Commit graph

852 commits

Author SHA1 Message Date
00f9f79a44
Only allow http(s) scheme for urls (ref #3505) (#3508)
With this change only http(s) schemes are allowed for post.url
field. This is checked for incoming api and federation requests.
Existing posts in database which are sent to clients are not
checked. Neither does it check urls in markdown.
2023-07-06 08:29:51 -04:00
Dessalines
6840fd64f9
Make sure hot rank sorts for post and community filter by positive hot ranks. (#3497)
* Make sure hot rank sorts for post and community filter by positive hot ranks.

- Context #2994

* Adding a comment.
2023-07-06 13:22:48 +02:00
Dessalines
ef11a6ca37
Fixes wrong community moderator ordering. (#3495) 2023-07-06 12:27:25 +02:00
phiresky
2158621bda
upgrade markdown-it to fix panic (#3490)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 13:08:53 -04:00
phiresky
45b1a0d4fb
improve performance of community followers inbox query (#3482)
* improve performance of community followers inbox query

* nightly format

* force woodpecker to retry

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-05 11:50:26 -04:00
ebaf69bd70
Cache federation blocklist (#3486)
* Cache federation blocklist

* revert submodule change
2023-07-05 11:08:02 -04:00
Andrew Fields
1e99e8b9dc
Add Prometheus endpoint (#3456)
Add a server for serving Prometheus metrics. Include a configuration
block in the config file. Provide HTTP metrics on the API, along with
process-level metrics and DB pool metrics.
2023-07-05 13:25:19 +02:00
Louis GERARD
85dab149a9
fix(posts/comments/search): return error on invalid community name (#3418) 2023-07-04 13:04:38 +02:00
Josephos
cdc5b47886
Improved validation of display names (Fixes #3436) (#3437)
* Fixed validation of display names

Fixed validation of display names: reject names beginning with invisible unicode characters.

* Formatting

Formatting fix.

* Expanded list of forbidden Unicode characters. Validation now checks for disallowed characters anywhere in the name.

* Formatting

* Added a comment detailing source of the list of invisible chars.
2023-07-04 12:41:58 +02:00
Dessalines
8bcf2ea7c9
Fixing clippy. (#3471) 2023-07-04 12:15:27 +02:00
Piotr Juszczyk
bf62fbe644
Remove not needed anymore http-signature-normalization-actix dependency (#3458) 2023-07-04 12:14:37 +02:00
Dessalines
f0e487f18a
300 comment limit. (#3306)
* 300 comment limit.

* Another fix.
2023-07-03 18:02:57 -04:00
7a04971ecd Version 0.18.1-rc.9 2023-07-03 17:16:48 -04:00
JP Moresmau
bbca6ef6dc
Do not decrement comment score twice when removing then deleting. (#3196)
Fixes #3004

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 14:13:53 -04:00
perillamint
696cca4ce4
Remove excessive content_type header configuration (#3470) 2023-07-03 13:43:45 -04:00
Dessalines
935b0bf048
Adding rest of community sorts. Fixes #3374 (#3376)
* Adding rest of community sorts. Fixes #3374

* Addressing PR comments.
2023-07-03 13:09:15 -04:00
e1494d4683
Dont compare db string errors (fixes #1393) (#3424)
* Dont compare db string errors (fixes #1393)

* cargo fmt

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-07-03 11:59:49 -04:00
Simon Bordeyne
b8ee9315bc
Add Open links in new tab setting (#3318)
* Add Open links in new tab setting

* reorder because it fixes tests ?
2023-07-03 11:10:25 -04:00
cb91eedd24
Use serde(skip) instead of skip_serializing, add placeholder values (#3362)
* Use serde(skip) instead of skip_serializing

The latter breaks lemmy_crawler as the field is not included in
the Lemmy API, but is required when attempting to parse API responses.
Should only use serde(skip) to avoid this problem

* use option

* add placeholders

* no unwrap
2023-07-03 15:14:01 +02:00
6405761891
Mark follow as pending when subscribing to remote community (fixes #3384) (#3406) 2023-07-03 12:03:20 +02:00
fc60b82f82 Fix formatting for latest nightly (#ref 3467) 2023-07-03 11:45:53 +02:00
3578dab67f
Remove PerformApub trait (#3423)
* Remove PerformApub trait

This is completely useless now that websocket is gone. In the future
I also plan to remove Perform and PerformCrud traits, but it will be
difficult to do that while still compiling crates in parallel.

