Commit graph

802 commits

Author SHA1 Message Date
00f9f79a44
Only allow http(s) scheme for urls (ref #3505) (#3508)
With this change only http(s) schemes are allowed for post.url
field. This is checked for incoming api and federation requests.
Existing posts in database which are sent to clients are not
checked. Neither does it check urls in markdown.
2023-07-06 08:29:51 -04:00
Dessalines
6840fd64f9
Make sure hot rank sorts for post and community filter by positive hot ranks. (#3497)
* Make sure hot rank sorts for post and community filter by positive hot ranks.

- Context #2994

* Adding a comment.
2023-07-06 13:22:48 +02:00
Dessalines
ef11a6ca37
Fixes wrong community moderator ordering. (#3495) 2023-07-06 12:27:25 +02:00
phiresky
2158621bda
upgrade markdown-it to fix panic (#3490)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 13:08:53 -04:00
phiresky
45b1a0d4fb
improve performance of community followers inbox query (#3482)
* improve performance of community followers inbox query

* nightly format

* force woodpecker to retry

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 11:50:26 -04:00
ebaf69bd70
Cache federation blocklist (#3486)
* Cache federation blocklist

* revert submodule change
2023-07-05 11:08:02 -04:00
Andrew Fields
1e99e8b9dc
Add Prometheus endpoint (#3456)
Add a server for serving Prometheus metrics. Include a configuration
block in the config file. Provide HTTP metrics on the API, along with
process-level metrics and DB pool metrics.
2023-07-05 13:25:19 +02:00
Louis GERARD
85dab149a9
fix(posts/comments/search): return error on invalid community name (#3418) 2023-07-04 13:04:38 +02:00
Josephos
cdc5b47886
Improved validation of display names (Fixes #3436) (#3437)
* Fixed validation of display names

Fixed validation of display names: reject names beginning with invisible unicode characters.

* Formatting

Formatting fix.

* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.

* Formatting

* Added a comment detailing source of the list of invisible chars.
2023-07-04 12:41:58 +02:00
Dessalines
8bcf2ea7c9
Fixing clippy. (#3471) 2023-07-04 12:15:27 +02:00
Piotr Juszczyk
bf62fbe644
Remove not needed anymore http-signature-normalization-actix dependency (#3458) 2023-07-04 12:14:37 +02:00
Dessalines
f0e487f18a
300 comment limit. (#3306)
* 300 comment limit.

* Another fix.
2023-07-03 18:02:57 -04:00
7a04971ecd Version 0.18.1-rc.9 2023-07-03 17:16:48 -04:00
JP Moresmau
bbca6ef6dc
Do not decrement comment score twice when removing then deleting. (#3196)
Fixes #3004

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 14:13:53 -04:00
perillamint
696cca4ce4
Remove excessive content_type header configuration (#3470) 2023-07-03 13:43:45 -04:00
Dessalines
935b0bf048
Adding rest of community sorts. Fixes #3374 (#3376)
* Adding rest of community sorts. Fixes #3374

* Addressing PR comments.
2023-07-03 13:09:15 -04:00
e1494d4683
Dont compare db string errors (fixes #1393) (#3424)
* Dont compare db string errors (fixes #1393)

* cargo fmt

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 11:59:49 -04:00
Simon Bordeyne
b8ee9315bc
Add Open links in new tab setting (#3318)
* Add Open links in new tab setting

* reorder because it fixes tests ?
2023-07-03 11:10:25 -04:00
cb91eedd24
Use serde(skip) instead of skip_serializing, add placeholder values (#3362)
* Use serde(skip) instead of skip_serializing

The latter breaks lemmy_crawler as the field is not included in
the Lemmy API, but is required when attempting to parse API responses.
Should only use serde(skip) to avoid this problem

* use option

* add placeholders

* no unwrap
2023-07-03 15:14:01 +02:00
6405761891
Mark follow as pending when subscribing to remote community (fixes #3384) (#3406) 2023-07-03 12:03:20 +02:00
fc60b82f82 Fix formatting for latest nightly (#ref 3467) 2023-07-03 11:45:53 +02:00
3578dab67f
Remove PerformApub trait (#3423)
* Remove PerformApub trait

This is completely useless now that websocket is gone. In the future
I also plan to remove Perform and PerformCrud traits, but it will be
difficult to do that while still compiling crates in parallel.

* params need to use query
2023-07-03 11:01:41 +02:00
phiresky
cb28af508d
don't strip, log trace if requested (#3425) 2023-06-30 09:32:43 -04:00
Lemmus.org
810762762f
Update federated posts to not cache sensitive images if not allow by local site (#3253)
* Update federated posts to not cache sensitive images if not allow by local site

* Refactor thumbnail match to simplify logic
2023-06-30 12:42:42 +02:00
Dominic Mazzoni
fcc010b5dc
Fix concatenation of audio captcha wav files (#3350)
* Fix concatenation of audio captcha wav files

* Log errors rather than crashing

* Return Result from captcha_as_wav_base64

* Change to return LemmyError

* Check for wav write error, format

* Remove unused import

* Rewrite to avoid clippy warnings
2023-06-30 12:36:38 +02:00
Dessalines
6c64cb5233
Fixing release script. (#3398)
* Fixing release script.

