Commit graph

4250 commits

Author SHA1 Message Date
00f9f79a44
Only allow http(s) scheme for urls (ref #3505) (#3508)
With this change only http(s) schemes are allowed for post.url
field. This is checked for incoming api and federation requests.
Existing posts in database which are sent to clients are not
checked. Neither does it check urls in markdown.
2023-07-06 08:29:51 -04:00
c12fedaf1b
Change security contact mail (#3506)
Old one isnt working apparently
2023-07-06 07:27:47 -04:00
Diamond
084f603745
Allow cross-origin requests (#3421)
Co-authored-by: pfg <pfg@pfg.pw>
2023-07-06 07:25:19 -04:00
Dessalines
6840fd64f9
Make sure hot rank sorts for post and community filter by positive hot ranks. (#3497)
* Make sure hot rank sorts for post and community filter by positive hot ranks.

- Context #2994

* Adding a comment.
2023-07-06 13:22:48 +02:00
Dessalines
ef11a6ca37
Fixes wrong community moderator ordering. (#3495) 2023-07-06 12:27:25 +02:00
ce1ffebeb0
Use fixed prettier version for CI (#3507)
3.0.0 was pushed to docker hub 2 hours ago, thats probably why
builds are breaking now.
2023-07-06 12:23:51 +02:00
phiresky
2158621bda
upgrade markdown-it to fix panic (#3490)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 13:08:53 -04:00
phiresky
45b1a0d4fb
improve performance of community followers inbox query (#3482)
* improve performance of community followers inbox query

* nightly format

* force woodpecker to retry

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 11:50:26 -04:00
ebaf69bd70
Cache federation blocklist (#3486)
* Cache federation blocklist

* revert submodule change
2023-07-05 11:08:02 -04:00
Andrew Fields
1e99e8b9dc
Add Prometheus endpoint (#3456)
Add a server for serving Prometheus metrics. Include a configuration
block in the config file. Provide HTTP metrics on the API, along with
process-level metrics and DB pool metrics.
2023-07-05 13:25:19 +02:00
Dessalines
657c2e37c0
Adding a person.admin index, and featured_local/community indexes. (#3479) 2023-07-05 13:00:41 +02:00
Lemmus.org
ff47d97bd3
Add feature for enabling json logging (#3462) 2023-07-04 07:11:47 -04:00
Louis GERARD
85dab149a9
fix(posts/comments/search): return error on invalid community name (#3418) 2023-07-04 13:04:38 +02:00
Josephos
cdc5b47886
Improved validation of display names (Fixes #3436) (#3437)
* Fixed validation of display names

Fixed validation of display names: reject names beginning with invisible unicode characters.

* Formatting

Formatting fix.

* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.

* Formatting

* Added a comment detailing source of the list of invisible chars.
2023-07-04 12:41:58 +02:00
Dessalines
8bcf2ea7c9
Fixing clippy. (#3471) 2023-07-04 12:15:27 +02:00
Piotr Juszczyk
bf62fbe644
Remove not needed anymore http-signature-normalization-actix dependency (#3458) 2023-07-04 12:14:37 +02:00
Dessalines
f0e487f18a
300 comment limit. (#3306)
* 300 comment limit.

* Another fix.
2023-07-03 18:02:57 -04:00
7a04971ecd Version 0.18.1-rc.9 2023-07-03 17:16:48 -04:00
JP Moresmau
bbca6ef6dc
Do not decrement comment score twice when removing then deleting. (#3196)
Fixes #3004

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 14:13:53 -04:00
perillamint
696cca4ce4
Remove excessive content_type header configuration (#3470) 2023-07-03 13:43:45 -04:00
Dessalines
935b0bf048
Adding rest of community sorts. Fixes #3374 (#3376)
* Adding rest of community sorts. Fixes #3374

* Addressing PR comments.
2023-07-03 13:09:15 -04:00
e1494d4683
Dont compare db string errors (fixes #1393) (#3424)
* Dont compare db string errors (fixes #1393)

* cargo fmt

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 11:59:49 -04:00
Simon Bordeyne
b8ee9315bc
Add Open links in new tab setting (#3318)
* Add Open links in new tab setting

* reorder because it fixes tests ?
2023-07-03 11:10:25 -04:00
David BELEY
efe98158c0
Fix awesome-lemmy owner (#3469) 2023-07-03 16:44:55 +02:00
David BELEY
050216eed9
Add awesome-lemmy to LemmyNet? (#3413)
* Add LemmyNet/awesome-lemmy

* Delete other apps/projects from README.md
2023-07-03 15:15:45 +02:00
cb91eedd24
Use serde(skip) instead of skip_serializing, add placeholder values (#3362)
* Use serde(skip) instead of skip_serializing

The latter breaks lemmy_crawler as the field is not included in
the Lemmy API, but is required when attempting to parse API responses.
Should only use serde(skip) to avoid this problem

* use option

* add placeholders

* no unwrap
2023-07-03 15:14:01 +02:00
6405761891
Mark follow as pending when subscribing to remote community (fixes #3384) (#3406) 2023-07-03 12:03:20 +02:00
fc60b82f82 Fix formatting for latest nightly (#ref 3467) 2023-07-03 11:45:53 +02:00
3578dab67f
Remove PerformApub trait (#3423)
* Remove PerformApub trait

This is completely useless now that websocket is gone. In the future
I also plan to remove Perform and PerformCrud traits, but it will be
difficult to do that while still compiling crates in parallel.