* params need to use query
2023-07-03 11:01:41 +02:00
phiresky
cb28af508d
don't strip, log trace if requested (#3425) 2023-06-30 09:32:43 -04:00
Lemmus.org
810762762f
Update federated posts to not cache sensitive images if not allow by local site (#3253)
* Update federated posts to not cache sensitive images if not allow by local site

* Refactor thumbnail match to simplify logic
2023-06-30 12:42:42 +02:00
Dominic Mazzoni
fcc010b5dc
Fix concatenation of audio captcha wav files (#3350)
* Fix concatenation of audio captcha wav files

* Log errors rather than crashing

* Return Result from captcha_as_wav_base64

* Change to return LemmyError

* Check for wav write error, format

* Remove unused import

* Rewrite to avoid clippy warnings
2023-06-30 12:36:38 +02:00
Dessalines
6c64cb5233
Fixing release script. (#3398)
* Fixing release script.

* Version 0.18.1-rc.2

* Removing cargo update from release script.

* Fixing topdir location.
2023-06-29 16:17:59 +02:00
Sander Saarend
ec18fd9869
Fix cargo warnings (#3397) 2023-06-28 12:57:49 -04:00
Jan Klass
0f91759e4d
docs(api): Add api-common info on generating TypeScript bindings (#3330) 2023-06-28 11:25:46 +02:00
dullbananas
bef76630c5
Remove redundant calls to Iterator::collect (#3365)
* Remove redundant calls to `Iterator::collect`

* Update mentions.rs

* Add clippy lints and run fmt

* CI ran on the wrong commit again 
2023-06-28 11:19:26 +02:00
ad6f244b61 Version 0.18.1-rc.1 2023-06-27 08:14:46 -04:00
Nina Blanson
e63aa80c3a
Fixes #2900 - Checks slur regex to see if it is too permissive (#3146)
* Fixes #2900 - Checks slur regex to see if it is too permissive along with small validation organization

* Clean up variable names, add handler for valid empty string usecase

* Update tests

* Create validation function and add tests

* Test clean up

* Use payload value vs local site value to prevent stunlocking

* Remove println added while testing

* Fall back to local site regex if not provided from request

* Attempt clean up of flaky comment_view tests

* Pull in latest submodule

* Move application, post check into functions, add more tests and improve test readability

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-06-27 07:03:30 -04:00
Domenic Horner
d1d90af0eb
add new flag to api (#3363) 2023-06-27 06:45:26 -04:00
TKilFree
2aef6a5a33
feat: re-added captcha checks (#3289) 2023-06-27 06:38:53 -04:00
Sander Saarend
76a4513774
Limit password resets (#3344) 2023-06-27 11:20:53 +02:00
c-andy-candies
f5209fffc1
Feature add three six and nine months options backend (#3226)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-26 15:03:35 -04:00
50efb1d519
Fetch community outbox and moderators in parallel (#3360)
This will speedup first time fetching of a remote community
2023-06-26 12:14:50 -04:00
Simon Lundström
c9e9ff46fa
Item URL should point to post URL (#3345)
If the post is an URL post the item link should point to the URL of the
link that is being posted.
2023-06-26 15:11:16 +02:00
Otto Rottier
62c8ac1db5
Site Metadata: resolve relative URLs for embedded images/videos (#3338)
* Site Metadata: resolve relative URLs for embedded images/videos

