rinpatch
1172844ed1
Merge branch 'release/2.2.0' into 'stable'
Release/2.2.0
See merge request pleroma/secteam/pleroma!19
3 years ago
rinpatch
6ca709816f
Fix object spoofing vulnerability in attachments
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects .
content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
possibility I missed something.
Closes pleroma#1948
3 years ago
Haelwenn
99bc175f02
Merge branch 'title-injection-change' into 'develop'
Title injection change
See merge request pleroma/pleroma!3132
3 years ago
feld
ccec59047b
Merge branch 'feature/ingest-blurhash' into 'develop'
Ingest blurhash for attachments if they were federated
Closes #2294
See merge request pleroma/pleroma!3133
3 years ago
Mark Felder
966663c3f8
Fix tests for other attachment types
3 years ago
rinpatch
b4c6b262d6
pleroma-fe bundle: update to 8e87e3d88b
3 years ago
rinpatch
99edfba3da
Polish the changelog a bit and specify release date
3 years ago
Mark Felder
2156de2fee
Ingest blurhash field during transmogrification
3 years ago
Mark Felder
2254e5e595
Render blurhashes in Mastodon API
3 years ago
Mark Felder
6fd72e9e85
Ingest blurhash for attachments if they were federated
3 years ago
lain
b0e4e0cf2a
Changelog: Add info about title injection
3 years ago
lain
25bd64b03a
Bundled FE: Remove title tag
3 years ago
feld
911fc3c523
Merge branch 'mrf-config-descriptions' into 'develop'
little changes for MRF config descriptions
See merge request pleroma/pleroma!3131
3 years ago
lain
631def2df2
RedirectController: Don't replace title, but inject into the meta
3 years ago
Alexander Strizhakov
8da9f919f8
little changes for MRF config descriptions
- log level reduction, if policy doesn't implement config_description method
- docs in dev.md
3 years ago
Egor Kislitsyn
af3f00292c
Fix formatting
3 years ago
Egor Kislitsyn
0118ccb53c
Add `local` visibility
3 years ago
feld
3cd7ea693f
Merge branch 'feature/2222-config-descriptions-for-custom-modules' into 'develop'
Config descriptions for custom MRF policies
Closes #2222
See merge request pleroma/pleroma!3128
3 years ago
Alexander Strizhakov
e58ea7f99c
changes after rebase
3 years ago
Alexander Strizhakov
f97f24b067
making credo happy and test fix
3 years ago
Alexander Strizhakov
efc27f6464
fix for adminFE
- revert UserAllowPolicy description
- MRF descriptions order
3 years ago
feld
7681b4c5cd
Apply 1 suggestion(s) to 1 file(s)
3 years ago
feld
776067a9a3
Apply 1 suggestion(s) to 1 file(s)
3 years ago
feld
952a8c213e
Apply 1 suggestion(s) to 1 file(s)
3 years ago
feld
2933658446
Apply 1 suggestion(s) to 1 file(s)
3 years ago
Alexander Strizhakov
485697d96c
config descriptions for custom MRF policies
3 years ago
lain
88f6b61a5e
Merge branch '2260-wrong-report-link' into 'develop'
Resolve "Wrong user link in Report email"
Closes #2260
See merge request pleroma/pleroma!3121
3 years ago
lain
d77fd6b3d0
Merge branch 'fix/html-title-load' into 'develop'
Fix title on load of Pleroma HTML, fixes #2281
Closes #2281
See merge request pleroma/pleroma!3125
3 years ago
lain
4a3d1e78f6
Merge branch 'fix/2291-atom-feed-escape' into 'develop'
Escaping in xml templates
Closes #2291
See merge request pleroma/pleroma!3126
3 years ago
Alexander Strizhakov
0c68b9ac13
escaping summary and other fields in xml templates
3 years ago
Haelwenn
db07b538a5
Merge branch 'remove/release-env' into 'develop'
Remove release_env
See merge request pleroma/pleroma!3124
3 years ago
Sean King
e4a21084f0
Fix title on load of Pleroma HTML
3 years ago
lain
abf2ec2bbe
Update optimizing_beam.md
3 years ago
rinpatch
cc45c69fff
Remove release_env
While taking a final look at instance.gen before releasing I noticed
that the release_env task outputs messages in broken english. Upon
further inspection it seems to have even more severe issues which, in
my opinion, warrant it's at least temporary removal:
- We do not explain what it actually does, anywhere. Neither the task
docs nor instance.gen, nor installation instructions.
- It does not respect FHS on OTP releases (uses /opt/pleroma/config even
though we store the config in /etc/pleroma/config.exs).
- It doesn't work on OTP releases, which is the main reason it exists.
Neither systemd nor openrc service files for OTP include it.
- It is not mentioned in install guides other than the ones for Debian
and OTP releases.
3 years ago
Mark Felder
a9c1f83fd8
Markdown, you're drunk
3 years ago
Mark Felder
4999549191
Make it clearer the settings go into the vm.args file
3 years ago
Mark Felder
620f1d7237
More grammar fixes
3 years ago
Mark Felder
da1862e1d3
Less confusing I hope
3 years ago
Mark Felder
9e90e49ad2
Grammar
3 years ago
Mark Felder
60fe4a8393
First draft of tips for optimizing BEAM
3 years ago
Haelwenn (lanodan) Monnier
e010bb292b
NoteHandlingTest: Poison → Jason
3 years ago
Haelwenn (lanodan) Monnier
fa1f5d4442
Move TransmogrifierTest for Note to NoteHandlingTest
3 years ago
rinpatch
6166ecdbc8
CHANGELOG.md: Add an entry for the spoofing fix
3 years ago
rinpatch
5116859f0e
Merge branch 'fix/object-attachment-spoof' into 'develop'
Fix object spoofing vulnerability in attachments
See merge request pleroma/secteam/pleroma!18
3 years ago
Haelwenn
4d693b5e54
Merge branch '2236-no-name' into 'develop'
Resolve "Account cannot be fetched by some instances"
Closes #2236
See merge request pleroma/pleroma!3101
3 years ago
Mark Felder
79caf3840e
phoenix_controller_render_duration is no longer available in telemetry of Phoenix 1.5+
3 years ago
feld
48f7e12e6c
Merge branch 'ostatus-controller-no-auth-check-on-non-federating-instances' into 'develop'
OStatus / Static FE access control fixes
See merge request pleroma/pleroma!3053
3 years ago
feld
86b4149a13
Merge branch '1668-prometheus-access-restrictions' into 'develop'
[#1668 ] App metrics endpoint (Prometheus) access restrictions
Closes #1668
See merge request pleroma/pleroma!3093
3 years ago
rinpatch
5f27a39152
Merge branch '2242-nsfw-case' into 'develop'
Resolve "Posts tagged with #NSFW from GS aren't marked as sensitive"
Closes #2242
See merge request pleroma/pleroma!3094
3 years ago
feld
88dc1d24b9
Merge branch 'issue/2261' into 'develop'
[#2261 ] FrontStatic plug: excluded invalid url
See merge request pleroma/pleroma!3106
3 years ago