* params need to use query
2023-07-03 11:01:41 +02:00
drumlinish
682ca55e0c
Fix quoting of max-file in docker-compose.yml (#3442) 2023-07-03 10:59:07 +02:00
phiresky
cb28af508d
don't strip, log trace if requested (#3425) 2023-06-30 09:32:43 -04:00
Lemmus.org
810762762f
Update federated posts to not cache sensitive images if not allow by local site (#3253)
* Update federated posts to not cache sensitive images if not allow by local site

* Refactor thumbnail match to simplify logic
2023-06-30 12:42:42 +02:00
Dominic Mazzoni
fcc010b5dc
Fix concatenation of audio captcha wav files (#3350)
* Fix concatenation of audio captcha wav files

* Log errors rather than crashing

* Return Result from captcha_as_wav_base64

* Change to return LemmyError

* Check for wav write error, format

* Remove unused import

* Rewrite to avoid clippy warnings
2023-06-30 12:36:38 +02:00
dullbananas
7d3894d5dd
Automatically manage database when running scripts/test.sh (#3389)
* Update .gitignore

* Create start-dev-db.sh

* Rename start-dev-db.sh to start_dev_db.sh

* Update .gitignore

* Update start_dev_db.sh

* Update start_dev_db.sh

* Update start_dev_db.sh

* Update start_dev_db.sh

* h

* Update test.sh

* Update start_dev_db.sh

* made it work

* Make test.sh work when run from scripts dir
2023-06-30 09:50:30 +02:00
3159eedd99 Version 0.18.1-rc.4 2023-06-29 10:45:59 -04:00
Dessalines
6c64cb5233
Fixing release script. (#3398)
* Fixing release script.

* Version 0.18.1-rc.2

* Removing cargo update from release script.

* Fixing topdir location.
2023-06-29 16:17:59 +02:00
Nick Shockey
0464c46d26
Added gitattributes to normalize all files to lf (#3386)
This makes it less annoying to build on windows/mac

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-29 10:16:11 +02:00
c216153dfb
Update activitypub-federation crate to 0.4.5 (#3379)
https://github.com/LemmyNet/activitypub-federation-rust/releases/tag/0.4.5
2023-06-28 12:58:23 -04:00
Sander Saarend
ec18fd9869
Fix cargo warnings (#3397) 2023-06-28 12:57:49 -04:00
c-andy-candies
ffc049078e
Fix missing sorting types (#3370)
* Fix missing sorting types

* Reordered sort_type_enum
2023-06-28 12:44:16 -04:00
Jan Klass
0f91759e4d
docs(api): Add api-common info on generating TypeScript bindings (#3330) 2023-06-28 11:25:46 +02:00
dullbananas
bef76630c5
Remove redundant calls to Iterator::collect (#3365)
* Remove redundant calls to `Iterator::collect`

* Update mentions.rs

* Add clippy lints and run fmt

* CI ran on the wrong commit again 
2023-06-28 11:19:26 +02:00
e4b739320c
Run cargo update as part of release script (#3369)
To get newest dependency patches and get rid of yanked deps

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-27 08:59:58 -04:00
ad6f244b61 Version 0.18.1-rc.1 2023-06-27 08:14:46 -04:00
Nina Blanson
e63aa80c3a
Fixes #2900 - Checks slur regex to see if it is too permissive (#3146)
* Fixes #2900 - Checks slur regex to see if it is too permissive along with small validation organization

* Clean up variable names, add handler for valid empty string usecase

* Update tests

* Create validation function and add tests

* Test clean up

* Use payload value vs local site value to prevent stunlocking

* Remove println added while testing

* Fall back to local site regex if not provided from request

* Attempt clean up of flaky comment_view tests

* Pull in latest submodule

* Move application, post check into functions, add more tests and improve test readability

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-06-27 07:03:30 -04:00
Domenic Horner
d1d90af0eb
add new flag to api (#3363) 2023-06-27 06:45:26 -04:00
TKilFree
2aef6a5a33
feat: re-added captcha checks (#3289) 2023-06-27 06:38:53 -04:00
Sander Saarend
76a4513774
Limit password resets (#3344) 2023-06-27 11:20:53 +02:00
Dessalines
98482b1564
Fixing the release script. (#3295)
* Fixing the release script.

* Updating the submodules.
2023-06-27 10:28:56 +02:00
Sander Saarend
211e76dc27
Batch hot rank updates (#3175) 2023-06-27 10:13:51 +02:00