* api_common: relax version requirement of `webpage` dependency

With this change we opt into next (non breaking) versions of webpage-rs

* cargo +nightly fmt

* Add tests for resolving absolute urls in SiteMetadata
2023-06-26 15:07:57 +02:00
73d2faa9f5 Remove another unused dev dependency 2023-06-26 12:46:44 +02:00
cetra3
9406c3ad2b
Adjust the config check to be a separate faster to compile binary (#3313) 2023-06-26 06:23:21 -04:00
perillamint
3d7d6b2530
Respond with Content-Type: application/activity+json (#3353)
As per ActivityPub specification, the return type should be
`application/activity+json`, not `application/json`.
2023-06-26 12:10:04 +02:00
ddfa112e0b
Allow wildcard imports in schema.rs (#3293)
Dont mess with auto-generated code, this avoids problems with
clippy after running diesel commands
2023-06-26 11:18:29 +02:00
Scott
c5886404ef
Update DB local_user.theme type to text (#3266)
* Update local_user.theme type to text

* fix default value

* Undo auto generate changes
2023-06-26 10:53:04 +02:00
TKilFree
21d5349785
feat: allow all admins to purge content (#3271) 2023-06-26 10:47:39 +02:00
Neshura
203e35899e
Add separate Post check for is_valid_body_field (#3263)
* Add separate Post check for is_valid_body_field

* Modify is_valid_body_check for posts only

* Fix check var reinit in validation.rs

* Extra empty line to rerun woodpecker with changes

* Change Option to bool, add false to non-post calls

* Woodpecker trick.. again

* Probable rust_fmt fail fixed

* cargo_clippy changes

* Missing space between = and if

* Remove ; after body length checks
2023-06-26 10:47:01 +02:00
ce0cf0e41b Remove DELETED_REPLACEMENT_URL 2023-06-26 10:45:37 +02:00
Sander Saarend
6b28f8c616 Add support for sslmode=require for diesel-async DB connections (#3189) 2023-06-26 10:45:22 +02:00
cetra3
d6b580a530 Remove actix_rt & use standard tokio spawn (#3158)
* Remove `actix_rt` & use standard tokio spawn

* Adjust rust log back down

* Format correctly

* Update cargo lock

* Add DB settings

* Change name and update to latest rev

* Clean up formatting changes

* Move `worker_count` and `worker_retry_count` to settings

* Update defaults

* Use `0.4.4` instead of git branch
2023-06-26 10:45:22 +02:00
Dessalines
37a47de3a8 Revert "feat: re-added captcha checks (#3249)" (#3288)
This reverts commit 8a086c8240.
2023-06-26 10:45:22 +02:00
Dessalines
b6cd1bde8e Fixing removed posts showing. Fixes #2875 (#3279)
* Fixing removed posts showing. Fixes #2875

* Fixing clippy.
2023-06-26 10:45:22 +02:00
TKilFree
9537878519 feat: re-added captcha checks (#3249) 2023-06-26 10:45:22 +02:00
Vijay Ramesh
418bca78e1
Merge branch 'main' into clear_deleted_posts_comments 2023-06-22 09:59:43 -07:00
ffce66abb8
Update apub library to 0.4.4 (#3258)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-22 08:35:12 -04:00
Vijay Ramesh
0d576a8f23
Merge branch 'main' into clear_deleted_posts_comments 2023-06-21 13:35:37 -07:00
Scott
da3e3b6d8a
Ensure site can only either be a private instance or federated when creating or editing site (#3237)
* Add site visibility validation