* Version 0.18.1-rc.2

* Removing cargo update from release script.

* Fixing topdir location.
2023-06-29 16:17:59 +02:00
Sander Saarend
ec18fd9869
Fix cargo warnings (#3397) 2023-06-28 12:57:49 -04:00
Jan Klass
0f91759e4d
docs(api): Add api-common info on generating TypeScript bindings (#3330) 2023-06-28 11:25:46 +02:00
dullbananas
bef76630c5
Remove redundant calls to Iterator::collect (#3365)
* Remove redundant calls to `Iterator::collect`

* Update mentions.rs

* Add clippy lints and run fmt

* CI ran on the wrong commit again 
2023-06-28 11:19:26 +02:00
ad6f244b61 Version 0.18.1-rc.1 2023-06-27 08:14:46 -04:00
Nina Blanson
e63aa80c3a
Fixes #2900 - Checks slur regex to see if it is too permissive (#3146)
* Fixes #2900 - Checks slur regex to see if it is too permissive along with small validation organization

* Clean up variable names, add handler for valid empty string usecase

* Update tests

* Create validation function and add tests

* Test clean up

* Use payload value vs local site value to prevent stunlocking

* Remove println added while testing

* Fall back to local site regex if not provided from request

* Attempt clean up of flaky comment_view tests

* Pull in latest submodule

* Move application, post check into functions, add more tests and improve test readability

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-06-27 07:03:30 -04:00
Domenic Horner
d1d90af0eb
add new flag to api (#3363) 2023-06-27 06:45:26 -04:00
TKilFree
2aef6a5a33
feat: re-added captcha checks (#3289) 2023-06-27 06:38:53 -04:00
Sander Saarend
76a4513774
Limit password resets (#3344) 2023-06-27 11:20:53 +02:00
c-andy-candies
f5209fffc1
Feature add three six and nine months options backend (#3226)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-26 15:03:35 -04:00
50efb1d519
Fetch community outbox and moderators in parallel (#3360)
This will speedup first time fetching of a remote community
2023-06-26 12:14:50 -04:00
Simon Lundström
c9e9ff46fa
Item URL should point to post URL (#3345)
If the post is an URL post the item link should point to the URL of the
link that is being posted.
2023-06-26 15:11:16 +02:00
Otto Rottier
62c8ac1db5
Site Metadata: resolve relative URLs for embedded images/videos (#3338)
* Site Metadata: resolve relative URLs for embedded images/videos

* api_common: relax version requirement of `webpage` dependency

With this change we opt into next (non breaking) versions of webpage-rs

* cargo +nightly fmt

* Add tests for resolving absolute urls in SiteMetadata
2023-06-26 15:07:57 +02:00
73d2faa9f5 Remove another unused dev dependency 2023-06-26 12:46:44 +02:00
cetra3
9406c3ad2b
Adjust the config check to be a separate faster to compile binary (#3313) 2023-06-26 06:23:21 -04:00
perillamint
3d7d6b2530
Respond with Content-Type: application/activity+json (#3353)
As per ActivityPub specification, the return type should be
`application/activity+json`, not `application/json`.
2023-06-26 12:10:04 +02:00
ddfa112e0b
Allow wildcard imports in schema.rs (#3293)
Dont mess with auto-generated code, this avoids problems with
clippy after running diesel commands
2023-06-26 11:18:29 +02:00
Scott
c5886404ef
Update DB local_user.theme type to text (#3266)
* Update local_user.theme type to text

* fix default value

* Undo auto generate changes
2023-06-26 10:53:04 +02:00
TKilFree
21d5349785
feat: allow all admins to purge content (#3271) 2023-06-26 10:47:39 +02:00
Neshura
203e35899e
Add separate Post check for is_valid_body_field (#3263)
* Add separate Post check for is_valid_body_field

* Modify is_valid_body_check for posts only

* Fix check var reinit in validation.rs

* Extra empty line to rerun woodpecker with changes

* Change Option to bool, add false to non-post calls

* Woodpecker trick.. again

* Probable rust_fmt fail fixed

* cargo_clippy changes

* Missing space between = and if

* Remove ; after body length checks
2023-06-26 10:47:01 +02:00
ce0cf0e41b Remove DELETED_REPLACEMENT_URL 2023-06-26 10:45:37 +02:00
Sander Saarend
6b28f8c616 Add support for sslmode=require for diesel-async DB connections (#3189) 2023-06-26 10:45:22 +02:00
cetra3
d6b580a530 Remove actix_rt & use standard tokio spawn (#3158)
* Remove `actix_rt` & use standard tokio spawn

* Adjust rust log back down

* Format correctly

* Update cargo lock

* Add DB settings

* Change name and update to latest rev

* Clean up formatting changes

* Move `worker_count` and `worker_retry_count` to settings

* Update defaults

* Use `0.4.4` instead of git branch
2023-06-26 10:45:22 +02:00
Dessalines
37a47de3a8 Revert "feat: re-added captcha checks (#3249)" (#3288)
This reverts commit 8a086c8240.
2023-06-26 10:45:22 +02:00
Dessalines
b6cd1bde8e Fixing removed posts showing. Fixes #2875 (#3279)
* Fixing removed posts showing. Fixes #2875

* Fixing clippy.
2023-06-26 10:45:22 +02:00