run
2024-04-09 16:21:30 +01:00
dakkar
92eec2178f
return 206 for every ranged response - fixes #494
2024-04-09 15:42:29 +01:00
dakkar
56dca6dbf5
hide images/videos in og cards, when under a CW - fixes #487
2024-04-07 16:58:13 +01:00
Marie
d6c736f1a5
fix conflicts
2024-04-07 15:42:28 +00:00
dakkar
b6f41a28ed
pull in sfm-js that supports non-ascii in emoji names
2024-04-07 16:37:31 +01:00
Marie
bb7b4a8ea4
merge: fix: send null for empty edited_at in mastodon api ( !487 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/487
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-04-07 15:36:59 +00:00
dakkar
0690b9a429
merge: fix: load libopenmpt on demand ( !469 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/469
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-04-07 14:56:16 +00:00
Sugar🍬🍭🏳️⚧
e779c1e667
fix: send null for empty edited_at in mastodon api
2024-04-04 10:43:28 +02:00
dakkar
328546c4cd
Merge branch 'develop' into release/2024-03-30
2024-03-30 11:08:26 +00:00
dakkar
074de82bf7
some validation fixes
2024-03-30 11:05:58 +00:00
Marie
56b19ab6bb
fix: incorrect type for quote property
2024-03-24 23:41:23 +00:00
dakkar
4271402e0d
recognise numbers and boolean values
2024-03-24 11:17:55 +00:00
dakkar
0e8cdb30b7
allow setting values not present in the config file
...
replicas and arrays in general, are more complicated :/
2024-03-24 11:12:17 +00:00
dakkar
435cab01c8
deal with (possible, future) non-alnum config keys
2024-03-21 10:00:16 +00:00
dakkar
25e6409cc9
allow overriding all string config values via env - fixes #465
...
will need end-user documentation!
2024-03-20 15:38:20 +00:00
dakkar
f4e89f2e6b
bump tmp@0.2.3 - fixes #464
...
see also https://github.com/raszi/node-tmp/issues/295
2024-03-19 17:13:43 +00:00
Alina Sireneva
0085305579
fix: load libopenmpt on demand
2024-03-11 15:32:59 +03:00
dakkar
43544a6479
longer statement_timeout
for migrations - fixes 450
2024-03-09 15:38:36 +00:00
dakkar
354cb2a675
handle non-ASCII emoji names
...
* use the more inclusive regexp for validating emoji names
* always normalize emoji names, aliases, categories
the latter point is necessary to allow matching, for example, `ä`
against `a`+combining diaeresis
this will also need to bump the version of `sfm-js` once we merge
https://activitypub.software/TransFem-org/sfm-js/-/merge_requests/2
2024-03-09 12:51:51 +00:00
dakkar
ff0117a1a5
check prohibited words when creating notes
...
some small differences (between Misskey and us) inside the `create`
method made `git` put all the changes inside the `import` method… I
thought I had copied them all, but I had missed one, and it's a pretty
important one: prohibited words were not being checked!
2024-03-05 16:52:05 +00:00
dakkar
7d00c4529b
fix repo + feedback URLs for Firefish / IceShrimp
2024-03-03 11:12:58 +00:00
dakkar
6ecfe7c7c3
remove duplicate method
2024-03-02 17:34:31 +00:00
dakkar
23f476dbf3
Merge branch 'develop' into release/2024.3.1
2024-03-02 17:28:34 +00:00
dakkar
af548d05ca
merge upstream for 2024.2.1
2024-03-02 16:36:49 +00:00
Marie
1b65c06d60
merge: fix: delete old follow request (if exists) before creating new ( !440 )
...
View MR for information: https://activitypub.software/TransFem-org/Sharkey/-/merge_requests/440
Approved-by: dakkar <dakkar@thenautilus.net>
Approved-by: Marie <marie@kaifa.ch>
2024-02-24 18:16:16 +00:00
Kaity A
def2e8dff0
Merge remote-tracking branch 'origin/develop' into fix/failed-follow
2024-02-24 05:05:25 +00:00
Kaity A
ea948ccadc
fix: delete old follow request (if exists) before creating new
2024-02-24 04:38:01 +00:00
Marie
d1b787192a
fix: align note edit errors with note create errors
2024-02-23 17:01:35 +01:00
Marie
15d2319011
merge: upstream
2024-02-23 13:42:52 +01:00