* Fix formatting

* linter changes

* Update error message to match existing check

* Remove existing check

---------

Co-authored-by: Scott Merchant <97430840+scottmerchant@users.noreply.github.com>
2023-06-21 22:14:12 +02:00
Vijay Ramesh
4db65c191c after 30 days post deletion, replace comment.content and post.body with 'Permanently Deleted' 2023-06-21 12:46:56 -07:00
Michał
4cdb9583e9
feat: allow overriding smtp_password with the LEMMY_SMTP_PASSWORD env var (#3154)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-21 13:36:42 -04:00
e3eda68147
Correct error messages if user registers with taken user/email (#3093)
* Correct error messages if user registers with taken user/email (fixes #2955)

* exists
2023-06-21 05:26:07 -04:00
Dessalines
1ef095dd96
Fixing cross_post duplicates. Fixes #3233 (#3234) 2023-06-21 10:56:44 +02:00
JP Moresmau
a1beccf353
Add test to check reading and listing posts return my_vote (#3215) 2023-06-21 10:48:39 +02:00
dullbananas
45818fb4c5
Reduce memory usage of rate limiting (#3111)
* Reduce Vec allocations

* Optimize stuff

* Move embedded migrations to separate crate

* Revert "Move embedded migrations to separate crate"

This reverts commit 44b1049970.

* clippy, fmt

* Shrink rate limit allowance to f32

* Initialize rate limit allowance directly

* Add removal of old rate limit buckets

* Improve readability

* Remove usage of is_okay_and for Rust 1.67 compatibility

* Add dhat-heap feature

* Fix api_benchmark.sh and add run_and_benchmark.sh

* Revert "Fix api_benchmark.sh and add run_and_benchmark.sh"

This reverts commit b4528e5b85.

* Revert "Add dhat-heap feature"

This reverts commit 08e835d487.

* Manually revert remaining stuff

* Use Ipv6Addr in RateLimitStorage

* Shrink last_checked in RateLimitBucket to 32 bits

* Fix rate_limit::get_ip

* Stuff (#1)

* Update rate_limiter.rs

* Update mod.rs

* Update scheduled_tasks.rs

* Fix rate_limiter.rs

* Dullbananas patch 1 (#2)

* Update rate_limiter.rs

* Update mod.rs

* Update scheduled_tasks.rs

* Fix rate_limiter.rs

* Rate limit IPv6 addresses in groups

* Fmt lib.rs

* woodpicker trigger

* Refactor and comment `check_rate_limit_full`

* Add `test_split_ipv6`

* Replace -2.0 with UNINITIALIZED_TOKEN_AMOUNT

* Add `test_rate_limiter`

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-21 10:28:20 +02:00
Dessalines
5ff221a2e4
Fixing comment_view unit tests. (#3224) 2023-06-20 14:14:08 -04:00
Sander Saarend
8ed3f3530e
Fix parameter ordering for new_report_subject string (#3210) 2023-06-20 11:24:04 -04:00
Ivo Barros
4d160461ce
Feature add hours as sorting options backend (#3161)
* add hours as sorting options

* ran cargo +nightly fmt

* woodpicker trigger
2023-06-20 16:05:43 +02:00
kartikynwa
dc36d9ed89
Don't check verified email when an admin logs in (#3209)
Workaround for instance admins getting locked out when they turn on
the email verification requirement without having verified their
own email.

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-20 08:52:21 -04:00
56de68c77a Update translations 2023-06-20 10:59:27 +02:00
Sander Saarend
e23621c2cd
Calculate initial hot_rank and hot_rank_active for posts and comments from other instances (#3131)
* Calculate initial hot_rank when receiving posts and comments from other instances

* Move hot rank update logic into db_schema
2023-06-20 10:52:51 +02:00
Sander Saarend
007c7d5812
Remove e-mail verification success e-mails (#3124) 2023-06-16 11:53:33 -04:00
Alex Maras
becf75d1f9
Fix Hidden communities showing in community list (#3094)
* Only show hidden communities when explicitly searching for them rather then in "all"

* dont set hidden to false when creating and updating - let DB set default

* lint

---------

Co-authored-by: Alex Maras <alexmaras@gmail.com>
2023-06-15 13:39:58 +02:00
b5dba17426
Update all dependencies (#3091) 2023-06-15 11:37:05 +02:00
Wyatt Smith
744153eee6
Prevent making an instance private if federation is enabled. (#3074)
* Prevent making an instance private if federation is enabled.

* Added case where federation is enabled, check if the alternative setting is changed

* Merged the error messages for private instance/federation.

---------

Co-authored-by: Wyatt Smith <wys@dropbox.com>
2023-06-15 11:35:09 +02:00
Dessalines
5af831c6fa
Fix unapproved users being able to log in after registration mode set to closed. (#3096)
- Fixes #3095
2023-06-14 19:02:17 -04:00
Neshura
558035b128
Fix Issue #3075 by using None for local fields instead of Some(false) (#3088)
* Set insert and update form "local" to None

* Extra space to retrigger woodpecker

* Resolve code review request

https://github.com/LemmyNet/lemmy/pull/3088#discussion_r1229336958

* Remove extra space after None,
2023-06-14 08:34:45 -04:00
Nina Blanson
1c7bfd6be8
Fixes #1884 - Support Spoiler Tags (#3018)
* Fixes #1884 - Switches markdown libraries and creates a custom rule to manage spoiler blocks

* Add tests to cover invalid spoiler input

* Consolidate tests, add comments

* Make immutable, static instance of markdown parser

---------

Co-authored-by: Nutomic <me@nutomic.com>
2023-06-14 13:15:59 +02:00
f3f95e5d2f Fix compilation 2023-06-14 11:34:29 +02:00
JetpackJackson
91271a7ce4
Update RSS url (#3053)
* Update RSS url

* Fixed next line

* making sure this thing uploads

* Update feeds.rs

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-13 16:17:02 -04:00
Jared Schneiderman
5f92125e44
Add limit and pagination to feeds (#2980)
* adds limit and pagination to all rss feeds

* consistent ordering

* refactor page and limit and add after

* revert back to using page

* remove offset change

* refactor to impl adding helper methods

* clippy
2023-06-12 17:48:02 -04:00
Andy Brandt
b47ce4c2e6
use usize::MAX for line wrap length, since lettre does it for us (#3034)
fixes #2921
2023-06-12 15:29:15 +02:00
Charles Hall
14c18dbdae
allow specifying db uri in config file (#2956)
* allow specifying db uri in config file

* succumb to a bug in doku

See <https://github.com/anixe/doku/issues/33>.
2023-06-09 08:18:22 -04:00
Dessalines
8cb5939f50
Adding hot_rank columns in place of function sorting. (#2952)
* Adding hot_rank columns in place of function sorting.

- Creates hot_rank columns for post, comment, and community.
- Fixes #2932

* Updating all hot ranks on startup.

* Fixing post.url migration.

* Removing update_instance_software from startup.

* Adding post_rank query
2023-06-08 16:15:15 -04:00
Andy Brandt
f98476c5c0
Fix private message e-mail notification subject and body (#2963)
It used to say:

Subject: Private message from [your username]
Body: [your username] - [private message]

It now display the correct username that it's from.
2023-06-08 13:42:32 -04:00
Anon
15c84e2f7b
Add comment depth check (#2940)
* Add comment depth check

* Move comment depth code

* linter fix
2023-06-08 10:31:26 -04:00
980df7545d
Fix translation build error (fixes #2967) (#2968) 2023-06-08 07:12:40 -04:00
2423b89ced
Activitypub breaking changes for Lemmy 0.18 (#2705)
* Remove deprecated field `group.moderators`

* Drop column local_site.federation_debug

* Remove backwards compatibility code for feature/lock post

https://github.com/LemmyNet/lemmy/pull/2716

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-07 15:18:17 -04:00
derivator
9419dd7c05
Fall back to String for Comment::path when not using the full feature (#2941) 2023-06-07 09:38:46 -04:00
Carlrs
24323e17b2
update diesel to 2.1.0 and diesel-async to 0.3.0 (issue #2882) (#2895)
* update diesel to 2.1.0 and diesel-async to 0.3.0 (issue #2882)

* get rid of deprecated RawValue type alias usage, explicitly import diesel types instead of using wildcard import

* Update diesel-derive-enum and diesel-derive-newtype libraries

* Revert manual changes to schema.rs

* Update to newer diesel-cli image in CI, run fix-clippy before schema comparison, update schema to one generated with diesel-cli 2.1.0 and clippyfixed

* Remove wildcard import lint, fix diesel schema pipeline

---------

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-06-07 12:54:40 +02:00
vpzomtrrfrt
09099e7b90
Fix handling of follows addressed to single value (#2920)
* Fix handling of follows addressed to single value

* Switch to deserialize_skip_error for Follow to

* Also use deserialize_skip_error for AcceptFollow and UndoFollow

* actually import deserialize_skip_error
2023-06-06 18:33:38 -04:00
3565ad984a
Remove chatserver (#2919)
* Remove chatserver

* fix clippy

* Remove captchas (fixes #2922)

* fix prettier

* fix api_common build

* cargo fmt
2023-06-06 12:27:22 -04:00
Dessalines
ef1aa18fd2
Adding taglines to SiteResponse. Fixes #2925 (#2926)
* Adding taglines to SiteResponse. Fixes #2925

* Fixing CI line.
2023-06-06 08:59:34 -04:00
Dessalines
bb625c3671
Fix *All* reports not showing. Fixes #2902 (#2903)
* Fix *All* reports not showing. Fixes #2902

* Fix *All* reports not showing. Fixes #2902

* Fixing tests.
2023-06-06 11:01:48 +02:00
7248c4a6f4
Filter empty username strings from Mastodon (fixes #2886) (#2887)
* Filter empty username strings from Mastodon (fixes #2886)

* add issue link
2023-06-05 13:56:53 +02:00
phankydn
d30839bea1
Don't filter comments of posts from blocked community when viewing post detail (#2880) 2023-05-29 11:41:47 -04:00
4240af86ca
Remove websocket code (#2878)
Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-05-29 10:44:20 -04:00
a5707328cf
Dont return error in case optional auth is invalid (#2879)
* Dont return error in case optional auth is invalid

* fixes
2023-05-25 10:50:07 -04:00
phankydn
4a70502007
Remove unnecessary clone (#2874)
Co-authored-by: KyP <phanky.vn@proton.me>
2023-05-23 19:00:19 -04:00
82d93da26b
Remove GetCommunityResponse.default_post_language (#2867)
This field is unnecessary because we already set a default language
with the same logic if none is passed in CreatePost. So if the user
doesnt set a post language, it should simply be passed as None. This
also has the advantage that it works with clients that dont support
language tags.

Technically not a breaking change because its optional, but better
be safe.
2023-05-21 11:55:32 -04:00
436a293f38 Dont refetch post url metadata when post is received again 2023-05-18 16:34:52 +02:00
8410a9696e
Force enable undetermined language (#2851)
* Force enable undetermined language

* update

* fix tests
2023-05-18 16:34:21 +02:00
Dessalines
69f179bd33
Prettier check (#2855)
* Adding prettier check to CI.

* Running prettier on codebase.
2023-05-13 16:50:58 -04:00
af5175a282
Set attribute deny_unknown_fields for Lemmy config (#2852)
With this attribute, Lemmy will throw an error and exit if any
invalid entry is found in the config file. I think can be useful
to notice typos or keys that were removed or renamed in an upgrade.
Currently you wouldnt notice these at all unless you manually
compare the config file with settings that are listed in documentation.

This should be considered a breaking change.

Co-authored-by: Dessalines <dessalines@users.noreply.github.com>
2023-05-11 20:12:12 -04:00